Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Trojan


  • This topic is locked This topic is locked
13 replies to this topic

#1 Bing S.

Bing S.

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 03 August 2012 - 12:35 AM

Hello,

I am new to the forum and made an account specifically for this post.

I am pretty tech savvy and can usually manually remove a virus in about an hour, however I have somehow gotten a Google Redirect Trojan.

First, I need to know how urgently to act, so I would like your opinions, do you think this could do any kind of permanent/serious damage, or if it is it is just annoying.

Second, here are the logs.
I have attached a Combofix log just in case, because it is long, and I figure you guys don't need it.

DDS:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Bing at 22:14:53 on 2012-08-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1623 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\xampp\apache\bin\httpd.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\xampp\apache\bin\httpd.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\PowerArchiver\PASTARTER.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Spoon\3.25.0.15\spoon-sandbox.exe
C:\Program Files (x86)\Spoon\3.26.0.6\spoon-sandbox.exe
C:\Program Files (x86)\Spoon\3.31.2.6\spoon-sandbox.exe
C:\Program Files (x86)\Spoon\3.30.0.25\spoon-sandbox.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Spoon\3.33.0.19\spoon-sandbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spoon\3.32.2.12\spoon-sandbox.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Spoon\Client\Console\0.3.9.18\Spoon-Console.exe
C:\Program Files (x86)\Aurora\firefox.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Aurora\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
C:\Windows\system32\taskeng.exe
C:\Users\Bing\Downloads\pekq27hr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://msn.com/
uInternet Settings,ProxyOverride = *.local
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
uRun: [PowerArchiver Tray] C:\Program Files (x86)\PowerArchiver\PASTARTER.EXE
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [Facebook Update] "C:\Users\Bing\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [SecuROM] RUNDLL32.EXE C:\Users\Bing\AppData\Local\SecuROM\hgjfpvlp.dll,GetImporterInterface
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
StartupFolder: C:\Users\Bing\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\Bing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e-Speaking.appref-ms
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERS~1.LNK - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SPOONS~2.LNK - C:\Program Files (x86)\Spoon\3.25.0.15\Spoon-Sandbox-Native.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SPOONS~1.LNK - C:\Program Files (x86)\Spoon\3.26.0.6\Spoon-Sandbox-Native.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SPOONS~3.LNK - C:\Program Files (x86)\Spoon\3.30.0.25\Spoon-Sandbox-Native.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SPOONS~4.LNK - C:\Program Files (x86)\Spoon\3.31.2.6\Spoon-Sandbox-Native.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SP2361~1.LNK - C:\Program Files (x86)\Spoon\3.32.2.12\Spoon-Sandbox-Native.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SPOONN~1.LNK - C:\Program Files (x86)\Spoon\3.33.0.19\Spoon-Sandbox-Native.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3346D829-F72A-460F-89FC-BE81477C6AF5} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3346D829-F72A-460F-89FC-BE81477C6AF5}\2456C6B696E6F5E4F575962756C6563737F5636363344323 : DhcpNameServer = 192.168.2.1 208.67.222.222 208.67.220.220
TCP: Interfaces\{3346D829-F72A-460F-89FC-BE81477C6AF5}\C696E6B6379737 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3346D829-F72A-460F-89FC-BE81477C6AF5}\D4162756C6963686 : DhcpNameServer = 192.168.1.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bing\AppData\Roaming\Mozilla\Firefox\Profiles\wo9zhgk8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com|http://news.google.com/nwshp?hl=en&tab=wn
FF - prefs.js: keyword.URL - hxxp://whitesmokestart.com/s/?src=addrbar&provider=bing&provider_name=bing&provider_code=Z052&partner_id=208&product_id=663&affiliate_id=&channel=9493&toolbar_id=202&toolbar_version=2.1.0&install_country=US&install_date=20110721&user_guid=ACDA2C5A2A7E4B1EA357385EF0027C8A&machine_id=6a66432896c3b6e5bd46ac680eca8842&browser=FF&os=win&os_version=6.1-x64-SP1&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Spoon\3.25.0.15\npMozillaSpoonPlugin.dll
FF - plugin: C:\Program Files (x86)\Spoon\3.26.0.6\npMozillaSpoonPlugin.dll
FF - plugin: C:\Program Files (x86)\Spoon\3.30.0.25\npMozillaSpoonPlugin.dll
FF - plugin: C:\Program Files (x86)\Spoon\3.31.2.6\npMozillaSpoonPlugin.dll
FF - plugin: C:\Program Files (x86)\Spoon\3.32.2.12\npMozillaSpoonPlugin.dll
FF - plugin: C:\Program Files (x86)\Spoon\3.33.0.19\npMozillaSpoonPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\Users\Bing\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 Apache2.2;Apache2.2;C:\xampp\apache\bin\httpd.exe [2010-10-17 20549]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-2-22 86016]
R2 mitsijm2012;Autodesk Moldflow Inventor Tool Suite Integration 2012 Job Manager;C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [2010-12-7 848184]
R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-3-31 1646056]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-2-14 705856]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-16 136176]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-9 250056]
S3 cgfkvxku;{E09C84C2-F7F7-4C21-A3D7-6899378ED0A0};C:\Program Files (x86)\ophcrack\pwdump\servpw.exe [2008-7-22 57344]
S3 dqkycmu;{9E71DEC6-587E-4A7A-9A00-E9F5BA0B3CFD};C:\Program Files (x86)\ophcrack\pwdump\servpw.exe [2008-7-22 57344]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-9-10 1431888]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-16 136176]
S3 jjsryxnr;{010D2A4C-FCAC-4E48-B47F-1867C1F6EF45};C:\Program Files (x86)\ophcrack\pwdump\servpw.exe [2008-7-22 57344]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-2-4 118256]
S3 niatd;{0F6462C2-699A-4001-BFDD-62D6051F5EF2};C:\Program Files (x86)\ophcrack\pwdump\servpw.exe [2008-7-22 57344]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 SysTool;SysTool Overclocking Utility;C:\Windows\system32\DRIVERS\SysTool64.sys --> C:\Windows\system32\DRIVERS\SysTool64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 unujfip;{770B807B-FF04-40C7-8FA0-5FA26DC543F9};C:\Program Files (x86)\ophcrack\pwdump\servpw.exe [2008-7-22 57344]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-03 03:59:53 -------- d-----w- C:\Windows\XSxS
2012-08-03 03:59:22 -------- d-----w- C:\$RECYCLE.BIN
2012-08-03 03:20:33 98816 ----a-w- C:\Windows\sed.exe
2012-08-03 03:20:33 518144 ----a-w- C:\Windows\SWREG.exe
2012-08-03 03:20:33 256000 ----a-w- C:\Windows\PEV.exe
2012-08-03 03:20:33 208896 ----a-w- C:\Windows\MBR.exe
2012-08-03 03:20:24 -------- d-----w- C:\ComboFix
2012-08-03 02:33:13 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2012-08-03 02:22:50 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-03 01:29:46 -------- d-----w- C:\Users\Bing\AppData\Local\{92F10BB8-94D5-4568-8B76-D557599E262D}
2012-08-03 01:29:24 -------- d-----w- C:\Users\Bing\AppData\Local\{0D9B227D-ED30-445A-BBE1-8A561C6CDED6}
2012-08-02 20:25:44 -------- d--h--w- C:\Users\Bing\AppData\Roaming\83F4519B
2012-08-02 07:21:20 -------- d-----w- C:\Users\Bing\AppData\Local\SecuROM
2012-08-01 03:43:53 -------- d-----w- C:\Users\Bing\AppData\Local\{6521D845-EBA5-4DE3-A940-0C2AFF78AB72}
2012-08-01 03:43:33 -------- d-----w- C:\Users\Bing\AppData\Local\{27BD5819-2B37-4B86-A63E-3914E7A14D60}
2012-07-27 02:32:26 -------- d-----w- C:\Users\Bing\AppData\Local\{65F9F6FB-D821-4EA5-B41E-CC89E64DA889}
2012-07-27 02:32:07 -------- d-----w- C:\Users\Bing\AppData\Local\{29B6DDFA-7F51-4765-914F-5074BC9111AB}
2012-07-26 19:38:50 -------- d-----w- C:\Program Files (x86)\Aurora
2012-07-24 04:08:40 -------- d-----w- C:\Users\Bing\AppData\Local\{DC4E9AA3-D18A-4DDA-8939-77B37D2539F3}
2012-07-24 04:08:19 -------- d-----w- C:\Users\Bing\AppData\Local\{64C8975E-6AD5-4DEA-8A7E-FE202455E916}
2012-07-22 20:17:18 -------- d-----w- C:\Users\Bing\AppData\Local\{E60B81F8-65E7-4223-B642-3A85341B7613}
2012-07-22 20:16:50 -------- d-----w- C:\Users\Bing\AppData\Local\{9E10F52D-8932-44C6-B179-A5638D5B82CC}
2012-07-11 07:45:34 -------- d-----w- C:\Windows\en
2012-07-11 07:39:53 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2012-07-11 07:34:02 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8b3a63be1cd5f3702\MeshBetaRemover.exe
2012-07-11 07:34:01 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8a7c68261cd5f3701\DSETUP.dll
2012-07-11 07:34:01 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8a7c68261cd5f3701\DXSETUP.exe
2012-07-11 07:34:01 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8a7c68261cd5f3701\dsetup32.dll
2012-07-11 07:15:28 -------- d-----w- C:\Users\Bing\AppData\Local\{3F29D714-C6FD-4577-8CC7-34EF9553254A}
2012-07-11 07:14:50 -------- d-----w- C:\Users\Bing\AppData\Local\{D375ACA8-BD79-42F1-8735-D3BB93B6A294}
2012-07-11 06:59:21 -------- d-----w- C:\Users\Bing\AppData\Local\{AE8CD22B-ED2B-4E5D-9C80-AF2640CE0B0D}
2012-07-07 02:53:05 -------- d-----w- C:\Users\Bing\AppData\Local\{A04F8C89-2811-4028-8E5D-C591BE48CC8D}
2012-07-06 07:55:26 -------- d-----w- C:\Users\Bing\AppData\Local\{DF111ABC-79F2-454C-BD4D-7925BB17263A}
.
==================== Find3M ====================
.
2012-08-02 20:29:19 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-02 20:29:19 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-03 20:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-06 23:27:48 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-03-13 18:29:32 640192 ----a-w- C:\Program Files (x86)\UninstallNA.exe
2011-03-13 02:06:00 379286 ----a-w- C:\Program Files (x86)\UnGEXUSACAN.exe
.
============= FINISH: 22:17:16.07 ===============

GMER:

Unfortunately, Gmer, when started greys out the checkboxes on the right pane, all but three main ones.


Help is appreciated, thank you very much.

-Bing

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:56 AM

Posted 08 August 2012 - 08:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/463660 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:56 AM

Posted 08 August 2012 - 02:22 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 Bing S.

Bing S.
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 09 August 2012 - 04:54 PM

I did run TDSS before I started this topic and I deleted the suspicious file, but log that detected it is attached, post was too long.

here's the new one:

08:52:50.0521 11200 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
08:52:51.0021 11200 ============================================================
08:52:51.0021 11200 Current date / time: 2012/08/09 08:52:51.0021
08:52:51.0021 11200 SystemInfo:
08:52:51.0021 11200
08:52:51.0021 11200 OS Version: 6.1.7601 ServicePack: 1.0
08:52:51.0021 11200 Product type: Workstation
08:52:51.0021 11200 ComputerName: BING-PC
08:52:51.0021 11200 UserName: Bing
08:52:51.0021 11200 Windows directory: C:\Windows
08:52:51.0021 11200 System windows directory: C:\Windows
08:52:51.0021 11200 Running under WOW64
08:52:51.0021 11200 Processor architecture: Intel x64
08:52:51.0021 11200 Number of processors: 3
08:52:51.0021 11200 Page size: 0x1000
08:52:51.0021 11200 Boot type: Normal boot
08:52:51.0021 11200 ============================================================
08:52:56.0261 11200 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:52:56.0281 11200 Drive \Device\Harddisk1\DR2 - Size: 0x776F8000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:52:56.0281 11200 ============================================================
08:52:56.0281 11200 \Device\Harddisk0\DR0:
08:52:56.0281 11200 MBR partitions:
08:52:56.0281 11200 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x37000, BlocksNum 0x13C3000
08:52:56.0281 11200 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13FA000, BlocksNum 0x38F8B800
08:52:56.0281 11200 \Device\Harddisk1\DR2:
08:52:56.0281 11200 MBR partitions:
08:52:56.0281 11200 \Device\Harddisk1\DR2\Partition0: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3BB521
08:52:56.0281 11200 ============================================================
08:52:56.0791 11200 C: <-> \Device\Harddisk0\DR0\Partition1
08:52:56.0821 11200 ============================================================
08:52:56.0821 11200 Initialize success
08:52:56.0821 11200 ============================================================
08:52:58.0721 0844 ============================================================
08:52:58.0721 0844 Scan started
08:52:58.0721 0844 Mode: Manual;
08:52:58.0721 0844 ============================================================
08:53:08.0283 0844 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:53:08.0477 0844 1394ohci - ok
08:53:08.0712 0844 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:53:08.0716 0844 ACPI - ok
08:53:08.0976 0844 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:53:08.0978 0844 AcpiPmi - ok
08:53:12.0432 0844 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:53:12.0494 0844 AdobeFlashPlayerUpdateSvc - ok
08:53:13.0820 0844 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:53:13.0898 0844 adp94xx - ok
08:53:15.0614 0844 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:53:15.0723 0844 adpahci - ok
08:53:17.0112 0844 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:53:17.0158 0844 adpu320 - ok
08:53:17.0252 0844 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:53:17.0252 0844 AeLookupSvc - ok
08:53:17.0486 0844 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
08:53:17.0502 0844 AFD - ok
08:53:17.0814 0844 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:53:17.0923 0844 agp440 - ok
08:53:18.0063 0844 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:53:18.0094 0844 ALG - ok
08:53:18.0344 0844 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:53:18.0375 0844 aliide - ok
08:53:18.0578 0844 AMD External Events Utility (d696f317bd465a602566f8e1dcce15f7) C:\Windows\system32\atiesrxx.exe
08:53:18.0578 0844 AMD External Events Utility - ok
08:53:18.0781 0844 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:53:18.0812 0844 amdide - ok
08:53:19.0966 0844 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:53:20.0013 0844 AmdK8 - ok
08:53:20.0185 0844 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:53:20.0185 0844 AmdPPM - ok
08:53:20.0434 0844 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:53:20.0949 0844 amdsata - ok
08:53:22.0540 0844 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:53:22.0618 0844 amdsbs - ok
08:53:22.0728 0844 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:53:22.0728 0844 amdxata - ok
08:53:24.0007 0844 Apache2.2 (53ea061ecc67223a430f153c3682ad54) c:\xampp\apache\bin\httpd.exe
08:53:24.0085 0844 Apache2.2 - ok
08:53:24.0553 0844 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:53:24.0600 0844 AppID - ok
08:53:24.0740 0844 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:53:24.0740 0844 AppIDSvc - ok
08:53:24.0865 0844 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:53:24.0865 0844 Appinfo - ok
08:53:25.0239 0844 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:53:25.0239 0844 Apple Mobile Device - ok
08:53:25.0582 0844 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:53:25.0582 0844 arc - ok
08:53:25.0957 0844 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:53:25.0957 0844 arcsas - ok
08:53:26.0815 0844 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:53:26.0846 0844 aspnet_state - ok
08:53:27.0205 0844 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:53:27.0345 0844 AsyncMac - ok
08:53:27.0766 0844 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:53:27.0766 0844 atapi - ok
08:53:28.0874 0844 atikmdag (52bd95caa9cae8977fe043e9ad6d2d0e) C:\Windows\system32\DRIVERS\atikmdag.sys
08:53:29.0155 0844 atikmdag - ok
08:53:29.0529 0844 ATITool (b07e6681d303a612680223c729b021e2) C:\Windows\system32\DRIVERS\ATITool64.sys
08:53:30.0013 0844 ATITool - ok
08:53:31.0027 0844 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:53:31.0105 0844 AudioEndpointBuilder - ok
08:53:31.0105 0844 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:53:31.0120 0844 AudioSrv - ok
08:53:32.0556 0844 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
08:53:32.0696 0844 AVGIDSAgent - ok
08:53:34.0771 0844 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
08:53:34.0849 0844 AVGIDSDriver - ok
08:53:35.0145 0844 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
08:53:35.0223 0844 AVGIDSFilter - ok
08:53:35.0691 0844 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
08:53:35.0722 0844 AVGIDSHA - ok
08:53:37.0516 0844 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
08:53:37.0657 0844 Avgldx64 - ok
08:53:38.0094 0844 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
08:53:38.0515 0844 Avgmfx64 - ok
08:53:38.0858 0844 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
08:53:38.0858 0844 Avgrkx64 - ok
08:53:42.0976 0844 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
08:53:43.0054 0844 Avgtdia - ok
08:53:45.0613 0844 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
08:53:45.0706 0844 avgwd - ok
08:53:45.0878 0844 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:53:45.0878 0844 AxInstSV - ok
08:53:48.0078 0844 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:53:48.0156 0844 b06bdrv - ok
08:53:48.0234 0844 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:53:48.0234 0844 b57nd60a - ok
08:53:48.0265 0844 BCM42RLY (5c0f919666954885d7760dffe4b29a25) C:\Windows\system32\drivers\BCM42RLY.sys
08:53:48.0265 0844 BCM42RLY - ok
08:53:48.0592 0844 BCM43XX (bab887a2b2786310a966881f074f4a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
08:53:48.0655 0844 BCM43XX - ok
08:53:49.0840 0844 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:53:49.0840 0844 BDESVC - ok
08:53:50.0246 0844 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:53:50.0246 0844 Beep - ok
08:53:51.0978 0844 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
08:53:52.0056 0844 BFE - ok
08:53:52.0227 0844 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
08:53:52.0960 0844 BITS - ok
08:53:53.0694 0844 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:53:53.0725 0844 blbdrive - ok
08:53:56.0034 0844 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
08:53:56.0080 0844 Bonjour Service - ok
08:53:56.0455 0844 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:53:56.0470 0844 bowser - ok
08:53:56.0658 0844 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:53:56.0658 0844 BrFiltLo - ok
08:53:56.0767 0844 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:53:56.0767 0844 BrFiltUp - ok
08:53:57.0828 0844 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
08:53:57.0921 0844 BridgeMP - ok
08:53:58.0389 0844 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:53:58.0389 0844 Browser - ok
08:54:00.0308 0844 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:54:00.0339 0844 Brserid - ok
08:54:00.0589 0844 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:54:00.0620 0844 BrSerWdm - ok
08:54:00.0807 0844 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:54:00.0854 0844 BrUsbMdm - ok
08:54:00.0948 0844 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:54:00.0948 0844 BrUsbSer - ok
08:54:01.0478 0844 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:54:01.0509 0844 BTHMODEM - ok
08:54:02.0071 0844 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:54:02.0118 0844 bthserv - ok
08:54:02.0352 0844 catchme - ok
08:54:02.0617 0844 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:54:02.0648 0844 cdfs - ok
08:54:03.0178 0844 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
08:54:03.0194 0844 cdrom - ok
08:54:04.0083 0844 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:54:04.0083 0844 CertPropSvc - ok
08:54:04.0520 0844 cgfkvxku (50b5f832241534dee628f3f479753280) C:\Program Files (x86)\ophcrack\pwdump\servpw.exe
08:54:05.0737 0844 cgfkvxku - ok
08:54:06.0298 0844 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:54:06.0330 0844 circlass - ok
08:54:06.0642 0844 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:54:06.0657 0844 CLFS - ok
08:54:06.0798 0844 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:54:06.0813 0844 clr_optimization_v2.0.50727_32 - ok
08:54:06.0844 0844 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:54:06.0844 0844 clr_optimization_v2.0.50727_64 - ok
08:54:07.0578 0844 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:54:07.0609 0844 clr_optimization_v4.0.30319_32 - ok
08:54:07.0718 0844 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:54:07.0734 0844 clr_optimization_v4.0.30319_64 - ok
08:54:07.0780 0844 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:54:07.0780 0844 CmBatt - ok
08:54:07.0812 0844 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:54:07.0812 0844 cmdide - ok
08:54:07.0890 0844 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
08:54:07.0921 0844 CNG - ok
08:54:07.0952 0844 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:54:07.0952 0844 Compbatt - ok
08:54:07.0999 0844 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:54:07.0999 0844 CompositeBus - ok
08:54:08.0014 0844 COMSysApp - ok
08:54:08.0061 0844 cpuz135 (ccb09eb78e047c931708149992c2e435) C:\Windows\system32\drivers\cpuz135_x64.sys
08:54:08.0061 0844 cpuz135 - ok
08:54:08.0108 0844 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:54:08.0108 0844 crcdisk - ok
08:54:08.0155 0844 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
08:54:08.0170 0844 CryptSvc - ok
08:54:08.0248 0844 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
08:54:08.0280 0844 CtClsFlt - ok
08:54:08.0373 0844 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:54:08.0373 0844 DcomLaunch - ok
08:54:08.0451 0844 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:54:08.0467 0844 defragsvc - ok
08:54:08.0529 0844 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:54:08.0529 0844 DfsC - ok
08:54:08.0607 0844 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:54:08.0607 0844 Dhcp - ok
08:54:08.0654 0844 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:54:08.0654 0844 discache - ok
08:54:08.0701 0844 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:54:08.0701 0844 Disk - ok
08:54:08.0732 0844 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:54:08.0748 0844 Dnscache - ok
08:54:09.0590 0844 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
08:54:09.0590 0844 DockLoginService - ok
08:54:09.0824 0844 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:54:09.0824 0844 dot3svc - ok
08:54:09.0886 0844 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:54:09.0886 0844 DPS - ok
08:54:10.0214 0844 dqkycmu (50b5f832241534dee628f3f479753280) C:\Program Files (x86)\ophcrack\pwdump\servpw.exe
08:54:10.0230 0844 dqkycmu - ok
08:54:10.0276 0844 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:54:10.0276 0844 drmkaud - ok
08:54:10.0354 0844 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
08:54:10.0354 0844 dtsoftbus01 - ok
08:54:10.0401 0844 dump_wmimmc - ok
08:54:10.0510 0844 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:54:10.0557 0844 DXGKrnl - ok
08:54:10.0604 0844 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:54:10.0604 0844 EapHost - ok
08:54:11.0025 0844 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:54:11.0119 0844 ebdrv - ok
08:54:11.0634 0844 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
08:54:11.0649 0844 EFS - ok
08:54:12.0102 0844 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:54:12.0117 0844 ehRecvr - ok
08:54:12.0148 0844 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:54:12.0148 0844 ehSched - ok
08:54:12.0523 0844 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:54:12.0570 0844 elxstor - ok
08:54:12.0585 0844 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:54:12.0585 0844 ErrDev - ok
08:54:12.0648 0844 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:54:12.0663 0844 EventSystem - ok
08:54:12.0694 0844 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:54:12.0694 0844 exfat - ok
08:54:12.0726 0844 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:54:12.0741 0844 fastfat - ok
08:54:12.0850 0844 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:54:12.0866 0844 Fax - ok
08:54:12.0882 0844 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:54:12.0897 0844 fdc - ok
08:54:12.0944 0844 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:54:12.0944 0844 fdPHost - ok
08:54:12.0944 0844 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:54:12.0944 0844 FDResPub - ok
08:54:12.0975 0844 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:54:12.0975 0844 FileInfo - ok
08:54:12.0991 0844 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:54:12.0991 0844 Filetrace - ok
08:54:13.0131 0844 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:54:13.0240 0844 FLEXnet Licensing Service - ok
08:54:13.0506 0844 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
08:54:13.0537 0844 FLEXnet Licensing Service 64 - ok
08:54:13.0662 0844 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:54:13.0662 0844 flpydisk - ok
08:54:13.0708 0844 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:54:13.0724 0844 FltMgr - ok
08:54:13.0833 0844 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:54:13.0896 0844 FontCache - ok
08:54:13.0958 0844 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:54:13.0958 0844 FontCache3.0.0.0 - ok
08:54:14.0020 0844 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:54:14.0020 0844 FsDepends - ok
08:54:14.0083 0844 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
08:54:14.0098 0844 fssfltr - ok
08:54:14.0348 0844 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:54:14.0379 0844 fsssvc - ok
08:54:14.0551 0844 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
08:54:14.0551 0844 Fs_Rec - ok
08:54:14.0598 0844 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:54:14.0613 0844 fvevol - ok
08:54:14.0660 0844 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:54:14.0660 0844 gagp30kx - ok
08:54:14.0707 0844 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:54:14.0707 0844 GEARAspiWDM - ok
08:54:14.0832 0844 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
08:54:14.0847 0844 GoToAssist - ok
08:54:14.0941 0844 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:54:14.0956 0844 gpsvc - ok
08:54:15.0066 0844 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:54:15.0066 0844 gupdate - ok
08:54:15.0097 0844 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:54:15.0097 0844 gupdatem - ok
08:54:15.0159 0844 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:54:15.0159 0844 gusvc - ok
08:54:15.0190 0844 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:54:15.0190 0844 hcw85cir - ok
08:54:15.0253 0844 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:54:15.0284 0844 HdAudAddService - ok
08:54:15.0331 0844 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:54:15.0331 0844 HDAudBus - ok
08:54:15.0362 0844 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:54:15.0362 0844 HidBatt - ok
08:54:15.0378 0844 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:54:15.0378 0844 HidBth - ok
08:54:15.0378 0844 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:54:15.0378 0844 HidIr - ok
08:54:15.0424 0844 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
08:54:15.0424 0844 hidserv - ok
08:54:15.0471 0844 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:54:15.0471 0844 HidUsb - ok
08:54:15.0502 0844 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:54:15.0502 0844 hkmsvc - ok
08:54:15.0534 0844 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:54:15.0534 0844 HomeGroupListener - ok
08:54:15.0565 0844 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:54:15.0580 0844 HomeGroupProvider - ok
08:54:15.0627 0844 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:54:15.0627 0844 HpSAMD - ok
08:54:15.0721 0844 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:54:15.0721 0844 HTTP - ok
08:54:15.0752 0844 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:54:15.0752 0844 hwpolicy - ok
08:54:15.0799 0844 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:54:15.0799 0844 i8042prt - ok
08:54:15.0861 0844 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:54:15.0892 0844 iaStorV - ok
08:54:16.0002 0844 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
08:54:16.0017 0844 IDriverT - ok
08:54:16.0158 0844 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:54:16.0204 0844 idsvc - ok
08:54:16.0407 0844 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:54:16.0407 0844 iirsp - ok
08:54:16.0501 0844 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:54:16.0532 0844 IKEEXT - ok
08:54:16.0579 0844 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:54:16.0579 0844 intelide - ok
08:54:16.0641 0844 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:54:16.0641 0844 intelppm - ok
08:54:16.0672 0844 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:54:16.0719 0844 IPBusEnum - ok
08:54:16.0782 0844 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:54:16.0813 0844 IpFilterDriver - ok
08:54:16.0875 0844 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
08:54:16.0875 0844 iphlpsvc - ok
08:54:16.0922 0844 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:54:16.0922 0844 IPMIDRV - ok
08:54:16.0969 0844 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:54:16.0969 0844 IPNAT - ok
08:54:17.0530 0844 iPod Service (d38469601b72d2da4f847fc642174e21) C:\Program Files\iPod\bin\iPodService.exe
08:54:17.0562 0844 iPod Service - ok
08:54:17.0624 0844 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:54:17.0624 0844 IRENUM - ok
08:54:17.0671 0844 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:54:17.0671 0844 isapnp - ok
08:54:17.0733 0844 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:54:17.0749 0844 iScsiPrt - ok
08:54:17.0858 0844 jjsryxnr (50b5f832241534dee628f3f479753280) C:\Program Files (x86)\ophcrack\pwdump\servpw.exe
08:54:17.0858 0844 jjsryxnr - ok
08:54:17.0889 0844 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
08:54:17.0889 0844 kbdclass - ok
08:54:17.0936 0844 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
08:54:17.0936 0844 kbdhid - ok
08:54:17.0998 0844 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
08:54:17.0998 0844 KeyIso - ok
08:54:18.0030 0844 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
08:54:18.0030 0844 KSecDD - ok
08:54:18.0061 0844 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
08:54:18.0076 0844 KSecPkg - ok
08:54:18.0108 0844 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:54:18.0108 0844 ksthunk - ok
08:54:18.0170 0844 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:54:18.0201 0844 KtmRm - ok
08:54:18.0264 0844 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
08:54:18.0295 0844 LanmanServer - ok
08:54:18.0310 0844 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:54:18.0310 0844 LanmanWorkstation - ok
08:54:18.0373 0844 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:54:18.0373 0844 lltdio - ok
08:54:18.0420 0844 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:54:18.0451 0844 lltdsvc - ok
08:54:18.0466 0844 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:54:18.0466 0844 lmhosts - ok
08:54:18.0513 0844 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:54:18.0529 0844 LSI_FC - ok
08:54:18.0529 0844 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:54:18.0529 0844 LSI_SAS - ok
08:54:18.0560 0844 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:54:18.0560 0844 LSI_SAS2 - ok
08:54:18.0576 0844 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:54:18.0576 0844 LSI_SCSI - ok
08:54:18.0622 0844 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:54:18.0622 0844 luafv - ok
08:54:18.0669 0844 McAfee SiteAdvisor Service - ok
08:54:18.0700 0844 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:54:18.0700 0844 Mcx2Svc - ok
08:54:18.0732 0844 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:54:18.0747 0844 megasas - ok
08:54:18.0778 0844 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:54:18.0810 0844 MegaSR - ok
08:54:18.0950 0844 mi-raysat_3dsmax2012_64 (0af89452a8ce3928168f4e5b2208c68b) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
08:54:18.0950 0844 mi-raysat_3dsmax2012_64 - ok
08:54:19.0153 0844 mitsijm2012 (29731e3f45a70312e82a72ea96483171) C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
08:54:19.0215 0844 mitsijm2012 - ok
08:54:19.0402 0844 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:54:19.0402 0844 MMCSS - ok
08:54:19.0480 0844 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:54:19.0480 0844 Modem - ok
08:54:19.0512 0844 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:54:19.0512 0844 monitor - ok
08:54:19.0574 0844 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
08:54:19.0574 0844 mouclass - ok
08:54:19.0605 0844 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:54:19.0605 0844 mouhid - ok
08:54:19.0636 0844 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:54:19.0652 0844 mountmgr - ok
08:54:19.0777 0844 MozillaMaintenance (de234f4479d29fc8c0dda8e52117fe0a) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:54:19.0777 0844 MozillaMaintenance - ok
08:54:19.0824 0844 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:54:19.0839 0844 mpio - ok
08:54:19.0855 0844 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:54:19.0870 0844 mpsdrv - ok
08:54:19.0948 0844 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
08:54:19.0980 0844 MpsSvc - ok
08:54:20.0026 0844 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:54:20.0026 0844 MRxDAV - ok
08:54:20.0073 0844 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:54:20.0089 0844 mrxsmb - ok
08:54:20.0136 0844 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:54:20.0182 0844 mrxsmb10 - ok
08:54:20.0214 0844 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:54:20.0214 0844 mrxsmb20 - ok
08:54:20.0229 0844 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:54:20.0245 0844 msahci - ok
08:54:20.0292 0844 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:54:20.0292 0844 msdsm - ok
08:54:20.0338 0844 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:54:20.0338 0844 MSDTC - ok
08:54:20.0385 0844 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:54:20.0385 0844 Msfs - ok
08:54:20.0401 0844 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:54:20.0401 0844 mshidkmdf - ok
08:54:20.0432 0844 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:54:20.0432 0844 msisadrv - ok
08:54:20.0494 0844 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:54:20.0510 0844 MSiSCSI - ok
08:54:20.0510 0844 msiserver - ok
08:54:20.0557 0844 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:54:20.0557 0844 MSKSSRV - ok
08:54:20.0572 0844 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:54:20.0572 0844 MSPCLOCK - ok
08:54:20.0588 0844 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:54:20.0588 0844 MSPQM - ok
08:54:20.0666 0844 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:54:20.0682 0844 MsRPC - ok
08:54:20.0713 0844 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:54:20.0713 0844 mssmbios - ok
08:54:20.0760 0844 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:54:20.0760 0844 MSTEE - ok
08:54:20.0775 0844 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:54:20.0775 0844 MTConfig - ok
08:54:20.0822 0844 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:54:20.0822 0844 Mup - ok
08:54:20.0884 0844 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:54:20.0916 0844 napagent - ok
08:54:20.0962 0844 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:54:20.0994 0844 NativeWifiP - ok
08:54:21.0087 0844 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:54:21.0103 0844 NDIS - ok
08:54:21.0118 0844 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:54:21.0118 0844 NdisCap - ok
08:54:21.0134 0844 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:54:21.0150 0844 NdisTapi - ok
08:54:21.0259 0844 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:54:21.0259 0844 Ndisuio - ok
08:54:21.0290 0844 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:54:21.0290 0844 NdisWan - ok
08:54:21.0368 0844 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:54:21.0368 0844 NDProxy - ok
08:54:21.0430 0844 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:54:21.0430 0844 NetBIOS - ok
08:54:21.0540 0844 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:54:21.0540 0844 NetBT - ok
08:54:21.0664 0844 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
08:54:21.0664 0844 Netlogon - ok
08:54:22.0132 0844 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:54:22.0320 0844 Netman - ok
08:54:22.0413 0844 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:54:22.0429 0844 NetMsmqActivator - ok
08:54:22.0444 0844 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:54:22.0444 0844 NetPipeActivator - ok
08:54:22.0507 0844 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:54:22.0522 0844 netprofm - ok
08:54:22.0522 0844 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:54:22.0522 0844 NetTcpActivator - ok
08:54:22.0538 0844 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:54:22.0538 0844 NetTcpPortSharing - ok
08:54:22.0632 0844 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:54:22.0632 0844 nfrd960 - ok
08:54:22.0725 0844 niatd (50b5f832241534dee628f3f479753280) C:\Program Files (x86)\ophcrack\pwdump\servpw.exe
08:54:22.0725 0844 niatd - ok
08:54:22.0803 0844 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:54:22.0819 0844 NlaSvc - ok
08:54:22.0850 0844 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:54:22.0850 0844 Npfs - ok
08:54:22.0881 0844 npggsvc - ok
08:54:22.0897 0844 NPPTNT2 - ok
08:54:22.0928 0844 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:54:22.0928 0844 nsi - ok
08:54:22.0959 0844 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:54:22.0959 0844 nsiproxy - ok
08:54:23.0115 0844 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:54:23.0162 0844 Ntfs - ok
08:54:23.0458 0844 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:54:23.0458 0844 Null - ok
08:54:23.0614 0844 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:54:23.0630 0844 nvraid - ok
08:54:23.0677 0844 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:54:23.0677 0844 nvstor - ok
08:54:23.0724 0844 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:54:23.0724 0844 nv_agp - ok
08:54:23.0880 0844 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:54:23.0880 0844 odserv - ok
08:54:23.0926 0844 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:54:23.0926 0844 ohci1394 - ok
08:54:23.0989 0844 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:54:23.0989 0844 ose - ok
08:54:24.0067 0844 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:54:24.0067 0844 p2pimsvc - ok
08:54:24.0114 0844 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:54:24.0129 0844 p2psvc - ok
08:54:24.0160 0844 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:54:24.0160 0844 Parport - ok
08:54:24.0207 0844 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
08:54:24.0207 0844 partmgr - ok
08:54:24.0238 0844 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:54:24.0254 0844 PcaSvc - ok
08:54:24.0379 0844 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
08:54:24.0426 0844 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
08:54:24.0457 0844 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:54:24.0457 0844 pci - ok
08:54:24.0488 0844 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:54:24.0504 0844 pciide - ok
08:54:24.0535 0844 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:54:24.0582 0844 pcmcia - ok
08:54:24.0613 0844 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:54:24.0613 0844 pcw - ok
08:54:24.0675 0844 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:54:24.0722 0844 PEAUTH - ok
08:54:24.0894 0844 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:54:24.0894 0844 PerfHost - ok
08:54:25.0096 0844 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:54:25.0143 0844 pla - ok
08:54:25.0206 0844 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:54:25.0206 0844 PlugPlay - ok
08:54:25.0252 0844 PnkBstrA - ok
08:54:25.0268 0844 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:54:25.0284 0844 PNRPAutoReg - ok
08:54:25.0346 0844 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:54:25.0424 0844 PNRPsvc - ok
08:54:26.0126 0844 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:54:26.0157 0844 PolicyAgent - ok
08:54:26.0485 0844 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:54:26.0485 0844 Power - ok
08:54:26.0547 0844 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:54:26.0547 0844 PptpMiniport - ok
08:54:26.0578 0844 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:54:26.0578 0844 Processor - ok
08:54:26.0610 0844 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
08:54:26.0625 0844 ProfSvc - ok
08:54:26.0672 0844 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
08:54:26.0672 0844 ProtectedStorage - ok
08:54:26.0719 0844 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:54:26.0719 0844 Psched - ok
08:54:26.0766 0844 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
08:54:26.0766 0844 PxHlpa64 - ok
08:54:26.0906 0844 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:54:26.0937 0844 ql2300 - ok
08:54:27.0062 0844 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:54:27.0062 0844 ql40xx - ok
08:54:27.0109 0844 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:54:27.0124 0844 QWAVE - ok
08:54:27.0140 0844 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:54:27.0140 0844 QWAVEdrv - ok
08:54:27.0156 0844 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:54:27.0156 0844 RasAcd - ok
08:54:27.0234 0844 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:54:27.0234 0844 RasAgileVpn - ok
08:54:27.0280 0844 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:54:27.0280 0844 RasAuto - ok
08:54:27.0343 0844 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:54:27.0343 0844 Rasl2tp - ok
08:54:27.0374 0844 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:54:27.0390 0844 RasMan - ok
08:54:27.0405 0844 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:54:27.0405 0844 RasPppoe - ok
08:54:27.0436 0844 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:54:27.0436 0844 RasSstp - ok
08:54:27.0499 0844 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:54:27.0514 0844 rdbss - ok
08:54:27.0546 0844 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:54:27.0546 0844 rdpbus - ok
08:54:27.0561 0844 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:54:27.0561 0844 RDPCDD - ok
08:54:27.0577 0844 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:54:27.0577 0844 RDPENCDD - ok
08:54:27.0592 0844 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:54:27.0592 0844 RDPREFMP - ok
08:54:27.0639 0844 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
08:54:27.0670 0844 RDPWD - ok
08:54:27.0733 0844 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:54:27.0748 0844 rdyboost - ok
08:54:28.0138 0844 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:54:28.0138 0844 RemoteAccess - ok
08:54:28.0201 0844 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:54:28.0216 0844 RemoteRegistry - ok
08:54:30.0166 0844 RosettaStoneDaemon (e7062dbd907e0c5ceeb5abdaf07e6b32) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
08:54:30.0229 0844 RosettaStoneDaemon - ok
08:54:31.0633 0844 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:54:31.0648 0844 RpcEptMapper - ok
08:54:31.0695 0844 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:54:31.0820 0844 RpcLocator - ok
08:54:32.0085 0844 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:54:32.0085 0844 RpcSs - ok
08:54:32.0210 0844 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:54:32.0210 0844 rspndr - ok
08:54:32.0272 0844 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
08:54:32.0272 0844 RTL8167 - ok
08:54:32.0350 0844 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
08:54:32.0350 0844 SamSs - ok
08:54:32.0382 0844 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:54:32.0382 0844 sbp2port - ok
08:54:32.0413 0844 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:54:32.0428 0844 SCardSvr - ok
08:54:32.0491 0844 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
08:54:32.0491 0844 SCDEmu - ok
08:54:32.0506 0844 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:54:32.0506 0844 scfilter - ok
08:54:32.0647 0844 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:54:32.0678 0844 Schedule - ok
08:54:32.0756 0844 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:54:32.0756 0844 SCPolicySvc - ok
08:54:32.0787 0844 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:54:32.0787 0844 SDRSVC - ok
08:54:32.0850 0844 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:54:32.0850 0844 secdrv - ok
08:54:32.0865 0844 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:54:32.0865 0844 seclogon - ok
08:54:32.0912 0844 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
08:54:32.0912 0844 SENS - ok
08:54:32.0912 0844 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:54:32.0928 0844 SensrSvc - ok
08:54:32.0943 0844 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:54:32.0943 0844 Serenum - ok
08:54:32.0975 0844 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:54:32.0975 0844 Serial - ok
08:54:33.0006 0844 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:54:33.0006 0844 sermouse - ok
08:54:33.0068 0844 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:54:33.0068 0844 SessionEnv - ok
08:54:33.0099 0844 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:54:33.0099 0844 sffdisk - ok
08:54:33.0115 0844 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:54:33.0115 0844 sffp_mmc - ok
08:54:33.0146 0844 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:54:33.0146 0844 sffp_sd - ok
08:54:33.0177 0844 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:54:33.0177 0844 sfloppy - ok
08:54:33.0333 0844 SftService (38f88f0df46c4d42125ef721abd7f6b9) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
08:54:33.0349 0844 SftService - ok
08:54:33.0411 0844 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
08:54:33.0427 0844 SharedAccess - ok
08:54:33.0458 0844 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:54:33.0474 0844 ShellHWDetection - ok
08:54:33.0677 0844 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:54:33.0677 0844 SiSRaid2 - ok
08:54:33.0692 0844 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:54:33.0692 0844 SiSRaid4 - ok
08:54:33.0723 0844 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:54:33.0723 0844 Smb - ok
08:54:33.0770 0844 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:54:33.0770 0844 SNMPTRAP - ok
08:54:33.0786 0844 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:54:33.0801 0844 spldr - ok
08:54:33.0848 0844 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:54:33.0864 0844 Spooler - ok
08:54:34.0238 0844 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:54:34.0316 0844 sppsvc - ok
08:54:34.0425 0844 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:54:34.0425 0844 sppuinotify - ok
08:54:34.0488 0844 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:54:34.0503 0844 srv - ok
08:54:34.0535 0844 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:54:34.0550 0844 srv2 - ok
08:54:34.0566 0844 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:54:34.0566 0844 srvnet - ok
08:54:34.0613 0844 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:54:34.0613 0844 SSDPSRV - ok
08:54:34.0644 0844 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:54:34.0644 0844 SstpSvc - ok
08:54:34.0675 0844 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:54:34.0675 0844 stexstor - ok
08:54:34.0737 0844 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:54:34.0753 0844 stisvc - ok
08:54:34.0784 0844 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:54:34.0784 0844 swenum - ok
08:54:34.0847 0844 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:54:34.0847 0844 swprv - ok
08:54:34.0925 0844 SynTP (8a3fbcb3d6d4710730d27da4392a4863) C:\Windows\system32\DRIVERS\SynTP.sys
08:54:34.0987 0844 SynTP - ok
08:54:35.0159 0844 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:54:35.0205 0844 SysMain - ok
08:54:35.0439 0844 SysTool (b07e6681d303a612680223c729b021e2) C:\Windows\system32\DRIVERS\SysTool64.sys
08:54:35.0439 0844 SysTool - ok
08:54:35.0486 0844 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:54:35.0486 0844 TabletInputService - ok
08:54:35.0517 0844 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:54:35.0533 0844 TapiSrv - ok
08:54:35.0564 0844 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:54:35.0564 0844 TBS - ok
08:54:35.0751 0844 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
08:54:35.0814 0844 Tcpip - ok
08:54:36.0126 0844 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
08:54:36.0141 0844 TCPIP6 - ok
08:54:36.0266 0844 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:54:36.0282 0844 tcpipreg - ok
08:54:36.0313 0844 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:54:36.0313 0844 TDPIPE - ok
08:54:36.0329 0844 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
08:54:36.0329 0844 TDTCP - ok
08:54:36.0375 0844 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:54:36.0375 0844 tdx - ok
08:54:36.0407 0844 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:54:36.0422 0844 TermDD - ok
08:54:36.0500 0844 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:54:36.0531 0844 TermService - ok
08:54:36.0547 0844 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:54:36.0547 0844 Themes - ok
08:54:36.0594 0844 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:54:36.0594 0844 THREADORDER - ok
08:54:36.0609 0844 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:54:36.0609 0844 TrkWks - ok
08:54:36.0703 0844 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:54:36.0703 0844 TrustedInstaller - ok
08:54:36.0734 0844 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:54:36.0734 0844 tssecsrv - ok
08:54:36.0781 0844 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:54:36.0781 0844 TsUsbFlt - ok
08:54:36.0843 0844 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:54:36.0859 0844 tunnel - ok
08:54:36.0890 0844 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:54:36.0890 0844 uagp35 - ok
08:54:36.0953 0844 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:54:36.0968 0844 udfs - ok
08:54:37.0015 0844 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:54:37.0015 0844 UI0Detect - ok
08:54:37.0062 0844 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:54:37.0062 0844 uliagpkx - ok
08:54:37.0093 0844 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
08:54:37.0093 0844 umbus - ok
08:54:37.0124 0844 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:54:37.0140 0844 UmPass - ok
08:54:37.0233 0844 unujfip (50b5f832241534dee628f3f479753280) C:\Program Files (x86)\ophcrack\pwdump\servpw.exe
08:54:37.0233 0844 unujfip - ok
08:54:37.0296 0844 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:54:37.0327 0844 upnphost - ok
08:54:37.0389 0844 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
08:54:37.0421 0844 USBAAPL64 - ok
08:54:37.0483 0844 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
08:54:37.0483 0844 usbaudio - ok
08:54:37.0530 0844 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:54:37.0842 0844 usbccgp - ok
08:54:37.0982 0844 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:54:37.0998 0844 usbcir - ok
08:54:38.0013 0844 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
08:54:38.0013 0844 usbehci - ok
08:54:38.0060 0844 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
08:54:38.0060 0844 usbfilter - ok
08:54:38.0138 0844 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:54:38.0138 0844 usbhub - ok
08:54:38.0169 0844 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
08:54:38.0201 0844 usbohci - ok
08:54:38.0232 0844 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:54:38.0247 0844 usbprint - ok
08:54:38.0279 0844 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
08:54:38.0279 0844 usbscan - ok
08:54:38.0310 0844 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:54:38.0310 0844 USBSTOR - ok
08:54:38.0325 0844 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
08:54:38.0341 0844 usbuhci - ok
08:54:38.0388 0844 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
08:54:38.0388 0844 usbvideo - ok
08:54:38.0419 0844 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:54:38.0419 0844 UxSms - ok
08:54:38.0481 0844 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
08:54:38.0481 0844 VaultSvc - ok
08:54:38.0513 0844 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:54:38.0513 0844 vdrvroot - ok
08:54:38.0575 0844 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:54:38.0591 0844 vds - ok
08:54:38.0622 0844 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:54:38.0622 0844 vga - ok
08:54:38.0653 0844 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:54:38.0653 0844 VgaSave - ok
08:54:38.0700 0844 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:54:38.0731 0844 vhdmp - ok
08:54:38.0762 0844 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:54:38.0778 0844 viaide - ok
08:54:38.0793 0844 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:54:38.0809 0844 volmgr - ok
08:54:38.0840 0844 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:54:38.0856 0844 volmgrx - ok
08:54:38.0871 0844 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:54:38.0887 0844 volsnap - ok
08:54:38.0934 0844 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:54:38.0934 0844 vsmraid - ok
08:54:39.0090 0844 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:54:39.0105 0844 VSS - ok
08:54:39.0308 0844 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
08:54:39.0308 0844 vwifibus - ok
08:54:39.0339 0844 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
08:54:39.0355 0844 vwififlt - ok
08:54:39.0417 0844 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:54:39.0449 0844 W32Time - ok
08:54:39.0495 0844 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:54:39.0495 0844 WacomPen - ok
08:54:39.0542 0844 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:54:39.0558 0844 WANARP - ok
08:54:39.0573 0844 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:54:39.0573 0844 Wanarpv6 - ok
08:54:39.0745 0844 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:54:39.0776 0844 WatAdminSvc - ok
08:54:39.0963 0844 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:54:39.0979 0844 wbengine - ok
08:54:40.0104 0844 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:54:40.0104 0844 WbioSrvc - ok
08:54:40.0151 0844 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:54:40.0151 0844 wcncsvc - ok
08:54:40.0166 0844 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:54:40.0166 0844 WcsPlugInService - ok
08:54:40.0197 0844 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:54:40.0197 0844 Wd - ok
08:54:40.0244 0844 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
08:54:40.0244 0844 WDC_SAM - ok
08:54:40.0322 0844 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:54:40.0338 0844 Wdf01000 - ok
08:54:40.0369 0844 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:54:40.0369 0844 WdiServiceHost - ok
08:54:40.0369 0844 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:54:40.0369 0844 WdiSystemHost - ok
08:54:40.0416 0844 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:54:40.0431 0844 WebClient - ok
08:54:40.0463 0844 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:54:40.0463 0844 Wecsvc - ok
08:54:40.0478 0844 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:54:40.0478 0844 wercplsupport - ok
08:54:40.0494 0844 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:54:40.0494 0844 WerSvc - ok
08:54:40.0556 0844 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:54:40.0572 0844 WfpLwf - ok
08:54:40.0603 0844 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
08:54:40.0619 0844 WimFltr - ok
08:54:40.0650 0844 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:54:40.0650 0844 WIMMount - ok
08:54:40.0697 0844 WinDefend - ok
08:54:40.0712 0844 WinHttpAutoProxySvc - ok
08:54:40.0806 0844 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:54:40.0821 0844 Winmgmt - ok
08:54:40.0977 0844 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:54:41.0024 0844 WinRM - ok
08:54:41.0601 0844 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
08:54:41.0633 0844 WinUsb - ok
08:54:42.0350 0844 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:54:42.0397 0844 Wlansvc - ok
08:54:42.0475 0844 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:54:42.0475 0844 wlcrasvc - ok
08:54:42.0709 0844 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:54:42.0771 0844 wlidsvc - ok
08:54:42.0865 0844 wltrysvc (a96d6c0613dcf84f2d07faeb75663072) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
08:54:42.0865 0844 wltrysvc - ok
08:54:42.0990 0844 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:54:42.0990 0844 WmiAcpi - ok
08:54:43.0083 0844 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:54:43.0083 0844 wmiApSrv - ok
08:54:43.0177 0844 WMPNetworkSvc - ok
08:54:43.0193 0844 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:54:43.0224 0844 WPCSvc - ok
08:54:43.0255 0844 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:54:43.0255 0844 WPDBusEnum - ok
08:54:43.0271 0844 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:54:43.0271 0844 ws2ifsl - ok
08:54:43.0317 0844 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
08:54:43.0317 0844 wscsvc - ok
08:54:43.0317 0844 WSearch - ok
08:54:43.0551 0844 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
08:54:43.0567 0844 wuauserv - ok
08:54:43.0692 0844 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:54:43.0692 0844 WudfPf - ok
08:54:43.0754 0844 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:54:43.0754 0844 WUDFRd - ok
08:54:43.0785 0844 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:54:43.0785 0844 wudfsvc - ok
08:54:43.0817 0844 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:54:43.0832 0844 WwanSvc - ok
08:54:43.0863 0844 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:54:44.0207 0844 \Device\Harddisk0\DR0 - ok
08:54:44.0222 0844 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR2
08:54:44.0238 0844 \Device\Harddisk1\DR2 - ok
08:54:44.0238 0844 Boot (0x1200) (e8f18f15dd6443a8bd9675730820ff7a) \Device\Harddisk0\DR0\Partition0
08:54:44.0238 0844 \Device\Harddisk0\DR0\Partition0 - ok
08:54:44.0253 0844 Boot (0x1200) (764d355ab7911d5786c88b5a71591f44) \Device\Harddisk0\DR0\Partition1
08:54:44.0253 0844 \Device\Harddisk0\DR0\Partition1 - ok
08:54:44.0269 0844 Boot (0x1200) (1266cd3195b3fedf2952dd2ca8fb7164) \Device\Harddisk1\DR2\Partition0
08:54:44.0269 0844 \Device\Harddisk1\DR2\Partition0 - ok
08:54:44.0269 0844 ============================================================
08:54:44.0269 0844 Scan finished
08:54:44.0269 0844 ============================================================
08:54:44.0300 9624 Detected object count: 0
08:54:44.0300 9624 Actual detected object count: 0
08:55:17.0357 0776 ============================================================
08:55:17.0357 0776 Scan started
08:55:17.0357 0776 Mode: Manual;
08:55:17.0357 0776 ============================================================
08:55:20.0726 0776 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:55:20.0726 0776 1394ohci - ok
08:55:20.0882 0776 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:55:20.0882 0776 ACPI - ok
08:55:20.0945 0776 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:55:20.0945 0776 AcpiPmi - ok
08:55:21.0194 0776 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:55:21.0194 0776 AdobeFlashPlayerUpdateSvc - ok
08:55:21.0272 0776 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:55:21.0272 0776 adp94xx - ok
08:55:21.0319 0776 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:55:21.0319 0776 adpahci - ok
08:55:21.0350 0776 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:55:21.0350 0776 adpu320 - ok
08:55:21.0444 0776 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:55:21.0444 0776 AeLookupSvc - ok
08:55:21.0537 0776 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
08:55:21.0537 0776 AFD - ok
08:55:21.0569 0776 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:55:21.0569 0776 agp440 - ok
08:55:21.0600 0776 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:55:21.0600 0776 ALG - ok
08:55:21.0631 0776 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:55:21.0631 0776 aliide - ok
08:55:21.0662 0776 AMD External Events Utility (d696f317bd465a602566f8e1dcce15f7) C:\Windows\system32\atiesrxx.exe
08:55:21.0662 0776 AMD External Events Utility - ok
08:55:21.0693 0776 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:55:21.0693 0776 amdide - ok
08:55:21.0740 0776 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:55:21.0740 0776 AmdK8 - ok
08:55:21.0756 0776 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:55:21.0756 0776 AmdPPM - ok
08:55:21.0803 0776 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:55:21.0803 0776 amdsata - ok
08:55:21.0834 0776 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:55:21.0834 0776 amdsbs - ok
08:55:21.0881 0776 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:55:21.0881 0776 amdxata - ok
08:55:22.0005 0776 Apache2.2 (53ea061ecc67223a430f153c3682ad54) c:\xampp\apache\bin\httpd.exe
08:55:22.0005 0776 Apache2.2 - ok
08:55:22.0052 0776 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:55:22.0052 0776 AppID - ok
08:55:22.0083 0776 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:55:22.0083 0776 AppIDSvc - ok
08:55:22.0099 0776 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:55:22.0099 0776 Appinfo - ok
08:55:22.0193 0776 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:55:22.0193 0776 Apple Mobile Device - ok
08:55:22.0239 0776 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:55:22.0239 0776 arc - ok
08:55:22.0271 0776 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:55:22.0271 0776 arcsas - ok
08:55:22.0349 0776 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:55:22.0349 0776 aspnet_state - ok
08:55:22.0380 0776 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:55:22.0380 0776 AsyncMac - ok
08:55:22.0411 0776 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:55:22.0411 0776 atapi - ok
08:55:22.0848 0776 atikmdag (52bd95caa9cae8977fe043e9ad6d2d0e) C:\Windows\system32\DRIVERS\atikmdag.sys
08:55:22.0879 0776 atikmdag - ok
08:55:23.0004 0776 ATITool (b07e6681d303a612680223c729b021e2) C:\Windows\system32\DRIVERS\ATITool64.sys
08:55:23.0004 0776 ATITool - ok
08:55:23.0082 0776 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:55:23.0082 0776 AudioEndpointBuilder - ok
08:55:23.0097 0776 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:55:23.0097 0776 AudioSrv - ok
08:55:23.0565 0776 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
08:55:23.0597 0776 AVGIDSAgent - ok
08:55:23.0753 0776 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
08:55:23.0753 0776 AVGIDSDriver - ok
08:55:23.0768 0776 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
08:55:23.0768 0776 AVGIDSFilter - ok
08:55:23.0815 0776 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
08:55:23.0815 0776 AVGIDSHA - ok
08:55:23.0862 0776 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
08:55:23.0862 0776 Avgldx64 - ok
08:55:23.0893 0776 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
08:55:23.0893 0776 Avgmfx64 - ok
08:55:23.0924 0776 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
08:55:23.0924 0776 Avgrkx64 - ok
08:55:24.0002 0776 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
08:55:24.0002 0776 Avgtdia - ok
08:55:24.0143 0776 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
08:55:24.0143 0776 avgwd - ok
08:55:24.0189 0776 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:55:24.0189 0776 AxInstSV - ok
08:55:24.0267 0776 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:55:24.0267 0776 b06bdrv - ok
08:55:24.0299 0776 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:55:24.0299 0776 b57nd60a - ok
08:55:24.0330 0776 BCM42RLY (5c0f919666954885d7760dffe4b29a25) C:\Windows\system32\drivers\BCM42RLY.sys
08:55:24.0330 0776 BCM42RLY - ok
08:55:24.0595 0776 BCM43XX (bab887a2b2786310a966881f074f4a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
08:55:24.0626 0776 BCM43XX - ok
08:55:24.0767 0776 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:55:24.0767 0776 BDESVC - ok
08:55:24.0798 0776 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:55:24.0798 0776 Beep - ok
08:55:24.0876 0776 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
08:55:24.0876 0776 BFE - ok
08:55:24.0969 0776 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
08:55:24.0969 0776 BITS - ok
08:55:25.0032 0776 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:55:25.0032 0776 blbdrive - ok
08:55:25.0125 0776 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
08:55:25.0141 0776 Bonjour Service - ok
08:55:25.0188 0776 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:55:25.0188 0776 bowser - ok
08:55:25.0219 0776 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:55:25.0219 0776 BrFiltLo - ok
08:55:25.0235 0776 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:55:25.0235 0776 BrFiltUp - ok
08:55:25.0266 0776 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
08:55:25.0266 0776 BridgeMP - ok
08:55:25.0313 0776 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:55:25.0313 0776 Browser - ok
08:55:25.0359 0776 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:55:25.0359 0776 Brserid - ok
08:55:25.0437 0776 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:55:25.0437 0776 BrSerWdm - ok
08:55:25.0437 0776 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:55:25.0437 0776 BrUsbMdm - ok
08:55:25.0437 0776 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:55:25.0437 0776 BrUsbSer - ok
08:55:25.0469 0776 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:55:25.0469 0776 BTHMODEM - ok
08:55:25.0500 0776 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:55:25.0515 0776 bthserv - ok
08:55:25.0515 0776 catchme - ok
08:55:25.0547 0776 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:55:25.0547 0776 cdfs - ok
08:55:25.0593 0776 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
08:55:25.0593 0776 cdrom - ok
08:55:25.0609 0776 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:55:25.0625 0776 CertPropSvc - ok
08:55:25.0703 0776 cgfkvxku (50b5f832241534dee628f3f479753280) C:\Program Files (x86)\ophcrack\pwdump\servpw.exe
08:55:25.0703 0776 cgfkvxku - ok
08:55:25.0734 0776 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:55:25.0734 0776 circlass - ok
08:55:25.0781 0776 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:55:25.0796 0776 CLFS - ok
08:55:25.0874 0776 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:55:25.0874 0776 clr_optimization_v2.0.50727_32 - ok
08:55:26.0015 0776 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:55:26.0030 0776 clr_optimization_v2.0.50727_64 - ok
08:55:26.0093 0776 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:55:26.0093 0776 clr_optimization_v4.0.30319_32 - ok
08:55:26.0124 0776 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:55:26.0139 0776 clr_optimization_v4.0.30319_64 - ok
08:55:26.0171 0776 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:55:26.0171 0776 CmBatt - ok
08:55:26.0186 0776 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:55:26.0186 0776 cmdide - ok
08:55:26.0249 0776 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
08:55:26.0264 0776 CNG - ok
08:55:26.0264 0776 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:55:26.0264 0776 Compbatt - ok
08:55:26.0280 0776 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:55:26.0280 0776 CompositeBus - ok
08:55:26.0295 0776 COMSysApp - ok
08:55:26.0327 0776 cpuz135 (ccb09eb78e047c931708149992c2e435) C:\Windows\system32\drivers\cpuz135_x64.sys
08:55:26.0327 0776 cpuz135 - ok
08:55:26.0358 0776 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:55:26.0358 0776 crcdisk - ok
08:55:26.0405 0776 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
08:55:26.0405 0776 CryptSvc - ok
08:55:26.0483 0776 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
08:55:26.0483 0776 CtClsFlt - ok
08:55:26.0561 0776 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:55:26.0561 0776 DcomLaunch - ok
08:55:26.0607 0776 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:55:26.0607 0776 defragsvc - ok
08:55:26.0639 0776 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:55:26.0654 0776 DfsC - ok
08:55:26.0685 0776 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:55:26.0685 0776 Dhcp - ok
08:55:26.0717 0776 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:55:26.0717 0776 discache - ok
08:55:26.0732 0776 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:55:26.0732 0776 Disk - ok
08:55:26.0763 0776 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:55:26.0763 0776 Dnscache - ok
08:55:26.0873 0776 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
08:55:26.0873 0776 DockLoginService - ok
08:55:26.0919 0776 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:55:26.0919 0776 dot3svc - ok
08:55:26.0951 0776 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:55:26.0951 0776 DPS - ok
08:55:27.0044 0776 dqkycmu (50b5f832241534dee628f3f479753280) C:\Program Files (x86)\ophcrack\pwdump\servpw.exe
08:55:27.0044 0776 dqkycmu - ok
08:55:27.0075 0776 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:55:27.0075 0776 drmkaud - ok
08:55:27.0153 0776 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
08:55:27.0153 0776 dtsoftbus01 - ok
08:55:27.0169 0776 dump_wmimmc - ok
08:55:27.0278 0776 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:55:27.0278 0776 DXGKrnl - ok
08:55:27.0325 0776 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:55:27.0325 0776 EapHost - ok
08:55:27.0590 0776 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:55:27.0606 0776 ebdrv - ok
08:55:27.0746 0776 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
08:55:27.0746 0776 EFS - ok
08:55:27.0855 0776 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:55:27.0855 0776 ehRecvr - ok
08:55:27.0887 0776 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:55:27.0887 0776 ehSched - ok
08:55:27.0980 0776 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:55:27.0980 0776 elxstor - ok
08:55:28.0011 0776 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:55:28.0011 0776 ErrDev - ok
08:55:28.0074 0776 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:55:28.0074 0776 EventSystem - ok
08:55:28.0105 0776 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:55:28.0121 0776 exfat - ok
08:55:28.0152 0776 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:55:28.0152 0776 fastfat - ok
08:55:28.0230 0776 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:55:28.0245 0776 Fax - ok
08:55:28.0261 0776 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:55:28.0261 0776 fdc - ok
08:55:28.0292 0776 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:55:28.0292 0776 fdPHost - ok
08:55:28.0308 0776 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:55:28.0308 0776 FDResPub - ok
08:55:28.0339 0776 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:55:28.0339 0776 FileInfo - ok
08:55:28.0339 0776 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:55:28.0339 0776 Filetrace - ok
08:55:28.0479 0776 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:55:28.0495 0776 FLEXnet Licensing Service - ok
08:55:28.0667 0776 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
08:55:28.0682 0776 FLEXnet Licensing Service 64 - ok
08:55:28.0885 0776 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:55:28.0885 0776 flpydisk - ok
08:55:29.0041 0776 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:55:29.0041 0776 FltMgr - ok
08:55:29.0166 0776 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:55:29.0166 0776 FontCache - ok
08:55:29.0259 0776 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:55:29.0259 0776 FontCache3.0.0.0 - ok
08:55:29.0337 0776 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:55:29.0337 0776 FsDepends - ok
08:55:29.0384 0776 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
08:55:29.0384 0776 fssfltr - ok
08:55:29.0618 0776 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:55:29.0634 0776 fsssvc - ok
08:55:29.0774 0776 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
08:55:29.0774 0776 Fs_Rec - ok
08:55:29.0837 0776 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:55:29.0837 0776 fvevol - ok
08:55:29.0868 0776 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:55:29.0868 0776 gagp30kx - ok
08:55:29.0883 0776 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:55:29.0883 0776 GEARAspiWDM - ok
08:55:29.0993 0776 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
08:55:29.0993 0776 GoToAssist - ok
08:55:30.0102 0776 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:55:30.0102 0776 gpsvc - ok
08:55:30.0180 0776 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:55:30.0180 0776 gupdate - ok
08:55:30.0180 0776 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:55:30.0180 0776 gupdatem - ok
08:55:30.0211 0776 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:55:30.0211 0776 gusvc - ok
08:55:30.0242 0776 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:55:30.0242 0776 hcw85cir - ok
08:55:30.0305 0776 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:55:30.0305 0776 HdAudAddService - ok
08:55:30.0336 0776 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:55:30.0336 0776 HDAudBus - ok
08:55:30.0351 0776 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:55:30.0351 0776 HidBatt - ok
08:55:30.0367 0776 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:55:30.0367 0776 HidBth - ok
08:55:30.0383 0776 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:55:30.0383 0776 HidIr - ok
08:55:30.0429 0776 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
08:55:30.0429 0776 hidserv - ok
08:55:30.0461 0776 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:55:30.0461 0776 HidUsb - ok
08:55:30.0476 0776 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:55:30.0476 0776 hkmsvc - ok
08:55:30.0523 0776 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:55:30.0523 0776 HomeGroupListener - ok
08:55:30.0554 0776 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:55:30.0570 0776 HomeGroupProvider - ok
08:55:30.0585 0776 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:55:30.0585 0776 HpSAMD - ok
08:55:30.0663 0776 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:55:30.0679 0776 HTTP - ok
08:55:30.0695 0776 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:55:30.0695 0776 hwpolicy - ok
08:55:30.0741 0776 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:55:30.0741 0776 i8042prt - ok
08:55:30.0804 0776 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:55:30.0804 0776 iaStorV - ok
08:55:30.0913 0776 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
08:55:30.0913 0776 IDriverT - ok
08:55:31.0069 0776 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:55:31.0085 0776 idsvc - ok
08:55:31.0209 0776 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:55:31.0209 0776 iirsp - ok
08:55:31.0303 0776 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:55:31.0319 0776 IKEEXT - ok
08:55:31.0365 0776 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:55:31.0365 0776 intelide - ok
08:55:31.0381 0776 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:55:31.0397 0776 intelppm - ok
08:55:31.0428 0776 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:55:31.0428 0776 IPBusEnum - ok
08:55:31.0475 0776 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:55:31.0475 0776 IpFilterDriver - ok
08:55:31.0537 0776 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
08:55:31.0553 0776 iphlpsvc - ok
08:55:31.0615 0776 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:55:31.0615 0776 IPMIDRV - ok
08:55:31.0646 0776 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:55:31.0646 0776 IPNAT - ok
08:55:31.0802 0776 iPod Service (d38469601b72d2da4f847fc642174e21) C:\Program Files\iPod\bin\iPodService.exe
08:55:31.0802 0776 iPod Service - ok
08:55:31.0818 0776 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:55:31.0818 0776 IRENUM - ok
08:55:31.0865 0776 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:55:31.0865 0776 isapnp - ok
08:55:31.0911 0776 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:55:31.0911 0776 iScsiPrt - ok
08:55:32.0005 0776 jjsryxnr (50b5f832241534dee628f3f479753280) C:\Program Files (x86)\ophcrack\pwdump\servpw.exe
08:55:32.0021 0776 jjsryxnr - ok
08:55:32.0052 0776 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
08:55:32.0052 0776 kbdclass - ok
08:55:32.0067 0776 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
08:55:32.0067 0776 kbdhid - ok
08:55:32.0130 0776 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
08:55:32.0130 0776 KeyIso - ok
08:55:32.0161 0776 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
08:55:32.0161 0776 KSecDD - ok
08:55:32.0192 0776 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
08:55:32.0192 0776 KSecPkg - ok
08:55:32.0208 0776 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:55:32.0208 0776 ksthunk - ok
08:55:32.0270 0776 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:55:32.0270 0776 KtmRm - ok
08:55:32.0317 0776 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
08:55:32.0317 0776 LanmanServer - ok
08:55:32.0333 0776 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:55:32.0333 0776 LanmanWorkstation - ok
08:55:32.0364 0776 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:55:32.0364 0776 lltdio - ok
08:55:32.0411 0776 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:55:32.0411 0776 lltdsvc - ok
08:55:32.0457 0776 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:55:32.0457 0776 lmhosts - ok
08:55:32.0504 0776 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:55:32.0504 0776 LSI_FC - ok
08:55:32.0504 0776 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:55:32.0504 0776 LSI_SAS - ok
08:55:32.0535 0776 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:55:32.0535 0776 LSI_SAS2 - ok
08:55:32.0551 0776 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:55:32.0551 0776 LSI_SCSI - ok
08:55:32.0582 0776 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:55:32.0582 0776 luafv - ok
08:55:32.0613 0776 McAfee SiteAdvisor Service - ok
08:55:32.0645 0776 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:55:32.0645 0776 Mcx2Svc - ok
08:55:32.0676 0776 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:55:32.0676 0776 megasas - ok
08:55:32.0707 0776 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:55:32.0707 0776 MegaSR - ok
08:55:32.0847 0776 mi-raysat_3dsmax2012_64 (0af89452a8ce3928168f4e5b2208c68b) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
08:55:32.0847 0776 mi-raysat_3dsmax2012_64 - ok
08:55:33.0035 0776 mitsijm2012 (29731e3f45a70312e82a72ea96483171) C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
08:55:33.0035 0776 mitsijm2012 - ok
08:55:33.0159 0776 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:55:33.0159 0776 MMCSS - ok
08:55:33.0191 0776 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:55:33.0191 0776 Modem - ok
08:55:33.0206 0776 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:55:33.0206 0776 monitor - ok
08:55:33.0237 0776 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
08:55:33.0237 0776 mouclass - ok
08:55:33.0269 0776 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:55:33.0269 0776 mouhid - ok
08:55:33.0300 0776 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:55:33.0300 0776 mountmgr - ok
08:55:33.0378 0776 MozillaMaintenance (de234f4479d29fc8c0dda8e52117fe0a) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:55:33.0378 0776 MozillaMaintenance - ok
08:55:33.0425 0776 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:55:33.0425 0776 mpio - ok
08:55:33.0456 0776 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:55:33.0456 0776 mpsdrv - ok
08:55:33.0565 0776 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
08:55:33.0581 0776 MpsSvc - ok
08:55:33.0612 0776 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:55:33.0612 0776 MRxDAV - ok
08:55:33.0643 0776 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:55:33.0643 0776 mrxsmb - ok
08:55:33.0705 0776 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:55:33.0705 0776 mrxsmb10 - ok
08:55:33.0737 0776 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:55:33.0737 0776 mrxsmb20 - ok
08:55:33.0752 0776 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:55:33.0752 0776 msahci - ok
08:55:33.0815 0776 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:55:33.0815 0776 msdsm - ok
08:55:33.0846 0776 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:55:33.0846 0776 MSDTC - ok
08:55:33.0893 0776 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:55:33.0893 0776 Msfs - ok
08:55:33.0893 0776 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:55:33.0893 0776 mshidkmdf - ok
08:55:33.0908 0776 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:55:33.0908 0776 msisadrv - ok
08:55:33.0971 0776 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:55:33.0971 0776 MSiSCSI - ok
08:55:33.0986 0776 msiserver - ok
08:55:34.0002 0776 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:55:34.0002 0776 MSKSSRV - ok
08:55:34.0033 0776 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:55:34.0033 0776 MSPCLOCK - ok
08:55:34.0033 0776 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:55:34.0033 0776 MSPQM - ok
08:55:34.0095 0776 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:55:34.0111 0776 MsRPC - ok
08:55:34.0127 0776 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:55:34.0142 0776 mssmbios - ok
08:55:34.0158 0776 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:55:34.0158 0776 MSTEE - ok
08:55:34.0173 0776 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:55:34.0173 0776 MTConfig - ok
08:55:34.0205 0776 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:55:34.0205 0776 Mup - ok
08:55:34.0267 0776 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:55:34.0267 0776 napagent - ok
08:55:34.0314 0776 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:55:34.0314 0776 NativeWifiP - ok
08:55:34.0407 0776 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:55:34.0407 0776 NDIS - ok
08:55:34.0423 0776 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:55:34.0423 0776 NdisCap - ok
08:55:34.0439 0776 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:55:34.0439 0776 NdisTapi - ok
08:55:34.0470 0776 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:55:34.0470 0776 Ndisuio - ok
08:55:34.0501 0776 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:55:34.0501 0776 NdisWan - ok
08:55:34.0532 0776 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:55:34.0532 0776 NDProxy - ok
08:55:34.0563 0776 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:55:34.0563 0776 NetBIOS - ok
08:55:34.0595 0776 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:55:34.0610 0776 NetBT - ok
08:55:34.0657 0776 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
08:55:34.0657 0776 Netlogon - ok
08:55:34.0688 0776 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:55:34.0704 0776 Netman - ok
08:55:34.0782 0776 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:34.0782 0776 NetMsmqActivator - ok
08:55:34.0782 0776 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:34.0797 0776 NetPipeActivator - ok
08:55:34.0844 0776 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:55:34.0844 0776 netprofm - ok
08:55:34.0860 0776 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:34.0860 0776 NetTcpActivator - ok
08:55:34.0860 0776 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:34.0860 0776 NetTcpPortSharing - ok
08:55:34.0938 0776 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:55:34.0938 0776 nfrd960 - ok
08:55:35.0016 0776 niatd (50b5f832241534dee628f3f479753280) C:\Program Files (x86)\ophcrack\pwdump\servpw.exe
08:55:35.0016 0776 niatd - ok
08:55:35.0063 0776 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:55:35.0078 0776 NlaSvc - ok
08:55:35.0094 0776 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:55:35.0094 0776 Npfs - ok
08:55:35.0109 0776 npggsvc - ok
08:55:35.0109 0776 NPPTNT2 - ok
08:55:35.0125 0776 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:55:35.0125 0776 nsi - ok
08:55:35.0141 0776 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:55:35.0141 0776 nsiproxy - ok
08:55:35.0328 0776 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:55:35.0328 0776 Ntfs - ok
08:55:35.0484 0776 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:55:35.0484 0776 Null - ok
08:55:35.0531 0776 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:55:35.0531 0776 nvraid - ok
08:55:35.0562 0776 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:55:35.0577 0776 nvstor - ok
08:55:35.0624 0776 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:55:35.0624 0776 nv_agp - ok
08:55:35.0749 0776 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:55:35.0749 0776 odserv - ok
08:55:35.0796 0776 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:55:35.0796 0776 ohci1394 - ok
08:55:35.0843 0776 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:55:35.0843 0776 ose - ok
08:55:35.0905 0776 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:55:35.0905 0776 p2pimsvc - ok
08:55:35.0952 0776 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:55:35.0952 0776 p2psvc - ok
08:55:35.0999 0776 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:55:35.0999 0776 Parport - ok
08:55:36.0201 0776 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
08:55:36.0201 0776 partmgr - ok
08:55:36.0217 0776 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:55:36.0217 0776 PcaSvc - ok
08:55:36.0326 0776 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
08:55:36.0326 0776 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
08:55:36.0373 0776 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:55:36.0373 0776 pci - ok
08:55:36.0420 0776 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:55:36.0420 0776 pciide - ok
08:55:36.0467 0776 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:55:36.0467 0776 pcmcia - ok
08:55:36.0467 0776 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:55:36.0467 0776 pcw - ok
08:55:36.0545 0776 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:55:36.0545 0776 PEAUTH - ok
08:55:36.0654 0776 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:55:36.0654 0776 PerfHost - ok
08:55:36.0857 0776 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:55:36.0857 0776 pla - ok
08:55:36.0903 0776 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:55:36.0919 0776 PlugPlay - ok
08:55:36.0919 0776 PnkBstrA - ok
08:55:36.0935 0776 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:55:36.0935 0776 PNRPAutoReg - ok
08:55:36.0997 0776 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:55:36.0997 0776 PNRPsvc - ok
08:55:37.0075 0776 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:55:37.0075 0776 PolicyAgent - ok
08:55:37.0091 0776 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:55:37.0091 0776 Power - ok
08:55:37.0169 0776 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:55:37.0169 0776 PptpMiniport - ok
08:55:37.0215 0776 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:55:37.0215 0776 Processor - ok
08:55:37.0262 0776 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
08:55:37.0262 0776 ProfSvc - ok
08:55:37.0309 0776 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
08:55:37.0309 0776 ProtectedStorage - ok
08:55:37.0356 0776 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:55:37.0356 0776 Psched - ok
08:55:37.0387 0776 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
08:55:37.0387 0776 PxHlpa64 - ok
08:55:37.0527 0776 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:55:37.0543 0776 ql2300 - ok
08:55:37.0715 0776 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:55:37.0715 0776 ql40xx - ok
08:55:37.0761 0776 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:55:37.0761 0776 QWAVE - ok
08:55:37.0777 0776 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:55:37.0777 0776 QWAVEdrv - ok
08:55:37.0808 0776 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:55:37.0808 0776 RasAcd - ok
08:55:37.0839 0776 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:55:37.0839 0776 RasAgileVpn - ok
08:55:37.0855 0776 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:55:37.0855 0776 RasAuto - ok
08:55:37.0886 0776 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:55:37.0886 0776 Rasl2tp - ok
08:55:37.0933 0776 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:55:37.0933 0776 RasMan - ok
08:55:37.0949 0776 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:55:37.0949 0776 RasPppoe - ok
08:55:37.0964 0776 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:55:37.0964 0776 RasSstp - ok
08:55:38.0011 0776 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:55:38.0011 0776 rdbss - ok
08:55:38.0027 0776 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:55:38.0027 0776 rdpbus - ok
08:55:38.0058 0776 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:55:38.0058 0776 RDPCDD - ok
08:55:38.0058 0776 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:55:38.0058 0776 RDPENCDD - ok
08:55:38.0073 0776 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:55:38.0073 0776 RDPREFMP - ok
08:55:38.0120 0776 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
08:55:38.0120 0776 RDPWD - ok
08:55:38.0167 0776 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:55:38.0167 0776 rdyboost - ok
08:55:38.0198 0776 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:55:38.0198 0776 RemoteAccess - ok
08:55:38.0214 0776 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:55:38.0214 0776 RemoteRegistry - ok
08:55:38.0463 0776 RosettaStoneDaemon (e7062dbd907e0c5ceeb5abdaf07e6b32) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
08:55:38.0463 0776 RosettaStoneDaemon - ok
08:55:38.0604 0776 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:55:38.0604 0776 RpcEptMapper - ok
08:55:38.0635 0776 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:55:38.0635 0776 RpcLocator - ok
08:55:38.0697 0776 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:55:38.0697 0776 RpcSs - ok
08:55:38.0775 0776 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:55:38.0775 0776 rspndr - ok
08:55:38.0838 0776 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
08:55:38.0838 0776 RTL8167 - ok
08:55:38.0885 0776 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
08:55:38.0885 0776 SamSs - ok
08:55:38.0931 0776 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:55:38.0931 0776 sbp2port - ok
08:55:38.0978 0776 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:55:38.0994 0776 SCardSvr - ok
08:55:39.0009 0776 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
08:55:39.0025 0776 SCDEmu - ok
08:55:39.0041 0776 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:55:39.0041 0776 scfilter - ok
08:55:39.0165 0776 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:55:39.0181 0776 Schedule - ok
08:55:39.0275 0776 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:55:39.0275 0776 SCPolicySvc - ok
08:55:39.0306 0776 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:55:39.0306 0776 SDRSVC - ok
08:55:39.0384 0776 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:55:39.0384 0776 secdrv - ok
08:55:39.0399 0776 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:55:39.0399 0776 seclogon - ok
08:55:39.0431 0776 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
08:55:39.0431 0776 SENS - ok
08:55:39.0446 0776 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:55:39.0446 0776 SensrSvc - ok
08:55:39.0462 0776 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:55:39.0462 0776 Serenum - ok
08:55:39.0540 0776 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:55:39.0540 0776 Serial - ok
08:55:39.0571 0776 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:55:39.0571 0776 sermouse - ok
08:55:39.0633 0776 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:55:39.0633 0776 SessionEnv - ok
08:55:39.0665 0776 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:55:39.0665 0776 sffdisk - ok
08:55:39.0680 0776 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:55:39.0680 0776 sffp_mmc - ok
08:55:39.0696 0776 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:55:39.0696 0776 sffp_sd - ok
08:55:39.0743 0776 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:55:39.0743 0776 sfloppy - ok
08:55:39.0883 0776 SftService (38f88f0df46c4d42125ef721abd7f6b9) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
08:55:39.0883 0776 SftService - ok
08:55:39.0961 0776 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
08:55:39.0961 0776 SharedAccess - ok
08:55:40.0008 0776 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:55:40.0008 0776 ShellHWDetection - ok
08:55:40.0070 0776 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:55:40.0086 0776 SiSRaid2 - ok
08:55:40.0086 0776 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:55:40.0086 0776 SiSRaid4 - ok
08:55:40.0101 0776 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:55:40.0101 0776 Smb - ok
08:55:40.0148 0776 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:55:40.0148 0776 SNMPTRAP - ok
08:55:40.0164 0776 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:55:40.0164 0776 spldr - ok
08:55:40.0226 0776 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:55:40.0226 0776 Spooler - ok
08:55:40.0507 0776 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:55:40.0538 0776 sppsvc - ok
08:55:40.0647 0776 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:55:40.0647 0776 sppuinotify - ok
08:55:40.0710 0776 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:55:40.0710 0776 srv - ok
08:55:40.0757 0776 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:55:40.0757 0776 srv2 - ok
08:55:40.0772 0776 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:55:40.0772 0776 srvnet - ok
08:55:40.0803 0776 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:55:40.0803 0776 SSDPSRV - ok
08:55:40.0819 0776 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:55:40.0835 0776 SstpSvc - ok
08:55:40.0866 0776 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:55:40.0866 0776 stexstor - ok
08:55:40.0944 0776 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:55:40.0944 0776 stisvc - ok
08:55:41.0022 0776 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:55:41.0022 0776 swenum - ok
08:55:41.0193 0776 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:55:41.0209 0776 swprv - ok
08:55:41.0287 0776 SynTP (8a3fbcb3d6d4710730d27da4392a4863) C:\Windows\system32\DRIVERS\SynTP.sys
08:55:41.0287 0776 SynTP - ok
08:55:41.0462 0776 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:55:41.0472 0776 SysMain - ok
08:55:41.0751 0776 SysTool (b07e6681d303a612680223c729b021e2) C:\Windows\system32\DRIVERS\SysTool64.sys
08:55:41.0751 0776 SysTool - ok
08:55:41.0861 0776 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:55:41.0861 0776 TabletInputService - ok
08:55:41.0892 0776 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:55:41.0892 0776 TapiSrv - ok
08:55:41.0923 0776 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:55:41.0923 0776 TBS - ok
08:55:42.0344 0776 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
08:55:42.0360 0776 Tcpip - ok
08:55:42.0641 0776 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
08:55:42.0656 0776 TCPIP6 - ok
08:55:42.0812 0776 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:55:42.0812 0776 tcpipreg - ok
08:55:42.0906 0776 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:55:42.0906 0776 TDPIPE - ok
08:55:42.0968 0776 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
08:55:42.0968 0776 TDTCP - ok
08:55:43.0062 0776 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:55:43.0062 0776 tdx - ok
08:55:43.0109 0776 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:55:43.0109 0776 TermDD - ok
08:55:43.0187 0776 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:55:43.0187 0776 TermService - ok
08:55:43.0218 0776 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:55:43.0218 0776 Themes - ok
08:55:43.0249 0776 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:55:43.0249 0776 THREADORDER - ok
08:55:43.0265 0776 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:55:43.0265 0776 TrkWks - ok
08:55:43.0358 0776 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:55:43.0358 0776 TrustedInstaller - ok
08:55:43.0405 0776 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:55:43.0405 0776 tssecsrv - ok
08:55:43.0452 0776 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:55:43.0452 0776 TsUsbFlt - ok
08:55:43.0483 0776 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:55:43.0483 0776 tunnel - ok
08:55:43.0530 0776 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:55:43.0530 0776 uagp35 - ok
08:55:43.0577 0776 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:55:43.0592 0776 udfs - ok
08:55:43.0623 0776 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:55:43.0623 0776 UI0Detect - ok
08:55:43.0670 0776 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:55:43.0670 0776 uliagpkx - ok
08:55:43.0701 0776 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
08:55:43.0701 0776 umbus - ok
08:55:43.0733 0776 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:55:43.0733 0776 UmPass - ok
08:55:43.0811 0776 unujfip (50b5f832241534dee628f3f479753280) C:\Program Files (x86)\ophcrack\pwdump\servpw.exe
08:55:43.0811 0776 unujfip - ok
08:55:43.0873 0776 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:55:43.0873 0776 upnphost - ok
08:55:43.0920 0776 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
08:55:43.0920 0776 USBAAPL64 - ok
08:55:43.0967 0776 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
08:55:43.0967 0776 usbaudio - ok
08:55:43.0998 0776 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:55:43.0998 0776 usbccgp - ok
08:55:44.0029 0776 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:55:44.0029 0776 usbcir - ok
08:55:44.0060 0776 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
08:55:44.0060 0776 usbehci - ok
08:55:44.0091 0776 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
08:55:44.0091 0776 usbfilter - ok
08:55:44.0138 0776 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:55:44.0138 0776 usbhub - ok
08:55:44.0169 0776 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
08:55:44.0169 0776 usbohci - ok
08:55:44.0201 0776 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:55:44.0201 0776 usbprint - ok
08:55:44.0232 0776 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
08:55:44.0232 0776 usbscan - ok
08:55:44.0263 0776 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:55:44.0263 0776 USBSTOR - ok
08:55:44.0279 0776 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
08:55:44.0279 0776 usbuhci - ok
08:55:44.0310 0776 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
08:55:44.0325 0776 usbvideo - ok
08:55:44.0357 0776 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:55:44.0357 0776 UxSms - ok
08:55:44.0403 0776 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
08:55:44.0403 0776 VaultSvc - ok
08:55:44.0435 0776 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:55:44.0435 0776 vdrvroot - ok
08:55:44.0513 0776 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:55:44.0513 0776 vds - ok
08:55:44.0544 0776 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:55:44.0544 0776 vga - ok
08:55:44.0591 0776 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:55:44.0591 0776 VgaSave - ok
08:55:44.0622 0776 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:55:44.0637 0776 vhdmp - ok
08:55:44.0669 0776 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:55:44.0669 0776 viaide - ok
08:55:44.0700 0776 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:55:44.0700 0776 volmgr - ok
08:55:44.0747 0776 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:55:44.0747 0776 volmgrx - ok
08:55:44.0762 0776 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:55:44.0778 0776 volsnap - ok
08:55:44.0825 0776 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:55:44.0825 0776 vsmraid - ok
08:55:44.0965 0776 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:55:44.0981 0776 VSS - ok
08:55:45.0121 0776 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
08:55:45.0137 0776 vwifibus - ok
08:55:45.0152 0776 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
08:55:45.0152 0776 vwififlt - ok
08:55:45.0215 0776 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:55:45.0215 0776 W32Time - ok
08:55:45.0246 0776 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:55:45.0246 0776 WacomPen - ok
08:55:45.0261 0776 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:55:45.0261 0776 WANARP - ok
08:55:45.0277 0776 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:55:45.0277 0776 Wanarpv6 - ok
08:55:45.0417 0776 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:55:45.0433 0776 WatAdminSvc - ok
08:55:45.0605 0776 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:55:45.0605 0776 wbengine - ok
08:55:45.0761 0776 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:55:45.0761 0776 WbioSrvc - ok
08:55:45.0823 0776 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:55:45.0823 0776 wcncsvc - ok
08:55:45.0839 0776 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:55:45.0839 0776 WcsPlugInService - ok
08:55:46.0057 0776 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:55:46.0057 0776 Wd - ok
08:55:46.0385 0776 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
08:55:46.0385 0776 WDC_SAM - ok
08:55:46.0806 0776 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:55:46.0806 0776 Wdf01000 - ok
08:55:47.0040 0776 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:55:47.0055 0776 WdiServiceHost - ok
08:55:47.0055 0776 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:55:47.0055 0776 WdiSystemHost - ok
08:55:47.0274 0776 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:55:47.0274 0776 WebClient - ok
08:55:47.0336 0776 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:55:47.0336 0776 Wecsvc - ok
08:55:47.0352 0776 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:55:47.0352 0776 wercplsupport - ok
08:55:47.0367 0776 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:55:47.0383 0776 WerSvc - ok
08:55:47.0477 0776 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:55:47.0477 0776 WfpLwf - ok
08:55:47.0508 0776 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
08:55:47.0508 0776 WimFltr - ok
08:55:47.0539 0776 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:55:47.0539 0776 WIMMount - ok
08:55:47.0586 0776 WinDefend - ok
08:55:47.0586 0776 WinHttpAutoProxySvc - ok
08:55:47.0711 0776 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:55:47.0711 0776 Winmgmt - ok
08:55:47.0882 0776 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:55:47.0898 0776 WinRM - ok
08:55:48.0038 0776 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
08:55:48.0038 0776 WinUsb - ok
08:55:48.0132 0776 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:55:48.0147 0776 Wlansvc - ok
08:55:48.0241 0776 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:55:48.0241 0776 wlcrasvc - ok
08:55:48.0491 0776 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:55:48.0506 0776 wlidsvc - ok
08:55:48.0569 0776 wltrysvc (a96d6c0613dcf84f2d07faeb75663072) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
08:55:48.0569 0776 wltrysvc - ok
08:55:48.0709 0776 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:55:48.0709 0776 WmiAcpi - ok
08:55:48.0756 0776 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:55:48.0756 0776 wmiApSrv - ok
08:55:48.0818 0776 WMPNetworkSvc - ok
08:55:48.0849 0776 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:55:48.0849 0776 WPCSvc - ok
08:55:48.0881 0776 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:55:48.0896 0776 WPDBusEnum - ok
08:55:48.0912 0776 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:55:48.0912 0776 ws2ifsl - ok
08:55:48.0927 0776 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
08:55:48.0927 0776 wscsvc - ok
08:55:48.0927 0776 WSearch - ok
08:55:49.0193 0776 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
08:55:49.0224 0776 wuauserv - ok
08:55:49.0395 0776 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:55:49.0395 0776 WudfPf - ok
08:55:49.0427 0776 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:55:49.0427 0776 WUDFRd - ok
08:55:49.0489 0776 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:55:49.0489 0776 wudfsvc - ok
08:55:49.0520 0776 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:55:49.0520 0776 WwanSvc - ok
08:55:49.0567 0776 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:55:49.0879 0776 \Device\Harddisk0\DR0 - ok
08:55:49.0879 0776 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR2
08:55:49.0895 0776 \Device\Harddisk1\DR2 - ok
08:55:49.0895 0776 Boot (0x1200) (e8f18f15dd6443a8bd9675730820ff7a) \Device\Harddisk0\DR0\Partition0
08:55:49.0895 0776 \Device\Harddisk0\DR0\Partition0 - ok
08:55:49.0910 0776 Boot (0x1200) (764d355ab7911d5786c88b5a71591f44) \Device\Harddisk0\DR0\Partition1
08:55:49.0910 0776 \Device\Harddisk0\DR0\Partition1 - ok
08:55:49.0910 0776 Boot (0x1200) (1266cd3195b3fedf2952dd2ca8fb7164) \Device\Harddisk1\DR2\Partition0
08:55:49.0910 0776 \Device\Harddisk1\DR2\Partition0 - ok
08:55:49.0910 0776 ============================================================
08:55:49.0910 0776 Scan finished
08:55:49.0910 0776 ============================================================
08:55:49.0926 0820 Detected object count: 0
08:55:49.0926 0820 Actual detected object count: 0
09:00:14.0903 6892 Deinitialize success



and, here's ASWMBR.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-09 09:03:54
-----------------------------
09:03:54.064 OS Version: Windows x64 6.1.7601 Service Pack 1
09:03:54.064 Number of processors: 3 586 0x503
09:03:54.064 ComputerName: BING-PC UserName: Bing
09:03:56.888 Initialize success
09:04:28.379 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:04:28.379 Disk 0 Vendor: WDC_WD5000BEVT-75A0RT0 01.01A01 Size: 476940MB BusType: 11
09:04:28.379 Disk 0 MBR read successfully
09:04:28.379 Disk 0 MBR scan
09:04:28.379 Disk 0 Windows 7 default MBR code
09:04:28.379 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 109 MB offset 63
09:04:28.426 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 10118 MB offset 225280
09:04:28.441 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 466711 MB offset 20946944
09:04:28.488 Disk 0 scanning C:\Windows\system32\drivers
09:04:37.240 Service scanning
09:05:42.792 Modules scanning
09:05:42.792 Disk 0 trace - called modules:
09:05:42.822 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
09:05:42.822 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c2d790]
09:05:43.172 3 CLASSPNP.SYS[fffff8800197643f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004ab2680]
09:05:43.172 Scan finished successfully
09:07:47.762 Disk 0 MBR has been saved successfully to "C:\Users\Bing\Downloads\MBR.dat"
09:07:47.772 The log file has been saved successfully to "C:\Users\Bing\Downloads\aswMBR.txt"







-Thanks Very Much

Attached Files


Edited by Bing S., 09 August 2012 - 05:00 PM.


#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:56 AM

Posted 09 August 2012 - 05:25 PM

Greetings


The file you removed with TDSSkiller was OK it is part of DAEMON Tools



I would like you to download an updated version of combofix.

update combofix

Delete the version of combofix you have now on your desktop and download a new one from here

Link 1
Link 2
Link 3
**Note: It is important that it is saved directly to your desktop**

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note:Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer
[/list]
"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:56 AM

Posted 12 August 2012 - 12:13 AM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:56 AM

Posted 15 August 2012 - 05:51 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Bing S.

Bing S.
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 17 August 2012 - 06:34 PM

Sorry for the lateness of this post, I had to go on an impromptu trip. In the meantime, I will run combofix later today, just letting you know I'm back.

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:56 AM

Posted 17 August 2012 - 08:26 PM

no problem and thanks for letting me know



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:56 AM

Posted 20 August 2012 - 12:11 AM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:56 AM

Posted 22 August 2012 - 11:27 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 Bing S.

Bing S.
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 23 August 2012 - 12:48 AM

Ok, redirects have stopped, sorry for the late reply, work has... kept me busy, I will open a new topic if they start again. :) thanks

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:56 AM

Posted 23 August 2012 - 12:59 AM

let me have the report please


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:56 AM

Posted 26 August 2012 - 01:31 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users