Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Persistant rootkit, TDSSKiller doesn't seem to help


  • This topic is locked This topic is locked
15 replies to this topic

#1 LaNoktaTempesto

LaNoktaTempesto

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 09 August 2012 - 08:34 PM

I have a rootkit on my computer that is redirecting my Google links, preventing Microsoft Security Essentials from running, and generally slowing down my computer. I have attempted to use Security Essentials Offline, Malwarebytes and TDSSKiller at various points, but all seem to be temporary fixes at best and useless at worst.

When I ran GMER, the only boxes that weren't greyed out were Services, Registry and Files; the results you see from that scan may therefore not be complete.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32
Run by LaNoktaTempesto at 18:22:21 on 2012-08-09
Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.5996.3482 [GMT -6:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\EK\EK.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\splwow64.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [NCsoft]
uRun: [NCsoft Launcher] C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe /Minimized
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [EPSON NX430 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBA.EXE /FU "C:\Users\LANOKT~1\AppData\Local\Temp\E_S627.tmp" /EF "HKCU"
uRun: [Ek] "C:\Program Files (x86)\EK\EK.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B516C7A2-7083-4135-A9EB-8827AE85E832} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B516C7A2-7083-4135-A9EB-8827AE85E832}\2456C6B696E6F574F575962756C6563737F5 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{B516C7A2-7083-4135-A9EB-8827AE85E832}\2456C6B696E6F574F575962756C6563737F5 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{B516C7A2-7083-4135-A9EB-8827AE85E832}\6434C425 : DhcpNameServer = 69.145.232.32 69.244.49.29
TCP: Interfaces\{B516C7A2-7083-4135-A9EB-8827AE85E832}\E68637D27657563747 : DhcpNameServer = 69.145.232.4 69.144.49.30 69.146.17.3
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO-X64: Canon Easy-WebPrint EX BHO - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64: IESpeakDoc - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun-x64: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\LaNoktaTempesto\AppData\Roaming\Mozilla\Firefox\Profiles\e7eh64g1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.kanji-a-day.com/level1/index.php
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\LaNoktaTempesto\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\LaNoktaTempesto\AppData\Roaming\Mozilla\Firefox\Profiles\e7eh64g1.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-3 63928]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-2 76448]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-3-15 352336]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-5-15 799848]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-10-18 168448]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-10-18 131072]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-13 13336]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-3-13 244624]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-3-13 2656280]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\drivers\btath_bus.sys --> C:\Windows\system32\drivers\btath_bus.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\drivers\iwdbus.sys --> C:\Windows\system32\drivers\iwdbus.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\drivers\nusb3hub.sys --> C:\Windows\system32\drivers\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\nusb3xhc.sys --> C:\Windows\system32\drivers\nusb3xhc.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-3-13 1817088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-23 250056]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\drivers\btath_hcrp.sys --> C:\Windows\system32\drivers\btath_hcrp.sys [?]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\drivers\btath_rcp.sys --> C:\Windows\system32\drivers\btath_rcp.sys [?]
S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-7 113120]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-09 22:53:36 20480 ----a-w- C:\Windows\svchost.exe
2012-08-09 22:38:24 -------- dc----w- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2012-08-09 22:34:58 -------- d-----w- C:\Users\LaNoktaTempesto\AppData\Roaming\Malwarebytes
2012-08-09 22:34:48 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-09 22:34:48 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-09 22:34:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-09 22:23:21 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-08-09 06:37:49 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{41B3F305-BA0F-46DC-95DC-0704AC417FF4}\offreg.dll
2012-08-08 21:49:47 111104 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\4912.tmp.dat
2012-08-08 06:02:41 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{41B3F305-BA0F-46DC-95DC-0704AC417FF4}\mpengine.dll
2012-08-07 14:40:45 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-06 16:39:50 -------- d-----w- C:\Users\LaNoktaTempesto\AppData\Local\{EF31CEFA-53BD-4AC0-B780-2EA03F0B4576}
2012-07-26 03:42:51 -------- d-----w- C:\TDSSKiller_Quarantine
2012-07-26 00:37:42 -------- d-----w- C:\Windows\Microsoft Antimalware
2012-07-23 18:15:33 -------- d-----w- C:\Users\LaNoktaTempesto\AppData\Local\Macromedia
2012-07-23 18:12:38 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-14 07:21:57 4145600 ----a-w- C:\Windows\SysWow64\GameMon.des
2012-07-14 07:21:16 -------- d-----w- C:\Program Files\Common Files\INCA Shared
2012-07-14 04:34:31 -------- d-----w- C:\Users\LaNoktaTempesto\AppData\Local\Chromium
2012-07-14 04:33:15 -------- d-----w- C:\Users\LaNoktaTempesto\AppData\Roaming\The Creative Assembly
2012-07-13 16:59:24 -------- d-----w- C:\Users\LaNoktaTempesto\AppData\Roaming\SpaceMonger
2012-07-13 16:59:24 -------- d-----w- C:\Program Files (x86)\SpaceMonger
2012-07-13 13:34:24 -------- d-----w- C:\Program Files (x86)\SEGA
2012-07-12 06:23:02 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-12 06:19:59 754808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2012-07-11 12:31:29 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-07-11 12:31:28 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-07-11 12:31:28 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-07-11 12:31:28 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-07-11 12:31:28 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-07-11 12:31:28 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-07-11 12:31:28 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-07-11 12:31:27 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-07-11 12:31:27 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
.
==================== Find3M ====================
.
2012-08-03 16:11:14 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-28 14:49:32 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-06-28 14:49:32 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-06-14 06:56:46 283416 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-06-14 06:56:46 283416 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-06-14 06:54:31 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-06-14 06:54:23 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 21:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 21:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-21 14:30:43 60304 ----a-w- C:\Users\LaNoktaTempesto\g2mdlhlpx.exe
2012-05-17 14:10:08 476960 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-05-17 14:10:08 472864 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 18:24:27.09 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:24 AM

Posted 09 August 2012 - 09:03 PM

Hello LaNoktaTempesto,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  • I will be analyzing your log. I will get back to you with instructions.


Do you have a USB Flash Drive you can use?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 LaNoktaTempesto

LaNoktaTempesto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 09 August 2012 - 09:27 PM

I have a portable hard drive floating around somewhere, would that work?

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:24 AM

Posted 11 August 2012 - 09:48 AM

Hello,

No a Portable hard Drive wont work. We will just go another route.

1.
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


2.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


Things to include in your next reply:;
TDDSKILLER LOG
Combofix.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 LaNoktaTempesto

LaNoktaTempesto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 11 August 2012 - 10:12 AM

TDSSKiller did not find any threats. Do I go ahead with ComboFix?

Edit: I did go ahead and use ComboFix. My Google searches seem to be coming up clean now; I'm a little concerned, however, by the fact that my computer did not restart and I cannot seem to find the ComboFix log anywhere, even after running a search on my entire C drive. Here's the TDSSKiller log, at any rate.

Edit 2: Google is giving me problems again.

Edit 3: I just noticed the 32788R22FWJFW file on my harddrive that other posts tell me is what happens when ComboFix fails to run properly. The strange thing is I can't actually view its contents - when I double-click it I just get the same window I get when I go to Computer (i.e. showing my drives), but with the toolbar saying "Computer > Windows (C:/) > 32788R22FWJFW" exactly as though I had actually opened the folder.

Edit 4: Argh, it just occurred to me that I might have forgotten to close the programs in my taskbar, which may have included Steam and NCsoft Launcher. Would that mess up ComboFix's operation, and if so should I run it again?

09:13:26.0109 5020 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
09:13:26.0519 5020 ============================================================
09:13:26.0519 5020 Current date / time: 2012/08/11 09:13:26.0519
09:13:26.0519 5020 SystemInfo:
09:13:26.0519 5020
09:13:26.0519 5020 OS Version: 6.1.7601 ServicePack: 1.0
09:13:26.0519 5020 Product type: Workstation
09:13:26.0520 5020 ComputerName: SHINSEDAI
09:13:26.0520 5020 UserName: LaNoktaTempesto
09:13:26.0520 5020 Windows directory: C:\Windows
09:13:26.0520 5020 System windows directory: C:\Windows
09:13:26.0520 5020 Running under WOW64
09:13:26.0520 5020 Processor architecture: Intel x64
09:13:26.0520 5020 Number of processors: 4
09:13:26.0520 5020 Page size: 0x1000
09:13:26.0520 5020 Boot type: Normal boot
09:13:26.0520 5020 ============================================================
09:13:26.0882 5020 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:13:26.0885 5020 ============================================================
09:13:26.0885 5020 \Device\Harddisk0\DR0:
09:13:26.0885 5020 MBR partitions:
09:13:26.0885 5020 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
09:13:26.0885 5020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x48425000
09:13:26.0885 5020 ============================================================
09:13:26.0904 5020 C: <-> \Device\Harddisk0\DR0\Partition1
09:13:26.0904 5020 ============================================================
09:13:26.0904 5020 Initialize success
09:13:26.0904 5020 ============================================================
09:13:28.0438 4916 ============================================================
09:13:28.0438 4916 Scan started
09:13:28.0438 4916 Mode: Manual;
09:13:28.0438 4916 ============================================================
09:13:31.0304 4916 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:13:31.0305 4916 1394ohci - ok
09:13:31.0387 4916 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:13:31.0389 4916 ACPI - ok
09:13:31.0414 4916 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:13:31.0414 4916 AcpiPmi - ok
09:13:31.0550 4916 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:13:31.0551 4916 AdobeARMservice - ok
09:13:31.0730 4916 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:13:31.0732 4916 AdobeFlashPlayerUpdateSvc - ok
09:13:31.0863 4916 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
09:13:31.0865 4916 adp94xx - ok
09:13:31.0981 4916 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
09:13:31.0983 4916 adpahci - ok
09:13:32.0020 4916 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
09:13:32.0021 4916 adpu320 - ok
09:13:32.0080 4916 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:13:32.0081 4916 AeLookupSvc - ok
09:13:32.0194 4916 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:13:32.0197 4916 AFD - ok
09:13:32.0249 4916 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:13:32.0250 4916 agp440 - ok
09:13:32.0304 4916 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:13:32.0305 4916 ALG - ok
09:13:32.0322 4916 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:13:32.0322 4916 aliide - ok
09:13:32.0327 4916 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:13:32.0327 4916 amdide - ok
09:13:32.0361 4916 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
09:13:32.0362 4916 AmdK8 - ok
09:13:32.0396 4916 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
09:13:32.0397 4916 AmdPPM - ok
09:13:32.0429 4916 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:13:32.0430 4916 amdsata - ok
09:13:32.0470 4916 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
09:13:32.0471 4916 amdsbs - ok
09:13:32.0491 4916 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:13:32.0491 4916 amdxata - ok
09:13:32.0538 4916 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:13:32.0538 4916 AppID - ok
09:13:32.0597 4916 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:13:32.0597 4916 AppIDSvc - ok
09:13:32.0656 4916 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:13:32.0657 4916 Appinfo - ok
09:13:32.0821 4916 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:13:32.0822 4916 Apple Mobile Device - ok
09:13:32.0866 4916 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
09:13:32.0866 4916 arc - ok
09:13:32.0909 4916 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
09:13:32.0909 4916 arcsas - ok
09:13:32.0940 4916 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:13:32.0941 4916 AsyncMac - ok
09:13:32.0964 4916 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:13:32.0965 4916 atapi - ok
09:13:33.0021 4916 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
09:13:33.0022 4916 AthBTPort - ok
09:13:33.0087 4916 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\System32\Drivers\AthDfu.sys
09:13:33.0087 4916 ATHDFU - ok
09:13:33.0138 4916 AtherosSvc (18771e700db2b729af506b946058dd4f) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
09:13:33.0139 4916 AtherosSvc - ok
09:13:33.0375 4916 athr (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
09:13:33.0385 4916 athr - ok
09:13:33.0576 4916 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:13:33.0579 4916 AudioEndpointBuilder - ok
09:13:33.0585 4916 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:13:33.0588 4916 AudioSrv - ok
09:13:33.0628 4916 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:13:33.0629 4916 AxInstSV - ok
09:13:33.0764 4916 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
09:13:33.0766 4916 b06bdrv - ok
09:13:33.0819 4916 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:13:33.0821 4916 b57nd60a - ok
09:13:33.0871 4916 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:13:33.0872 4916 BDESVC - ok
09:13:33.0913 4916 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:13:33.0914 4916 Beep - ok
09:13:33.0931 4916 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
09:13:33.0932 4916 blbdrive - ok
09:13:34.0067 4916 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
09:13:34.0070 4916 Bonjour Service - ok
09:13:34.0096 4916 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:13:34.0097 4916 bowser - ok
09:13:34.0128 4916 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
09:13:34.0128 4916 BrFiltLo - ok
09:13:34.0139 4916 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
09:13:34.0139 4916 BrFiltUp - ok
09:13:34.0203 4916 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:13:34.0204 4916 Browser - ok
09:13:34.0247 4916 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:13:34.0249 4916 Brserid - ok
09:13:34.0282 4916 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:13:34.0283 4916 BrSerWdm - ok
09:13:34.0306 4916 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:13:34.0307 4916 BrUsbMdm - ok
09:13:34.0310 4916 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:13:34.0310 4916 BrUsbSer - ok
09:13:34.0395 4916 BTATH_A2DP (fe70889a85c57a9268101b2db0474509) C:\Windows\system32\drivers\btath_a2dp.sys
09:13:34.0396 4916 BTATH_A2DP - ok
09:13:34.0428 4916 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\drivers\btath_bus.sys
09:13:34.0429 4916 BTATH_BUS - ok
09:13:34.0438 4916 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\drivers\btath_hcrp.sys
09:13:34.0439 4916 BTATH_HCRP - ok
09:13:34.0453 4916 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
09:13:34.0454 4916 BTATH_LWFLT - ok
09:13:34.0461 4916 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\drivers\btath_rcp.sys
09:13:34.0462 4916 BTATH_RCP - ok
09:13:34.0510 4916 BtFilter (dce0798fd5bb4e452227ec58700956f5) C:\Windows\system32\DRIVERS\btfilter.sys
09:13:34.0512 4916 BtFilter - ok
09:13:34.0533 4916 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
09:13:34.0534 4916 BthEnum - ok
09:13:34.0554 4916 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
09:13:34.0555 4916 BTHMODEM - ok
09:13:34.0583 4916 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
09:13:34.0584 4916 BthPan - ok
09:13:34.0625 4916 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
09:13:34.0628 4916 BTHPORT - ok
09:13:34.0668 4916 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:13:34.0668 4916 bthserv - ok
09:13:34.0702 4916 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
09:13:34.0702 4916 BTHUSB - ok
09:13:34.0725 4916 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:13:34.0726 4916 cdfs - ok
09:13:34.0756 4916 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
09:13:34.0757 4916 cdrom - ok
09:13:34.0790 4916 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:13:34.0791 4916 CertPropSvc - ok
09:13:34.0830 4916 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
09:13:34.0831 4916 circlass - ok
09:13:34.0862 4916 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:13:34.0864 4916 CLFS - ok
09:13:34.0911 4916 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:13:34.0912 4916 clr_optimization_v2.0.50727_32 - ok
09:13:34.0947 4916 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:13:34.0948 4916 clr_optimization_v2.0.50727_64 - ok
09:13:35.0005 4916 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:13:35.0006 4916 clr_optimization_v4.0.30319_32 - ok
09:13:35.0030 4916 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:13:35.0031 4916 clr_optimization_v4.0.30319_64 - ok
09:13:35.0065 4916 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
09:13:35.0065 4916 CmBatt - ok
09:13:35.0079 4916 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:13:35.0079 4916 cmdide - ok
09:13:35.0139 4916 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
09:13:35.0141 4916 CNG - ok
09:13:35.0344 4916 CnxtHdAudService (99b1b888b793de320c5479b3c953781f) C:\Windows\system32\drivers\CHDRT64.sys
09:13:35.0352 4916 CnxtHdAudService - ok
09:13:35.0507 4916 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
09:13:35.0507 4916 Compbatt - ok
09:13:35.0546 4916 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:13:35.0546 4916 CompositeBus - ok
09:13:35.0557 4916 COMSysApp - ok
09:13:35.0577 4916 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
09:13:35.0578 4916 crcdisk - ok
09:13:35.0635 4916 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
09:13:35.0636 4916 CryptSvc - ok
09:13:35.0861 4916 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:13:35.0866 4916 cvhsvc - ok
09:13:35.0935 4916 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:13:35.0939 4916 DcomLaunch - ok
09:13:36.0008 4916 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:13:36.0010 4916 defragsvc - ok
09:13:36.0062 4916 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:13:36.0063 4916 DfsC - ok
09:13:36.0141 4916 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:13:36.0143 4916 Dhcp - ok
09:13:36.0159 4916 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:13:36.0159 4916 discache - ok
09:13:36.0200 4916 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
09:13:36.0200 4916 Disk - ok
09:13:36.0236 4916 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:13:36.0238 4916 Dnscache - ok
09:13:36.0272 4916 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:13:36.0274 4916 dot3svc - ok
09:13:36.0356 4916 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:13:36.0357 4916 DPS - ok
09:13:36.0389 4916 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:13:36.0390 4916 drmkaud - ok
09:13:36.0488 4916 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
09:13:36.0490 4916 DsiWMIService - ok
09:13:36.0598 4916 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:13:36.0599 4916 dtsoftbus01 - ok
09:13:36.0721 4916 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:13:36.0726 4916 DXGKrnl - ok
09:13:36.0781 4916 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:13:36.0782 4916 EapHost - ok
09:13:36.0882 4916 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
09:13:36.0896 4916 ebdrv - ok
09:13:37.0008 4916 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:13:37.0011 4916 EFS - ok
09:13:37.0080 4916 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:13:37.0084 4916 ehRecvr - ok
09:13:37.0095 4916 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:13:37.0096 4916 ehSched - ok
09:13:37.0184 4916 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
09:13:37.0186 4916 elxstor - ok
09:13:37.0283 4916 ePowerSvc (57901f36fae709d0c0b58bb92a8361d0) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
09:13:37.0287 4916 ePowerSvc - ok
09:13:37.0353 4916 EPSON_EB_RPCV4_04 (7c5bfaac8dce7292b0c04ebf892e71f9) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
09:13:37.0354 4916 EPSON_EB_RPCV4_04 - ok
09:13:37.0396 4916 EPSON_PM_RPCV4_04 (d4615670cd49a1679e6067f155c47c68) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
09:13:37.0397 4916 EPSON_PM_RPCV4_04 - ok
09:13:37.0543 4916 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:13:37.0543 4916 ErrDev - ok
09:13:37.0624 4916 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:13:37.0626 4916 EventSystem - ok
09:13:37.0804 4916 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:13:37.0811 4916 EvtEng - ok
09:13:37.0956 4916 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:13:37.0957 4916 exfat - ok
09:13:37.0991 4916 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:13:37.0992 4916 fastfat - ok
09:13:38.0133 4916 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:13:38.0137 4916 Fax - ok
09:13:38.0190 4916 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
09:13:38.0190 4916 fdc - ok
09:13:38.0242 4916 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:13:38.0243 4916 fdPHost - ok
09:13:38.0261 4916 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:13:38.0261 4916 FDResPub - ok
09:13:38.0288 4916 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:13:38.0289 4916 FileInfo - ok
09:13:38.0322 4916 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:13:38.0323 4916 Filetrace - ok
09:13:38.0424 4916 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:13:38.0427 4916 FLEXnet Licensing Service - ok
09:13:38.0458 4916 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
09:13:38.0459 4916 flpydisk - ok
09:13:38.0540 4916 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:13:38.0541 4916 FltMgr - ok
09:13:38.0684 4916 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:13:38.0690 4916 FontCache - ok
09:13:38.0766 4916 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:13:38.0766 4916 FontCache3.0.0.0 - ok
09:13:38.0815 4916 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:13:38.0815 4916 FsDepends - ok
09:13:38.0855 4916 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:13:38.0855 4916 Fs_Rec - ok
09:13:38.0886 4916 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:13:38.0887 4916 fvevol - ok
09:13:38.0924 4916 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
09:13:38.0925 4916 gagp30kx - ok
09:13:38.0979 4916 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:13:38.0979 4916 GEARAspiWDM - ok
09:13:39.0048 4916 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:13:39.0052 4916 gpsvc - ok
09:13:39.0102 4916 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:13:39.0102 4916 hcw85cir - ok
09:13:39.0130 4916 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:13:39.0132 4916 HdAudAddService - ok
09:13:39.0175 4916 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:13:39.0176 4916 HDAudBus - ok
09:13:39.0180 4916 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
09:13:39.0181 4916 HidBatt - ok
09:13:39.0195 4916 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
09:13:39.0196 4916 HidBth - ok
09:13:39.0218 4916 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
09:13:39.0218 4916 HidIr - ok
09:13:39.0285 4916 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:13:39.0286 4916 hidserv - ok
09:13:39.0315 4916 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:13:39.0316 4916 HidUsb - ok
09:13:39.0342 4916 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:13:39.0344 4916 hkmsvc - ok
09:13:39.0408 4916 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:13:39.0410 4916 HomeGroupListener - ok
09:13:39.0449 4916 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:13:39.0452 4916 HomeGroupProvider - ok
09:13:39.0468 4916 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:13:39.0468 4916 HpSAMD - ok
09:13:39.0543 4916 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:13:39.0547 4916 HTTP - ok
09:13:39.0574 4916 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:13:39.0574 4916 hwpolicy - ok
09:13:39.0604 4916 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
09:13:39.0604 4916 i8042prt - ok
09:13:39.0656 4916 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
09:13:39.0659 4916 iaStor - ok
09:13:39.0760 4916 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:13:39.0760 4916 IAStorDataMgrSvc - ok
09:13:39.0805 4916 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:13:39.0807 4916 iaStorV - ok
09:13:40.0057 4916 IconMan_R (e4693409d06785477a49fb34afae1b92) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
09:13:40.0067 4916 IconMan_R - ok
09:13:40.0230 4916 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:13:40.0234 4916 idsvc - ok
09:13:41.0309 4916 igfx (9937600a1584ff00565d5379eb4c9edb) C:\Windows\system32\DRIVERS\igdkmd64.sys
09:13:41.0366 4916 igfx - ok
09:13:41.0669 4916 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
09:13:41.0670 4916 iirsp - ok
09:13:41.0783 4916 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:13:41.0788 4916 IKEEXT - ok
09:13:41.0818 4916 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys
09:13:41.0818 4916 intaud_WaveExtensible - ok
09:13:41.0862 4916 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
09:13:41.0864 4916 IntcDAud - ok
09:13:41.0890 4916 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:13:41.0891 4916 intelide - ok
09:13:41.0915 4916 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
09:13:41.0915 4916 intelppm - ok
09:13:41.0961 4916 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:13:41.0962 4916 IPBusEnum - ok
09:13:41.0991 4916 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:13:41.0992 4916 IpFilterDriver - ok
09:13:42.0008 4916 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:13:42.0008 4916 IPMIDRV - ok
09:13:42.0028 4916 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:13:42.0029 4916 IPNAT - ok
09:13:42.0094 4916 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files\iPod\bin\iPodService.exe
09:13:42.0099 4916 iPod Service - ok
09:13:42.0130 4916 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:13:42.0131 4916 IRENUM - ok
09:13:42.0143 4916 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:13:42.0143 4916 isapnp - ok
09:13:42.0169 4916 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:13:42.0172 4916 iScsiPrt - ok
09:13:42.0215 4916 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\drivers\iwdbus.sys
09:13:42.0216 4916 iwdbus - ok
09:13:42.0241 4916 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:13:42.0241 4916 kbdclass - ok
09:13:42.0272 4916 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:13:42.0273 4916 kbdhid - ok
09:13:42.0319 4916 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:13:42.0320 4916 KeyIso - ok
09:13:42.0362 4916 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
09:13:42.0363 4916 KSecDD - ok
09:13:42.0373 4916 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
09:13:42.0375 4916 KSecPkg - ok
09:13:42.0409 4916 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:13:42.0410 4916 ksthunk - ok
09:13:42.0456 4916 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:13:42.0459 4916 KtmRm - ok
09:13:42.0505 4916 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\Windows\system32\DRIVERS\L1C62x64.sys
09:13:42.0506 4916 L1C - ok
09:13:42.0543 4916 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:13:42.0545 4916 LanmanServer - ok
09:13:42.0565 4916 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:13:42.0567 4916 LanmanWorkstation - ok
09:13:42.0617 4916 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:13:42.0619 4916 Live Updater Service - ok
09:13:42.0661 4916 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:13:42.0662 4916 lltdio - ok
09:13:42.0700 4916 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:13:42.0702 4916 lltdsvc - ok
09:13:42.0713 4916 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:13:42.0714 4916 lmhosts - ok
09:13:42.0805 4916 LMS (d75c4b4a8fe6d7fd74a7eecdbaec729f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:13:42.0807 4916 LMS - ok
09:13:42.0841 4916 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
09:13:42.0842 4916 LSI_FC - ok
09:13:42.0868 4916 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
09:13:42.0869 4916 LSI_SAS - ok
09:13:42.0880 4916 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
09:13:42.0881 4916 LSI_SAS2 - ok
09:13:42.0902 4916 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
09:13:42.0903 4916 LSI_SCSI - ok
09:13:42.0937 4916 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:13:42.0938 4916 luafv - ok
09:13:43.0005 4916 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
09:13:43.0006 4916 McComponentHostService - ok
09:13:43.0031 4916 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:13:43.0032 4916 Mcx2Svc - ok
09:13:43.0062 4916 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
09:13:43.0062 4916 megasas - ok
09:13:43.0094 4916 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
09:13:43.0096 4916 MegaSR - ok
09:13:43.0155 4916 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
09:13:43.0155 4916 MEIx64 - ok
09:13:43.0188 4916 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:13:43.0190 4916 MMCSS - ok
09:13:43.0226 4916 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:13:43.0226 4916 Modem - ok
09:13:43.0252 4916 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:13:43.0253 4916 monitor - ok
09:13:43.0292 4916 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:13:43.0293 4916 mouclass - ok
09:13:43.0316 4916 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:13:43.0316 4916 mouhid - ok
09:13:43.0348 4916 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:13:43.0348 4916 mountmgr - ok
09:13:43.0430 4916 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:13:43.0431 4916 MozillaMaintenance - ok
09:13:43.0521 4916 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
09:13:43.0523 4916 MpFilter - ok
09:13:43.0552 4916 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:13:43.0553 4916 mpio - ok
09:13:43.0582 4916 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:13:43.0582 4916 mpsdrv - ok
09:13:43.0591 4916 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:13:43.0592 4916 MRxDAV - ok
09:13:43.0619 4916 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:13:43.0620 4916 mrxsmb - ok
09:13:43.0670 4916 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:13:43.0671 4916 mrxsmb10 - ok
09:13:43.0695 4916 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:13:43.0696 4916 mrxsmb20 - ok
09:13:43.0714 4916 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:13:43.0715 4916 msahci - ok
09:13:43.0724 4916 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:13:43.0725 4916 msdsm - ok
09:13:43.0763 4916 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:13:43.0765 4916 MSDTC - ok
09:13:43.0787 4916 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:13:43.0788 4916 Msfs - ok
09:13:43.0803 4916 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:13:43.0803 4916 mshidkmdf - ok
09:13:43.0814 4916 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:13:43.0814 4916 msisadrv - ok
09:13:43.0879 4916 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:13:43.0881 4916 MSiSCSI - ok
09:13:43.0884 4916 msiserver - ok
09:13:43.0913 4916 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:13:43.0914 4916 MSKSSRV - ok
09:13:43.0924 4916 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:13:43.0925 4916 MSPCLOCK - ok
09:13:43.0942 4916 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:13:43.0943 4916 MSPQM - ok
09:13:44.0021 4916 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:13:44.0023 4916 MsRPC - ok
09:13:44.0044 4916 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:13:44.0044 4916 mssmbios - ok
09:13:44.0068 4916 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:13:44.0068 4916 MSTEE - ok
09:13:44.0072 4916 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
09:13:44.0073 4916 MTConfig - ok
09:13:44.0100 4916 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:13:44.0100 4916 Mup - ok
09:13:44.0231 4916 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:13:44.0233 4916 MyWiFiDHCPDNS - ok
09:13:44.0294 4916 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:13:44.0297 4916 napagent - ok
09:13:44.0362 4916 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:13:44.0364 4916 NativeWifiP - ok
09:13:44.0487 4916 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
09:13:44.0492 4916 NDIS - ok
09:13:44.0516 4916 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:13:44.0517 4916 NdisCap - ok
09:13:44.0538 4916 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:13:44.0538 4916 NdisTapi - ok
09:13:44.0556 4916 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:13:44.0557 4916 Ndisuio - ok
09:13:44.0592 4916 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:13:44.0593 4916 NdisWan - ok
09:13:44.0630 4916 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:13:44.0630 4916 NDProxy - ok
09:13:44.0669 4916 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:13:44.0670 4916 NetBIOS - ok
09:13:44.0697 4916 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:13:44.0698 4916 NetBT - ok
09:13:44.0742 4916 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:13:44.0743 4916 Netlogon - ok
09:13:44.0794 4916 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:13:44.0797 4916 Netman - ok
09:13:44.0842 4916 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:13:44.0845 4916 netprofm - ok
09:13:44.0937 4916 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:13:44.0938 4916 NetTcpPortSharing - ok
09:13:45.0926 4916 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
09:13:45.0969 4916 NETwNs64 - ok
09:13:46.0060 4916 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
09:13:46.0061 4916 nfrd960 - ok
09:13:46.0100 4916 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:13:46.0101 4916 NisDrv - ok
09:13:46.0167 4916 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
09:13:46.0168 4916 NisSrv - ok
09:13:46.0227 4916 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:13:46.0229 4916 NlaSvc - ok
09:13:46.0246 4916 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:13:46.0247 4916 Npfs - ok
09:13:46.0274 4916 npggsvc - ok
09:13:46.0296 4916 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:13:46.0297 4916 nsi - ok
09:13:46.0321 4916 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:13:46.0322 4916 nsiproxy - ok
09:13:46.0459 4916 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:13:46.0466 4916 Ntfs - ok
09:13:46.0576 4916 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:13:46.0576 4916 Null - ok
09:13:46.0620 4916 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\drivers\nusb3hub.sys
09:13:46.0621 4916 nusb3hub - ok
09:13:46.0637 4916 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\drivers\nusb3xhc.sys
09:13:46.0638 4916 nusb3xhc - ok
09:13:47.0057 4916 nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:13:47.0126 4916 nvlddmkm - ok
09:13:47.0381 4916 nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
09:13:47.0382 4916 nvpciflt - ok
09:13:47.0428 4916 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:13:47.0428 4916 nvraid - ok
09:13:47.0454 4916 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:13:47.0455 4916 nvstor - ok
09:13:47.0605 4916 NVSvc (5a4af8ea634b4feeaf6f16bb1845715a) C:\Windows\system32\nvvsvc.exe
09:13:47.0612 4916 NVSvc - ok
09:13:47.0665 4916 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:13:47.0666 4916 nv_agp - ok
09:13:47.0708 4916 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:13:47.0709 4916 ohci1394 - ok
09:13:47.0814 4916 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:13:47.0815 4916 ose - ok
09:13:48.0436 4916 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:13:48.0463 4916 osppsvc - ok
09:13:48.0648 4916 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:13:48.0650 4916 p2pimsvc - ok
09:13:48.0712 4916 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:13:48.0715 4916 p2psvc - ok
09:13:48.0768 4916 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
09:13:48.0770 4916 Parport - ok
09:13:48.0834 4916 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
09:13:48.0835 4916 partmgr - ok
09:13:48.0884 4916 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:13:48.0887 4916 PcaSvc - ok
09:13:48.0923 4916 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:13:48.0925 4916 pci - ok
09:13:48.0945 4916 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:13:48.0945 4916 pciide - ok
09:13:48.0988 4916 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
09:13:48.0990 4916 pcmcia - ok
09:13:49.0008 4916 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:13:49.0008 4916 pcw - ok
09:13:49.0052 4916 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:13:49.0055 4916 PEAUTH - ok
09:13:49.0277 4916 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:13:49.0278 4916 PerfHost - ok
09:13:49.0469 4916 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:13:49.0477 4916 pla - ok
09:13:49.0553 4916 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:13:49.0556 4916 PlugPlay - ok
09:13:49.0608 4916 PnkBstrA - ok
09:13:49.0637 4916 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:13:49.0638 4916 PNRPAutoReg - ok
09:13:49.0682 4916 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:13:49.0685 4916 PNRPsvc - ok
09:13:49.0778 4916 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:13:49.0782 4916 PolicyAgent - ok
09:13:49.0846 4916 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:13:49.0848 4916 Power - ok
09:13:49.0933 4916 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:13:49.0934 4916 PptpMiniport - ok
09:13:49.0969 4916 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
09:13:49.0970 4916 Processor - ok
09:13:50.0022 4916 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
09:13:50.0024 4916 ProfSvc - ok
09:13:50.0077 4916 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:13:50.0078 4916 ProtectedStorage - ok
09:13:50.0113 4916 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:13:50.0114 4916 Psched - ok
09:13:50.0270 4916 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
09:13:50.0279 4916 ql2300 - ok
09:13:50.0440 4916 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
09:13:50.0441 4916 ql40xx - ok
09:13:50.0495 4916 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:13:50.0498 4916 QWAVE - ok
09:13:50.0528 4916 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:13:50.0528 4916 QWAVEdrv - ok
09:13:50.0553 4916 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:13:50.0553 4916 RasAcd - ok
09:13:50.0603 4916 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:13:50.0604 4916 RasAgileVpn - ok
09:13:50.0647 4916 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:13:50.0650 4916 RasAuto - ok
09:13:50.0685 4916 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:13:50.0687 4916 Rasl2tp - ok
09:13:50.0744 4916 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:13:50.0749 4916 RasMan - ok
09:13:50.0792 4916 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:13:50.0793 4916 RasPppoe - ok
09:13:50.0846 4916 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:13:50.0848 4916 RasSstp - ok
09:13:50.0878 4916 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:13:50.0880 4916 rdbss - ok
09:13:50.0936 4916 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
09:13:50.0936 4916 rdpbus - ok
09:13:50.0951 4916 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:13:50.0951 4916 RDPCDD - ok
09:13:50.0976 4916 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:13:50.0977 4916 RDPENCDD - ok
09:13:51.0007 4916 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:13:51.0008 4916 RDPREFMP - ok
09:13:51.0051 4916 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
09:13:51.0053 4916 RDPWD - ok
09:13:51.0099 4916 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:13:51.0100 4916 rdyboost - ok
09:13:51.0305 4916 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:13:51.0309 4916 RegSrvc - ok
09:13:51.0356 4916 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:13:51.0358 4916 RemoteAccess - ok
09:13:51.0398 4916 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:13:51.0400 4916 RemoteRegistry - ok
09:13:51.0488 4916 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
09:13:51.0489 4916 RFCOMM - ok
09:13:51.0506 4916 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:13:51.0508 4916 RpcEptMapper - ok
09:13:51.0526 4916 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:13:51.0527 4916 RpcLocator - ok
09:13:51.0589 4916 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:13:51.0593 4916 RpcSs - ok
09:13:51.0645 4916 RSPCIESTOR (d5c3e1629a3f7f0857d27949252b94ce) C:\Windows\system32\DRIVERS\RtsPStor.sys
09:13:51.0647 4916 RSPCIESTOR - ok
09:13:51.0667 4916 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:13:51.0668 4916 rspndr - ok
09:13:51.0710 4916 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:13:51.0712 4916 SamSs - ok
09:13:51.0743 4916 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:13:51.0744 4916 sbp2port - ok
09:13:51.0785 4916 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:13:51.0787 4916 SCardSvr - ok
09:13:51.0809 4916 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:13:51.0809 4916 scfilter - ok
09:13:51.0853 4916 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:13:51.0860 4916 Schedule - ok
09:13:51.0893 4916 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:13:51.0894 4916 SCPolicySvc - ok
09:13:51.0926 4916 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
09:13:51.0927 4916 sdbus - ok
09:13:51.0958 4916 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:13:51.0960 4916 SDRSVC - ok
09:13:51.0973 4916 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:13:51.0973 4916 secdrv - ok
09:13:51.0980 4916 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:13:51.0981 4916 seclogon - ok
09:13:51.0995 4916 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:13:51.0997 4916 SENS - ok
09:13:52.0010 4916 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:13:52.0011 4916 SensrSvc - ok
09:13:52.0047 4916 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
09:13:52.0048 4916 Serenum - ok
09:13:52.0073 4916 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
09:13:52.0074 4916 Serial - ok
09:13:52.0078 4916 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
09:13:52.0079 4916 sermouse - ok
09:13:52.0116 4916 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:13:52.0118 4916 SessionEnv - ok
09:13:52.0122 4916 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:13:52.0123 4916 sffdisk - ok
09:13:52.0137 4916 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:13:52.0137 4916 sffp_mmc - ok
09:13:52.0144 4916 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:13:52.0145 4916 sffp_sd - ok
09:13:52.0153 4916 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
09:13:52.0153 4916 sfloppy - ok
09:13:52.0218 4916 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
09:13:52.0222 4916 Sftfs - ok
09:13:52.0338 4916 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:13:52.0341 4916 sftlist - ok
09:13:52.0355 4916 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:13:52.0357 4916 Sftplay - ok
09:13:52.0372 4916 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:13:52.0373 4916 Sftredir - ok
09:13:52.0424 4916 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
09:13:52.0425 4916 Sftvol - ok
09:13:52.0443 4916 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:13:52.0445 4916 sftvsa - ok
09:13:52.0482 4916 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:13:52.0485 4916 ShellHWDetection - ok
09:13:52.0510 4916 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
09:13:52.0510 4916 SiSRaid2 - ok
09:13:52.0516 4916 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
09:13:52.0516 4916 SiSRaid4 - ok
09:13:52.0539 4916 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:13:52.0540 4916 Smb - ok
09:13:52.0567 4916 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:13:52.0569 4916 SNMPTRAP - ok
09:13:52.0579 4916 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:13:52.0580 4916 spldr - ok
09:13:52.0619 4916 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:13:52.0623 4916 Spooler - ok
09:13:52.0737 4916 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:13:52.0755 4916 sppsvc - ok
09:13:52.0848 4916 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:13:52.0849 4916 sppuinotify - ok
09:13:52.0896 4916 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:13:52.0898 4916 srv - ok
09:13:52.0919 4916 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:13:52.0922 4916 srv2 - ok
09:13:52.0940 4916 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:13:52.0942 4916 srvnet - ok
09:13:52.0982 4916 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:13:52.0984 4916 SSDPSRV - ok
09:13:53.0002 4916 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:13:53.0004 4916 SstpSvc - ok
09:13:53.0070 4916 Steam Client Service - ok
09:13:53.0091 4916 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
09:13:53.0091 4916 stexstor - ok
09:13:53.0133 4916 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:13:53.0138 4916 stisvc - ok
09:13:53.0172 4916 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:13:53.0173 4916 swenum - ok
09:13:53.0229 4916 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:13:53.0232 4916 swprv - ok
09:13:53.0363 4916 SynTP (02364d8be46a51361b0905736c3f7438) C:\Windows\system32\DRIVERS\SynTP.sys
09:13:53.0370 4916 SynTP - ok
09:13:53.0660 4916 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:13:53.0669 4916 SysMain - ok
09:13:53.0816 4916 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:13:53.0818 4916 TabletInputService - ok
09:13:53.0853 4916 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:13:53.0856 4916 TapiSrv - ok
09:13:53.0879 4916 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:13:53.0881 4916 TBS - ok
09:13:54.0158 4916 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
09:13:54.0167 4916 Tcpip - ok
09:13:54.0416 4916 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
09:13:54.0425 4916 TCPIP6 - ok
09:13:54.0534 4916 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:13:54.0534 4916 tcpipreg - ok
09:13:54.0557 4916 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:13:54.0558 4916 TDPIPE - ok
09:13:54.0599 4916 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:13:54.0600 4916 TDTCP - ok
09:13:54.0619 4916 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:13:54.0620 4916 tdx - ok
09:13:54.0630 4916 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:13:54.0631 4916 TermDD - ok
09:13:54.0671 4916 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:13:54.0675 4916 TermService - ok
09:13:54.0683 4916 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:13:54.0685 4916 Themes - ok
09:13:54.0709 4916 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:13:54.0710 4916 THREADORDER - ok
09:13:54.0723 4916 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:13:54.0724 4916 TrkWks - ok
09:13:54.0768 4916 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:13:54.0769 4916 TrustedInstaller - ok
09:13:54.0780 4916 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:13:54.0780 4916 tssecsrv - ok
09:13:54.0809 4916 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:13:54.0810 4916 TsUsbFlt - ok
09:13:54.0836 4916 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
09:13:54.0837 4916 TsUsbGD - ok
09:13:54.0871 4916 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:13:54.0872 4916 tunnel - ok
09:13:54.0914 4916 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
09:13:54.0914 4916 TurboB - ok
09:13:54.0983 4916 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:13:54.0984 4916 TurboBoost - ok
09:13:55.0013 4916 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
09:13:55.0014 4916 uagp35 - ok
09:13:55.0040 4916 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:13:55.0041 4916 udfs - ok
09:13:55.0079 4916 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:13:55.0080 4916 UI0Detect - ok
09:13:55.0111 4916 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:13:55.0112 4916 uliagpkx - ok
09:13:55.0126 4916 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
09:13:55.0126 4916 umbus - ok
09:13:55.0136 4916 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
09:13:55.0136 4916 UmPass - ok
09:13:55.0412 4916 UNS (758c2ce427c343f780a205e28555c98d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:13:55.0424 4916 UNS - ok
09:13:55.0531 4916 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:13:55.0535 4916 upnphost - ok
09:13:55.0579 4916 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
09:13:55.0580 4916 USBAAPL64 - ok
09:13:55.0610 4916 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:13:55.0611 4916 usbccgp - ok
09:13:55.0642 4916 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:13:55.0643 4916 usbcir - ok
09:13:55.0711 4916 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
09:13:55.0711 4916 usbehci - ok
09:13:55.0741 4916 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
09:13:55.0743 4916 usbhub - ok
09:13:55.0762 4916 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:13:55.0763 4916 usbohci - ok
09:13:55.0808 4916 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:13:55.0808 4916 usbprint - ok
09:13:55.0857 4916 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
09:13:55.0857 4916 usbscan - ok
09:13:55.0876 4916 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:13:55.0877 4916 USBSTOR - ok
09:13:55.0895 4916 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:13:55.0896 4916 usbuhci - ok
09:13:55.0934 4916 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
09:13:55.0936 4916 usbvideo - ok
09:13:55.0952 4916 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:13:55.0953 4916 UxSms - ok
09:13:55.0999 4916 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:13:56.0001 4916 VaultSvc - ok
09:13:56.0021 4916 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:13:56.0021 4916 vdrvroot - ok
09:13:56.0053 4916 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:13:56.0058 4916 vds - ok
09:13:56.0080 4916 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:13:56.0081 4916 vga - ok
09:13:56.0100 4916 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:13:56.0101 4916 VgaSave - ok
09:13:56.0110 4916 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:13:56.0111 4916 vhdmp - ok
09:13:56.0115 4916 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:13:56.0116 4916 viaide - ok
09:13:56.0128 4916 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:13:56.0129 4916 volmgr - ok
09:13:56.0154 4916 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:13:56.0156 4916 volmgrx - ok
09:13:56.0190 4916 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:13:56.0192 4916 volsnap - ok
09:13:56.0209 4916 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
09:13:56.0211 4916 vsmraid - ok
09:13:56.0276 4916 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:13:56.0285 4916 VSS - ok
09:13:56.0381 4916 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:13:56.0381 4916 vwifibus - ok
09:13:56.0399 4916 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:13:56.0400 4916 vwififlt - ok
09:13:56.0408 4916 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
09:13:56.0409 4916 vwifimp - ok
09:13:56.0450 4916 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:13:56.0453 4916 W32Time - ok
09:13:56.0475 4916 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
09:13:56.0476 4916 WacomPen - ok
09:13:56.0503 4916 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:13:56.0504 4916 WANARP - ok
09:13:56.0507 4916 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:13:56.0508 4916 Wanarpv6 - ok
09:13:56.0595 4916 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:13:56.0601 4916 WatAdminSvc - ok
09:13:56.0686 4916 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:13:56.0694 4916 wbengine - ok
09:13:56.0821 4916 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:13:56.0823 4916 WbioSrvc - ok
09:13:56.0851 4916 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:13:56.0853 4916 wcncsvc - ok
09:13:56.0868 4916 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:13:56.0870 4916 WcsPlugInService - ok
09:13:56.0911 4916 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
09:13:56.0912 4916 Wd - ok
09:13:56.0947 4916 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:13:56.0951 4916 Wdf01000 - ok
09:13:56.0974 4916 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:13:56.0976 4916 WdiServiceHost - ok
09:13:56.0981 4916 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:13:56.0984 4916 WdiSystemHost - ok
09:13:57.0011 4916 wdkmd (63ce387483e74a0bd79ee4e5eba1fd2e) C:\Windows\system32\DRIVERS\WDKMD.sys
09:13:57.0012 4916 wdkmd - ok
09:13:57.0038 4916 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:13:57.0040 4916 WebClient - ok
09:13:57.0064 4916 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:13:57.0067 4916 Wecsvc - ok
09:13:57.0080 4916 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:13:57.0082 4916 wercplsupport - ok
09:13:57.0116 4916 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:13:57.0118 4916 WerSvc - ok
09:13:57.0138 4916 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:13:57.0138 4916 WfpLwf - ok
09:13:57.0175 4916 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:13:57.0175 4916 WIMMount - ok
09:13:57.0180 4916 WinHttpAutoProxySvc - ok
09:13:57.0255 4916 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:13:57.0256 4916 Winmgmt - ok
09:13:57.0441 4916 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:13:57.0451 4916 WinRM - ok
09:13:57.0654 4916 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
09:13:57.0655 4916 WinUsb - ok
09:13:57.0790 4916 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:13:57.0796 4916 Wlansvc - ok
09:13:57.0889 4916 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:13:57.0889 4916 wlcrasvc - ok
09:13:58.0206 4916 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:13:58.0218 4916 wlidsvc - ok
09:13:58.0375 4916 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:13:58.0375 4916 WmiAcpi - ok
09:13:58.0452 4916 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:13:58.0454 4916 wmiApSrv - ok
09:13:58.0501 4916 WMPNetworkSvc - ok
09:13:58.0597 4916 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
09:13:58.0599 4916 WMZuneComm - ok
09:13:58.0629 4916 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:13:58.0631 4916 WPCSvc - ok
09:13:58.0661 4916 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:13:58.0664 4916 WPDBusEnum - ok
09:13:58.0690 4916 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:13:58.0691 4916 ws2ifsl - ok
09:13:58.0750 4916 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
09:13:58.0750 4916 WSDPrintDevice - ok
09:13:58.0771 4916 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
09:13:58.0771 4916 WSDScan - ok
09:13:58.0774 4916 WSearch - ok
09:13:58.0814 4916 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:13:58.0815 4916 WudfPf - ok
09:13:58.0870 4916 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:13:58.0872 4916 WUDFRd - ok
09:13:58.0908 4916 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:13:58.0909 4916 wudfsvc - ok
09:13:58.0937 4916 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:13:58.0939 4916 WwanSvc - ok
09:13:59.0010 4916 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
09:13:59.0011 4916 xusb21 - ok
09:13:59.0825 4916 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
09:13:59.0865 4916 ZuneNetworkSvc - ok
09:13:59.0967 4916 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
09:13:59.0970 4916 ZuneWlanCfgSvc - ok
09:14:00.0056 4916 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:14:00.0512 4916 \Device\Harddisk0\DR0 - ok
09:14:00.0514 4916 Boot (0x1200) (06234e27bad55fa68f7d0d30b1a8d5b6) \Device\Harddisk0\DR0\Partition0
09:14:00.0515 4916 \Device\Harddisk0\DR0\Partition0 - ok
09:14:00.0535 4916 Boot (0x1200) (bbf5c364a27d8f4ec95e54cfebceece6) \Device\Harddisk0\DR0\Partition1
09:14:00.0535 4916 \Device\Harddisk0\DR0\Partition1 - ok
09:14:00.0536 4916 ============================================================
09:14:00.0536 4916 Scan finished
09:14:00.0536 4916 ============================================================
09:14:00.0543 5788 Detected object count: 0
09:14:00.0543 5788 Actual detected object count: 0
09:14:41.0148 5848 ============================================================
09:14:41.0148 5848 Scan started
09:14:41.0148 5848 Mode: Manual;
09:14:41.0148 5848 ============================================================
09:14:43.0684 5848 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:14:43.0685 5848 1394ohci - ok
09:14:43.0745 5848 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:14:43.0746 5848 ACPI - ok
09:14:43.0761 5848 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:14:43.0761 5848 AcpiPmi - ok
09:14:43.0864 5848 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:14:43.0866 5848 AdobeARMservice - ok
09:14:44.0056 5848 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:14:44.0058 5848 AdobeFlashPlayerUpdateSvc - ok
09:14:44.0218 5848 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
09:14:44.0220 5848 adp94xx - ok
09:14:44.0299 5848 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
09:14:44.0302 5848 adpahci - ok
09:14:44.0334 5848 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
09:14:44.0335 5848 adpu320 - ok
09:14:44.0371 5848 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:14:44.0371 5848 AeLookupSvc - ok
09:14:44.0511 5848 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:14:44.0513 5848 AFD - ok
09:14:44.0539 5848 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:14:44.0540 5848 agp440 - ok
09:14:44.0583 5848 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:14:44.0584 5848 ALG - ok
09:14:44.0587 5848 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:14:44.0587 5848 aliide - ok
09:14:44.0593 5848 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:14:44.0593 5848 amdide - ok
09:14:44.0599 5848 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
09:14:44.0600 5848 AmdK8 - ok
09:14:44.0632 5848 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
09:14:44.0632 5848 AmdPPM - ok
09:14:44.0641 5848 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:14:44.0641 5848 amdsata - ok
09:14:44.0651 5848 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
09:14:44.0652 5848 amdsbs - ok
09:14:44.0682 5848 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:14:44.0683 5848 amdxata - ok
09:14:44.0730 5848 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:14:44.0730 5848 AppID - ok
09:14:44.0744 5848 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:14:44.0744 5848 AppIDSvc - ok
09:14:44.0758 5848 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:14:44.0759 5848 Appinfo - ok
09:14:44.0891 5848 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:14:44.0894 5848 Apple Mobile Device - ok
09:14:44.0924 5848 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
09:14:44.0925 5848 arc - ok
09:14:44.0945 5848 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
09:14:44.0945 5848 arcsas - ok
09:14:44.0988 5848 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:14:44.0988 5848 AsyncMac - ok
09:14:45.0023 5848 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:14:45.0024 5848 atapi - ok
09:14:45.0068 5848 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
09:14:45.0068 5848 AthBTPort - ok
09:14:45.0121 5848 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\System32\Drivers\AthDfu.sys
09:14:45.0122 5848 ATHDFU - ok
09:14:45.0173 5848 AtherosSvc (18771e700db2b729af506b946058dd4f) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
09:14:45.0173 5848 AtherosSvc - ok
09:14:45.0256 5848 athr (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
09:14:45.0266 5848 athr - ok
09:14:45.0376 5848 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:14:45.0379 5848 AudioEndpointBuilder - ok
09:14:45.0385 5848 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:14:45.0389 5848 AudioSrv - ok
09:14:45.0405 5848 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:14:45.0406 5848 AxInstSV - ok
09:14:45.0488 5848 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
09:14:45.0496 5848 b06bdrv - ok
09:14:45.0525 5848 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:14:45.0530 5848 b57nd60a - ok
09:14:45.0569 5848 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:14:45.0569 5848 BDESVC - ok
09:14:45.0582 5848 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:14:45.0582 5848 Beep - ok
09:14:45.0609 5848 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
09:14:45.0610 5848 blbdrive - ok
09:14:45.0665 5848 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
09:14:45.0667 5848 Bonjour Service - ok
09:14:45.0686 5848 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:14:45.0687 5848 bowser - ok
09:14:45.0707 5848 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
09:14:45.0707 5848 BrFiltLo - ok
09:14:45.0717 5848 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
09:14:45.0717 5848 BrFiltUp - ok
09:14:45.0748 5848 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:14:45.0749 5848 Browser - ok
09:14:45.0770 5848 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:14:45.0771 5848 Brserid - ok
09:14:45.0795 5848 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:14:45.0796 5848 BrSerWdm - ok
09:14:45.0807 5848 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:14:45.0808 5848 BrUsbMdm - ok
09:14:45.0811 5848 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:14:45.0811 5848 BrUsbSer - ok
09:14:45.0841 5848 BTATH_A2DP (fe70889a85c57a9268101b2db0474509) C:\Windows\system32\drivers\btath_a2dp.sys
09:14:45.0842 5848 BTATH_A2DP - ok
09:14:45.0853 5848 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\drivers\btath_bus.sys
09:14:45.0853 5848 BTATH_BUS - ok
09:14:45.0861 5848 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\drivers\btath_hcrp.sys
09:14:45.0862 5848 BTATH_HCRP - ok
09:14:45.0877 5848 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
09:14:45.0877 5848 BTATH_LWFLT - ok
09:14:45.0884 5848 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\drivers\btath_rcp.sys
09:14:45.0885 5848 BTATH_RCP - ok
09:14:45.0913 5848 BtFilter (dce0798fd5bb4e452227ec58700956f5) C:\Windows\system32\DRIVERS\btfilter.sys
09:14:45.0914 5848 BtFilter - ok
09:14:45.0935 5848 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
09:14:45.0935 5848 BthEnum - ok
09:14:45.0957 5848 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
09:14:45.0957 5848 BTHMODEM - ok
09:14:45.0974 5848 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
09:14:45.0975 5848 BthPan - ok
09:14:46.0007 5848 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
09:14:46.0010 5848 BTHPORT - ok
09:14:46.0038 5848 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:14:46.0039 5848 bthserv - ok
09:14:46.0071 5848 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
09:14:46.0072 5848 BTHUSB - ok
09:14:46.0094 5848 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:14:46.0095 5848 cdfs - ok
09:14:46.0113 5848 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
09:14:46.0114 5848 cdrom - ok
09:14:46.0125 5848 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:14:46.0126 5848 CertPropSvc - ok
09:14:46.0143 5848 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
09:14:46.0143 5848 circlass - ok
09:14:46.0176 5848 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:14:46.0178 5848 CLFS - ok
09:14:46.0235 5848 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:14:46.0236 5848 clr_optimization_v2.0.50727_32 - ok
09:14:46.0271 5848 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:14:46.0272 5848 clr_optimization_v2.0.50727_64 - ok
09:14:46.0307 5848 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:14:46.0308 5848 clr_optimization_v4.0.30319_32 - ok
09:14:46.0342 5848 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:14:46.0343 5848 clr_optimization_v4.0.30319_64 - ok
09:14:46.0366 5848 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
09:14:46.0367 5848 CmBatt - ok
09:14:46.0380 5848 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:14:46.0381 5848 cmdide - ok
09:14:46.0438 5848 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
09:14:46.0440 5848 CNG - ok
09:14:46.0507 5848 CnxtHdAudService (99b1b888b793de320c5479b3c953781f) C:\Windows\system32\drivers\CHDRT64.sys
09:14:46.0514 5848 CnxtHdAudService - ok
09:14:46.0607 5848 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
09:14:46.0607 5848 Compbatt - ok
09:14:46.0624 5848 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:14:46.0624 5848 CompositeBus - ok
09:14:46.0627 5848 COMSysApp - ok
09:14:46.0644 5848 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
09:14:46.0645 5848 crcdisk - ok
09:14:46.0695 5848 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
09:14:46.0696 5848 CryptSvc - ok
09:14:46.0846 5848 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:14:46.0850 5848 cvhsvc - ok
09:14:46.0893 5848 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:14:46.0896 5848 DcomLaunch - ok
09:14:46.0928 5848 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:14:46.0929 5848 defragsvc - ok
09:14:46.0972 5848 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:14:46.0972 5848 DfsC - ok
09:14:46.0995 5848 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:14:46.0997 5848 Dhcp - ok
09:14:47.0015 5848 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:14:47.0015 5848 discache - ok
09:14:47.0031 5848 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
09:14:47.0032 5848 Disk - ok
09:14:47.0055 5848 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:14:47.0056 5848 Dnscache - ok
09:14:47.0080 5848 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:14:47.0081 5848 dot3svc - ok
09:14:47.0103 5848 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:14:47.0104 5848 DPS - ok
09:14:47.0124 5848 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:14:47.0125 5848 drmkaud - ok
09:14:47.0212 5848 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
09:14:47.0214 5848 DsiWMIService - ok
09:14:47.0263 5848 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:14:47.0265 5848 dtsoftbus01 - ok
09:14:47.0316 5848 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:14:47.0320 5848 DXGKrnl - ok
09:14:47.0339 5848 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:14:47.0340 5848 EapHost - ok
09:14:47.0452 5848 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
09:14:47.0467 5848 ebdrv - ok
09:14:47.0575 5848 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:14:47.0576 5848 EFS - ok
09:14:47.0649 5848 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:14:47.0652 5848 ehRecvr - ok
09:14:47.0663 5848 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:14:47.0664 5848 ehSched - ok
09:14:47.0726 5848 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
09:14:47.0729 5848 elxstor - ok
09:14:47.0798 5848 ePowerSvc (57901f36fae709d0c0b58bb92a8361d0) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
09:14:47.0801 5848 ePowerSvc - ok
09:14:47.0863 5848 EPSON_EB_RPCV4_04 (7c5bfaac8dce7292b0c04ebf892e71f9) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
09:14:47.0864 5848 EPSON_EB_RPCV4_04 - ok
09:14:47.0879 5848 EPSON_PM_RPCV4_04 (d4615670cd49a1679e6067f155c47c68) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
09:14:47.0880 5848 EPSON_PM_RPCV4_04 - ok
09:14:47.0977 5848 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:14:47.0978 5848 ErrDev - ok
09:14:48.0020 5848 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:14:48.0022 5848 EventSystem - ok
09:14:48.0139 5848 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:14:48.0151 5848 EvtEng - ok
09:14:48.0251 5848 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:14:48.0252 5848 exfat - ok
09:14:48.0275 5848 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:14:48.0276 5848 fastfat - ok
09:14:48.0320 5848 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:14:48.0324 5848 Fax - ok
09:14:48.0334 5848 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
09:14:48.0334 5848 fdc - ok
09:14:48.0354 5848 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:14:48.0355 5848 fdPHost - ok
09:14:48.0372 5848 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:14:48.0372 5848 FDResPub - ok
09:14:48.0400 5848 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:14:48.0400 5848 FileInfo - ok
09:14:48.0412 5848 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:14:48.0412 5848 Filetrace - ok
09:14:48.0493 5848 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:14:48.0496 5848 FLEXnet Licensing Service - ok
09:14:48.0515 5848 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
09:14:48.0515 5848 flpydisk - ok
09:14:48.0547 5848 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:14:48.0548 5848 FltMgr - ok
09:14:48.0614 5848 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:14:48.0620 5848 FontCache - ok
09:14:48.0711 5848 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:14:48.0712 5848 FontCache3.0.0.0 - ok
09:14:48.0772 5848 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:14:48.0773 5848 FsDepends - ok
09:14:48.0856 5848 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:14:48.0856 5848 Fs_Rec - ok
09:14:48.0871 5848 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:14:48.0872 5848 fvevol - ok
09:14:48.0892 5848 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
09:14:48.0892 5848 gagp30kx - ok
09:14:48.0935 5848 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:14:48.0936 5848 GEARAspiWDM - ok
09:14:48.0976 5848 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:14:48.0980 5848 gpsvc - ok
09:14:49.0014 5848 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:14:49.0014 5848 hcw85cir - ok
09:14:49.0041 5848 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:14:49.0043 5848 HdAudAddService - ok
09:14:49.0065 5848 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:14:49.0066 5848 HDAudBus - ok
09:14:49.0070 5848 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
09:14:49.0071 5848 HidBatt - ok
09:14:49.0077 5848 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
09:14:49.0078 5848 HidBth - ok
09:14:49.0082 5848 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
09:14:49.0083 5848 HidIr - ok
09:14:49.0110 5848 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:14:49.0111 5848 hidserv - ok
09:14:49.0127 5848 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:14:49.0128 5848 HidUsb - ok
09:14:49.0157 5848 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:14:49.0158 5848 hkmsvc - ok
09:14:49.0231 5848 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:14:49.0233 5848 HomeGroupListener - ok
09:14:49.0264 5848 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:14:49.0266 5848 HomeGroupProvider - ok
09:14:49.0279 5848 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:14:49.0280 5848 HpSAMD - ok
09:14:49.0369 5848 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:14:49.0372 5848 HTTP - ok
09:14:49.0397 5848 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:14:49.0398 5848 hwpolicy - ok
09:14:49.0417 5848 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
09:14:49.0417 5848 i8042prt - ok
09:14:49.0456 5848 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
09:14:49.0459 5848 iaStor - ok
09:14:49.0572 5848 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:14:49.0573 5848 IAStorDataMgrSvc - ok
09:14:49.0626 5848 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:14:49.0628 5848 iaStorV - ok
09:14:49.0767 5848 IconMan_R (e4693409d06785477a49fb34afae1b92) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
09:14:49.0777 5848 IconMan_R - ok
09:14:49.0914 5848 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:14:49.0918 5848 idsvc - ok
09:14:50.0398 5848 igfx (9937600a1584ff00565d5379eb4c9edb) C:\Windows\system32\DRIVERS\igdkmd64.sys
09:14:50.0452 5848 igfx - ok
09:14:50.0526 5848 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
09:14:50.0526 5848 iirsp - ok
09:14:50.0571 5848 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:14:50.0576 5848 IKEEXT - ok
09:14:50.0596 5848 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys
09:14:50.0597 5848 intaud_WaveExtensible - ok
09:14:50.0630 5848 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
09:14:50.0632 5848 IntcDAud - ok
09:14:50.0647 5848 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:14:50.0648 5848 intelide - ok
09:14:50.0660 5848 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
09:14:50.0660 5848 intelppm - ok
09:14:50.0684 5848 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:14:50.0685 5848 IPBusEnum - ok
09:14:50.0703 5848 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:14:50.0704 5848 IpFilterDriver - ok
09:14:50.0719 5848 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:14:50.0720 5848 IPMIDRV - ok
09:14:50.0727 5848 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:14:50.0727 5848 IPNAT - ok
09:14:50.0793 5848 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files\iPod\bin\iPodService.exe
09:14:50.0797 5848 iPod Service - ok
09:14:50.0820 5848 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:14:50.0821 5848 IRENUM - ok
09:14:50.0824 5848 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:14:50.0825 5848 isapnp - ok
09:14:50.0848 5848 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:14:50.0850 5848 iScsiPrt - ok
09:14:50.0872 5848 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\drivers\iwdbus.sys
09:14:50.0872 5848 iwdbus - ok
09:14:50.0886 5848 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:14:50.0886 5848 kbdclass - ok
09:14:50.0895 5848 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:14:50.0896 5848 kbdhid - ok
09:14:50.0942 5848 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:50.0943 5848 KeyIso - ok
09:14:50.0986 5848 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
09:14:50.0987 5848 KSecDD - ok
09:14:50.0996 5848 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
09:14:50.0997 5848 KSecPkg - ok
09:14:51.0021 5848 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:14:51.0021 5848 ksthunk - ok
09:14:51.0046 5848 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:14:51.0048 5848 KtmRm - ok
09:14:51.0073 5848 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\Windows\system32\DRIVERS\L1C62x64.sys
09:14:51.0073 5848 L1C - ok
09:14:51.0101 5848 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:14:51.0103 5848 LanmanServer - ok
09:14:51.0123 5848 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:14:51.0125 5848 LanmanWorkstation - ok
09:14:51.0182 5848 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:14:51.0183 5848 Live Updater Service - ok
09:14:51.0210 5848 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:14:51.0210 5848 lltdio - ok
09:14:51.0272 5848 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:14:51.0274 5848 lltdsvc - ok
09:14:51.0303 5848 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:14:51.0304 5848 lmhosts - ok
09:14:51.0393 5848 LMS (d75c4b4a8fe6d7fd74a7eecdbaec729f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:14:51.0394 5848 LMS - ok
09:14:51.0433 5848 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
09:14:51.0433 5848 LSI_FC - ok
09:14:51.0483 5848 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
09:14:51.0483 5848 LSI_SAS - ok
09:14:51.0507 5848 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
09:14:51.0507 5848 LSI_SAS2 - ok
09:14:51.0537 5848 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
09:14:51.0537 5848 LSI_SCSI - ok
09:14:51.0560 5848 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:14:51.0561 5848 luafv - ok
09:14:51.0618 5848 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
09:14:51.0619 5848 McComponentHostService - ok
09:14:51.0666 5848 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:14:51.0667 5848 Mcx2Svc - ok
09:14:51.0686 5848 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
09:14:51.0686 5848 megasas - ok
09:14:51.0706 5848 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
09:14:51.0708 5848 MegaSR - ok
09:14:51.0743 5848 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
09:14:51.0743 5848 MEIx64 - ok
09:14:51.0763 5848 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:14:51.0764 5848 MMCSS - ok
09:14:51.0767 5848 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:14:51.0768 5848 Modem - ok
09:14:51.0785 5848 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:14:51.0785 5848 monitor - ok
09:14:51.0813 5848 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:14:51.0813 5848 mouclass - ok
09:14:51.0827 5848 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:14:51.0828 5848 mouhid - ok
09:14:51.0846 5848 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:14:51.0847 5848 mountmgr - ok
09:14:51.0882 5848 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:14:51.0882 5848 MozillaMaintenance - ok
09:14:51.0922 5848 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
09:14:51.0924 5848 MpFilter - ok
09:14:51.0948 5848 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:14:51.0949 5848 mpio - ok
09:14:51.0981 5848 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:14:51.0981 5848 mpsdrv - ok
09:14:51.0989 5848 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:14:51.0990 5848 MRxDAV - ok
09:14:52.0002 5848 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:14:52.0003 5848 mrxsmb - ok
09:14:52.0024 5848 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:14:52.0026 5848 mrxsmb10 - ok
09:14:52.0047 5848 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:14:52.0048 5848 mrxsmb20 - ok
09:14:52.0060 5848 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:14:52.0060 5848 msahci - ok
09:14:52.0068 5848 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:14:52.0069 5848 msdsm - ok
09:14:52.0107 5848 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:14:52.0110 5848 MSDTC - ok
09:14:52.0132 5848 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:14:52.0133 5848 Msfs - ok
09:14:52.0149 5848 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:14:52.0149 5848 mshidkmdf - ok
09:14:52.0159 5848 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:14:52.0160 5848 msisadrv - ok
09:14:52.0189 5848 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:14:52.0190 5848 MSiSCSI - ok
09:14:52.0192 5848 msiserver - ok
09:14:52.0203 5848 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:14:52.0203 5848 MSKSSRV - ok
09:14:52.0214 5848 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:14:52.0214 5848 MSPCLOCK - ok
09:14:52.0231 5848 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:14:52.0231 5848 MSPQM - ok
09:14:52.0261 5848 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:14:52.0263 5848 MsRPC - ok
09:14:52.0277 5848 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:14:52.0277 5848 mssmbios - ok
09:14:52.0291 5848 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:14:52.0291 5848 MSTEE - ok
09:14:52.0294 5848 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
09:14:52.0295 5848 MTConfig - ok
09:14:52.0309 5848 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:14:52.0310 5848 Mup - ok
09:14:52.0385 5848 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:14:52.0386 5848 MyWiFiDHCPDNS - ok
09:14:52.0430 5848 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:14:52.0434 5848 napagent - ok
09:14:52.0466 5848 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:14:52.0467 5848 NativeWifiP - ok
09:14:52.0506 5848 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
09:14:52.0511 5848 NDIS - ok
09:14:52.0527 5848 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:14:52.0528 5848 NdisCap - ok
09:14:52.0538 5848 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:14:52.0538 5848 NdisTapi - ok
09:14:52.0556 5848 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:14:52.0556 5848 Ndisuio - ok
09:14:52.0575 5848 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:14:52.0576 5848 NdisWan - ok
09:14:52.0597 5848 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:14:52.0597 5848 NDProxy - ok
09:14:52.0614 5848 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:14:52.0614 5848 NetBIOS - ok
09:14:52.0635 5848 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:14:52.0636 5848 NetBT - ok
09:14:52.0687 5848 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:52.0688 5848 Netlogon - ok
09:14:52.0718 5848 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:14:52.0720 5848 Netman - ok
09:14:52.0737 5848 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:14:52.0740 5848 netprofm - ok
09:14:52.0804 5848 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:14:52.0804 5848 NetTcpPortSharing - ok
09:14:53.0055 5848 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
09:14:53.0092 5848 NETwNs64 - ok
09:14:53.0241 5848 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
09:14:53.0243 5848 nfrd960 - ok
09:14:53.0295 5848 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:14:53.0296 5848 NisDrv - ok
09:14:53.0364 5848 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
09:14:53.0365 5848 NisSrv - ok
09:14:53.0416 5848 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:14:53.0419 5848 NlaSvc - ok
09:14:53.0448 5848 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:14:53.0449 5848 Npfs - ok
09:14:53.0451 5848 npggsvc - ok
09:14:53.0476 5848 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:14:53.0477 5848 nsi - ok
09:14:53.0512 5848 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:14:53.0512 5848 nsiproxy - ok
09:14:53.0690 5848 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:14:53.0698 5848 Ntfs - ok
09:14:53.0843 5848 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:14:53.0844 5848 Null - ok
09:14:53.0880 5848 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\drivers\nusb3hub.sys
09:14:53.0880 5848 nusb3hub - ok
09:14:53.0893 5848 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\drivers\nusb3xhc.sys
09:14:53.0894 5848 nusb3xhc - ok
09:14:54.0489 5848 nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:14:54.0557 5848 nvlddmkm - ok
09:14:54.0637 5848 nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
09:14:54.0637 5848 nvpciflt - ok
09:14:54.0670 5848 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:14:54.0671 5848 nvraid - ok
09:14:54.0690 5848 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:14:54.0691 5848 nvstor - ok
09:14:54.0744 5848 NVSvc (5a4af8ea634b4feeaf6f16bb1845715a) C:\Windows\system32\nvvsvc.exe
09:14:54.0750 5848 NVSvc - ok
09:14:54.0773 5848 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:14:54.0774 5848 nv_agp - ok
09:14:54.0799 5848 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:14:54.0800 5848 ohci1394 - ok
09:14:54.0885 5848 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:14:54.0886 5848 ose - ok
09:14:55.0075 5848 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:14:55.0097 5848 osppsvc - ok
09:14:55.0264 5848 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:14:55.0268 5848 p2pimsvc - ok
09:14:55.0314 5848 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:14:55.0317 5848 p2psvc - ok
09:14:55.0371 5848 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
09:14:55.0371 5848 Parport - ok
09:14:55.0413 5848 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
09:14:55.0414 5848 partmgr - ok
09:14:55.0448 5848 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:14:55.0450 5848 PcaSvc - ok
09:14:55.0471 5848 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:14:55.0472 5848 pci - ok
09:14:55.0490 5848 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:14:55.0491 5848 pciide - ok
09:14:55.0525 5848 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
09:14:55.0526 5848 pcmcia - ok
09:14:55.0554 5848 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:14:55.0555 5848 pcw - ok
09:14:55.0620 5848 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:14:55.0623 5848 PEAUTH - ok
09:14:55.0767 5848 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:14:55.0768 5848 PerfHost - ok
09:14:55.0999 5848 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:14:56.0006 5848 pla - ok
09:14:56.0064 5848 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:14:56.0067 5848 PlugPlay - ok
09:14:56.0069 5848 PnkBstrA - ok
09:14:56.0093 5848 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:14:56.0094 5848 PNRPAutoReg - ok
09:14:56.0136 5848 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:14:56.0142 5848 PNRPsvc - ok
09:14:56.0257 5848 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:14:56.0266 5848 PolicyAgent - ok
09:14:56.0297 5848 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:14:56.0301 5848 Power - ok
09:14:56.0350 5848 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:14:56.0351 5848 PptpMiniport - ok
09:14:56.0367 5848 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
09:14:56.0368 5848 Processor - ok
09:14:56.0409 5848 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
09:14:56.0411 5848 ProfSvc - ok
09:14:56.0454 5848 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:56.0456 5848 ProtectedStorage - ok
09:14:56.0486 5848 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:14:56.0487 5848 Psched - ok
09:14:56.0550 5848 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
09:14:56.0557 5848 ql2300 - ok
09:14:56.0657 5848 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
09:14:56.0658 5848 ql40xx - ok
09:14:56.0690 5848 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:14:56.0692 5848 QWAVE - ok
09:14:56.0703 5848 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:14:56.0704 5848 QWAVEdrv - ok
09:14:56.0719 5848 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:14:56.0720 5848 RasAcd - ok
09:14:56.0746 5848 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:14:56.0746 5848 RasAgileVpn - ok
09:14:56.0760 5848 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:14:56.0761 5848 RasAuto - ok
09:14:56.0781 5848 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:14:56.0782 5848 Rasl2tp - ok
09:14:56.0813 5848 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:14:56.0816 5848 RasMan - ok
09:14:56.0846 5848 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:14:56.0847 5848 RasPppoe - ok
09:14:56.0856 5848 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:14:56.0857 5848 RasSstp - ok
09:14:56.0873 5848 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:14:56.0875 5848 rdbss - ok
09:14:56.0892 5848 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
09:14:56.0892 5848 rdpbus - ok
09:14:56.0907 5848 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:14:56.0907 5848 RDPCDD - ok
09:14:56.0921 5848 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:14:56.0922 5848 RDPENCDD - ok
09:14:56.0931 5848 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:14:56.0931 5848 RDPREFMP - ok
09:14:56.0971 5848 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
09:14:56.0973 5848 RDPWD - ok
09:14:57.0010 5848 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:14:57.0011 5848 rdyboost - ok
09:14:57.0095 5848 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:14:57.0099 5848 RegSrvc - ok
09:14:57.0122 5848 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:14:57.0123 5848 RemoteAccess - ok
09:14:57.0175 5848 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:14:57.0177 5848 RemoteRegistry - ok
09:14:57.0249 5848 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
09:14:57.0252 5848 RFCOMM - ok
09:14:57.0287 5848 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:14:57.0291 5848 RpcEptMapper - ok
09:14:57.0315 5848 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:14:57.0316 5848 RpcLocator - ok
09:14:57.0369 5848 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:14:57.0372 5848 RpcSs - ok
09:14:57.0436 5848 RSPCIESTOR (d5c3e1629a3f7f0857d27949252b94ce) C:\Windows\system32\DRIVERS\RtsPStor.sys
09:14:57.0437 5848 RSPCIESTOR - ok
09:14:57.0470 5848 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:14:57.0471 5848 rspndr - ok
09:14:57.0522 5848 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:57.0523 5848 SamSs - ok
09:14:57.0558 5848 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:14:57.0559 5848 sbp2port - ok
09:14:57.0590 5848 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:14:57.0592 5848 SCardSvr - ok
09:14:57.0621 5848 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:14:57.0622 5848 scfilter - ok
09:14:57.0761 5848 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:14:57.0767 5848 Schedule - ok
09:14:57.0808 5848 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:14:57.0809 5848 SCPolicySvc - ok
09:14:57.0843 5848 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
09:14:57.0843 5848 sdbus - ok
09:14:57.0888 5848 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:14:57.0890 5848 SDRSVC - ok
09:14:57.0918 5848 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:14:57.0919 5848 secdrv - ok
09:14:57.0948 5848 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:14:57.0949 5848 seclogon - ok
09:14:57.0966 5848 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:14:57.0967 5848 SENS - ok
09:14:57.0989 5848 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:14:57.0990 5848 SensrSvc - ok
09:14:58.0016 5848 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
09:14:58.0017 5848 Serenum - ok
09:14:58.0064 5848 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
09:14:58.0064 5848 Serial - ok
09:14:58.0069 5848 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
09:14:58.0069 5848 sermouse - ok
09:14:58.0123 5848 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:14:58.0124 5848 SessionEnv - ok
09:14:58.0127 5848 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:14:58.0127 5848 sffdisk - ok
09:14:58.0160 5848 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:14:58.0160 5848 sffp_mmc - ok
09:14:58.0168 5848 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:14:58.0169 5848 sffp_sd - ok
09:14:58.0181 5848 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
09:14:58.0183 5848 sfloppy - ok
09:14:58.0322 5848 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
09:14:58.0333 5848 Sftfs - ok
09:14:58.0543 5848 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:14:58.0546 5848 sftlist - ok
09:14:58.0608 5848 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:14:58.0610 5848 Sftplay - ok
09:14:58.0629 5848 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:14:58.0630 5848 Sftredir - ok
09:14:58.0670 5848 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
09:14:58.0671 5848 Sftvol - ok
09:14:58.0695 5848 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:14:58.0696 5848 sftvsa - ok
09:14:58.0746 5848 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:14:58.0748 5848 ShellHWDetection - ok
09:14:58.0789 5848 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
09:14:58.0789 5848 SiSRaid2 - ok
09:14:58.0796 5848 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
09:14:58.0797 5848 SiSRaid4 - ok
09:14:58.0806 5848 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:14:58.0807 5848 Smb - ok
09:14:58.0834 5848 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:14:58.0835 5848 SNMPTRAP - ok
09:14:58.0846 5848 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:14:58.0847 5848 spldr - ok
09:14:58.0889 5848 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:14:58.0892 5848 Spooler - ok
09:14:59.0301 5848 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:14:59.0323 5848 sppsvc - ok
09:14:59.0452 5848 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:14:59.0453 5848 sppuinotify - ok
09:14:59.0534 5848 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:14:59.0536 5848 srv - ok
09:14:59.0602 5848 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:14:59.0604 5848 srv2 - ok
09:14:59.0635 5848 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:14:59.0636 5848 srvnet - ok
09:14:59.0670 5848 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:14:59.0672 5848 SSDPSRV - ok
09:14:59.0718 5848 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:14:59.0719 5848 SstpSvc - ok
09:14:59.0782 5848 Steam Client Service - ok
09:14:59.0814 5848 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
09:14:59.0814 5848 stexstor - ok
09:14:59.0912 5848 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:14:59.0915 5848 stisvc - ok
09:14:59.0939 5848 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:14:59.0939 5848 swenum - ok
09:14:59.0989 5848 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:14:59.0992 5848 swprv - ok
09:15:00.0094 5848 SynTP (02364d8be46a51361b0905736c3f7438) C:\Windows\system32\DRIVERS\SynTP.sys
09:15:00.0101 5848 SynTP - ok
09:15:00.0365 5848 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:15:00.0384 5848 SysMain - ok
09:15:00.0523 5848 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:15:00.0524 5848 TabletInputService - ok
09:15:00.0570 5848 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:15:00.0572 5848 TapiSrv - ok
09:15:00.0586 5848 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:15:00.0588 5848 TBS - ok
09:15:00.0707 5848 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
09:15:00.0716 5848 Tcpip - ok
09:15:00.0874 5848 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
09:15:00.0884 5848 TCPIP6 - ok
09:15:00.0967 5848 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:15:00.0967 5848 tcpipreg - ok
09:15:00.0981 5848 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:15:00.0981 5848 TDPIPE - ok
09:15:01.0022 5848 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:15:01.0023 5848 TDTCP - ok
09:15:01.0044 5848 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:15:01.0044 5848 tdx - ok
09:15:01.0053 5848 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:15:01.0054 5848 TermDD - ok
09:15:01.0095 5848 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:15:01.0100 5848 TermService - ok
09:15:01.0117 5848 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:15:01.0118 5848 Themes - ok
09:15:01.0160 5848 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:15:01.0161 5848 THREADORDER - ok
09:15:01.0186 5848 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:15:01.0187 5848 TrkWks - ok
09:15:01.0241 5848 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:15:01.0244 5848 TrustedInstaller - ok
09:15:01.0283 5848 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:15:01.0285 5848 tssecsrv - ok
09:15:01.0302 5848 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:15:01.0304 5848 TsUsbFlt - ok
09:15:01.0328 5848 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
09:15:01.0329 5848 TsUsbGD - ok
09:15:01.0365 5848 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:15:01.0366 5848 tunnel - ok
09:15:01.0393 5848 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
09:15:01.0394 5848 TurboB - ok
09:15:01.0499 5848 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:15:01.0500 5848 TurboBoost - ok
09:15:01.0528 5848 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
09:15:01.0529 5848 uagp35 - ok
09:15:01.0573 5848 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:15:01.0575 5848 udfs - ok
09:15:01.0604 5848 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:15:01.0605 5848 UI0Detect - ok
09:15:01.0626 5848 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:15:01.0626 5848 uliagpkx - ok
09:15:01.0650 5848 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
09:15:01.0650 5848 umbus - ok
09:15:01.0654 5848 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
09:15:01.0655 5848 UmPass - ok
09:15:01.0898 5848 UNS (758c2ce427c343f780a205e28555c98d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:15:01.0910 5848 UNS - ok
09:15:02.0028 5848 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:15:02.0031 5848 upnphost - ok
09:15:02.0068 5848 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
09:15:02.0069 5848 USBAAPL64 - ok
09:15:02.0100 5848 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:15:02.0101 5848 usbccgp - ok
09:15:02.0118 5848 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:15:02.0119 5848 usbcir - ok
09:15:02.0134 5848 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
09:15:02.0134 5848 usbehci - ok
09:15:02.0152 5848 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
09:15:02.0154 5848 usbhub - ok
09:15:02.0174 5848 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:15:02.0175 5848 usbohci - ok
09:15:02.0209 5848 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:15:02.0209 5848 usbprint - ok
09:15:02.0248 5848 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
09:15:02.0249 5848 usbscan - ok
09:15:02.0268 5848 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:15:02.0271 5848 USBSTOR - ok
09:15:02.0286 5848 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:15:02.0288 5848 usbuhci - ok
09:15:02.0315 5848 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
09:15:02.0317 5848 usbvideo - ok
09:15:02.0343 5848 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:15:02.0345 5848 UxSms - ok
09:15:02.0390 5848 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:02.0391 5848 VaultSvc - ok
09:15:02.0410 5848 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:15:02.0411 5848 vdrvroot - ok
09:15:02.0444 5848 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:15:02.0448 5848 vds - ok
09:15:02.0459 5848 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:15:02.0460 5848 vga - ok
09:15:02.0479 5848 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:15:02.0479 5848 VgaSave - ok
09:15:02.0489 5848 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:15:02.0491 5848 vhdmp - ok
09:15:02.0495 5848 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:15:02.0495 5848 viaide - ok
09:15:02.0507 5848 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:15:02.0507 5848 volmgr - ok
09:15:02.0533 5848 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:15:02.0534 5848 volmgrx - ok
09:15:02.0570 5848 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:15:02.0571 5848 volsnap - ok
09:15:02.0588 5848 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
09:15:02.0589 5848 vsmraid - ok
09:15:02.0656 5848 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:15:02.0665 5848 VSS - ok
09:15:02.0759 5848 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:15:02.0760 5848 vwifibus - ok
09:15:02.0777 5848 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:15:02.0778 5848 vwififlt - ok
09:15:02.0787 5848 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
09:15:02.0787 5848 vwifimp - ok
09:15:02.0820 5848 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:15:02.0822 5848 W32Time - ok
09:15:02.0843 5848 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
09:15:02.0844 5848 WacomPen - ok
09:15:02.0860 5848 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:15:02.0861 5848 WANARP - ok
09:15:02.0863 5848 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:15:02.0864 5848 Wanarpv6 - ok
09:15:02.0929 5848 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:15:02.0935 5848 WatAdminSvc - ok
09:15:03.0009 5848 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:15:03.0018 5848 wbengine - ok
09:15:03.0111 5848 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:15:03.0113 5848 WbioSrvc - ok
09:15:03.0140 5848 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:15:03.0143 5848 wcncsvc - ok
09:15:03.0171 5848 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:15:03.0172 5848 WcsPlugInService - ok
09:15:03.0213 5848 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
09:15:03.0215 5848 Wd - ok
09:15:03.0303 5848 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:15:03.0314 5848 Wdf01000 - ok
09:15:03.0356 5848 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:15:03.0359 5848 WdiServiceHost - ok
09:15:03.0362 5848 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:15:03.0365 5848 WdiSystemHost - ok
09:15:03.0401 5848 wdkmd (63ce387483e74a0bd79ee4e5eba1fd2e) C:\Windows\system32\DRIVERS\WDKMD.sys
09:15:03.0401 5848 wdkmd - ok
09:15:03.0419 5848 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:15:03.0421 5848 WebClient - ok
09:15:03.0445 5848 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:15:03.0447 5848 Wecsvc - ok
09:15:03.0469 5848 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:15:03.0470 5848 wercplsupport - ok
09:15:03.0494 5848 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:15:03.0495 5848 WerSvc - ok
09:15:03.0517 5848 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:15:03.0517 5848 WfpLwf - ok
09:15:03.0532 5848 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:15:03.0532 5848 WIMMount - ok
09:15:03.0538 5848 WinHttpAutoProxySvc - ok
09:15:03.0583 5848 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:15:03.0584 5848 Winmgmt - ok
09:15:03.0697 5848 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:15:03.0710 5848 WinRM - ok
09:15:03.0808 5848 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
09:15:03.0809 5848 WinUsb - ok
09:15:03.0866 5848 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:15:03.0871 5848 Wlansvc - ok
09:15:03.0932 5848 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:15:03.0933 5848 wlcrasvc - ok
09:15:04.0061 5848 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:15:04.0074 5848 wlidsvc - ok
09:15:04.0164 5848 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:15:04.0164 5848 WmiAcpi - ok
09:15:04.0224 5848 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:15:04.0228 5848 wmiApSrv - ok
09:15:04.0269 5848 WMPNetworkSvc - ok
09:15:04.0341 5848 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
09:15:04.0347 5848 WMZuneComm - ok
09:15:04.0374 5848 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:15:04.0375 5848 WPCSvc - ok
09:15:04.0391 5848 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:15:04.0393 5848 WPDBusEnum - ok
09:15:04.0412 5848 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:15:04.0412 5848 ws2ifsl - ok
09:15:04.0449 5848 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
09:15:04.0450 5848 WSDPrintDevice - ok
09:15:04.0458 5848 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
09:15:04.0459 5848 WSDScan - ok
09:15:04.0462 5848 WSearch - ok
09:15:04.0487 5848 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:15:04.0488 5848 WudfPf - ok
09:15:04.0509 5848 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:15:04.0510 5848 WUDFRd - ok
09:15:04.0538 5848 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:15:04.0540 5848 wudfsvc - ok
09:15:04.0556 5848 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:15:04.0558 5848 WwanSvc - ok
09:15:04.0597 5848 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
09:15:04.0598 5848 xusb21 - ok
09:15:04.0872 5848 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
09:15:04.0909 5848 ZuneNetworkSvc - ok
09:15:04.0976 5848 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
09:15:04.0979 5848 ZuneWlanCfgSvc - ok
09:15:05.0000 5848 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:15:05.0330 5848 \Device\Harddisk0\DR0 - ok
09:15:05.0347 5848 Boot (0x1200) (06234e27bad55fa68f7d0d30b1a8d5b6) \Device\Harddisk0\DR0\Partition0
09:15:05.0349 5848 \Device\Harddisk0\DR0\Partition0 - ok
09:15:05.0358 5848 Boot (0x1200) (bbf5c364a27d8f4ec95e54cfebceece6) \Device\Harddisk0\DR0\Partition1
09:15:05.0359 5848 \Device\Harddisk0\DR0\Partition1 - ok
09:15:05.0359 5848 ============================================================
09:15:05.0359 5848 Scan finished
09:15:05.0359 5848 ============================================================
09:15:05.0364 1336 Detected object count: 0
09:15:05.0364 1336 Actual detected object count: 0
09:15:08.0129 4396 Deinitialize success

Edited by LaNoktaTempesto, 11 August 2012 - 12:23 PM.


#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:24 AM

Posted 11 August 2012 - 08:06 PM

Hello,

Please run Combofix again this time in Safemode.

Now reboot into Safe Mode.
This can be done tapping the F8 key as soon as you start your computer
You will be brought to a menu where you can choose to boot into safe mode.
Make sure you choose the option without networking support.
Please see here for additional details.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 LaNoktaTempesto

LaNoktaTempesto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 11 August 2012 - 08:59 PM

That worked much better. Search results are currently running clear and everything is up to speed. I did have a scare when ComboFix first finished up in that when I went to open my web browser I got an error message to the effect that the program referred to a registry point marked for deletion or something like that, and nothing could run on account of that error; however, I restarted the computer and everything seems fine again.

After the first restart on my computer ComboFix did give me a message saying it needed to be updated, which I went ahead and allowed. Was this a good idea? Should I have tried to keep it on safe mode when it was restarting?

ComboFix 12-08-10.02 - LaNoktaTempesto 1/2012 Sat 19:21:57.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.5996.4759 [GMT -6:00]
Running from: c:\users\LaNoktaTempesto\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\LaNoktaTempesto\AppData\Local\assembly\tmp
c:\users\LaNoktaTempesto\Documents\~WRL0003.tmp
c:\users\LaNoktaTempesto\Documents\~WRL0005.tmp
c:\users\LaNoktaTempesto\Documents\~WRL1321.tmp
c:\users\LaNoktaTempesto\g2mdlhlpx.exe
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\@
c:\windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\L\00000004.@
c:\windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\L\201d3dde
c:\windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\00000004.@
c:\windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\00000008.@
c:\windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\000000cb.@
c:\windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\80000000.@
c:\windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\80000032.@
c:\windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\80000064.@
c:\windows\svchost.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
Infected copy of c:\windows\system32\services.exe was found and disinfected
Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-12 to 2012-08-12 )))))))))))))))))))))))))))))))
.
.
2012-08-12 01:32 . 2012-08-12 01:33 -------- d-----w- c:\users\ADMINI~1\AppData\Local\temp
2012-08-12 01:32 . 2012-08-12 01:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-09 22:38 . 2012-08-09 22:38 -------- dc----w- c:\programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2012-08-09 22:34 . 2012-08-09 22:34 -------- d-----w- c:\users\LaNoktaTempesto\AppData\Roaming\Malwarebytes
2012-08-09 22:34 . 2012-08-09 22:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-09 22:34 . 2012-08-09 22:34 -------- d-----w- c:\programdata\Malwarebytes
2012-08-09 22:34 . 2012-07-03 19:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-09 22:23 . 2012-08-09 22:23 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-08-09 06:37 . 2012-08-09 06:37 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{41B3F305-BA0F-46DC-95DC-0704AC417FF4}\offreg.dll
2012-08-08 06:02 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{41B3F305-BA0F-46DC-95DC-0704AC417FF4}\mpengine.dll
2012-08-07 14:40 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-26 03:42 . 2012-08-09 22:55 -------- d-----w- C:\TDSSKiller_Quarantine
2012-07-26 00:37 . 2012-07-26 00:37 -------- d-----w- c:\windows\Microsoft Antimalware
2012-07-23 18:15 . 2012-07-23 18:15 -------- d-----w- c:\users\LaNoktaTempesto\AppData\Local\Macromedia
2012-07-23 18:12 . 2012-08-03 16:11 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-14 07:21 . 2012-06-20 15:28 4145600 ----a-w- c:\windows\SysWow64\GameMon.des
2012-07-14 07:21 . 2012-07-14 07:21 -------- d-----w- c:\program files\Common Files\INCA Shared
2012-07-14 04:34 . 2012-07-14 04:34 -------- d-----w- c:\users\LaNoktaTempesto\AppData\Local\Chromium
2012-07-14 04:33 . 2012-07-14 04:33 -------- d-----w- c:\users\LaNoktaTempesto\AppData\Roaming\The Creative Assembly
2012-07-13 16:59 . 2012-07-13 16:59 -------- d-----w- c:\program files (x86)\SpaceMonger
2012-07-13 16:59 . 2012-07-13 16:59 -------- d-----w- c:\users\LaNoktaTempesto\AppData\Roaming\SpaceMonger
2012-07-13 13:34 . 2012-07-13 13:34 -------- d-----w- c:\program files (x86)\SEGA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-08 21:49 . 2012-08-08 21:49 111104 ----a-w- c:\programdata\Microsoft\Windows\DRM\4912.tmp.dat
2012-08-03 16:11 . 2011-07-27 17:15 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 06:20 . 2011-07-27 00:56 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-28 14:49 . 2010-12-29 21:56 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-06-28 14:49 . 2010-12-29 21:56 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-06-14 06:56 . 2012-04-21 04:28 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-14 06:56 . 2012-04-21 04:28 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-14 06:54 . 2012-04-21 04:28 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-06-14 06:54 . 2012-04-21 04:28 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-06-12 03:08 . 2012-07-12 06:23 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 12:36 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 12:36 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 12:36 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 12:36 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 12:36 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 12:36 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 12:36 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-18 22:40 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-18 22:41 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-18 22:41 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-18 22:41 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-18 22:40 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-18 22:41 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-18 22:40 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 21:19 . 2012-06-18 22:40 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 21:15 . 2012-06-18 22:40 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-12 06:19 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-12 06:19 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-12 06:19 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-12 06:20 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-12 06:19 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-12 06:19 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-12 06:20 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-12 06:19 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-12 06:20 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-12 06:19 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-12 06:20 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-12 06:20 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-12 06:20 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-12 06:20 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-12 06:19 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-12 06:19 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-12 06:19 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-12 06:19 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-12 06:20 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 12:31 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 12:31 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-11 12:31 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-11 12:31 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 12:31 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 12:31 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 12:31 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 12:31 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 12:31 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-27 21:31 . 2012-05-27 21:31 8192 ----a-r- c:\users\LaNoktaTempesto\AppData\Roaming\Microsoft\Installer\{D0B36BAF-3E9D-423E-8821-ED238C18DB0A}\IconD0B36BAF3.exe
2012-05-27 21:31 . 2012-05-27 21:31 6144 ----a-r- c:\users\LaNoktaTempesto\AppData\Roaming\Microsoft\Installer\{D0B36BAF-3E9D-423E-8821-ED238C18DB0A}\Icon83F12F734.exe
2012-05-27 21:31 . 2012-05-27 21:31 11264 ----a-r- c:\users\LaNoktaTempesto\AppData\Roaming\Microsoft\Installer\{D0B36BAF-3E9D-423E-8821-ED238C18DB0A}\Icon8F99E711.exe
2012-05-17 14:10 . 2012-05-17 14:10 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-05-17 14:10 . 2011-11-12 05:07 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-08-08 1353080]
"NCsoft Launcher"="c:\program files (x86)\NCSoft\Launcher\NCLauncher.exe" [2012-07-13 38744]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-10-15 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-10 421736]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-09-15 1213848]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2010-09-09 452016]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-06-28 296096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-03 36000]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2011-03-03 51872]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-03 298656]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-03-03 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-03 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-03-03 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-03 280224]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-06-21 34200]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-28 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-27 291696]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-27 1255736]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-10-13 25960]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-21 279616]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-03 76448]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-02-18 799848]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-01-12 168448]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-01-12 131072]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-27 1817088]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-03-03 28832]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys [2011-06-21 25496]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-20 56344]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2011-06-21 42392]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-23 16:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-03 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-03 379552]
"Power Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2011-02-18 499304]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-21 416024]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2782096]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B516C7A2-7083-4135-A9EB-8827AE85E832}\2456C6B696E6F574F575962756C6563737F5: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\LaNoktaTempesto\AppData\Roaming\Mozilla\Firefox\Profiles\e7eh64g1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.kanji-a-day.com/level1/index.php
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-NCsoft - (no file)
SafeBoot-MsMpSvc
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}"=hex:51,66,7a,6c,4c,1d,38,12,e8,9b,8e,
71,5d,42,f6,01,c5,a0,09,1f,42,98,83,3b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}"=hex:51,66,7a,6c,4c,1d,38,12,c3,d3,96,
33,cd,f1,98,02,c0,4d,e6,c7,c4,3c,ba,cd
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}"=hex:51,66,7a,6c,4c,1d,38,12,aa,f5,03,
89,33,40,ba,0e,f9,17,52,ec,1a,81,c5,32
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{21347690-EC41-4F9A-8887-1F4AEE672439}"=hex:51,66,7a,6c,4c,1d,38,12,fe,75,27,
25,73,a2,f4,0a,f7,91,5c,0a,eb,39,60,2d
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:52,e9,7a,69,75,69,cd,01
.
[HKEY_USERS\S-1-5-21-40617866-301716415-2957998462-1000\Software\SecuROM\License information*]
"datasecu"=hex:6e,e2,04,0b,d4,d9,f0,d6,6e,49,36,ab,52,07,5e,2a,57,78,40,3c,26,
ba,3f,ae,a6,c1,8b,32,67,1c,ae,f5,23,2d,04,77,3e,a3,63,39,5a,f8,48,fa,db,3a,\
"rkeysecu"=hex:f6,4b,91,5d,ce,ee,68,db,90,34,33,e2,7b,ae,4e,35
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\0c\04\01\05\099?"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-08-11 19:47:12 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-12 01:47
.
Pre-Run: 223,597,322,240 bytes free
Post-Run: 223,639,105,536 bytes free
.
- - End Of File - - DFA72875DD21F74FBC719696AFBC35AA

#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:24 AM

Posted 11 August 2012 - 10:44 PM

Hello,

You did everything just right. :thumbup2: We need to run a couple of other scanners to make sure of no leftovers.


1.
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


2.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Things to include in your next reply::
MBAM log
Eset log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 LaNoktaTempesto

LaNoktaTempesto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 12 August 2012 - 07:38 AM

Computer seems to be running fine but I don't think it's clean yet.

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.12.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
LaNoktaTempesto :: SHINSEDAI [administrator]

8/11/2012 10:27:48 PM
mbam-log-2012-08-11 (22-27-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204272
Time elapsed: 2 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

C:\ProgramData\Microsoft\Windows\DRM\4912.tmp.dat a variant of Win32/Kryptik.AJYL trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\00000008.@.vir Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\000000cb.@.vir Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\80000000.@.vir Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\80000032.@.vir a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\System32\services.exe.vir Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\09.08.2012_16.54.01\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.08.2012_16.54.01\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.08.2012_16.54.01\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.08.2012_16.54.01\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.08.2012_16.54.01\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.LA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.08.2012_16.54.01\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.08.2012_16.54.01\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.08.2012_16.54.01\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_21.42.12\mbr0000\tdlfs0000\tsk0000.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_21.42.12\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_21.42.12\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_21.42.12\mbr0000\tdlfs0000\tsk0003.dta a variant of Win32/Rootkit.Kryptik.NH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_21.42.12\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Users\LaNoktaTempesto\AppData\Local\{f826a54b-14d7-922c-2f77-06f44f6f05be}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Users\LaNoktaTempesto\AppData\Roaming\Mozilla\Firefox\Profiles\e7eh64g1.default\extensions\pggttntnmn@pggttntnmn.org.xpi JS/Redirector.NCA trojan deleted - quarantined
C:\Users\LaNoktaTempesto\Desktop\Recordings\mechwarrior4mercenaries.all.to.51.03.01.0017.mtx probably a variant of Win32/StartPage.ENQZNMK trojan deleted - quarantined
C:\Users\LaNoktaTempesto\Desktop\Recordings\mechwarrior4mercenaries.all.to.51.03.01.0017\base\MW4Mercs.exe probably a variant of Win32/StartPage.ENQZNMK trojan cleaned by deleting - quarantined
C:\Users\LaNoktaTempesto\Downloads\fyzip-setup.exe Win32/DownloadAdmin.A.Gen application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\{f826a54b-14d7-922c-2f77-06f44f6f05be}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined

#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:24 AM

Posted 12 August 2012 - 06:49 PM

Computer seems to be running fine but I don't think it's clean yet.


What makes you think this?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 LaNoktaTempesto

LaNoktaTempesto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 12 August 2012 - 09:32 PM

The fact that my ESET scan came up with malware detected. Some of it was stuff that was quarantined earlier but there were about 5 files that were still there after ComboFix ran its course. On the other hand I haven't had any other issues since then so maybe ESET was enough to clear it?

#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:24 AM

Posted 12 August 2012 - 10:13 PM

The fact that my ESET scan came up with malware detected. Some of it was stuff that was quarantined earlier but there were about 5 files that were still there after ComboFix ran its course. On the other hand I haven't had any other issues since then so maybe ESET was enough to clear it?


I use MBAM and Eset to clear any leftover files that may be on the system. The infection already had been nullified. These where used to clean the rest of the leftover files up up.


LaNoktaTempesto.
Congratulations! You now appear clean! :cool:


Uninstall Combofix
  • Make sure that Combofix.exe that you downloaded is on your Desktop but Do not run it!
    o *If it is not on your Desktop, the below will not work.
  • Click on Posted Image then Run....
  • Now copy & paste the green bolded text in the run-box and click OK.

    ComboFix /Uninstall

    Posted Image

    <Notice the space between the "x" and "/".> <--- It needs to be there
    Windows Vista users: Press the Windows Key + R to bring the Run... Command and then from there you can add in the Combofix /Uninstall

  • Please advise if this step is missed for any reason as it performs some important actions:
    "This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.
    It also makes a clean Restore Point and flashes all the old restore points in order to prevent possible reinfection from an old one through system restore".


Are things running okay? Do you have any more questions?

System Still Slow?
You may wish to try StartupLite. Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance.
If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware.

We Need to Clean Up Our Mess
  • Download OTC by OldTimer and save it to your desktop.
  • Double click Posted Image icon to start the program. If you are using Vista, please right-click and choose run as administrator
  • Then Click the big Posted Image button.
  • You will get a prompt saying "Being Cleanup Process". Please select Yes.
  • Restart your computer when prompted.


One of the most common questions found when cleaning malware is "how did my machine get infected?"

There are a variety of reasons, but the most common ones are that you are not practicing Safe Internet, you are not running the proper security software or that your computer's security settings are set too low.

Below I have outlined a series of categories that outline how you can increase the security of your computer to help reduce the chance of being infected again in the future.

Do not use P2P programs
Peer-to-peer or file-sharing programs (such as uTorrent, Limewire and Bitorrent) are probably the primary route of infection nowadays. These programs allow file sharing between users as the name(s) suggest. It is almost impossible to know whether the file you’re downloading through P2P programs is safe.

It is therefore possible to be infected by downloading infected files via peer-to-peer programs and so I recommend that you do not use these programs. Should you wish to use them, they must be used with extreme care. Some further reading on this subject, along with included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

In addition, P2P programs facilitate cyber crime and help distribute pirated software, movies and other illegal material.

Practice Safe Internet
Another one of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will.

Below are a list of simple precautions to take to keep your computer clean and running securely:
  • If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.
  • If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.
  • If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know who is themselves infected with malware which is trying to infect everyone in their address book. A key thing to look out for here is: does the email sound as though it’s from the person you know? Often, the email may simply have a web link or a “Run this file to make your PC run fast” message in it.
  • If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software. For an example of these types of pop-ups, or Foistware, you should read this article: Foistware, And how to avoid it.
    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. Removal instructions for a lot of these "rogues" can be found here.
  • Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you, or will download a file to your PC without your knowledge. You can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake. DO NOT click on these windows, instead close them by finding the open window on your http://en.wikipedia.org/wiki/Taskbar#Screenshots '>Taskbar, right click and chose close.
  • Do not visit pornographic websites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do, as this can often form part of their funding.
  • When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link you should message back to the person asking if it is legit.
  • Stay away from Warez and Crack sites! As with Peer-2-Peer programs, in addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.
  • Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download files from a site, and are not sure if they are legitimate, you can use tools such as BitDefender Traffic Light, Norton Safe Web, or McAfee SiteAdvisor to look up info on the site and stay protected against malicious sites. Please be sure to only choose and install one of those tool bars.
  • DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.
    Sometimes even legitimate programs will try to bundle extra, unwanted, software with the program you want - this is done to raise money for the program. Be sure to untick any boxes which may indicate that other programs will be downloaded.

Keep Windows up-to-date
Microsoft continually releases security and stability updates for its supported operating systems and you should always apply these to help keep your PC secure.

  • Windows XP users
    You should visit Windows Update to check for the latest updates to your system. The latest service pack (SP3) can be obtained directly from Microsoft here.
  • Windows Vista users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP2) can be obtained directly from Microsoft here.
  • Windows 7 users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP1) can be obtained directly from Microsoft here


Keep your browser secure
Most modern browsers have come on in leaps and bounds with their inbuilt, default security. The best way to keep your browser secure nowadays is simply to keep it up-to-date.

The latest versions of the three common browsers can be found below:

Use an AntiVirus Software
It is very important that your computer has an up-to-date anti-virus software on it which has a real-time agent running. This alone can save you a lot of trouble with malware in the future.
See this link for a listing of some online & their stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources, a couple of free Anti-Virus programs you may be interested in are Microsoft Security Essentials and Avast.

It is imperative that you update your Antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out. If you use a commercial antivirus program you must make sure you keep renewing your subscription. Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.

Use a Firewall
I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.

All versions of Windows starting from XP have an in-built firewall. With Windows XP this firewall will protect you from incoming traffic (i.e. hackers). Starting with Windows Vista, the firewall was beefed up to also protect you against outgoing traffic (i.e. malicious programs installed on your machine should be blocked from sending data, such as your bank details and passwords, out).

In addition, if you connect to the internet via a router, this will normally have a firewall in-built.

Some people will recommend installing a different firewall (instead of the Windows’ built one), this is personal choice, but the message is to definitely have one! For a tutorial on Firewalls and a listing of some available ones see this link: Understanding and Using Firewalls

Install an Anti-Malware program
Recommended, and free, Anti-Malware programs are Malwarebytes Anti-Malware and SuperAntiSpyware.

You should regularly (perhaps once a week) scan your computer with an Anti-Malware program just as you would with an antivirus software.

Make sure your applications have all of their updates
It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is very important to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities (such as Adobe Reader and Java). You can check these by visiting Secunia Software Inspector.

Follow this list and your potential for being infected again will reduce dramatically.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 LaNoktaTempesto

LaNoktaTempesto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 12 August 2012 - 11:41 PM

Ran OTC, everything seems to check out just fine. Thank you for all your help, here's hoping you can get a good night's sleep after this :thumbsup:

Edit: Crap, I do still have one issue; I can't get Microsoft Security Essentials back up and running. The console appears in my taskbar, but when I click the "Start Now" button I get an error message saying that "the specified service does not exist as an installed service." I'll be installing Avast to make up for it in the meantime, but does this indicate another problem or is this just previously-done damage?

Edited by LaNoktaTempesto, 13 August 2012 - 12:23 AM.


#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:24 AM

Posted 13 August 2012 - 09:59 AM

Edit: Crap, I do still have one issue; I can't get Microsoft Security Essentials back up and running. The console appears in my taskbar, but when I click the "Start Now" button I get an error message saying that "the specified service does not exist as an installed service." I'll be installing Avast to make up for it in the meantime, but does this indicate another problem or is this just previously-done damage?


You should never have more than one Antivirus on your machine at a time. I would just uninstall and reinstall MSE. That should fix the problem.

I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 LaNoktaTempesto

LaNoktaTempesto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 13 August 2012 - 10:10 AM

Oh yeah, I suppose I can just reinstall MSE. For some reason I was thinking it was an integral part of Windows and I'd have to completely reinstall Windows to get a new copy of it on here.

Thanks for everything! :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users