Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Search Redirects /Popups/Browser Crashes


  • Please log in to reply
25 replies to this topic

#1 PissedOffPCUser

PissedOffPCUser

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:38 PM

Posted 23 August 2012 - 06:26 PM

I am currently running Windows 7, 64-Bit. Lately, I've had trouble with Google sometimes redirecting my search to obvious ad websites instead of the selection I've made. In addition to that, I've also had trouble with popups appearing and the latest issue is my browser randomly crashing (Firefox 14.0.1) when I open multiple tabs. Any help would be greatly appreciated.

Please let me know if there's anything more I can do you help fill you in. Thank you for your time.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 23 August 2012 - 06:28 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 PissedOffPCUser

PissedOffPCUser
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:38 PM

Posted 23 August 2012 - 08:16 PM

TDSSkiller Log:

16:32:58.0517 1672 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
16:32:59.0089 1672 ============================================================
16:32:59.0089 1672 Current date / time: 2012/08/23 16:32:59.0089
16:32:59.0089 1672 SystemInfo:
16:32:59.0089 1672
16:32:59.0089 1672 OS Version: 6.1.7600 ServicePack: 0.0
16:32:59.0089 1672 Product type: Workstation
16:32:59.0089 1672 ComputerName: HIGGINSEDITING
16:32:59.0089 1672 UserName: Higgins
16:32:59.0089 1672 Windows directory: C:\Windows
16:32:59.0090 1672 System windows directory: C:\Windows
16:32:59.0090 1672 Running under WOW64
16:32:59.0090 1672 Processor architecture: Intel x64
16:32:59.0090 1672 Number of processors: 12
16:32:59.0090 1672 Page size: 0x1000
16:32:59.0090 1672 Boot type: Normal boot
16:32:59.0090 1672 ============================================================
16:33:00.0079 1672 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:33:00.0083 1672 Drive \Device\Harddisk1\DR1 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:33:00.0085 1672 ============================================================
16:33:00.0085 1672 \Device\Harddisk0\DR0:
16:33:00.0086 1672 MBR partitions:
16:33:00.0086 1672 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:33:00.0086 1672 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
16:33:00.0086 1672 \Device\Harddisk1\DR1:
16:33:00.0087 1672 MBR partitions:
16:33:00.0087 1672 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
16:33:00.0087 1672 ============================================================
16:33:00.0115 1672 C: <-> \Device\Harddisk0\DR0\Partition2
16:33:03.0615 1672 H: <-> \Device\Harddisk1\DR1\Partition1
16:33:03.0615 1672 ============================================================
16:33:03.0616 1672 Initialize success
16:33:03.0616 1672 ============================================================
16:33:15.0466 4396 ============================================================
16:33:15.0466 4396 Scan started
16:33:15.0466 4396 Mode: Manual; TDLFS;
16:33:15.0466 4396 ============================================================
16:33:17.0702 4396 ================ Scan system memory ========================
16:33:17.0702 4396 System memory - ok
16:33:17.0702 4396 ================ Scan services =============================
16:33:17.0784 4396 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:33:17.0786 4396 !SASCORE - ok
16:33:17.0952 4396 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:33:17.0959 4396 1394ohci - ok
16:33:18.0024 4396 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
16:33:18.0027 4396 61883 - ok
16:33:18.0041 4396 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
16:33:18.0044 4396 ACPI - ok
16:33:18.0060 4396 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
16:33:18.0061 4396 AcpiPmi - ok
16:33:18.0173 4396 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:33:18.0176 4396 AdobeARMservice - ok
16:33:18.0243 4396 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:33:18.0249 4396 adp94xx - ok
16:33:18.0346 4396 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:33:18.0350 4396 adpahci - ok
16:33:18.0373 4396 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:33:18.0375 4396 adpu320 - ok
16:33:18.0394 4396 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:33:18.0395 4396 AeLookupSvc - ok
16:33:18.0413 4396 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
16:33:18.0417 4396 AFD - ok
16:33:18.0429 4396 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
16:33:18.0430 4396 agp440 - ok
16:33:18.0446 4396 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:33:18.0447 4396 ALG - ok
16:33:18.0464 4396 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
16:33:18.0464 4396 aliide - ok
16:33:18.0472 4396 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
16:33:18.0472 4396 amdide - ok
16:33:18.0493 4396 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:33:18.0494 4396 AmdK8 - ok
16:33:18.0500 4396 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:33:18.0501 4396 AmdPPM - ok
16:33:18.0531 4396 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
16:33:18.0533 4396 amdsata - ok
16:33:18.0547 4396 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:33:18.0550 4396 amdsbs - ok
16:33:18.0562 4396 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
16:33:18.0562 4396 amdxata - ok
16:33:18.0586 4396 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
16:33:18.0587 4396 AppID - ok
16:33:18.0599 4396 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:33:18.0600 4396 AppIDSvc - ok
16:33:18.0612 4396 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
16:33:18.0613 4396 Appinfo - ok
16:33:18.0708 4396 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:33:18.0709 4396 Apple Mobile Device - ok
16:33:18.0743 4396 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:33:18.0745 4396 AppMgmt - ok
16:33:18.0776 4396 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:33:18.0778 4396 arc - ok
16:33:18.0788 4396 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:33:18.0800 4396 arcsas - ok
16:33:18.0807 4396 astcc - ok
16:33:18.0824 4396 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:33:18.0825 4396 AsyncMac - ok
16:33:18.0840 4396 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
16:33:18.0840 4396 atapi - ok
16:33:18.0910 4396 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:33:18.0924 4396 athr - ok
16:33:18.0969 4396 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:33:18.0977 4396 AudioEndpointBuilder - ok
16:33:18.0987 4396 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:33:18.0992 4396 AudioSrv - ok
16:33:19.0020 4396 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
16:33:19.0021 4396 Avc - ok
16:33:19.0044 4396 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:33:19.0045 4396 AxInstSV - ok
16:33:19.0081 4396 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:33:19.0085 4396 b06bdrv - ok
16:33:19.0109 4396 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:33:19.0113 4396 b57nd60a - ok
16:33:19.0142 4396 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:33:19.0143 4396 BDESVC - ok
16:33:19.0151 4396 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:33:19.0152 4396 Beep - ok
16:33:19.0200 4396 BlackBox - ok
16:33:19.0211 4396 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:33:19.0212 4396 blbdrive - ok
16:33:19.0275 4396 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:33:19.0280 4396 Bonjour Service - ok
16:33:19.0295 4396 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:33:19.0296 4396 bowser - ok
16:33:19.0319 4396 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:33:19.0320 4396 BrFiltLo - ok
16:33:19.0338 4396 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:33:19.0339 4396 BrFiltUp - ok
16:33:19.0359 4396 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
16:33:19.0361 4396 Browser - ok
16:33:19.0376 4396 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:33:19.0380 4396 Brserid - ok
16:33:19.0390 4396 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:33:19.0391 4396 BrSerWdm - ok
16:33:19.0403 4396 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:33:19.0404 4396 BrUsbMdm - ok
16:33:19.0416 4396 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:33:19.0417 4396 BrUsbSer - ok
16:33:19.0433 4396 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:33:19.0435 4396 BTHMODEM - ok
16:33:19.0445 4396 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:33:19.0447 4396 bthserv - ok
16:33:19.0457 4396 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:33:19.0458 4396 cdfs - ok
16:33:19.0498 4396 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:33:19.0500 4396 cdrom - ok
16:33:19.0517 4396 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
16:33:19.0518 4396 CertPropSvc - ok
16:33:19.0542 4396 ChromeService - ok
16:33:19.0562 4396 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:33:19.0563 4396 circlass - ok
16:33:19.0587 4396 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:33:19.0591 4396 CLFS - ok
16:33:19.0628 4396 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:33:19.0629 4396 clr_optimization_v2.0.50727_32 - ok
16:33:19.0677 4396 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:33:19.0678 4396 clr_optimization_v2.0.50727_64 - ok
16:33:19.0694 4396 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:33:19.0695 4396 CmBatt - ok
16:33:19.0702 4396 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
16:33:19.0702 4396 cmdide - ok
16:33:19.0718 4396 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
16:33:19.0723 4396 CNG - ok
16:33:19.0736 4396 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:33:19.0737 4396 Compbatt - ok
16:33:19.0764 4396 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:33:19.0765 4396 CompositeBus - ok
16:33:19.0777 4396 COMSysApp - ok
16:33:19.0788 4396 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:33:19.0789 4396 crcdisk - ok
16:33:19.0846 4396 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:33:19.0848 4396 CryptSvc - ok
16:33:19.0875 4396 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
16:33:19.0880 4396 CSC - ok
16:33:19.0921 4396 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
16:33:19.0929 4396 CscService - ok
16:33:19.0976 4396 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:33:19.0982 4396 DcomLaunch - ok
16:33:20.0054 4396 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:33:20.0058 4396 defragsvc - ok
16:33:20.0067 4396 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:33:20.0068 4396 DfsC - ok
16:33:20.0116 4396 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
16:33:20.0120 4396 Dhcp - ok
16:33:20.0128 4396 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:33:20.0128 4396 discache - ok
16:33:20.0146 4396 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:33:20.0147 4396 Disk - ok
16:33:20.0163 4396 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:33:20.0166 4396 Dnscache - ok
16:33:20.0173 4396 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
16:33:20.0176 4396 dot3svc - ok
16:33:20.0185 4396 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
16:33:20.0187 4396 DPS - ok
16:33:20.0215 4396 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:33:20.0215 4396 drmkaud - ok
16:33:20.0254 4396 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:33:20.0256 4396 dtsoftbus01 - ok
16:33:20.0291 4396 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:33:20.0297 4396 DXGKrnl - ok
16:33:20.0317 4396 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:33:20.0319 4396 EapHost - ok
16:33:20.0385 4396 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:33:20.0420 4396 ebdrv - ok
16:33:20.0441 4396 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
16:33:20.0443 4396 EFS - ok
16:33:20.0498 4396 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:33:20.0505 4396 ehRecvr - ok
16:33:20.0524 4396 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:33:20.0525 4396 ehSched - ok
16:33:20.0554 4396 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:33:20.0560 4396 elxstor - ok
16:33:20.0572 4396 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
16:33:20.0573 4396 ErrDev - ok
16:33:20.0607 4396 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:33:20.0612 4396 EventSystem - ok
16:33:20.0629 4396 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:33:20.0631 4396 exfat - ok
16:33:20.0644 4396 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:33:20.0647 4396 fastfat - ok
16:33:20.0677 4396 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
16:33:20.0685 4396 Fax - ok
16:33:20.0701 4396 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:33:20.0702 4396 fdc - ok
16:33:20.0715 4396 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:33:20.0716 4396 fdPHost - ok
16:33:20.0724 4396 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:33:20.0725 4396 FDResPub - ok
16:33:20.0736 4396 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:33:20.0738 4396 FileInfo - ok
16:33:20.0751 4396 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:33:20.0751 4396 Filetrace - ok
16:33:20.0761 4396 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:33:20.0762 4396 flpydisk - ok
16:33:20.0776 4396 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:33:20.0779 4396 FltMgr - ok
16:33:20.0806 4396 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
16:33:20.0819 4396 FontCache - ok
16:33:20.0846 4396 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:33:20.0847 4396 FontCache3.0.0.0 - ok
16:33:20.0861 4396 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:33:20.0862 4396 FsDepends - ok
16:33:20.0876 4396 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:33:20.0877 4396 Fs_Rec - ok
16:33:20.0930 4396 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:33:20.0933 4396 fvevol - ok
16:33:20.0964 4396 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:33:20.0966 4396 gagp30kx - ok
16:33:21.0036 4396 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:33:21.0037 4396 GEARAspiWDM - ok
16:33:21.0081 4396 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
16:33:21.0089 4396 gpsvc - ok
16:33:21.0118 4396 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:33:21.0119 4396 hcw85cir - ok
16:33:21.0144 4396 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:33:21.0148 4396 HdAudAddService - ok
16:33:21.0162 4396 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:33:21.0164 4396 HDAudBus - ok
16:33:21.0181 4396 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:33:21.0182 4396 HidBatt - ok
16:33:21.0197 4396 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:33:21.0198 4396 HidBth - ok
16:33:21.0213 4396 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:33:21.0214 4396 HidIr - ok
16:33:21.0232 4396 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
16:33:21.0233 4396 hidserv - ok
16:33:21.0268 4396 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:33:21.0269 4396 HidUsb - ok
16:33:21.0290 4396 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:33:21.0291 4396 hkmsvc - ok
16:33:21.0303 4396 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:33:21.0306 4396 HomeGroupListener - ok
16:33:21.0332 4396 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:33:21.0334 4396 HomeGroupProvider - ok
16:33:21.0338 4396 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
16:33:21.0340 4396 HpSAMD - ok
16:33:21.0369 4396 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:33:21.0376 4396 HTTP - ok
16:33:21.0388 4396 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:33:21.0389 4396 hwpolicy - ok
16:33:21.0416 4396 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:33:21.0417 4396 i8042prt - ok
16:33:21.0441 4396 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
16:33:21.0446 4396 iaStorV - ok
16:33:21.0476 4396 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:33:21.0486 4396 idsvc - ok
16:33:21.0495 4396 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:33:21.0496 4396 iirsp - ok
16:33:21.0528 4396 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
16:33:21.0538 4396 IKEEXT - ok
16:33:21.0553 4396 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
16:33:21.0554 4396 intelide - ok
16:33:21.0580 4396 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:33:21.0581 4396 intelppm - ok
16:33:21.0603 4396 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:33:21.0605 4396 IPBusEnum - ok
16:33:21.0623 4396 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:33:21.0624 4396 IpFilterDriver - ok
16:33:21.0628 4396 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:33:21.0630 4396 IPMIDRV - ok
16:33:21.0645 4396 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:33:21.0646 4396 IPNAT - ok
16:33:21.0724 4396 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:33:21.0734 4396 iPod Service - ok
16:33:21.0756 4396 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:33:21.0757 4396 IRENUM - ok
16:33:21.0769 4396 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
16:33:21.0770 4396 isapnp - ok
16:33:21.0782 4396 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:33:21.0785 4396 iScsiPrt - ok
16:33:21.0805 4396 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:33:21.0806 4396 kbdclass - ok
16:33:21.0833 4396 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:33:21.0834 4396 kbdhid - ok
16:33:21.0841 4396 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
16:33:21.0842 4396 KeyIso - ok
16:33:21.0851 4396 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:33:21.0852 4396 KSecDD - ok
16:33:21.0880 4396 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:33:21.0881 4396 KSecPkg - ok
16:33:21.0926 4396 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:33:21.0926 4396 ksthunk - ok
16:33:22.0000 4396 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:33:22.0005 4396 KtmRm - ok
16:33:22.0030 4396 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:33:22.0034 4396 LanmanServer - ok
16:33:22.0062 4396 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:33:22.0065 4396 LanmanWorkstation - ok
16:33:22.0088 4396 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:33:22.0089 4396 lltdio - ok
16:33:22.0103 4396 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:33:22.0107 4396 lltdsvc - ok
16:33:22.0118 4396 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:33:22.0119 4396 lmhosts - ok
16:33:22.0214 4396 [ 98B0FCC176DFB711B67651BECB88C445 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
16:33:22.0217 4396 LMIGuardianSvc - ok
16:33:22.0257 4396 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
16:33:22.0258 4396 LMIInfo - ok
16:33:22.0302 4396 [ B712511029CBD68645A90A241FD6AE43 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
16:33:22.0304 4396 LMIMaint - ok
16:33:22.0343 4396 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
16:33:22.0343 4396 lmimirr - ok
16:33:22.0347 4396 LMIRfsClientNP - ok
16:33:22.0391 4396 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
16:33:22.0392 4396 LMIRfsDriver - ok
16:33:22.0484 4396 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
16:33:22.0487 4396 LogMeIn - ok
16:33:22.0561 4396 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:33:22.0563 4396 LSI_FC - ok
16:33:22.0580 4396 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:33:22.0582 4396 LSI_SAS - ok
16:33:22.0585 4396 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:33:22.0586 4396 LSI_SAS2 - ok
16:33:22.0600 4396 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:33:22.0602 4396 LSI_SCSI - ok
16:33:22.0622 4396 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:33:22.0624 4396 luafv - ok
16:33:22.0660 4396 [ D33E2B74CF8B3A652BF0A9FBD068E87A ] ManyCam C:\Windows\system32\DRIVERS\ManyCam_x64.sys
16:33:22.0660 4396 ManyCam - ok
16:33:22.0705 4396 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
16:33:22.0707 4396 McComponentHostService - ok
16:33:22.0733 4396 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:33:22.0735 4396 Mcx2Svc - ok
16:33:22.0748 4396 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:33:22.0749 4396 megasas - ok
16:33:22.0768 4396 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:33:22.0771 4396 MegaSR - ok
16:33:22.0838 4396 Microsoft SharePoint Workspace Audit Service - ok
16:33:22.0864 4396 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:33:22.0867 4396 MMCSS - ok
16:33:22.0879 4396 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:33:22.0880 4396 Modem - ok
16:33:22.0926 4396 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:33:22.0926 4396 monitor - ok
16:33:22.0979 4396 [ A70BF78713B104C46C4E6E7858B6F02E ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
16:33:22.0981 4396 motccgp - ok
16:33:23.0000 4396 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
16:33:23.0000 4396 motccgpfl - ok
16:33:23.0030 4396 [ 3CC500C9B0E4D476802D277353CB2C89 ] MotDev C:\Windows\system32\DRIVERS\motodrv.sys
16:33:23.0034 4396 MotDev - ok
16:33:23.0089 4396 [ 6CBC0F4005593C96C9AECAD39F0690FC ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
16:33:23.0093 4396 motmodem - ok
16:33:23.0148 4396 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:33:23.0149 4396 mouclass - ok
16:33:23.0198 4396 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:33:23.0202 4396 mouhid - ok
16:33:23.0222 4396 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:33:23.0230 4396 mountmgr - ok
16:33:23.0345 4396 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:33:23.0347 4396 MozillaMaintenance - ok
16:33:23.0377 4396 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
16:33:23.0380 4396 mpio - ok
16:33:23.0399 4396 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:33:23.0400 4396 mpsdrv - ok
16:33:23.0414 4396 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:33:23.0416 4396 MRxDAV - ok
16:33:23.0444 4396 [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:33:23.0446 4396 mrxsmb - ok
16:33:23.0458 4396 [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:33:23.0461 4396 mrxsmb10 - ok
16:33:23.0491 4396 [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:33:23.0493 4396 mrxsmb20 - ok
16:33:23.0516 4396 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
16:33:23.0517 4396 msahci - ok
16:33:23.0530 4396 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
16:33:23.0532 4396 msdsm - ok
16:33:23.0559 4396 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:33:23.0562 4396 MSDTC - ok
16:33:23.0597 4396 [ 72949A24D37A20A54B3D4D3DADBB55E9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
16:33:23.0598 4396 MSDV - ok
16:33:23.0612 4396 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:33:23.0612 4396 Msfs - ok
16:33:23.0623 4396 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:33:23.0623 4396 mshidkmdf - ok
16:33:23.0634 4396 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
16:33:23.0635 4396 msisadrv - ok
16:33:23.0667 4396 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:33:23.0669 4396 MSiSCSI - ok
16:33:23.0673 4396 msiserver - ok
16:33:23.0695 4396 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:33:23.0695 4396 MSKSSRV - ok
16:33:23.0715 4396 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:33:23.0715 4396 MSPCLOCK - ok
16:33:23.0723 4396 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:33:23.0724 4396 MSPQM - ok
16:33:23.0739 4396 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:33:23.0744 4396 MsRPC - ok
16:33:23.0751 4396 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:33:23.0751 4396 mssmbios - ok
16:33:23.0765 4396 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:33:23.0766 4396 MSTEE - ok
16:33:23.0775 4396 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:33:23.0776 4396 MTConfig - ok
16:33:23.0798 4396 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:33:23.0798 4396 Mup - ok
16:33:23.0828 4396 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
16:33:23.0833 4396 napagent - ok
16:33:23.0873 4396 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:33:23.0876 4396 NativeWifiP - ok
16:33:23.0916 4396 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
16:33:23.0927 4396 NDIS - ok
16:33:23.0940 4396 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:33:23.0942 4396 NdisCap - ok
16:33:23.0970 4396 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:33:23.0973 4396 NdisTapi - ok
16:33:23.0998 4396 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:33:24.0001 4396 Ndisuio - ok
16:33:24.0019 4396 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:33:24.0022 4396 NdisWan - ok
16:33:24.0035 4396 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:33:24.0036 4396 NDProxy - ok
16:33:24.0039 4396 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:33:24.0040 4396 NetBIOS - ok
16:33:24.0062 4396 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:33:24.0065 4396 NetBT - ok
16:33:24.0091 4396 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
16:33:24.0092 4396 Netlogon - ok
16:33:24.0123 4396 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:33:24.0128 4396 Netman - ok
16:33:24.0144 4396 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:33:24.0150 4396 netprofm - ok
16:33:24.0169 4396 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:33:24.0171 4396 NetTcpPortSharing - ok
16:33:24.0187 4396 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:33:24.0188 4396 nfrd960 - ok
16:33:24.0201 4396 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:33:24.0206 4396 NlaSvc - ok
16:33:24.0250 4396 [ 40777BD92D73A8FF3B252E4F4881E672 ] nlscc C:\Windows\system32\nlsInterface.exe
16:33:24.0251 4396 nlscc - ok
16:33:24.0286 4396 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\drivers\npf.sys
16:33:24.0288 4396 NPF - ok
16:33:24.0303 4396 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:33:24.0303 4396 Npfs - ok
16:33:24.0327 4396 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:33:24.0329 4396 nsi - ok
16:33:24.0332 4396 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:33:24.0333 4396 nsiproxy - ok
16:33:24.0366 4396 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:33:24.0383 4396 Ntfs - ok
16:33:24.0392 4396 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:33:24.0393 4396 Null - ok
16:33:24.0427 4396 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:33:24.0429 4396 NVHDA - ok
16:33:24.0670 4396 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:33:24.0758 4396 nvlddmkm - ok
16:33:24.0797 4396 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
16:33:24.0799 4396 nvraid - ok
16:33:24.0814 4396 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
16:33:24.0816 4396 nvstor - ok
16:33:24.0884 4396 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] NVSvc C:\Windows\system32\nvvsvc.exe
16:33:24.0908 4396 NVSvc - ok
16:33:25.0431 4396 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:33:25.0456 4396 nvUpdatusService - ok
16:33:25.0484 4396 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
16:33:25.0487 4396 nv_agp - ok
16:33:25.0503 4396 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:33:25.0504 4396 ohci1394 - ok
16:33:25.0575 4396 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:33:25.0577 4396 ose - ok
16:33:25.0727 4396 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:33:25.0779 4396 osppsvc - ok
16:33:25.0811 4396 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:33:25.0816 4396 p2pimsvc - ok
16:33:25.0840 4396 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:33:25.0846 4396 p2psvc - ok
16:33:25.0907 4396 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:33:25.0917 4396 Parport - ok
16:33:25.0938 4396 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:33:25.0944 4396 partmgr - ok
16:33:26.0088 4396 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:33:26.0126 4396 PcaSvc - ok
16:33:26.0231 4396 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
16:33:26.0233 4396 pci - ok
16:33:26.0257 4396 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
16:33:26.0258 4396 pciide - ok
16:33:26.0290 4396 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:33:26.0292 4396 pcmcia - ok
16:33:26.0318 4396 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:33:26.0319 4396 pcw - ok
16:33:26.0358 4396 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:33:26.0365 4396 PEAUTH - ok
16:33:26.0427 4396 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:33:26.0442 4396 PeerDistSvc - ok
16:33:26.0502 4396 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:33:26.0504 4396 PerfHost - ok
16:33:26.0576 4396 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
16:33:26.0591 4396 pla - ok
16:33:26.0681 4396 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:33:26.0714 4396 PlugPlay - ok
16:33:26.0756 4396 PnkBstrA - ok
16:33:26.0789 4396 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:33:26.0791 4396 PNRPAutoReg - ok
16:33:26.0828 4396 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:33:26.0831 4396 PNRPsvc - ok
16:33:26.0909 4396 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:33:26.0916 4396 PolicyAgent - ok
16:33:27.0091 4396 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:33:27.0117 4396 Power - ok
16:33:27.0247 4396 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:33:27.0250 4396 PptpMiniport - ok
16:33:27.0269 4396 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:33:27.0272 4396 Processor - ok
16:33:27.0305 4396 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
16:33:27.0310 4396 ProfSvc - ok
16:33:27.0333 4396 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
16:33:27.0333 4396 ProtectedStorage - ok
16:33:27.0378 4396 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:33:27.0381 4396 Psched - ok
16:33:27.0453 4396 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:33:27.0454 4396 PxHlpa64 - ok
16:33:27.0527 4396 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:33:27.0543 4396 ql2300 - ok
16:33:27.0996 4396 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:33:28.0026 4396 ql40xx - ok
16:33:28.0084 4396 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:33:28.0089 4396 QWAVE - ok
16:33:28.0113 4396 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:33:28.0114 4396 QWAVEdrv - ok
16:33:28.0136 4396 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:33:28.0137 4396 RasAcd - ok
16:33:28.0208 4396 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:33:28.0209 4396 RasAgileVpn - ok
16:33:28.0243 4396 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:33:28.0249 4396 RasAuto - ok
16:33:28.0273 4396 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:33:28.0275 4396 Rasl2tp - ok
16:33:28.0294 4396 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
16:33:28.0299 4396 RasMan - ok
16:33:28.0319 4396 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:33:28.0320 4396 RasPppoe - ok
16:33:28.0374 4396 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:33:28.0375 4396 RasSstp - ok
16:33:28.0403 4396 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:33:28.0406 4396 rdbss - ok
16:33:28.0427 4396 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:33:28.0428 4396 rdpbus - ok
16:33:28.0454 4396 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:33:28.0458 4396 RDPCDD - ok
16:33:28.0506 4396 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:33:28.0508 4396 RDPDR - ok
16:33:28.0551 4396 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:33:28.0552 4396 RDPENCDD - ok
16:33:28.0581 4396 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:33:28.0582 4396 RDPREFMP - ok
16:33:28.0612 4396 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:33:28.0615 4396 RDPWD - ok
16:33:28.0669 4396 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:33:28.0672 4396 rdyboost - ok
16:33:28.0750 4396 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:33:28.0751 4396 RemoteAccess - ok
16:33:28.0802 4396 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:33:28.0805 4396 RemoteRegistry - ok
16:33:28.0891 4396 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
16:33:28.0907 4396 rpcapd - ok
16:33:28.0929 4396 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:33:28.0931 4396 RpcEptMapper - ok
16:33:28.0963 4396 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:33:28.0967 4396 RpcLocator - ok
16:33:29.0000 4396 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
16:33:29.0005 4396 RpcSs - ok
16:33:29.0074 4396 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:33:29.0075 4396 rspndr - ok
16:33:29.0170 4396 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:33:29.0172 4396 RTL8167 - ok
16:33:29.0212 4396 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
16:33:29.0215 4396 s3cap - ok
16:33:29.0233 4396 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
16:33:29.0234 4396 SamSs - ok
16:33:29.0386 4396 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:33:29.0386 4396 SASDIFSV - ok
16:33:29.0490 4396 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:33:29.0490 4396 SASKUTIL - ok
16:33:29.0521 4396 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
16:33:29.0525 4396 sbp2port - ok
16:33:29.0679 4396 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:33:29.0692 4396 SBSDWSCService - ok
16:33:29.0753 4396 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:33:29.0761 4396 SCardSvr - ok
16:33:29.0797 4396 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:33:29.0798 4396 scfilter - ok
16:33:29.0826 4396 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
16:33:29.0838 4396 Schedule - ok
16:33:29.0858 4396 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:33:29.0859 4396 SCPolicySvc - ok
16:33:29.0868 4396 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:33:29.0871 4396 SDRSVC - ok
16:33:29.0916 4396 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:33:29.0920 4396 secdrv - ok
16:33:29.0960 4396 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
16:33:29.0963 4396 seclogon - ok
16:33:30.0100 4396 [ 1C59B1619FBCC104F5C5BCCD53E61B55 ] Sendori C:\Program Files (x86)\Sendori\Sendori.exe
16:33:30.0153 4396 Sendori - ok
16:33:30.0175 4396 [ DCC389FAB04E8469A5939C655F7F1CA7 ] Sendori Interceptor C:\Program Files (x86)\Sendori\Sendori.Service.exe
16:33:30.0176 4396 Sendori Interceptor - ok
16:33:30.0215 4396 [ 0A26BD4313119D30C31787FC2F97CC85 ] Sendoriv1 C:\Program Files (x86)\Sendori\SendoriSvc.exe
16:33:30.0217 4396 Sendoriv1 - ok
16:33:30.0236 4396 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
16:33:30.0238 4396 SENS - ok
16:33:30.0248 4396 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:33:30.0250 4396 SensrSvc - ok
16:33:30.0274 4396 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:33:30.0275 4396 Serenum - ok
16:33:30.0284 4396 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:33:30.0285 4396 Serial - ok
16:33:30.0301 4396 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:33:30.0302 4396 sermouse - ok
16:33:30.0321 4396 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
16:33:30.0324 4396 SessionEnv - ok
16:33:30.0332 4396 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
16:33:30.0333 4396 sffdisk - ok
16:33:30.0348 4396 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:33:30.0349 4396 sffp_mmc - ok
16:33:30.0356 4396 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
16:33:30.0357 4396 sffp_sd - ok
16:33:30.0365 4396 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:33:30.0366 4396 sfloppy - ok
16:33:30.0393 4396 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:33:30.0399 4396 ShellHWDetection - ok
16:33:30.0412 4396 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:33:30.0413 4396 SiSRaid2 - ok
16:33:30.0424 4396 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:33:30.0426 4396 SiSRaid4 - ok
16:33:30.0533 4396 [ C70AEBD3608ED9FCEA2A1BAE83567FFC ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:33:30.0535 4396 SkypeUpdate - ok
16:33:30.0556 4396 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:33:30.0557 4396 Smb - ok
16:33:30.0588 4396 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:33:30.0589 4396 SNMPTRAP - ok
16:33:30.0605 4396 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:33:30.0606 4396 spldr - ok
16:33:30.0635 4396 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
16:33:30.0643 4396 Spooler - ok
16:33:30.0703 4396 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
16:33:30.0742 4396 sppsvc - ok
16:33:30.0755 4396 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:33:30.0757 4396 sppuinotify - ok
16:33:30.0808 4396 [ 88E5162E58C8919CC873F5D8946197CF ] sptd C:\Windows\system32\Drivers\sptd.sys
16:33:30.0809 4396 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88E5162E58C8919CC873F5D8946197CF
16:33:30.0810 4396 sptd ( LockedFile.Multi.Generic ) - warning
16:33:30.0810 4396 sptd - detected LockedFile.Multi.Generic (1)
16:33:30.0847 4396 [ DE6F5658DA951C4BC8E498570B5B0D5F ] srv C:\Windows\system32\DRIVERS\srv.sys
16:33:30.0852 4396 srv - ok
16:33:30.0868 4396 [ 4D33D59C0B930C523D29F9BD40CDA9D2 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:33:30.0873 4396 srv2 - ok
16:33:30.0888 4396 [ 5A663FD67049267BC5C3F3279E631FFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:33:30.0890 4396 srvnet - ok
16:33:30.0942 4396 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:33:30.0946 4396 SSDPSRV - ok
16:33:30.0977 4396 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:33:30.0981 4396 SstpSvc - ok
16:33:31.0065 4396 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
16:33:31.0073 4396 StarWindServiceAE - ok
16:33:31.0101 4396 Steam Client Service - ok
16:33:31.0154 4396 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:33:31.0159 4396 Stereo Service - ok
16:33:31.0170 4396 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:33:31.0171 4396 stexstor - ok
16:33:31.0208 4396 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
16:33:31.0216 4396 stisvc - ok
16:33:31.0237 4396 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
16:33:31.0237 4396 storflt - ok
16:33:31.0248 4396 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
16:33:31.0249 4396 storvsc - ok
16:33:31.0286 4396 [ 04CF20310145DEC63D5387BEAFF77D9A ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
16:33:31.0287 4396 SWDUMon - ok
16:33:31.0298 4396 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:33:31.0299 4396 swenum - ok
16:33:31.0403 4396 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:33:31.0409 4396 SwitchBoard - ok
16:33:31.0440 4396 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:33:31.0447 4396 swprv - ok
16:33:31.0483 4396 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
16:33:31.0502 4396 SysMain - ok
16:33:31.0511 4396 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:33:31.0514 4396 TabletInputService - ok
16:33:31.0523 4396 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
16:33:31.0527 4396 TapiSrv - ok
16:33:31.0539 4396 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:33:31.0541 4396 TBS - ok
16:33:31.0588 4396 [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:33:31.0609 4396 Tcpip - ok
16:33:31.0637 4396 [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:33:31.0649 4396 TCPIP6 - ok
16:33:31.0670 4396 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:33:31.0671 4396 tcpipreg - ok
16:33:31.0683 4396 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:33:31.0684 4396 TDPIPE - ok
16:33:31.0691 4396 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:33:31.0692 4396 TDTCP - ok
16:33:31.0703 4396 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:33:31.0704 4396 tdx - ok
16:33:31.0715 4396 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:33:31.0715 4396 TermDD - ok
16:33:31.0736 4396 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
16:33:31.0745 4396 TermService - ok
16:33:31.0751 4396 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:33:31.0752 4396 Themes - ok
16:33:31.0772 4396 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:33:31.0774 4396 THREADORDER - ok
16:33:31.0788 4396 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:33:31.0791 4396 TrkWks - ok
16:33:31.0829 4396 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:33:31.0831 4396 TrustedInstaller - ok
16:33:31.0839 4396 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:33:31.0840 4396 tssecsrv - ok
16:33:31.0879 4396 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:33:31.0880 4396 tunnel - ok
16:33:31.0895 4396 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:33:31.0908 4396 uagp35 - ok
16:33:31.0929 4396 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:33:31.0933 4396 udfs - ok
16:33:31.0961 4396 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:33:31.0963 4396 UI0Detect - ok
16:33:31.0972 4396 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
16:33:31.0973 4396 uliagpkx - ok
16:33:31.0988 4396 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:33:31.0989 4396 umbus - ok
16:33:32.0002 4396 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:33:32.0003 4396 UmPass - ok
16:33:32.0027 4396 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
16:33:32.0030 4396 UmRdpService - ok
16:33:32.0043 4396 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:33:32.0048 4396 upnphost - ok
16:33:32.0098 4396 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:33:32.0099 4396 USBAAPL64 - ok
16:33:32.0125 4396 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:33:32.0126 4396 usbaudio - ok
16:33:32.0154 4396 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:33:32.0155 4396 usbccgp - ok
16:33:32.0174 4396 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
16:33:32.0176 4396 usbcir - ok
16:33:32.0188 4396 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:33:32.0189 4396 usbehci - ok
16:33:32.0214 4396 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:33:32.0218 4396 usbhub - ok
16:33:32.0230 4396 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:33:32.0231 4396 usbohci - ok
16:33:32.0257 4396 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:33:32.0258 4396 usbprint - ok
16:33:32.0290 4396 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:33:32.0291 4396 usbscan - ok
16:33:32.0304 4396 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:33:32.0305 4396 USBSTOR - ok
16:33:32.0318 4396 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:33:32.0319 4396 usbuhci - ok
16:33:32.0355 4396 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:33:32.0357 4396 usbvideo - ok
16:33:32.0376 4396 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:33:32.0378 4396 UxSms - ok
16:33:32.0391 4396 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
16:33:32.0392 4396 VaultSvc - ok
16:33:32.0414 4396 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
16:33:32.0414 4396 vdrvroot - ok
16:33:32.0430 4396 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
16:33:32.0438 4396 vds - ok
16:33:32.0463 4396 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:33:32.0464 4396 vga - ok
16:33:32.0482 4396 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:33:32.0483 4396 VgaSave - ok
16:33:32.0500 4396 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
16:33:32.0503 4396 vhdmp - ok
16:33:32.0512 4396 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
16:33:32.0512 4396 viaide - ok
16:33:32.0537 4396 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
16:33:32.0540 4396 vmbus - ok
16:33:32.0549 4396 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
16:33:32.0550 4396 VMBusHID - ok
16:33:32.0568 4396 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
16:33:32.0570 4396 volmgr - ok
16:33:32.0585 4396 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:33:32.0589 4396 volmgrx - ok
16:33:32.0613 4396 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
16:33:32.0617 4396 volsnap - ok
16:33:32.0635 4396 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:33:32.0637 4396 vsmraid - ok
16:33:32.0679 4396 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
16:33:32.0698 4396 VSS - ok
16:33:32.0705 4396 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:33:32.0706 4396 vwifibus - ok
16:33:32.0712 4396 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:33:32.0713 4396 vwififlt - ok
16:33:32.0725 4396 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:33:32.0731 4396 W32Time - ok
16:33:32.0746 4396 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:33:32.0747 4396 WacomPen - ok
16:33:32.0774 4396 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:33:32.0775 4396 WANARP - ok
16:33:32.0779 4396 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:33:32.0780 4396 Wanarpv6 - ok
16:33:32.0832 4396 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:33:32.0845 4396 WatAdminSvc - ok
16:33:32.0881 4396 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
16:33:32.0898 4396 wbengine - ok
16:33:32.0932 4396 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:33:32.0936 4396 WbioSrvc - ok
16:33:32.0949 4396 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:33:32.0955 4396 wcncsvc - ok
16:33:32.0964 4396 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:33:32.0966 4396 WcsPlugInService - ok
16:33:32.0980 4396 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:33:32.0981 4396 Wd - ok
16:33:33.0001 4396 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:33:33.0008 4396 Wdf01000 - ok
16:33:33.0017 4396 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:33:33.0020 4396 WdiServiceHost - ok
16:33:33.0023 4396 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:33:33.0025 4396 WdiSystemHost - ok
16:33:33.0046 4396 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
16:33:33.0072 4396 WebClient - ok
16:33:33.0134 4396 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:33:33.0147 4396 Wecsvc - ok
16:33:33.0178 4396 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:33:33.0204 4396 wercplsupport - ok
16:33:33.0226 4396 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:33:33.0229 4396 WerSvc - ok
16:33:33.0258 4396 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:33:33.0258 4396 WfpLwf - ok
16:33:33.0271 4396 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:33:33.0272 4396 WIMMount - ok
16:33:33.0276 4396 WinHttpAutoProxySvc - ok
16:33:33.0322 4396 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:33:33.0325 4396 Winmgmt - ok
16:33:33.0368 4396 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
16:33:33.0391 4396 WinRM - ok
16:33:33.0461 4396 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:33:33.0462 4396 WinUsb - ok
16:33:33.0496 4396 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:33:33.0506 4396 Wlansvc - ok
16:33:33.0527 4396 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:33:33.0528 4396 WmiAcpi - ok
16:33:33.0551 4396 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:33:33.0553 4396 wmiApSrv - ok
16:33:33.0575 4396 WMPNetworkSvc - ok
16:33:33.0587 4396 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:33:33.0589 4396 WPCSvc - ok
16:33:33.0600 4396 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:33:33.0603 4396 WPDBusEnum - ok
16:33:33.0623 4396 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:33:33.0624 4396 ws2ifsl - ok
16:33:33.0626 4396 WSearch - ok
16:33:33.0636 4396 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:33:33.0637 4396 WudfPf - ok
16:33:33.0651 4396 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:33:33.0653 4396 WUDFRd - ok
16:33:33.0680 4396 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:33:33.0682 4396 wudfsvc - ok
16:33:33.0694 4396 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:33:33.0698 4396 WwanSvc - ok
16:33:33.0715 4396 ================ Scan global ===============================
16:33:33.0732 4396 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:33:33.0742 4396 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
16:33:33.0750 4396 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
16:33:33.0769 4396 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:33:33.0802 4396 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
16:33:33.0809 4396 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
16:33:33.0809 4396 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
16:33:33.0809 4396 ================ Scan MBR ==================================
16:33:33.0816 4396 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:33:33.0816 4396 Suspicious mbr (Forged): \Device\Harddisk0\DR0
16:33:33.0856 4396 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
16:33:33.0856 4396 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
16:33:34.0141 4396 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:33:34.0141 4396 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:33:34.0145 4396 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:33:34.0587 4396 \Device\Harddisk1\DR1 - ok
16:33:34.0587 4396 ================ Scan VBR ==================================
16:33:34.0647 4396 [ ED5F9DA05B2924FE0EAC35FDA20215BE ] \Device\Harddisk0\DR0\Partition1
16:33:34.0649 4396 \Device\Harddisk0\DR0\Partition1 - ok
16:33:34.0664 4396 [ 052BBD52FE7AA403D6DFE3BA8E4A376D ] \Device\Harddisk0\DR0\Partition2
16:33:34.0666 4396 \Device\Harddisk0\DR0\Partition2 - ok
16:33:34.0668 4396 [ 5F099126A70D49A7A2AAB203E11BD8B2 ] \Device\Harddisk1\DR1\Partition1
16:33:34.0671 4396 \Device\Harddisk1\DR1\Partition1 - ok
16:33:34.0671 4396 ============================================================
16:33:34.0671 4396 Scan finished
16:33:34.0671 4396 ============================================================
16:33:34.0684 4780 Detected object count: 4
16:33:34.0684 4780 Actual detected object count: 4
16:33:50.0419 4780 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:33:50.0419 4780 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
16:33:50.0448 4780 C:\Windows\system32\services.exe - copied to quarantine
16:33:51.0280 4780 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
16:33:51.0281 4780 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
16:33:51.0284 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\@ - copied to quarantine
16:33:51.0285 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\L\00000004.@ - copied to quarantine
16:33:51.0286 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\L\201d3dde - copied to quarantine
16:33:51.0287 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\00000004.@ - copied to quarantine
16:33:51.0288 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\00000008.@ - copied to quarantine
16:33:51.0289 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\000000cb.@ - copied to quarantine
16:33:51.0290 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\80000000.@ - copied to quarantine
16:33:51.0291 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\80000032.@ - copied to quarantine
16:33:51.0291 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\80000064.@ - copied to quarantine
16:33:51.0336 4780 C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\@ - copied to quarantine
16:33:51.0344 4780 C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\L\00000004.@ - copied to quarantine
16:33:51.0345 4780 C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\L\1afb2d56 - copied to quarantine
16:33:51.0350 4780 C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\U\00000004.@ - copied to quarantine
16:34:02.0372 4780 Backup copy not found, trying to cure infected file..
16:34:02.0374 4780 Cure success, using it..
16:34:02.0437 4780 C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
16:34:02.0437 4780 C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
16:34:02.0440 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\@ - will be deleted on reboot
16:34:02.0446 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\00000004.@ - will be deleted on reboot
16:34:02.0446 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\00000008.@ - will be deleted on reboot
16:34:02.0446 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\000000cb.@ - will be deleted on reboot
16:34:02.0447 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\80000000.@ - will be deleted on reboot
16:34:02.0447 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\80000032.@ - will be deleted on reboot
16:34:02.0447 4780 C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\80000064.@ - will be deleted on reboot
16:34:02.0453 4780 C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\@ - will be deleted on reboot
16:34:02.0454 4780 C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\U\00000004.@ - will be deleted on reboot
16:34:02.0454 4780 C:\Windows\system32\services.exe - will be cured on reboot
16:34:02.0454 4780 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
16:34:03.0182 4780 \Device\Harddisk0\DR0\# - copied to quarantine
16:34:03.0184 4780 \Device\Harddisk0\DR0 - copied to quarantine
16:34:03.0226 4780 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
16:34:03.0228 4780 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
16:34:03.0233 4780 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
16:34:03.0238 4780 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
16:34:03.0255 4780 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:34:03.0263 4780 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:34:03.0264 4780 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
16:34:03.0265 4780 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
16:34:03.0266 4780 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
16:34:03.0268 4780 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:34:03.0270 4780 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:34:03.0271 4780 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
16:34:03.0272 4780 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
16:34:03.0273 4780 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
16:34:03.0285 4780 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:34:03.0331 4780 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
16:34:03.0358 4780 \Device\Harddisk0\DR0 - ok
16:34:03.0371 4780 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
16:34:03.0372 4780 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:34:03.0372 4780 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
16:34:42.0642 5456 Deinitialize success


aswMBR Log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-23 16:47:22
-----------------------------
16:47:22.551 OS Version: Windows x64 6.1.7600
16:47:22.551 Number of processors: 12 586 0x2C02
16:47:22.551 ComputerName: HIGGINSEDITING UserName: Higgins
16:47:24.676 Initialize success
16:53:22.604 AVAST engine defs: 12082400
16:54:19.595 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
16:54:19.598 Disk 0 Vendor: Hitachi_HDS721010CLA332 JP4OA3EA Size: 953869MB BusType: 3
16:54:19.632 Disk 0 MBR read successfully
16:54:19.635 Disk 0 MBR scan
16:54:19.639 Disk 0 Windows 7 default MBR code
16:54:19.642 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:54:19.655 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
16:54:19.675 Disk 0 scanning C:\Windows\system32\drivers
16:54:26.610 Service scanning
16:54:48.233 Modules scanning
16:54:48.241 Disk 0 trace - called modules:
16:54:48.315 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8009d1b2c0]<<spcq.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
16:54:48.319 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800af0c060]
16:54:48.325 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa800ac8a520]
16:54:48.330 5 ACPI.sys[fffff880011a3781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa800ac62680]
16:54:48.335 \Driver\atapi[0xfffffa800ac1aae0] -> IRP_MJ_CREATE -> 0xfffffa8009d1b2c0
16:54:51.381 AVAST engine scan C:\Windows
16:54:54.376 AVAST engine scan C:\Windows\system32
16:57:00.768 AVAST engine scan C:\Windows\system32\drivers
16:57:11.163 AVAST engine scan C:\Users\Higgins
16:59:02.300 Disk 0 MBR has been saved successfully to "C:\Users\Higgins\Desktop\MBR.dat"
16:59:02.309 The log file has been saved successfully to "C:\Users\Higgins\Desktop\aswMBR.txt"


ESET Online Scanner Log:

C:\Program Files (x86)\chrome\chrome.exe probably a variant of Win32/Delf.QML trojan cleaned by deleting - quarantined
C:\Program Files (x86)\Sony\Sound Forge Pro 10.0\KEYGEN.exe a variant of Win32/Keygen.AR application cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Higgins\AppData\Local\Google\Chrome\User Data\Default\Default\aadcdadidddddcdadjdddggddedigegb\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Higgins\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KQENKWHI\home[1].html HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\U\80000064.@ Win64/Sirefef.AN trojan cleaned by deleting - quarantined
C:\Users\Higgins\AppData\Local\{76EA8309-CE4D-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\15f0a801-516ca228 Java/Agent.EA trojan deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\2d2cb08c-3998ee81 Java/Exploit.CVE-2012-1723.AA trojan deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\3a8d4910-7d607635 a variant of Java/Exploit.Blacole.AN trojan deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\6d206693-76363818 a variant of Java/Exploit.CVE-2012-1723.AP trojan deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\4ac69d56-6003b02e Java/Exploit.CVE-2011-3544.T trojan deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\6e02d55a-745644da a variant of Java/Exploit.CVE-2012-1723.AP trojan deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\314ce05b-48f2e122 Java/Exploit.CVE-2012-0507.BN trojan deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\2180a284-43f77c3d Java/Exploit.CVE-2012-1723.AS trojan deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\47eeae-5937ae0d multiple threats deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\64ecd374-53600afc Java/Exploit.Agent.NBH trojan deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\47363e7b-415fdf6c a variant of Java/JShrink.A application deleted - quarantined
C:\Users\Higgins\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\24bc4948-5e3829bc Java/Exploit.CVE-2012-0507.BN trojan deleted - quarantined
C:\Users\Higgins\AppData\Roaming\lbrmg.dll a variant of Win32/Medfos.AR trojan cleaned by deleting - quarantined
C:\Users\Higgins\AppData\Roaming\Mozilla\Firefox\Profiles\3uk2ncd9.default\extensions\mrohpacubc@mrohpacubc.org.xpi JS/Redirector.NCA trojan deleted - quarantined
C:\Users\Higgins\AppData\Roaming\Mozilla\Firefox\Profiles\mzhu5mse.default-1340686421314\extensions\mrohpacubc@mrohpacubc.org.xpi JS/Redirector.NCA trojan deleted - quarantined
C:\Users\Higgins\Documents\Vuze Downloads\New.Blue.FX.Plugins.Full.Pack.v2.3.WinAll.Multiple.Hosts.Incl.Keygens\New.Blue.FX.Plugins.Full.Pack.v2.3.WinAll.Multiple.Hosts.Incl.Keygens.rar a variant of Win32/Keygen.AR application deleted - quarantined
C:\Users\Higgins\Documents\Vuze Downloads\New.Blue.FX.Plugins.Full.Pack.v2.3.WinAll.Multiple.Hosts.Incl.Keygens\Keygens\Keygen Paint.exe a variant of Win32/Keygen.AR application cleaned by deleting - quarantined
C:\Users\Higgins\Documents\Vuze Downloads\New.Blue.FX.Plugins.Full.Pack.v2.3.WinAll.Multiple.Hosts.Incl.Keygens\Keygens\NewBlue Keygen.exe a variant of Win32/Keygen.AR application cleaned by deleting - quarantined
C:\Users\Higgins\Documents\Vuze Downloads\QuickTime Pro 7.7.2 (1680.56) + Keygen\QuickTime Pro 7.7.2 (1680.56) + Keygen.rar probably a variant of Win32/Agent.BPFOUHH trojan deleted - quarantined
C:\Users\Higgins\Documents\Vuze Downloads\QuickTime Pro 7.7.2 (1680.56) + Keygen\Keygen\Keymaker.exe probably a variant of Win32/Agent.BPFOUHH trojan cleaned by deleting - quarantined
C:\Windows\Installer\792fddd.msi a variant of Win32/Keygen.AR application deleted - quarantined
C:\Windows\Installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Windows\Installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Windows\Installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined
Operating memory multiple threats


Thank you for all of your help with this problem.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 23 August 2012 - 08:27 PM

Restart the PC ,run TDSSkiller once again and post the new log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 PissedOffPCUser

PissedOffPCUser
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:38 PM

Posted 25 August 2012 - 06:44 PM

Sorry for the delayed response. We had an internet issue in my building. Here are my logs, as requested:

TDSKiller -- Log #2:

18:32:56.0750 5056 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
18:32:57.0343 5056 ============================================================
18:32:57.0343 5056 Current date / time: 2012/08/23 18:32:57.0343
18:32:57.0343 5056 SystemInfo:
18:32:57.0343 5056
18:32:57.0343 5056 OS Version: 6.1.7600 ServicePack: 0.0
18:32:57.0343 5056 Product type: Workstation
18:32:57.0343 5056 ComputerName: HIGGINSEDITING
18:32:57.0343 5056 UserName: Higgins
18:32:57.0343 5056 Windows directory: C:\Windows
18:32:57.0343 5056 System windows directory: C:\Windows
18:32:57.0343 5056 Running under WOW64
18:32:57.0343 5056 Processor architecture: Intel x64
18:32:57.0343 5056 Number of processors: 12
18:32:57.0343 5056 Page size: 0x1000
18:32:57.0343 5056 Boot type: Normal boot
18:32:57.0343 5056 ============================================================
18:32:59.0156 5056 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:59.0171 5056 Drive \Device\Harddisk1\DR1 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:32:59.0468 5056 ============================================================
18:32:59.0468 5056 \Device\Harddisk0\DR0:
18:32:59.0468 5056 MBR partitions:
18:32:59.0468 5056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:32:59.0468 5056 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
18:32:59.0468 5056 \Device\Harddisk1\DR1:
18:32:59.0531 5056 MBR partitions:
18:32:59.0531 5056 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
18:32:59.0531 5056 ============================================================
18:32:59.0546 5056 C: <-> \Device\Harddisk0\DR0\Partition2
18:32:59.0578 5056 H: <-> \Device\Harddisk1\DR1\Partition1
18:32:59.0578 5056 ============================================================
18:32:59.0578 5056 Initialize success
18:32:59.0578 5056 ============================================================
18:33:01.0109 4248 ============================================================
18:33:01.0109 4248 Scan started
18:33:01.0109 4248 Mode: Manual;
18:33:01.0109 4248 ============================================================
18:33:02.0296 4248 ================ Scan system memory ========================
18:33:02.0296 4248 System memory - ok
18:33:02.0296 4248 ================ Scan services =============================
18:33:02.0359 4248 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:33:02.0375 4248 !SASCORE - ok
18:33:02.0468 4248 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
18:33:02.0468 4248 1394ohci - ok
18:33:02.0515 4248 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
18:33:02.0515 4248 61883 - ok
18:33:02.0531 4248 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
18:33:02.0531 4248 ACPI - ok
18:33:02.0546 4248 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
18:33:02.0546 4248 AcpiPmi - ok
18:33:02.0656 4248 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:33:02.0656 4248 AdobeARMservice - ok
18:33:02.0687 4248 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:33:02.0687 4248 adp94xx - ok
18:33:02.0750 4248 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:33:02.0750 4248 adpahci - ok
18:33:02.0765 4248 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:33:02.0765 4248 adpu320 - ok
18:33:02.0796 4248 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:33:02.0796 4248 AeLookupSvc - ok
18:33:02.0812 4248 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
18:33:02.0812 4248 AFD - ok
18:33:02.0828 4248 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
18:33:02.0828 4248 agp440 - ok
18:33:02.0843 4248 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:33:02.0843 4248 ALG - ok
18:33:02.0859 4248 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
18:33:02.0859 4248 aliide - ok
18:33:02.0859 4248 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
18:33:02.0859 4248 amdide - ok
18:33:02.0875 4248 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:33:02.0875 4248 AmdK8 - ok
18:33:02.0875 4248 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:33:02.0875 4248 AmdPPM - ok
18:33:02.0890 4248 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
18:33:02.0890 4248 amdsata - ok
18:33:02.0921 4248 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:33:02.0937 4248 amdsbs - ok
18:33:02.0953 4248 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
18:33:02.0953 4248 amdxata - ok
18:33:02.0968 4248 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
18:33:02.0968 4248 AppID - ok
18:33:02.0984 4248 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:33:02.0984 4248 AppIDSvc - ok
18:33:03.0000 4248 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
18:33:03.0000 4248 Appinfo - ok
18:33:03.0093 4248 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:33:03.0093 4248 Apple Mobile Device - ok
18:33:03.0125 4248 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:33:03.0140 4248 AppMgmt - ok
18:33:03.0156 4248 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:33:03.0171 4248 arc - ok
18:33:03.0171 4248 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:33:03.0171 4248 arcsas - ok
18:33:03.0187 4248 astcc - ok
18:33:03.0203 4248 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:33:03.0203 4248 AsyncMac - ok
18:33:03.0218 4248 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
18:33:03.0218 4248 atapi - ok
18:33:03.0265 4248 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:33:03.0281 4248 athr - ok
18:33:03.0328 4248 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:33:03.0328 4248 AudioEndpointBuilder - ok
18:33:03.0343 4248 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:33:03.0343 4248 AudioSrv - ok
18:33:03.0359 4248 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
18:33:03.0359 4248 Avc - ok
18:33:03.0390 4248 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:33:03.0390 4248 AxInstSV - ok
18:33:03.0421 4248 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:33:03.0437 4248 b06bdrv - ok
18:33:03.0453 4248 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:33:03.0453 4248 b57nd60a - ok
18:33:03.0484 4248 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:33:03.0484 4248 BDESVC - ok
18:33:03.0500 4248 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:33:03.0500 4248 Beep - ok
18:33:03.0546 4248 BlackBox - ok
18:33:03.0562 4248 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:33:03.0562 4248 blbdrive - ok
18:33:03.0625 4248 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:33:03.0625 4248 Bonjour Service - ok
18:33:03.0640 4248 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:33:03.0640 4248 bowser - ok
18:33:03.0671 4248 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:33:03.0671 4248 BrFiltLo - ok
18:33:03.0687 4248 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:33:03.0687 4248 BrFiltUp - ok
18:33:03.0703 4248 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
18:33:03.0703 4248 Browser - ok
18:33:03.0718 4248 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:33:03.0718 4248 Brserid - ok
18:33:03.0734 4248 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:33:03.0734 4248 BrSerWdm - ok
18:33:03.0750 4248 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:33:03.0750 4248 BrUsbMdm - ok
18:33:03.0765 4248 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:33:03.0765 4248 BrUsbSer - ok
18:33:03.0781 4248 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:33:03.0781 4248 BTHMODEM - ok
18:33:03.0796 4248 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:33:03.0796 4248 bthserv - ok
18:33:03.0812 4248 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:33:03.0812 4248 cdfs - ok
18:33:03.0843 4248 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:33:03.0843 4248 cdrom - ok
18:33:03.0859 4248 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
18:33:03.0859 4248 CertPropSvc - ok
18:33:03.0890 4248 ChromeService - ok
18:33:03.0921 4248 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:33:03.0921 4248 circlass - ok
18:33:03.0937 4248 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:33:03.0953 4248 CLFS - ok
18:33:03.0984 4248 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:33:04.0000 4248 clr_optimization_v2.0.50727_32 - ok
18:33:04.0046 4248 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:33:04.0046 4248 clr_optimization_v2.0.50727_64 - ok
18:33:04.0062 4248 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:33:04.0062 4248 CmBatt - ok
18:33:04.0062 4248 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
18:33:04.0062 4248 cmdide - ok
18:33:04.0078 4248 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
18:33:04.0093 4248 CNG - ok
18:33:04.0093 4248 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:33:04.0093 4248 Compbatt - ok
18:33:04.0125 4248 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:33:04.0125 4248 CompositeBus - ok
18:33:04.0140 4248 COMSysApp - ok
18:33:04.0156 4248 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:33:04.0156 4248 crcdisk - ok
18:33:04.0171 4248 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:33:04.0171 4248 CryptSvc - ok
18:33:04.0203 4248 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
18:33:04.0203 4248 CSC - ok
18:33:04.0218 4248 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
18:33:04.0234 4248 CscService - ok
18:33:04.0265 4248 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:33:04.0265 4248 DcomLaunch - ok
18:33:04.0296 4248 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:33:04.0296 4248 defragsvc - ok
18:33:04.0312 4248 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:33:04.0312 4248 DfsC - ok
18:33:04.0328 4248 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
18:33:04.0328 4248 Dhcp - ok
18:33:04.0343 4248 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:33:04.0343 4248 discache - ok
18:33:04.0375 4248 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:33:04.0375 4248 Disk - ok
18:33:04.0406 4248 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:33:04.0406 4248 Dnscache - ok
18:33:04.0421 4248 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
18:33:04.0421 4248 dot3svc - ok
18:33:04.0421 4248 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
18:33:04.0437 4248 DPS - ok
18:33:04.0468 4248 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:33:04.0468 4248 drmkaud - ok
18:33:04.0500 4248 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:33:04.0500 4248 dtsoftbus01 - ok
18:33:04.0531 4248 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:33:04.0546 4248 DXGKrnl - ok
18:33:04.0562 4248 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:33:04.0562 4248 EapHost - ok
18:33:04.0625 4248 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:33:04.0671 4248 ebdrv - ok
18:33:04.0671 4248 Scan interrupted by user!
18:33:04.0671 4248 ================ Scan global ===============================
18:33:04.0671 4248 Scan interrupted by user!
18:33:04.0671 4248 ================ Scan MBR ==================================
18:33:04.0671 4248 Scan interrupted by user!
18:33:04.0671 4248 ================ Scan VBR ==================================
18:33:04.0671 4248 Scan interrupted by user!
18:33:04.0671 4248 ============================================================
18:33:04.0671 4248 Scan finished
18:33:04.0671 4248 ============================================================
18:33:04.0671 4008 Detected object count: 0
18:33:04.0671 4008 Actual detected object count: 0
18:33:13.0015 4256 ============================================================
18:33:13.0015 4256 Scan started
18:33:13.0015 4256 Mode: Manual; TDLFS;
18:33:13.0015 4256 ============================================================
18:33:13.0890 4256 ================ Scan system memory ========================
18:33:13.0890 4256 System memory - ok
18:33:13.0890 4256 ================ Scan services =============================
18:33:13.0968 4256 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:33:13.0968 4256 !SASCORE - ok
18:33:14.0062 4256 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
18:33:14.0062 4256 1394ohci - ok
18:33:14.0093 4256 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
18:33:14.0093 4256 61883 - ok
18:33:14.0109 4256 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
18:33:14.0109 4256 ACPI - ok
18:33:14.0125 4256 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
18:33:14.0125 4256 AcpiPmi - ok
18:33:14.0203 4256 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:33:14.0218 4256 AdobeARMservice - ok
18:33:14.0234 4256 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:33:14.0234 4256 adp94xx - ok
18:33:14.0265 4256 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:33:14.0265 4256 adpahci - ok
18:33:14.0281 4256 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:33:14.0281 4256 adpu320 - ok
18:33:14.0296 4256 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:33:14.0296 4256 AeLookupSvc - ok
18:33:14.0359 4256 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
18:33:14.0359 4256 AFD - ok
18:33:14.0375 4256 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
18:33:14.0375 4256 agp440 - ok
18:33:14.0390 4256 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:33:14.0390 4256 ALG - ok
18:33:14.0421 4256 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
18:33:14.0421 4256 aliide - ok
18:33:14.0437 4256 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
18:33:14.0437 4256 amdide - ok
18:33:14.0453 4256 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:33:14.0453 4256 AmdK8 - ok
18:33:14.0468 4256 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:33:14.0468 4256 AmdPPM - ok
18:33:14.0484 4256 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
18:33:14.0484 4256 amdsata - ok
18:33:14.0500 4256 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:33:14.0500 4256 amdsbs - ok
18:33:14.0515 4256 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
18:33:14.0515 4256 amdxata - ok
18:33:14.0531 4256 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
18:33:14.0531 4256 AppID - ok
18:33:14.0546 4256 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:33:14.0546 4256 AppIDSvc - ok
18:33:14.0562 4256 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
18:33:14.0562 4256 Appinfo - ok
18:33:14.0656 4256 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:33:14.0656 4256 Apple Mobile Device - ok
18:33:14.0687 4256 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:33:14.0687 4256 AppMgmt - ok
18:33:14.0703 4256 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:33:14.0703 4256 arc - ok
18:33:14.0718 4256 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:33:14.0718 4256 arcsas - ok
18:33:14.0718 4256 astcc - ok
18:33:14.0734 4256 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:33:14.0734 4256 AsyncMac - ok
18:33:14.0750 4256 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
18:33:14.0750 4256 atapi - ok
18:33:14.0796 4256 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:33:14.0812 4256 athr - ok
18:33:14.0828 4256 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:33:14.0843 4256 AudioEndpointBuilder - ok
18:33:14.0843 4256 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:33:14.0843 4256 AudioSrv - ok
18:33:14.0875 4256 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
18:33:14.0875 4256 Avc - ok
18:33:14.0890 4256 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:33:14.0890 4256 AxInstSV - ok
18:33:14.0984 4256 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:33:14.0984 4256 b06bdrv - ok
18:33:15.0031 4256 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:33:15.0031 4256 b57nd60a - ok
18:33:15.0046 4256 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:33:15.0046 4256 BDESVC - ok
18:33:15.0062 4256 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:33:15.0062 4256 Beep - ok
18:33:15.0062 4256 BlackBox - ok
18:33:15.0062 4256 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:33:15.0062 4256 blbdrive - ok
18:33:15.0109 4256 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:33:15.0109 4256 Bonjour Service - ok
18:33:15.0109 4256 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:33:15.0109 4256 bowser - ok
18:33:15.0125 4256 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:33:15.0125 4256 BrFiltLo - ok
18:33:15.0140 4256 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:33:15.0140 4256 BrFiltUp - ok
18:33:15.0156 4256 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
18:33:15.0171 4256 Browser - ok
18:33:15.0187 4256 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:33:15.0187 4256 Brserid - ok
18:33:15.0187 4256 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:33:15.0187 4256 BrSerWdm - ok
18:33:15.0218 4256 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:33:15.0218 4256 BrUsbMdm - ok
18:33:15.0234 4256 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:33:15.0234 4256 BrUsbSer - ok
18:33:15.0234 4256 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:33:15.0234 4256 BTHMODEM - ok
18:33:15.0234 4256 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:33:15.0234 4256 bthserv - ok
18:33:15.0250 4256 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:33:15.0250 4256 cdfs - ok
18:33:15.0265 4256 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:33:15.0265 4256 cdrom - ok
18:33:15.0281 4256 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
18:33:15.0281 4256 CertPropSvc - ok
18:33:15.0312 4256 ChromeService - ok
18:33:15.0328 4256 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:33:15.0328 4256 circlass - ok
18:33:15.0359 4256 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:33:15.0359 4256 CLFS - ok
18:33:15.0484 4256 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:33:15.0484 4256 clr_optimization_v2.0.50727_32 - ok
18:33:15.0546 4256 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:33:15.0546 4256 clr_optimization_v2.0.50727_64 - ok
18:33:15.0562 4256 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:33:15.0562 4256 CmBatt - ok
18:33:15.0593 4256 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
18:33:15.0593 4256 cmdide - ok
18:33:15.0609 4256 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
18:33:15.0609 4256 CNG - ok
18:33:15.0625 4256 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:33:15.0625 4256 Compbatt - ok
18:33:15.0640 4256 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:33:15.0640 4256 CompositeBus - ok
18:33:15.0640 4256 COMSysApp - ok
18:33:15.0656 4256 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:33:15.0656 4256 crcdisk - ok
18:33:15.0671 4256 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:33:15.0671 4256 CryptSvc - ok
18:33:15.0703 4256 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
18:33:15.0703 4256 CSC - ok
18:33:15.0718 4256 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
18:33:15.0734 4256 CscService - ok
18:33:15.0750 4256 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:33:15.0765 4256 DcomLaunch - ok
18:33:15.0781 4256 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:33:15.0781 4256 defragsvc - ok
18:33:15.0796 4256 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:33:15.0812 4256 DfsC - ok
18:33:15.0812 4256 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
18:33:15.0828 4256 Dhcp - ok
18:33:15.0828 4256 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:33:15.0828 4256 discache - ok
18:33:15.0843 4256 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:33:15.0843 4256 Disk - ok
18:33:15.0859 4256 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:33:15.0875 4256 Dnscache - ok
18:33:15.0875 4256 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
18:33:15.0875 4256 dot3svc - ok
18:33:15.0890 4256 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
18:33:15.0890 4256 DPS - ok
18:33:15.0906 4256 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:33:15.0906 4256 drmkaud - ok
18:33:15.0953 4256 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:33:15.0953 4256 dtsoftbus01 - ok
18:33:15.0984 4256 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:33:16.0000 4256 DXGKrnl - ok
18:33:16.0015 4256 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:33:16.0015 4256 EapHost - ok
18:33:16.0078 4256 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:33:16.0109 4256 ebdrv - ok
18:33:16.0125 4256 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
18:33:16.0125 4256 EFS - ok
18:33:16.0187 4256 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:33:16.0187 4256 ehRecvr - ok
18:33:16.0218 4256 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:33:16.0218 4256 ehSched - ok
18:33:16.0234 4256 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:33:16.0250 4256 elxstor - ok
18:33:16.0265 4256 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
18:33:16.0265 4256 ErrDev - ok
18:33:16.0328 4256 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:33:16.0359 4256 EventSystem - ok
18:33:16.0375 4256 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:33:16.0375 4256 exfat - ok
18:33:16.0421 4256 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:33:16.0421 4256 fastfat - ok
18:33:16.0484 4256 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
18:33:16.0484 4256 Fax - ok
18:33:16.0500 4256 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:33:16.0500 4256 fdc - ok
18:33:16.0531 4256 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:33:16.0531 4256 fdPHost - ok
18:33:16.0546 4256 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:33:16.0546 4256 FDResPub - ok
18:33:16.0562 4256 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:33:16.0562 4256 FileInfo - ok
18:33:16.0578 4256 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:33:16.0578 4256 Filetrace - ok
18:33:16.0578 4256 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:33:16.0578 4256 flpydisk - ok
18:33:16.0593 4256 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:33:16.0609 4256 FltMgr - ok
18:33:16.0625 4256 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
18:33:16.0640 4256 FontCache - ok
18:33:16.0671 4256 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:33:16.0671 4256 FontCache3.0.0.0 - ok
18:33:16.0687 4256 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:33:16.0687 4256 FsDepends - ok
18:33:16.0718 4256 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:33:16.0718 4256 Fs_Rec - ok
18:33:16.0750 4256 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:33:16.0750 4256 fvevol - ok
18:33:16.0765 4256 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:33:16.0765 4256 gagp30kx - ok
18:33:16.0812 4256 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:33:16.0812 4256 GEARAspiWDM - ok
18:33:16.0843 4256 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
18:33:16.0859 4256 gpsvc - ok
18:33:16.0875 4256 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:33:16.0875 4256 hcw85cir - ok
18:33:16.0906 4256 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:33:16.0921 4256 HdAudAddService - ok
18:33:16.0921 4256 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:33:16.0921 4256 HDAudBus - ok
18:33:16.0937 4256 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:33:16.0937 4256 HidBatt - ok
18:33:16.0953 4256 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:33:16.0953 4256 HidBth - ok
18:33:16.0968 4256 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:33:16.0968 4256 HidIr - ok
18:33:16.0984 4256 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
18:33:16.0984 4256 hidserv - ok
18:33:17.0015 4256 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:33:17.0015 4256 HidUsb - ok
18:33:17.0046 4256 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:33:17.0046 4256 hkmsvc - ok
18:33:17.0109 4256 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:33:17.0125 4256 HomeGroupListener - ok
18:33:17.0140 4256 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:33:17.0140 4256 HomeGroupProvider - ok
18:33:17.0171 4256 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
18:33:17.0171 4256 HpSAMD - ok
18:33:17.0203 4256 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:33:17.0203 4256 HTTP - ok
18:33:17.0218 4256 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:33:17.0218 4256 hwpolicy - ok
18:33:17.0250 4256 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:33:17.0250 4256 i8042prt - ok
18:33:17.0296 4256 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
18:33:17.0328 4256 iaStorV - ok
18:33:17.0390 4256 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:33:17.0421 4256 idsvc - ok
18:33:17.0453 4256 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:33:17.0453 4256 iirsp - ok
18:33:17.0484 4256 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
18:33:17.0500 4256 IKEEXT - ok
18:33:17.0515 4256 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
18:33:17.0515 4256 intelide - ok
18:33:17.0546 4256 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:33:17.0546 4256 intelppm - ok
18:33:17.0578 4256 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:33:17.0578 4256 IPBusEnum - ok
18:33:17.0578 4256 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:33:17.0593 4256 IpFilterDriver - ok
18:33:17.0593 4256 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:33:17.0593 4256 IPMIDRV - ok
18:33:17.0593 4256 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:33:17.0593 4256 IPNAT - ok
18:33:17.0671 4256 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:33:17.0671 4256 iPod Service - ok
18:33:17.0703 4256 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:33:17.0703 4256 IRENUM - ok
18:33:17.0718 4256 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
18:33:17.0718 4256 isapnp - ok
18:33:17.0734 4256 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:33:17.0734 4256 iScsiPrt - ok
18:33:17.0750 4256 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:33:17.0750 4256 kbdclass - ok
18:33:17.0765 4256 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:33:17.0765 4256 kbdhid - ok
18:33:17.0781 4256 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
18:33:17.0781 4256 KeyIso - ok
18:33:17.0781 4256 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:33:17.0796 4256 KSecDD - ok
18:33:17.0828 4256 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:33:17.0828 4256 KSecPkg - ok
18:33:17.0843 4256 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:33:17.0843 4256 ksthunk - ok
18:33:17.0859 4256 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:33:17.0875 4256 KtmRm - ok
18:33:17.0906 4256 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:33:17.0906 4256 LanmanServer - ok
18:33:17.0953 4256 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:33:17.0953 4256 LanmanWorkstation - ok
18:33:17.0984 4256 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:33:17.0984 4256 lltdio - ok
18:33:18.0000 4256 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:33:18.0000 4256 lltdsvc - ok
18:33:18.0015 4256 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:33:18.0015 4256 lmhosts - ok
18:33:18.0109 4256 [ 98B0FCC176DFB711B67651BECB88C445 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
18:33:18.0109 4256 LMIGuardianSvc - ok
18:33:18.0156 4256 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
18:33:18.0156 4256 LMIInfo - ok
18:33:18.0203 4256 [ B712511029CBD68645A90A241FD6AE43 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
18:33:18.0203 4256 LMIMaint - ok
18:33:18.0234 4256 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
18:33:18.0234 4256 lmimirr - ok
18:33:18.0250 4256 LMIRfsClientNP - ok
18:33:18.0281 4256 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
18:33:18.0281 4256 LMIRfsDriver - ok
18:33:18.0312 4256 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
18:33:18.0312 4256 LogMeIn - ok
18:33:18.0343 4256 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:33:18.0343 4256 LSI_FC - ok
18:33:18.0375 4256 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:33:18.0375 4256 LSI_SAS - ok
18:33:18.0375 4256 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:33:18.0375 4256 LSI_SAS2 - ok
18:33:18.0390 4256 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:33:18.0390 4256 LSI_SCSI - ok
18:33:18.0406 4256 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:33:18.0406 4256 luafv - ok
18:33:18.0453 4256 [ D33E2B74CF8B3A652BF0A9FBD068E87A ] ManyCam C:\Windows\system32\DRIVERS\ManyCam_x64.sys
18:33:18.0453 4256 ManyCam - ok
18:33:18.0484 4256 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
18:33:18.0484 4256 McComponentHostService - ok
18:33:18.0515 4256 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:33:18.0515 4256 Mcx2Svc - ok
18:33:18.0531 4256 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:33:18.0531 4256 megasas - ok
18:33:18.0546 4256 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:33:18.0546 4256 MegaSR - ok
18:33:18.0609 4256 Microsoft SharePoint Workspace Audit Service - ok
18:33:18.0640 4256 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:33:18.0640 4256 MMCSS - ok
18:33:18.0656 4256 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:33:18.0656 4256 Modem - ok
18:33:18.0671 4256 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:33:18.0671 4256 monitor - ok
18:33:18.0703 4256 [ A70BF78713B104C46C4E6E7858B6F02E ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
18:33:18.0703 4256 motccgp - ok
18:33:18.0718 4256 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
18:33:18.0718 4256 motccgpfl - ok
18:33:18.0750 4256 [ 3CC500C9B0E4D476802D277353CB2C89 ] MotDev C:\Windows\system32\DRIVERS\motodrv.sys
18:33:18.0750 4256 MotDev - ok
18:33:18.0765 4256 [ 6CBC0F4005593C96C9AECAD39F0690FC ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
18:33:18.0765 4256 motmodem - ok
18:33:18.0796 4256 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:33:18.0796 4256 mouclass - ok
18:33:18.0812 4256 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:33:18.0812 4256 mouhid - ok
18:33:18.0828 4256 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:33:18.0828 4256 mountmgr - ok
18:33:18.0906 4256 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:33:18.0906 4256 MozillaMaintenance - ok
18:33:18.0921 4256 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
18:33:18.0921 4256 mpio - ok
18:33:18.0937 4256 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:33:18.0953 4256 mpsdrv - ok
18:33:18.0953 4256 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:33:18.0968 4256 MRxDAV - ok
18:33:18.0984 4256 [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:33:18.0984 4256 mrxsmb - ok
18:33:19.0000 4256 [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:33:19.0000 4256 mrxsmb10 - ok
18:33:19.0031 4256 [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:33:19.0031 4256 mrxsmb20 - ok
18:33:19.0062 4256 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
18:33:19.0062 4256 msahci - ok
18:33:19.0078 4256 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
18:33:19.0078 4256 msdsm - ok
18:33:19.0109 4256 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:33:19.0109 4256 MSDTC - ok
18:33:19.0140 4256 [ 72949A24D37A20A54B3D4D3DADBB55E9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
18:33:19.0156 4256 MSDV - ok
18:33:19.0156 4256 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:33:19.0171 4256 Msfs - ok
18:33:19.0171 4256 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:33:19.0171 4256 mshidkmdf - ok
18:33:19.0187 4256 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
18:33:19.0187 4256 msisadrv - ok
18:33:19.0218 4256 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:33:19.0218 4256 MSiSCSI - ok
18:33:19.0234 4256 msiserver - ok
18:33:19.0250 4256 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:33:19.0250 4256 MSKSSRV - ok
18:33:19.0265 4256 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:33:19.0265 4256 MSPCLOCK - ok
18:33:19.0281 4256 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:33:19.0281 4256 MSPQM - ok
18:33:19.0296 4256 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:33:19.0296 4256 MsRPC - ok
18:33:19.0312 4256 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:33:19.0312 4256 mssmbios - ok
18:33:19.0312 4256 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:33:19.0312 4256 MSTEE - ok
18:33:19.0328 4256 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:33:19.0328 4256 MTConfig - ok
18:33:19.0359 4256 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:33:19.0359 4256 Mup - ok
18:33:19.0375 4256 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
18:33:19.0390 4256 napagent - ok
18:33:19.0421 4256 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:33:19.0421 4256 NativeWifiP - ok
18:33:19.0453 4256 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:33:19.0453 4256 NDIS - ok
18:33:19.0468 4256 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:33:19.0468 4256 NdisCap - ok
18:33:19.0500 4256 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:33:19.0500 4256 NdisTapi - ok
18:33:19.0515 4256 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:33:19.0515 4256 Ndisuio - ok
18:33:19.0515 4256 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:33:19.0531 4256 NdisWan - ok
18:33:19.0531 4256 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:33:19.0546 4256 NDProxy - ok
18:33:19.0546 4256 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:33:19.0546 4256 NetBIOS - ok
18:33:19.0562 4256 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:33:19.0562 4256 NetBT - ok
18:33:19.0578 4256 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
18:33:19.0578 4256 Netlogon - ok
18:33:19.0609 4256 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:33:19.0609 4256 Netman - ok
18:33:19.0625 4256 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:33:19.0625 4256 netprofm - ok
18:33:19.0656 4256 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:33:19.0656 4256 NetTcpPortSharing - ok
18:33:19.0671 4256 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:33:19.0671 4256 nfrd960 - ok
18:33:19.0687 4256 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:33:19.0687 4256 NlaSvc - ok
18:33:19.0718 4256 [ 40777BD92D73A8FF3B252E4F4881E672 ] nlscc C:\Windows\system32\nlsInterface.exe
18:33:19.0718 4256 nlscc - ok
18:33:19.0750 4256 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\drivers\npf.sys
18:33:19.0766 4256 NPF - ok
18:33:19.0782 4256 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:33:19.0782 4256 Npfs - ok
18:33:19.0797 4256 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:33:19.0797 4256 nsi - ok
18:33:19.0797 4256 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:33:19.0797 4256 nsiproxy - ok
18:33:19.0844 4256 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:33:19.0860 4256 Ntfs - ok
18:33:19.0860 4256 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:33:19.0860 4256 Null - ok
18:33:19.0891 4256 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:33:19.0907 4256 NVHDA - ok
18:33:20.0141 4256 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:33:20.0235 4256 nvlddmkm - ok
18:33:20.0266 4256 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
18:33:20.0266 4256 nvraid - ok
18:33:20.0282 4256 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
18:33:20.0282 4256 nvstor - ok
18:33:20.0329 4256 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] NVSvc C:\Windows\system32\nvvsvc.exe
18:33:20.0344 4256 NVSvc - ok
18:33:20.0422 4256 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:33:20.0438 4256 nvUpdatusService - ok
18:33:20.0454 4256 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
18:33:20.0454 4256 nv_agp - ok
18:33:20.0469 4256 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:33:20.0469 4256 ohci1394 - ok
18:33:20.0516 4256 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:33:20.0516 4256 ose - ok
18:33:20.0625 4256 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:33:20.0672 4256 osppsvc - ok
18:33:20.0704 4256 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:33:20.0704 4256 p2pimsvc - ok
18:33:20.0719 4256 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:33:20.0719 4256 p2psvc - ok
18:33:20.0750 4256 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:33:20.0750 4256 Parport - ok
18:33:20.0766 4256 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:33:20.0766 4256 partmgr - ok
18:33:20.0782 4256 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:33:20.0782 4256 PcaSvc - ok
18:33:20.0797 4256 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
18:33:20.0797 4256 pci - ok
18:33:20.0797 4256 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
18:33:20.0797 4256 pciide - ok
18:33:20.0813 4256 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:33:20.0829 4256 pcmcia - ok
18:33:20.0844 4256 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:33:20.0844 4256 pcw - ok
18:33:20.0860 4256 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:33:20.0860 4256 PEAUTH - ok
18:33:20.0891 4256 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:33:20.0922 4256 PeerDistSvc - ok
18:33:20.0969 4256 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:33:20.0969 4256 PerfHost - ok
18:33:21.0016 4256 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
18:33:21.0032 4256 pla - ok
18:33:21.0063 4256 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:33:21.0063 4256 PlugPlay - ok
18:33:21.0094 4256 PnkBstrA - ok
18:33:21.0110 4256 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:33:21.0110 4256 PNRPAutoReg - ok
18:33:21.0125 4256 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:33:21.0125 4256 PNRPsvc - ok
18:33:21.0157 4256 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:33:21.0157 4256 PolicyAgent - ok
18:33:21.0172 4256 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:33:21.0172 4256 Power - ok
18:33:21.0204 4256 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:33:21.0204 4256 PptpMiniport - ok
18:33:21.0219 4256 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:33:21.0219 4256 Processor - ok
18:33:21.0266 4256 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
18:33:21.0266 4256 ProfSvc - ok
18:33:21.0282 4256 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
18:33:21.0282 4256 ProtectedStorage - ok
18:33:21.0297 4256 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:33:21.0297 4256 Psched - ok
18:33:21.0344 4256 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:33:21.0344 4256 PxHlpa64 - ok
18:33:21.0375 4256 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:33:21.0391 4256 ql2300 - ok
18:33:21.0422 4256 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:33:21.0422 4256 ql40xx - ok
18:33:21.0438 4256 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:33:21.0438 4256 QWAVE - ok
18:33:21.0454 4256 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:33:21.0454 4256 QWAVEdrv - ok
18:33:21.0469 4256 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:33:21.0469 4256 RasAcd - ok
18:33:21.0500 4256 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:33:21.0500 4256 RasAgileVpn - ok
18:33:21.0500 4256 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:33:21.0500 4256 RasAuto - ok
18:33:21.0516 4256 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:33:21.0516 4256 Rasl2tp - ok
18:33:21.0532 4256 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
18:33:21.0532 4256 RasMan - ok
18:33:21.0547 4256 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:33:21.0547 4256 RasPppoe - ok
18:33:21.0563 4256 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:33:21.0579 4256 RasSstp - ok
18:33:21.0579 4256 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:33:21.0579 4256 rdbss - ok
18:33:21.0594 4256 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:33:21.0594 4256 rdpbus - ok
18:33:21.0610 4256 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:33:21.0610 4256 RDPCDD - ok
18:33:21.0641 4256 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:33:21.0641 4256 RDPDR - ok
18:33:21.0657 4256 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:33:21.0672 4256 RDPENCDD - ok
18:33:21.0672 4256 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:33:21.0672 4256 RDPREFMP - ok
18:33:21.0688 4256 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:33:21.0688 4256 RDPWD - ok
18:33:21.0719 4256 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:33:21.0719 4256 rdyboost - ok
18:33:21.0750 4256 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:33:21.0750 4256 RemoteAccess - ok
18:33:21.0766 4256 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:33:21.0782 4256 RemoteRegistry - ok
18:33:21.0813 4256 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
18:33:21.0813 4256 rpcapd - ok
18:33:21.0829 4256 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:33:21.0829 4256 RpcEptMapper - ok
18:33:21.0829 4256 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:33:21.0829 4256 RpcLocator - ok
18:33:21.0860 4256 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
18:33:21.0860 4256 RpcSs - ok
18:33:21.0875 4256 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:33:21.0875 4256 rspndr - ok
18:33:21.0907 4256 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:33:21.0922 4256 RTL8167 - ok
18:33:21.0938 4256 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
18:33:21.0938 4256 s3cap - ok
18:33:21.0954 4256 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
18:33:21.0954 4256 SamSs - ok
18:33:22.0000 4256 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:33:22.0000 4256 SASDIFSV - ok
18:33:22.0032 4256 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:33:22.0032 4256 SASKUTIL - ok
18:33:22.0047 4256 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
18:33:22.0047 4256 sbp2port - ok
18:33:22.0110 4256 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
18:33:22.0125 4256 SBSDWSCService - ok
18:33:22.0157 4256 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:33:22.0157 4256 SCardSvr - ok
18:33:22.0157 4256 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:33:22.0157 4256 scfilter - ok
18:33:22.0188 4256 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
18:33:22.0204 4256 Schedule - ok
18:33:22.0219 4256 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:33:22.0219 4256 SCPolicySvc - ok
18:33:22.0235 4256 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:33:22.0235 4256 SDRSVC - ok
18:33:22.0266 4256 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:33:22.0266 4256 secdrv - ok
18:33:22.0266 4256 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
18:33:22.0282 4256 seclogon - ok
18:33:22.0375 4256 [ 1C59B1619FBCC104F5C5BCCD53E61B55 ] Sendori C:\Program Files (x86)\Sendori\Sendori.exe
18:33:22.0407 4256 Sendori - ok
18:33:22.0438 4256 [ DCC389FAB04E8469A5939C655F7F1CA7 ] Sendori Interceptor C:\Program Files (x86)\Sendori\Sendori.Service.exe
18:33:22.0438 4256 Sendori Interceptor - ok
18:33:22.0485 4256 [ 0A26BD4313119D30C31787FC2F97CC85 ] Sendoriv1 C:\Program Files (x86)\Sendori\SendoriSvc.exe
18:33:22.0485 4256 Sendoriv1 - ok
18:33:22.0500 4256 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
18:33:22.0500 4256 SENS - ok
18:33:22.0516 4256 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:33:22.0516 4256 SensrSvc - ok
18:33:22.0532 4256 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:33:22.0532 4256 Serenum - ok
18:33:22.0547 4256 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:33:22.0547 4256 Serial - ok
18:33:22.0563 4256 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:33:22.0563 4256 sermouse - ok
18:33:22.0579 4256 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
18:33:22.0594 4256 SessionEnv - ok
18:33:22.0594 4256 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
18:33:22.0594 4256 sffdisk - ok
18:33:22.0610 4256 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:33:22.0610 4256 sffp_mmc - ok
18:33:22.0610 4256 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
18:33:22.0610 4256 sffp_sd - ok
18:33:22.0625 4256 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:33:22.0625 4256 sfloppy - ok
18:33:22.0641 4256 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:33:22.0657 4256 ShellHWDetection - ok
18:33:22.0672 4256 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:33:22.0672 4256 SiSRaid2 - ok
18:33:22.0672 4256 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:33:22.0688 4256 SiSRaid4 - ok
18:33:22.0782 4256 [ C70AEBD3608ED9FCEA2A1BAE83567FFC ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:33:22.0782 4256 SkypeUpdate - ok
18:33:22.0797 4256 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:33:22.0797 4256 Smb - ok
18:33:22.0829 4256 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:33:22.0829 4256 SNMPTRAP - ok
18:33:22.0844 4256 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:33:22.0860 4256 spldr - ok
18:33:22.0875 4256 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
18:33:22.0891 4256 Spooler - ok
18:33:22.0969 4256 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
18:33:23.0000 4256 sppsvc - ok
18:33:23.0016 4256 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:33:23.0016 4256 sppuinotify - ok
18:33:23.0079 4256 [ 88E5162E58C8919CC873F5D8946197CF ] sptd C:\Windows\system32\Drivers\sptd.sys
18:33:23.0079 4256 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88E5162E58C8919CC873F5D8946197CF
18:33:23.0079 4256 sptd ( LockedFile.Multi.Generic ) - warning
18:33:23.0079 4256 sptd - detected LockedFile.Multi.Generic (1)
18:33:23.0110 4256 [ DE6F5658DA951C4BC8E498570B5B0D5F ] srv C:\Windows\system32\DRIVERS\srv.sys
18:33:23.0110 4256 srv - ok
18:33:23.0125 4256 [ 4D33D59C0B930C523D29F9BD40CDA9D2 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:33:23.0141 4256 srv2 - ok
18:33:23.0157 4256 [ 5A663FD67049267BC5C3F3279E631FFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:33:23.0157 4256 srvnet - ok
18:33:23.0188 4256 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:33:23.0188 4256 SSDPSRV - ok
18:33:23.0188 4256 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:33:23.0188 4256 SstpSvc - ok
18:33:23.0282 4256 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
18:33:23.0282 4256 StarWindServiceAE - ok
18:33:23.0313 4256 Steam Client Service - ok
18:33:23.0360 4256 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:33:23.0360 4256 Stereo Service - ok
18:33:23.0375 4256 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:33:23.0375 4256 stexstor - ok
18:33:23.0407 4256 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
18:33:23.0422 4256 stisvc - ok
18:33:23.0438 4256 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
18:33:23.0438 4256 storflt - ok
18:33:23.0454 4256 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
18:33:23.0454 4256 storvsc - ok
18:33:23.0485 4256 [ 04CF20310145DEC63D5387BEAFF77D9A ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
18:33:23.0485 4256 SWDUMon - ok
18:33:23.0500 4256 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:33:23.0500 4256 swenum - ok
18:33:23.0610 4256 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:33:23.0625 4256 SwitchBoard - ok
18:33:23.0641 4256 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:33:23.0657 4256 swprv - ok
18:33:23.0688 4256 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
18:33:23.0704 4256 SysMain - ok
18:33:23.0719 4256 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:33:23.0719 4256 TabletInputService - ok
18:33:23.0735 4256 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
18:33:23.0735 4256 TapiSrv - ok
18:33:23.0750 4256 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:33:23.0750 4256 TBS - ok
18:33:23.0797 4256 [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:33:23.0813 4256 Tcpip - ok
18:33:23.0844 4256 [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:33:23.0860 4256 TCPIP6 - ok
18:33:23.0875 4256 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:33:23.0875 4256 tcpipreg - ok
18:33:23.0891 4256 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:33:23.0891 4256 TDPIPE - ok
18:33:23.0891 4256 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:33:23.0891 4256 TDTCP - ok
18:33:23.0938 4256 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:33:23.0938 4256 tdx - ok
18:33:23.0938 4256 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:33:23.0938 4256 TermDD - ok
18:33:24.0000 4256 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
18:33:24.0000 4256 TermService - ok
18:33:24.0016 4256 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:33:24.0032 4256 Themes - ok
18:33:24.0047 4256 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:33:24.0047 4256 THREADORDER - ok
18:33:24.0063 4256 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:33:24.0063 4256 TrkWks - ok
18:33:24.0094 4256 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:33:24.0094 4256 TrustedInstaller - ok
18:33:24.0110 4256 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:33:24.0110 4256 tssecsrv - ok
18:33:24.0157 4256 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:33:24.0157 4256 tunnel - ok
18:33:24.0172 4256 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:33:24.0172 4256 uagp35 - ok
18:33:24.0188 4256 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:33:24.0188 4256 udfs - ok
18:33:24.0204 4256 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:33:24.0204 4256 UI0Detect - ok
18:33:24.0219 4256 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
18:33:24.0219 4256 uliagpkx - ok
18:33:24.0235 4256 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:33:24.0235 4256 umbus - ok
18:33:24.0250 4256 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:33:24.0250 4256 UmPass - ok
18:33:24.0329 4256 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
18:33:24.0344 4256 UmRdpService - ok
18:33:24.0454 4256 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:33:24.0485 4256 upnphost - ok
18:33:24.0625 4256 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:33:24.0641 4256 USBAAPL64 - ok
18:33:24.0719 4256 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:33:24.0735 4256 usbaudio - ok
18:33:24.0782 4256 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:33:24.0797 4256 usbccgp - ok
18:33:24.0860 4256 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
18:33:24.0875 4256 usbcir - ok
18:33:24.0907 4256 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:33:24.0922 4256 usbehci - ok
18:33:24.0985 4256 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:33:24.0985 4256 usbhub - ok
18:33:25.0016 4256 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:33:25.0032 4256 usbohci - ok
18:33:25.0094 4256 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:33:25.0094 4256 usbprint - ok
18:33:25.0172 4256 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:33:25.0204 4256 usbscan - ok
18:33:25.0250 4256 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:33:25.0250 4256 USBSTOR - ok
18:33:25.0282 4256 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:33:25.0282 4256 usbuhci - ok
18:33:25.0375 4256 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:33:25.0375 4256 usbvideo - ok
18:33:25.0454 4256 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:33:25.0469 4256 UxSms - ok
18:33:25.0516 4256 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
18:33:25.0516 4256 VaultSvc - ok
18:33:25.0625 4256 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
18:33:25.0641 4256 vdrvroot - ok
18:33:25.0750 4256 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
18:33:25.0782 4256 vds - ok
18:33:25.0829 4256 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:33:25.0844 4256 vga - ok
18:33:25.0860 4256 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:33:25.0875 4256 VgaSave - ok
18:33:25.0954 4256 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
18:33:25.0969 4256 vhdmp - ok
18:33:26.0016 4256 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
18:33:26.0032 4256 viaide - ok
18:33:26.0094 4256 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
18:33:26.0110 4256 vmbus - ok
18:33:26.0141 4256 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
18:33:26.0157 4256 VMBusHID - ok
18:33:26.0219 4256 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
18:33:26.0235 4256 volmgr - ok
18:33:26.0266 4256 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:33:26.0297 4256 volmgrx - ok
18:33:26.0375 4256 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
18:33:26.0391 4256 volsnap - ok
18:33:26.0438 4256 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:33:26.0454 4256 vsmraid - ok
18:33:26.0657 4256 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
18:33:26.0688 4256 VSS - ok
18:33:26.0719 4256 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:33:26.0735 4256 vwifibus - ok
18:33:26.0829 4256 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:33:26.0844 4256 vwififlt - ok
18:33:27.0000 4256 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:33:27.0016 4256 W32Time - ok
18:33:27.0063 4256 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:33:27.0079 4256 WacomPen - ok
18:33:27.0188 4256 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:33:27.0204 4256 WANARP - ok
18:33:27.0266 4256 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:33:27.0266 4256 Wanarpv6 - ok
18:33:27.0579 4256 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:33:27.0641 4256 WatAdminSvc - ok
18:33:27.0969 4256 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
18:33:27.0985 4256 wbengine - ok
18:33:28.0032 4256 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:33:28.0063 4256 WbioSrvc - ok
18:33:28.0125 4256 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:33:28.0125 4256 wcncsvc - ok
18:33:28.0157 4256 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:33:28.0172 4256 WcsPlugInService - ok
18:33:28.0204 4256 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:33:28.0219 4256 Wd - ok
18:33:28.0344 4256 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:33:28.0360 4256 Wdf01000 - ok
18:33:28.0375 4256 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:33:28.0391 4256 WdiServiceHost - ok
18:33:28.0407 4256 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:33:28.0407 4256 WdiSystemHost - ok
18:33:28.0469 4256 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
18:33:28.0485 4256 WebClient - ok
18:33:28.0563 4256 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:33:28.0563 4256 Wecsvc - ok
18:33:28.0594 4256 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:33:28.0610 4256 wercplsupport - ok
18:33:28.0688 4256 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:33:28.0704 4256 WerSvc - ok
18:33:28.0766 4256 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:33:28.0766 4256 WfpLwf - ok
18:33:28.0797 4256 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:33:28.0813 4256 WIMMount - ok
18:33:28.0813 4256 WinHttpAutoProxySvc - ok
18:33:28.0891 4256 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:33:28.0891 4256 Winmgmt - ok
18:33:29.0391 4256 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
18:33:29.0422 4256 WinRM - ok
18:33:29.0485 4256 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:33:29.0500 4256 WinUsb - ok
18:33:29.0563 4256 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:33:29.0563 4256 Wlansvc - ok
18:33:29.0594 4256 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:33:29.0594 4256 WmiAcpi - ok
18:33:29.0610 4256 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:33:29.0610 4256 wmiApSrv - ok
18:33:29.0641 4256 WMPNetworkSvc - ok
18:33:29.0672 4256 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:33:29.0672 4256 WPCSvc - ok
18:33:29.0704 4256 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:33:29.0704 4256 WPDBusEnum - ok
18:33:29.0750 4256 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:33:29.0750 4256 ws2ifsl - ok
18:33:29.0750 4256 WSearch - ok
18:33:29.0766 4256 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:33:29.0782 4256 WudfPf - ok
18:33:29.0813 4256 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:33:29.0829 4256 WUDFRd - ok
18:33:29.0844 4256 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:33:29.0844 4256 wudfsvc - ok
18:33:29.0860 4256 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:33:29.0860 4256 WwanSvc - ok
18:33:29.0875 4256 ================ Scan global ===============================
18:33:29.0891 4256 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:33:29.0922 4256 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
18:33:29.0922 4256 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
18:33:29.0969 4256 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:33:30.0032 4256 [ FCB084FA3DCB7449F3BAA13312A215B4 ] C:\Windows\system32\services.exe
18:33:30.0032 4256 [Global] - ok
18:33:30.0032 4256 ================ Scan MBR ==================================
18:33:30.0047 4256 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:33:31.0000 4256 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:33:31.0000 4256 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:33:31.0297 4256 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
18:33:31.0500 4256 \Device\Harddisk1\DR1 - ok
18:33:31.0500 4256 ================ Scan VBR ==================================
18:33:31.0532 4256 [ ED5F9DA05B2924FE0EAC35FDA20215BE ] \Device\Harddisk0\DR0\Partition1
18:33:31.0532 4256 \Device\Harddisk0\DR0\Partition1 - ok
18:33:31.0547 4256 [ 052BBD52FE7AA403D6DFE3BA8E4A376D ] \Device\Harddisk0\DR0\Partition2
18:33:31.0547 4256 \Device\Harddisk0\DR0\Partition2 - ok
18:33:31.0547 4256 [ 5F099126A70D49A7A2AAB203E11BD8B2 ] \Device\Harddisk1\DR1\Partition1
18:33:31.0547 4256 \Device\Harddisk1\DR1\Partition1 - ok
18:33:31.0547 4256 ============================================================
18:33:31.0547 4256 Scan finished
18:33:31.0547 4256 ============================================================
18:33:31.0563 4792 Detected object count: 2
18:33:31.0563 4792 Actual detected object count: 2
18:33:39.0797 4792 sptd ( LockedFile.Multi.Generic ) - skipped by user
18:33:39.0797 4792 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:33:39.0797 4792 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:33:39.0797 4792 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


MalwareBytes Log:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.23.08

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Higgins :: HIGGINSEDITING [administrator]

8/23/2012 6:35:52 PM
mbam-log-2012-08-24 (00-11-58).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 539033
Time elapsed: 53 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Exafimifetelagu (Trojan.Agent.U) -> Data: rundll32.exe "C:\Users\Higgins\AppData\Local\SNlmui.dll",Startup -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Higgins\AppData\Local\Temp\5289.tmp (Trojan.Agent.BRVGen) -> No action taken.
C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.

(end)


MiniToolbox Log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Higgins (administrator) on 25-08-2012 at 16:28:32
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost127.0.0.1 not.iphonebackupextractor.com
127.0.0.1 not.iphonebackupextractor.com

========================= IP Configuration: ================================

NETGEAR 108 Mbps Wireless PCI Adapter WG311T = Wireless Network Connection (Connected)
Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : HigginsEditing
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : socal.rr.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : socal.rr.com
Description . . . . . . . . . . . : NETGEAR 108 Mbps Wireless PCI Adapter WG311T
Physical Address. . . . . . . . . : 00-0F-B5-86-B7-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6507:e26e:7d55:15e5%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, August 24, 2012 1:50:59 PM
Lease Expires . . . . . . . . . . : Sunday, August 26, 2012 3:27:18 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 352325557
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-52-D9-DB-6C-62-6D-7D-74-28
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 6C-62-6D-7D-74-28
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.socal.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4007:801::1004
74.125.239.2
74.125.239.3
74.125.239.4
74.125.239.5
74.125.239.6
74.125.239.7
74.125.239.8
74.125.239.9
74.125.239.14
74.125.239.0
74.125.239.1


Pinging google.com [74.125.224.174] with 32 bytes of data:
Reply from 74.125.224.174: bytes=32 time=39ms TTL=54
Reply from 74.125.224.174: bytes=32 time=69ms TTL=54

Ping statistics for 74.125.224.174:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 69ms, Average = 54ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=36ms TTL=51
Reply from 72.30.38.140: bytes=32 time=35ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 36ms, Average = 35ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 0f b5 86 b7 b7 ......NETGEAR 108 Mbps Wireless PCI Adapter WG311T
11...6c 62 6d 7d 74 28 ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 281
192.168.1.100 255.255.255.255 On-link 192.168.1.100 281
192.168.1.255 255.255.255.255 On-link 192.168.1.100 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
14 281 fe80::/64 On-link
14 281 fe80::6507:e26e:7d55:15e5/128
On-link
1 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\Sendori.dll [317288] (Sendori)
Catalog9 02 C:\Windows\SysWOW64\Sendori.dll [317288] (Sendori)
Catalog9 03 C:\Windows\SysWOW64\Sendori.dll [317288] (Sendori)
Catalog9 04 C:\Windows\SysWOW64\Sendori.dll [317288] (Sendori)
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 C:\Windows\SysWOW64\Sendori.dll [317288] (Sendori)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/25/2012 10:03:12 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (08/25/2012 10:03:12 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (08/25/2012 00:30:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/25/2012 00:30:09 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (08/24/2012 03:54:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (08/24/2012 03:54:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (08/24/2012 02:14:13 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (08/24/2012 01:55:06 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (08/24/2012 01:55:06 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (08/24/2012 09:55:25 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (08/25/2012 03:27:20 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/25/2012 03:27:20 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/25/2012 00:18:56 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (08/25/2012 11:25:24 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/25/2012 11:25:24 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/25/2012 11:24:26 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/25/2012 11:24:26 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/24/2012 02:14:21 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/24/2012 02:14:21 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/24/2012 01:53:13 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069


Microsoft Office Sessions:
=========================
Error: (08/25/2012 10:03:12 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (08/25/2012 10:03:12 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000000000009030000

Error: (08/25/2012 00:30:53 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/25/2012 00:30:09 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (08/24/2012 03:54:52 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (08/24/2012 03:54:52 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000000000009030000

Error: (08/24/2012 02:14:13 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (08/24/2012 01:55:06 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (08/24/2012 01:55:06 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000000000009030000

Error: (08/24/2012 09:55:25 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000


=========================== Installed Programs ============================

Adobe After Effects CS6 (Version: 11)
Adobe AIR (Version: 3.1.0.4880)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe Download Assistant (Version: 1.2.1)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Help Manager (Version: 4.0.244)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Premiere Pro CS6 (Version: 6.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Amazon Kindle
Amazon MP3 Downloader 1.0.10
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ArmA 2 Free Uninstall
Artemis Artemis DEMO (Version: 1.40.0)
Avid Codecs LE (Version: 2.3.7)
Battlefield Heroes
Bonjour (Version: 3.0.0.10)
Bulkr (Version: 1.4)
Bulkr (Version: v1.4)
BYOND (Version: 496.1141)
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
Camtasia Studio 7 (Version: 7.0.0)
CCleaner (Version: 3.15)
Celtx (2.9.1) (Version: 2.9.1 (en-US))
CineForm NeoPlayer 5.2 (Version: 5.2)
Combined Community Codec Pack 2010-10-10 (Version: 2010.10.10.0)
CuteFTP 8 Professional (Version: 8.3.2)
CutePDF Writer 2.8
DAEMON Tools Lite (Version: 4.40.2.0131)
Darkest Hour: Europe '44-'45
Definition update for Microsoft Office 2010 (KB982726)
DivX Setup (Version: 2.3.0.20)
Dropbox (Version: 1.4.7)
DVD Architect Pro 5.0 (Version: 5.0.180)
DVD Decrypter (Remove Only)
ESET Online Scanner v3
Explorer Suite III
Fallout New Vegas
Final Draft (Version: 8.0.0.81)
Freecorder 5 (Version: 5.04)
Freecorder Toolbar (Version: 5.0.0.0)
Google Chrome (Version: 21.0.1180.83)
Google Talk Plugin (Version: 3.5.1.8982)
GoProCineFormDecoders 1.2.0 (Version: 1.2.0)
Half-Life 2
HiDownloadPlatinum
HiJackThis (Version: 1.0.0)
HP Deskjet 1000 J110 series Basic Device Software (Version: 21.0.952.0)
HP Deskjet 1000 J110 series Help (Version: 140.0.63.63)
HP Deskjet 1000 J110 series Product Improvement Study (Version: 21.0.952.0)
HP Update (Version: 5.002.005.003)
iCloud (Version: 1.1.0.40)
ImageShack Uploader 2.2.0 (Version: 2.2.0)
iPhone Backup Extractor (Version: 4.0.0.0)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
LogMeIn (Version: 4.1.2138)
Magic Bullet Looks Vegas
Magic Bullet LooksBuilder
Magic Bullet Suite 64-bit (Version: 11.4.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
ManyCam 2.6.55 (remove only) (Version: 2.6.55)
Mark's DVD Bitrate Calculator Version 1.1.0 (Version: 1.1.0)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft Games for Windows - LIVE Redistributable (Version: 1.2.0241)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
mkv2vob (Version: 2.4.9)
MobileMe Control Panel (Version: 3.1.8.0)
Motorola Driver Installation (Version: 2.9.0)
Motorola Mobile Drivers Installation 4.8.0 (Version: 4.8.0)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT Redists (Version: 1.0)
NewBlue 3D Explosions for Windows
NewBlue 3D Transformations for Windows
NewBlue Art Blends for Windows
NewBlue Art Effects for Windows
NewBlue Film Effects for Windows
NewBlue Motion Blends for Windows
NewBlue Motion Effects for Windows
NewBlue Paint Blends for Windows
NewBlue Paint Effects for Windows
NewBlue Video Essentials for Windows
NewBlue Video Essentials II for Windows
NewBlue Video Essentials III for Windows
Noise Reduction Plug-in 2.0i (Version: 2.0.455)
NVIDIA 3D Vision Controller Driver 296.10 (Version: 296.10)
NVIDIA 3D Vision Driver 296.10 (Version: 296.10)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
OsenXPSuite 2010 Enterprise Edition [2011.05.20] (Version: 15.24.0.38)
PDF Settings CS5 (Version: 10.0)
PluralEyes 1.2 for Vegas Pro (Version: 1.2.2)
PunkBuster Services (Version: 0.990)
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.72.80.56)
Red Orchestra: Ostfront 41-45
Safari (Version: 5.34.52.7)
Sendori (Version: 2.0.2)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.9 (Version: 5.9.123)
SlimDrivers (Version: 2.2.22117)
Sony Noise Reduction Plug-In 2.0e (Version: 2.0.444)
Sony Sound Forge 9.0 (Version: 9.0.297)
Sound Forge Audio Studio 10.0 (Version: 10.0.152)
Sound Forge Pro 10.0 (Version: 10.0.0)
Source SDK Base 2006
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.4 (Version: 4.4.0)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.0.1108)
Team Fortress 2
Unity Web Player (Version: 2.6.1f3_31223)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Vegas Pro 11.0 (64-bit) (Version: 11.0.683)
Vimeo Uploader (Version: 0.9.5)
Vimeo Uploader (Version: 0.9.5.2)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.4 (Version: 1.1.4)
Vuze (Version: 4.6)
Vuze Remote Toolbar (Version: 6.2.7.3)
WinPatrol (Version: 20.5.2011.0)
WinPcap 4.1.1 (Version: 4.1.0.1753)
WinRAR 4.00 beta 1 (64-bit) (Version: 4.00.1)
Xvid 1.2.2 final uninstall (Version: 1.2)

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 12279.12 MB
Available physical RAM: 9727.33 MB
Total Pagefile: 24092.3 MB
Available Pagefile: 21401.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.56 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:1.1 GB) NTFS
4 Drive h: (China Video - Drive 1) (Fixed) (Total:465.76 GB) (Free:47.34 GB) NTFS

========================= Users: ========================================

User accounts for \\HIGGINSEDITING

Administrator Guest Higgins
UpdatusUser


**** End of log ****


FSS Log:

Farbar Service Scanner Version: 06-08-2012
Ran by Higgins (administrator) on 25-08-2012 at 16:29:25
Running from "C:\Users\Higgins\Desktop"
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll
[2009-07-13 16:21] - [2009-07-13 18:40] - 0182272 ____A (Microsoft Corporation) 676108C4E3AA6F6B34633748BD0BEBD9

C:\Windows\System32\mpssvc.dll
[2009-07-13 17:09] - [2009-07-13 18:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 16:36] - [2009-07-13 18:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Adware Log:

# AdwCleaner v1.801 - Logfile created 08/25/2012 at 16:39:35
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Ultimate (64 bits)
# User : Higgins - HIGGINSEDITING
# Boot Mode : Normal
# Running from : C:\Users\Higgins\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\Higgins\AppData\LocalLow\boost_interprocess

***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Higgins\AppData\Roaming\Mozilla\Firefox\Profiles\3uk2ncd9.default\prefs.js

[OK] File is clean.

Profile name : default-1340686421314 [Profil par défaut]
File : C:\Users\Higgins\AppData\Roaming\Mozilla\Firefox\Profiles\mzhu5mse.default-1340686421314\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Higgins\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [22728 octets] - [25/08/2012 16:30:00]
AdwCleaner.txt - [22728 octets] - [25/08/2012 16:32:15]
AdwCleaner[S2].txt - [1247 octets] - [25/08/2012 16:39:35]

########## EOF - C:\AdwCleaner[S2].txt - [1375 octets] #########


Hope this helps!

Edited by PissedOffPCUser, 25 August 2012 - 06:46 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 25 August 2012 - 06:51 PM

Remove MBAM infections and post the clean log

18:33:39.0797 4792 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


Run TDSSkiller again and select DELETE

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair windows updates


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Edited by narenxp, 25 August 2012 - 06:51 PM.


#7 PissedOffPCUser

PissedOffPCUser
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:38 PM

Posted 26 August 2012 - 02:22 AM

I re-ran MBAM, here's the log:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.23.08

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Higgins :: HIGGINSEDITING [administrator]

8/25/2012 7:09:05 PM
mbam-log-2012-08-25 (19-09-05).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 539193
Time elapsed: 54 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Exafimifetelagu (Trojan.Agent.U) -> Data: rundll32.exe "C:\Users\Higgins\AppData\Local\SNlmui.dll",Startup -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Here's TDSSkiller's new log:

23:16:46.0363 2352 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
23:16:48.0366 2352 ============================================================
23:16:48.0366 2352 Current date / time: 2012/08/25 23:16:48.0366
23:16:48.0366 2352 SystemInfo:
23:16:48.0366 2352
23:16:48.0366 2352 OS Version: 6.1.7600 ServicePack: 0.0
23:16:48.0366 2352 Product type: Workstation
23:16:48.0366 2352 ComputerName: HIGGINSEDITING
23:16:48.0366 2352 UserName: Higgins
23:16:48.0366 2352 Windows directory: C:\Windows
23:16:48.0366 2352 System windows directory: C:\Windows
23:16:48.0366 2352 Running under WOW64
23:16:48.0366 2352 Processor architecture: Intel x64
23:16:48.0366 2352 Number of processors: 12
23:16:48.0366 2352 Page size: 0x1000
23:16:48.0366 2352 Boot type: Normal boot
23:16:48.0366 2352 ============================================================
23:16:53.0298 2352 BG loaded
23:16:53.0533 2352 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:16:53.0548 2352 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:16:53.0548 2352 Drive \Device\Harddisk2\DR2 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:16:53.0626 2352 ============================================================
23:16:53.0626 2352 \Device\Harddisk0\DR0:
23:16:53.0626 2352 MBR partitions:
23:16:53.0626 2352 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:16:53.0626 2352 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
23:16:53.0626 2352 \Device\Harddisk1\DR1:
23:16:53.0626 2352 MBR partitions:
23:16:53.0626 2352 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
23:16:53.0626 2352 \Device\Harddisk2\DR2:
23:16:53.0626 2352 MBR partitions:
23:16:53.0626 2352 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
23:16:53.0626 2352 ============================================================
23:16:53.0658 2352 C: <-> \Device\Harddisk0\DR0\Partition2
23:16:53.0673 2352 H: <-> \Device\Harddisk2\DR2\Partition1
23:16:53.0705 2352 E: <-> \Device\Harddisk1\DR1\Partition1
23:16:53.0705 2352 ============================================================
23:16:53.0705 2352 Initialize success
23:16:53.0705 2352 ============================================================
23:17:08.0673 4644 ============================================================
23:17:08.0673 4644 Scan started
23:17:08.0673 4644 Mode: Manual; TDLFS;
23:17:08.0673 4644 ============================================================
23:17:18.0095 4644 ================ Scan system memory ========================
23:17:18.0095 4644 System memory - ok
23:17:18.0095 4644 ================ Scan services =============================
23:17:18.0173 4644 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
23:17:18.0173 4644 !SASCORE - ok
23:17:18.0267 4644 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
23:17:18.0267 4644 1394ohci - ok
23:17:18.0314 4644 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
23:17:18.0314 4644 61883 - ok
23:17:18.0330 4644 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
23:17:18.0330 4644 ACPI - ok
23:17:18.0345 4644 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
23:17:18.0345 4644 AcpiPmi - ok
23:17:18.0439 4644 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:17:18.0439 4644 AdobeARMservice - ok
23:17:18.0455 4644 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:17:18.0470 4644 adp94xx - ok
23:17:18.0501 4644 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:17:18.0517 4644 adpahci - ok
23:17:18.0517 4644 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:17:18.0517 4644 adpu320 - ok
23:17:18.0533 4644 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:17:18.0533 4644 AeLookupSvc - ok
23:17:18.0564 4644 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
23:17:18.0564 4644 AFD - ok
23:17:18.0580 4644 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
23:17:18.0580 4644 agp440 - ok
23:17:18.0595 4644 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:17:18.0595 4644 ALG - ok
23:17:18.0595 4644 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
23:17:18.0595 4644 aliide - ok
23:17:18.0611 4644 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
23:17:18.0611 4644 amdide - ok
23:17:18.0626 4644 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:17:18.0626 4644 AmdK8 - ok
23:17:18.0626 4644 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:17:18.0626 4644 AmdPPM - ok
23:17:18.0642 4644 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
23:17:18.0673 4644 amdsata - ok
23:17:18.0673 4644 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:17:18.0673 4644 amdsbs - ok
23:17:18.0689 4644 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
23:17:18.0689 4644 amdxata - ok
23:17:18.0705 4644 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
23:17:18.0705 4644 AppID - ok
23:17:18.0705 4644 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:17:18.0705 4644 AppIDSvc - ok
23:17:18.0736 4644 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
23:17:18.0736 4644 Appinfo - ok
23:17:18.0830 4644 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:17:18.0830 4644 Apple Mobile Device - ok
23:17:18.0861 4644 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
23:17:18.0861 4644 AppMgmt - ok
23:17:18.0892 4644 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:17:18.0908 4644 arc - ok
23:17:18.0970 4644 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:17:18.0970 4644 arcsas - ok
23:17:18.0986 4644 astcc - ok
23:17:19.0017 4644 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:17:19.0033 4644 AsyncMac - ok
23:17:19.0064 4644 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
23:17:19.0064 4644 atapi - ok
23:17:19.0126 4644 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
23:17:19.0142 4644 athr - ok
23:17:19.0173 4644 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:17:19.0189 4644 AudioEndpointBuilder - ok
23:17:19.0189 4644 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:17:19.0205 4644 AudioSrv - ok
23:17:19.0220 4644 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
23:17:19.0220 4644 Avc - ok
23:17:19.0251 4644 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:17:19.0251 4644 AxInstSV - ok
23:17:19.0267 4644 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:17:19.0283 4644 b06bdrv - ok
23:17:19.0298 4644 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:17:19.0298 4644 b57nd60a - ok
23:17:19.0314 4644 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:17:19.0314 4644 BDESVC - ok
23:17:19.0330 4644 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:17:19.0330 4644 Beep - ok
23:17:19.0376 4644 BlackBox - ok
23:17:19.0392 4644 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:17:19.0392 4644 blbdrive - ok
23:17:19.0470 4644 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:17:19.0486 4644 Bonjour Service - ok
23:17:19.0501 4644 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:17:19.0501 4644 bowser - ok
23:17:19.0501 4644 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:17:19.0501 4644 BrFiltLo - ok
23:17:19.0533 4644 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:17:19.0533 4644 BrFiltUp - ok
23:17:19.0533 4644 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
23:17:19.0533 4644 Browser - ok
23:17:19.0548 4644 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:17:19.0564 4644 Brserid - ok
23:17:19.0564 4644 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:17:19.0564 4644 BrSerWdm - ok
23:17:19.0580 4644 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:17:19.0580 4644 BrUsbMdm - ok
23:17:19.0595 4644 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:17:19.0595 4644 BrUsbSer - ok
23:17:19.0611 4644 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:17:19.0611 4644 BTHMODEM - ok
23:17:19.0611 4644 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:17:19.0611 4644 bthserv - ok
23:17:19.0642 4644 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:17:19.0642 4644 cdfs - ok
23:17:19.0658 4644 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:17:19.0658 4644 cdrom - ok
23:17:19.0673 4644 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
23:17:19.0673 4644 CertPropSvc - ok
23:17:19.0705 4644 ChromeService - ok
23:17:19.0720 4644 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:17:19.0720 4644 circlass - ok
23:17:19.0751 4644 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:17:19.0751 4644 CLFS - ok
23:17:19.0814 4644 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:17:19.0814 4644 clr_optimization_v2.0.50727_32 - ok
23:17:19.0861 4644 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:17:19.0876 4644 clr_optimization_v2.0.50727_64 - ok
23:17:19.0908 4644 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:17:19.0908 4644 CmBatt - ok
23:17:19.0908 4644 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
23:17:19.0908 4644 cmdide - ok
23:17:19.0923 4644 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
23:17:19.0939 4644 CNG - ok
23:17:19.0955 4644 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:17:19.0955 4644 Compbatt - ok
23:17:19.0970 4644 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:17:19.0970 4644 CompositeBus - ok
23:17:20.0001 4644 COMSysApp - ok
23:17:20.0048 4644 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:17:20.0048 4644 crcdisk - ok
23:17:20.0095 4644 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:17:20.0095 4644 CryptSvc - ok
23:17:20.0142 4644 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
23:17:20.0142 4644 CSC - ok
23:17:20.0189 4644 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
23:17:20.0189 4644 CscService - ok
23:17:20.0220 4644 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:17:20.0220 4644 DcomLaunch - ok
23:17:20.0251 4644 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:17:20.0251 4644 defragsvc - ok
23:17:20.0283 4644 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:17:20.0283 4644 DfsC - ok
23:17:20.0298 4644 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
23:17:20.0298 4644 Dhcp - ok
23:17:20.0314 4644 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:17:20.0314 4644 discache - ok
23:17:20.0345 4644 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:17:20.0345 4644 Disk - ok
23:17:20.0361 4644 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:17:20.0361 4644 Dnscache - ok
23:17:20.0376 4644 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
23:17:20.0376 4644 dot3svc - ok
23:17:20.0392 4644 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
23:17:20.0392 4644 DPS - ok
23:17:20.0408 4644 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:17:20.0408 4644 drmkaud - ok
23:17:20.0470 4644 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:17:20.0470 4644 dtsoftbus01 - ok
23:17:20.0533 4644 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:17:20.0533 4644 DXGKrnl - ok
23:17:20.0564 4644 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:17:20.0564 4644 EapHost - ok
23:17:20.0611 4644 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:17:20.0642 4644 ebdrv - ok
23:17:20.0658 4644 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
23:17:20.0658 4644 EFS - ok
23:17:20.0767 4644 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:17:20.0798 4644 ehRecvr - ok
23:17:20.0814 4644 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:17:20.0814 4644 ehSched - ok
23:17:20.0830 4644 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:17:20.0830 4644 elxstor - ok
23:17:20.0845 4644 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
23:17:20.0845 4644 ErrDev - ok
23:17:20.0892 4644 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:17:20.0892 4644 EventSystem - ok
23:17:20.0923 4644 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:17:20.0923 4644 exfat - ok
23:17:20.0923 4644 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:17:20.0939 4644 fastfat - ok
23:17:21.0001 4644 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
23:17:21.0001 4644 Fax - ok
23:17:21.0017 4644 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:17:21.0017 4644 fdc - ok
23:17:21.0048 4644 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:17:21.0048 4644 fdPHost - ok
23:17:21.0080 4644 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:17:21.0080 4644 FDResPub - ok
23:17:21.0111 4644 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:17:21.0126 4644 FileInfo - ok
23:17:21.0126 4644 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:17:21.0126 4644 Filetrace - ok
23:17:21.0142 4644 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:17:21.0142 4644 flpydisk - ok
23:17:21.0158 4644 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:17:21.0158 4644 FltMgr - ok
23:17:21.0189 4644 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
23:17:21.0189 4644 FontCache - ok
23:17:21.0220 4644 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:17:21.0220 4644 FontCache3.0.0.0 - ok
23:17:21.0267 4644 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:17:21.0267 4644 FsDepends - ok
23:17:21.0267 4644 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:17:21.0267 4644 Fs_Rec - ok
23:17:21.0298 4644 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:17:21.0298 4644 fvevol - ok
23:17:21.0314 4644 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:17:21.0314 4644 gagp30kx - ok
23:17:21.0361 4644 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:17:21.0361 4644 GEARAspiWDM - ok
23:17:21.0392 4644 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
23:17:21.0408 4644 gpsvc - ok
23:17:21.0423 4644 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:17:21.0423 4644 hcw85cir - ok
23:17:21.0455 4644 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:17:21.0455 4644 HdAudAddService - ok
23:17:21.0470 4644 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:17:21.0470 4644 HDAudBus - ok
23:17:21.0470 4644 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:17:21.0470 4644 HidBatt - ok
23:17:21.0486 4644 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:17:21.0486 4644 HidBth - ok
23:17:21.0501 4644 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:17:21.0517 4644 HidIr - ok
23:17:21.0533 4644 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
23:17:21.0533 4644 hidserv - ok
23:17:21.0564 4644 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:17:21.0564 4644 HidUsb - ok
23:17:21.0580 4644 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:17:21.0580 4644 hkmsvc - ok
23:17:21.0595 4644 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:17:21.0595 4644 HomeGroupListener - ok
23:17:21.0611 4644 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:17:21.0626 4644 HomeGroupProvider - ok
23:17:21.0626 4644 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
23:17:21.0642 4644 HpSAMD - ok
23:17:21.0658 4644 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:17:21.0658 4644 HTTP - ok
23:17:21.0673 4644 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:17:21.0673 4644 hwpolicy - ok
23:17:21.0689 4644 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:17:21.0689 4644 i8042prt - ok
23:17:21.0705 4644 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
23:17:21.0720 4644 iaStorV - ok
23:17:21.0751 4644 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:17:21.0751 4644 idsvc - ok
23:17:21.0767 4644 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:17:21.0767 4644 iirsp - ok
23:17:21.0798 4644 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
23:17:21.0798 4644 IKEEXT - ok
23:17:21.0814 4644 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
23:17:21.0814 4644 intelide - ok
23:17:21.0830 4644 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:17:21.0830 4644 intelppm - ok
23:17:21.0845 4644 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:17:21.0845 4644 IPBusEnum - ok
23:17:21.0861 4644 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:17:21.0861 4644 IpFilterDriver - ok
23:17:21.0861 4644 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:17:21.0861 4644 IPMIDRV - ok
23:17:21.0876 4644 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:17:21.0876 4644 IPNAT - ok
23:17:21.0955 4644 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:17:21.0955 4644 iPod Service - ok
23:17:21.0986 4644 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:17:21.0986 4644 IRENUM - ok
23:17:22.0001 4644 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
23:17:22.0001 4644 isapnp - ok
23:17:22.0017 4644 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:17:22.0017 4644 iScsiPrt - ok
23:17:22.0033 4644 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:17:22.0033 4644 kbdclass - ok
23:17:22.0048 4644 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:17:22.0048 4644 kbdhid - ok
23:17:22.0064 4644 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
23:17:22.0064 4644 KeyIso - ok
23:17:22.0064 4644 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:17:22.0080 4644 KSecDD - ok
23:17:22.0095 4644 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:17:22.0095 4644 KSecPkg - ok
23:17:22.0126 4644 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:17:22.0126 4644 ksthunk - ok
23:17:22.0142 4644 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:17:22.0142 4644 KtmRm - ok
23:17:22.0173 4644 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
23:17:22.0173 4644 LanmanServer - ok
23:17:22.0205 4644 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:17:22.0205 4644 LanmanWorkstation - ok
23:17:22.0220 4644 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:17:22.0220 4644 lltdio - ok
23:17:22.0236 4644 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:17:22.0236 4644 lltdsvc - ok
23:17:22.0251 4644 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:17:22.0251 4644 lmhosts - ok
23:17:22.0361 4644 [ 98B0FCC176DFB711B67651BECB88C445 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
23:17:22.0361 4644 LMIGuardianSvc - ok
23:17:22.0392 4644 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
23:17:22.0392 4644 LMIInfo - ok
23:17:22.0439 4644 [ B712511029CBD68645A90A241FD6AE43 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
23:17:22.0439 4644 LMIMaint - ok
23:17:22.0470 4644 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
23:17:22.0470 4644 lmimirr - ok
23:17:22.0486 4644 LMIRfsClientNP - ok
23:17:22.0501 4644 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
23:17:22.0501 4644 LMIRfsDriver - ok
23:17:22.0564 4644 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
23:17:22.0564 4644 LogMeIn - ok
23:17:22.0595 4644 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:17:22.0595 4644 LSI_FC - ok
23:17:22.0611 4644 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:17:22.0611 4644 LSI_SAS - ok
23:17:22.0611 4644 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:17:22.0611 4644 LSI_SAS2 - ok
23:17:22.0626 4644 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:17:22.0626 4644 LSI_SCSI - ok
23:17:22.0642 4644 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:17:22.0642 4644 luafv - ok
23:17:22.0673 4644 [ D33E2B74CF8B3A652BF0A9FBD068E87A ] ManyCam C:\Windows\system32\DRIVERS\ManyCam_x64.sys
23:17:22.0673 4644 ManyCam - ok
23:17:22.0720 4644 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
23:17:22.0720 4644 McComponentHostService - ok
23:17:22.0751 4644 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:17:22.0767 4644 Mcx2Svc - ok
23:17:22.0783 4644 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:17:22.0783 4644 megasas - ok
23:17:22.0798 4644 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:17:22.0798 4644 MegaSR - ok
23:17:22.0861 4644 Microsoft SharePoint Workspace Audit Service - ok
23:17:22.0892 4644 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:17:22.0892 4644 MMCSS - ok
23:17:22.0908 4644 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:17:22.0908 4644 Modem - ok
23:17:22.0955 4644 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:17:22.0955 4644 monitor - ok
23:17:22.0986 4644 [ A70BF78713B104C46C4E6E7858B6F02E ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
23:17:22.0986 4644 motccgp - ok
23:17:23.0017 4644 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
23:17:23.0017 4644 motccgpfl - ok
23:17:23.0033 4644 [ 3CC500C9B0E4D476802D277353CB2C89 ] MotDev C:\Windows\system32\DRIVERS\motodrv.sys
23:17:23.0033 4644 MotDev - ok
23:17:23.0080 4644 [ 6CBC0F4005593C96C9AECAD39F0690FC ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
23:17:23.0080 4644 motmodem - ok
23:17:23.0095 4644 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:17:23.0095 4644 mouclass - ok
23:17:23.0126 4644 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:17:23.0126 4644 mouhid - ok
23:17:23.0126 4644 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:17:23.0142 4644 mountmgr - ok
23:17:23.0205 4644 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:17:23.0205 4644 MozillaMaintenance - ok
23:17:23.0220 4644 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
23:17:23.0220 4644 mpio - ok
23:17:23.0251 4644 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:17:23.0251 4644 mpsdrv - ok
23:17:23.0267 4644 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:17:23.0267 4644 MRxDAV - ok
23:17:23.0314 4644 [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:17:23.0314 4644 mrxsmb - ok
23:17:23.0330 4644 [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:17:23.0330 4644 mrxsmb10 - ok
23:17:23.0330 4644 [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:17:23.0330 4644 mrxsmb20 - ok
23:17:23.0361 4644 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
23:17:23.0361 4644 msahci - ok
23:17:23.0361 4644 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
23:17:23.0361 4644 msdsm - ok
23:17:23.0408 4644 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:17:23.0408 4644 MSDTC - ok
23:17:23.0439 4644 [ 72949A24D37A20A54B3D4D3DADBB55E9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
23:17:23.0439 4644 MSDV - ok
23:17:23.0455 4644 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:17:23.0455 4644 Msfs - ok
23:17:23.0455 4644 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:17:23.0455 4644 mshidkmdf - ok
23:17:23.0470 4644 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
23:17:23.0470 4644 msisadrv - ok
23:17:23.0501 4644 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:17:23.0501 4644 MSiSCSI - ok
23:17:23.0501 4644 msiserver - ok
23:17:23.0533 4644 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:17:23.0533 4644 MSKSSRV - ok
23:17:23.0564 4644 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:17:23.0564 4644 MSPCLOCK - ok
23:17:23.0564 4644 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:17:23.0564 4644 MSPQM - ok
23:17:23.0595 4644 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:17:23.0595 4644 MsRPC - ok
23:17:23.0611 4644 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:17:23.0611 4644 mssmbios - ok
23:17:23.0626 4644 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:17:23.0626 4644 MSTEE - ok
23:17:23.0626 4644 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:17:23.0626 4644 MTConfig - ok
23:17:23.0642 4644 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:17:23.0642 4644 Mup - ok
23:17:23.0673 4644 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
23:17:23.0673 4644 napagent - ok
23:17:23.0705 4644 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:17:23.0705 4644 NativeWifiP - ok
23:17:23.0736 4644 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
23:17:23.0736 4644 NDIS - ok
23:17:23.0751 4644 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:17:23.0751 4644 NdisCap - ok
23:17:23.0767 4644 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:17:23.0767 4644 NdisTapi - ok
23:17:23.0783 4644 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:17:23.0783 4644 Ndisuio - ok
23:17:23.0798 4644 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:17:23.0798 4644 NdisWan - ok
23:17:23.0830 4644 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:17:23.0830 4644 NDProxy - ok
23:17:23.0830 4644 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:17:23.0830 4644 NetBIOS - ok
23:17:23.0845 4644 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:17:23.0845 4644 NetBT - ok
23:17:23.0861 4644 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
23:17:23.0861 4644 Netlogon - ok
23:17:23.0876 4644 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:17:23.0892 4644 Netman - ok
23:17:23.0892 4644 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:17:23.0892 4644 netprofm - ok
23:17:23.0908 4644 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:17:23.0908 4644 NetTcpPortSharing - ok
23:17:23.0923 4644 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:17:23.0923 4644 nfrd960 - ok
23:17:23.0939 4644 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:17:23.0939 4644 NlaSvc - ok
23:17:23.0970 4644 [ 40777BD92D73A8FF3B252E4F4881E672 ] nlscc C:\Windows\system32\nlsInterface.exe
23:17:23.0970 4644 nlscc - ok
23:17:24.0017 4644 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\drivers\npf.sys
23:17:24.0017 4644 NPF - ok
23:17:24.0033 4644 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:17:24.0033 4644 Npfs - ok
23:17:24.0080 4644 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:17:24.0080 4644 nsi - ok
23:17:24.0080 4644 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:17:24.0080 4644 nsiproxy - ok
23:17:24.0111 4644 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:17:24.0126 4644 Ntfs - ok
23:17:24.0142 4644 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:17:24.0142 4644 Null - ok
23:17:24.0189 4644 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
23:17:24.0189 4644 NVHDA - ok
23:17:24.0564 4644 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:17:24.0611 4644 nvlddmkm - ok
23:17:24.0626 4644 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
23:17:24.0642 4644 nvraid - ok
23:17:24.0642 4644 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
23:17:24.0642 4644 nvstor - ok
23:17:24.0720 4644 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] NVSvc C:\Windows\system32\nvvsvc.exe
23:17:24.0720 4644 NVSvc - ok
23:17:24.0798 4644 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:17:24.0814 4644 nvUpdatusService - ok
23:17:24.0814 4644 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
23:17:24.0830 4644 nv_agp - ok
23:17:24.0830 4644 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:17:24.0830 4644 ohci1394 - ok
23:17:24.0876 4644 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:17:24.0876 4644 ose - ok
23:17:25.0064 4644 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:17:25.0189 4644 osppsvc - ok
23:17:25.0220 4644 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:17:25.0220 4644 p2pimsvc - ok
23:17:25.0236 4644 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:17:25.0251 4644 p2psvc - ok
23:17:25.0267 4644 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:17:25.0267 4644 Parport - ok
23:17:25.0283 4644 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:17:25.0283 4644 partmgr - ok
23:17:25.0298 4644 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:17:25.0298 4644 PcaSvc - ok
23:17:25.0298 4644 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
23:17:25.0298 4644 pci - ok
23:17:25.0314 4644 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
23:17:25.0314 4644 pciide - ok
23:17:25.0330 4644 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:17:25.0330 4644 pcmcia - ok
23:17:25.0345 4644 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:17:25.0345 4644 pcw - ok
23:17:25.0345 4644 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:17:25.0361 4644 PEAUTH - ok
23:17:25.0392 4644 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:17:25.0392 4644 PeerDistSvc - ok
23:17:25.0470 4644 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:17:25.0470 4644 PerfHost - ok
23:17:25.0517 4644 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
23:17:25.0548 4644 pla - ok
23:17:25.0564 4644 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:17:25.0564 4644 PlugPlay - ok
23:17:25.0595 4644 PnkBstrA - ok
23:17:25.0626 4644 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:17:25.0626 4644 PNRPAutoReg - ok
23:17:25.0642 4644 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:17:25.0642 4644 PNRPsvc - ok
23:17:25.0658 4644 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:17:25.0673 4644 PolicyAgent - ok
23:17:25.0673 4644 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:17:25.0673 4644 Power - ok
23:17:25.0689 4644 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:17:25.0689 4644 PptpMiniport - ok
23:17:25.0705 4644 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:17:25.0705 4644 Processor - ok
23:17:25.0720 4644 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
23:17:25.0720 4644 ProfSvc - ok
23:17:25.0736 4644 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
23:17:25.0736 4644 ProtectedStorage - ok
23:17:25.0751 4644 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:17:25.0751 4644 Psched - ok
23:17:25.0783 4644 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
23:17:25.0798 4644 PxHlpa64 - ok
23:17:25.0814 4644 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:17:25.0830 4644 ql2300 - ok
23:17:25.0845 4644 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:17:25.0845 4644 ql40xx - ok
23:17:25.0861 4644 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:17:25.0861 4644 QWAVE - ok
23:17:25.0861 4644 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:17:25.0861 4644 QWAVEdrv - ok
23:17:25.0876 4644 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:17:25.0876 4644 RasAcd - ok
23:17:25.0892 4644 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:17:25.0892 4644 RasAgileVpn - ok
23:17:25.0908 4644 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:17:25.0908 4644 RasAuto - ok
23:17:25.0923 4644 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:17:25.0923 4644 Rasl2tp - ok
23:17:25.0955 4644 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
23:17:25.0955 4644 RasMan - ok
23:17:25.0970 4644 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:17:25.0970 4644 RasPppoe - ok
23:17:25.0986 4644 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:17:25.0986 4644 RasSstp - ok
23:17:26.0001 4644 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:17:26.0001 4644 rdbss - ok
23:17:26.0001 4644 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:17:26.0001 4644 rdpbus - ok
23:17:26.0017 4644 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:17:26.0017 4644 RDPCDD - ok
23:17:26.0095 4644 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:17:26.0095 4644 RDPDR - ok
23:17:26.0111 4644 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:17:26.0111 4644 RDPENCDD - ok
23:17:26.0111 4644 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:17:26.0111 4644 RDPREFMP - ok
23:17:26.0126 4644 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:17:26.0126 4644 RDPWD - ok
23:17:26.0158 4644 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:17:26.0158 4644 rdyboost - ok
23:17:26.0173 4644 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:17:26.0173 4644 RemoteAccess - ok
23:17:26.0205 4644 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:17:26.0205 4644 RemoteRegistry - ok
23:17:26.0236 4644 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
23:17:26.0236 4644 rpcapd - ok
23:17:26.0251 4644 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:17:26.0251 4644 RpcEptMapper - ok
23:17:26.0251 4644 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:17:26.0267 4644 RpcLocator - ok
23:17:26.0267 4644 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
23:17:26.0267 4644 RpcSs - ok
23:17:26.0283 4644 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:17:26.0283 4644 rspndr - ok
23:17:26.0314 4644 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:17:26.0314 4644 RTL8167 - ok
23:17:26.0330 4644 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
23:17:26.0330 4644 s3cap - ok
23:17:26.0330 4644 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
23:17:26.0330 4644 SamSs - ok
23:17:26.0376 4644 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:17:26.0376 4644 SASDIFSV - ok
23:17:26.0408 4644 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:17:26.0408 4644 SASKUTIL - ok
23:17:26.0423 4644 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
23:17:26.0423 4644 sbp2port - ok
23:17:26.0501 4644 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
23:17:26.0517 4644 SBSDWSCService - ok
23:17:26.0533 4644 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:17:26.0548 4644 SCardSvr - ok
23:17:26.0548 4644 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:17:26.0548 4644 scfilter - ok
23:17:26.0564 4644 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
23:17:26.0580 4644 Schedule - ok
23:17:26.0595 4644 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:17:26.0595 4644 SCPolicySvc - ok
23:17:26.0626 4644 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:17:26.0626 4644 SDRSVC - ok
23:17:26.0658 4644 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:17:26.0658 4644 secdrv - ok
23:17:26.0673 4644 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
23:17:26.0673 4644 seclogon - ok
23:17:26.0783 4644 [ 1C59B1619FBCC104F5C5BCCD53E61B55 ] Sendori C:\Program Files (x86)\Sendori\Sendori.exe
23:17:26.0814 4644 Sendori - ok
23:17:26.0830 4644 [ DCC389FAB04E8469A5939C655F7F1CA7 ] Sendori Interceptor C:\Program Files (x86)\Sendori\Sendori.Service.exe
23:17:26.0830 4644 Sendori Interceptor - ok
23:17:26.0845 4644 [ 0A26BD4313119D30C31787FC2F97CC85 ] Sendoriv1 C:\Program Files (x86)\Sendori\SendoriSvc.exe
23:17:26.0861 4644 Sendoriv1 - ok
23:17:26.0876 4644 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
23:17:26.0876 4644 SENS - ok
23:17:26.0892 4644 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:17:26.0892 4644 SensrSvc - ok
23:17:26.0923 4644 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:17:26.0923 4644 Serenum - ok
23:17:26.0923 4644 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:17:26.0923 4644 Serial - ok
23:17:26.0955 4644 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:17:26.0955 4644 sermouse - ok
23:17:26.0970 4644 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
23:17:26.0970 4644 SessionEnv - ok
23:17:26.0986 4644 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:17:26.0986 4644 sffdisk - ok
23:17:27.0001 4644 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:17:27.0001 4644 sffp_mmc - ok
23:17:27.0017 4644 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:17:27.0017 4644 sffp_sd - ok
23:17:27.0048 4644 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:17:27.0048 4644 sfloppy - ok
23:17:27.0080 4644 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:17:27.0080 4644 ShellHWDetection - ok
23:17:27.0095 4644 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:17:27.0095 4644 SiSRaid2 - ok
23:17:27.0126 4644 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:17:27.0126 4644 SiSRaid4 - ok
23:17:27.0251 4644 [ C70AEBD3608ED9FCEA2A1BAE83567FFC ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:17:27.0251 4644 SkypeUpdate - ok
23:17:27.0283 4644 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:17:27.0283 4644 Smb - ok
23:17:27.0298 4644 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:17:27.0298 4644 SNMPTRAP - ok
23:17:27.0314 4644 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:17:27.0314 4644 spldr - ok
23:17:27.0345 4644 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
23:17:27.0345 4644 Spooler - ok
23:17:27.0408 4644 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
23:17:27.0439 4644 sppsvc - ok
23:17:27.0455 4644 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:17:27.0455 4644 sppuinotify - ok
23:17:27.0501 4644 [ DE6F5658DA951C4BC8E498570B5B0D5F ] srv C:\Windows\system32\DRIVERS\srv.sys
23:17:27.0517 4644 srv - ok
23:17:27.0517 4644 [ 4D33D59C0B930C523D29F9BD40CDA9D2 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:17:27.0517 4644 srv2 - ok
23:17:27.0533 4644 [ 5A663FD67049267BC5C3F3279E631FFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:17:27.0533 4644 srvnet - ok
23:17:27.0548 4644 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:17:27.0564 4644 SSDPSRV - ok
23:17:27.0580 4644 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:17:27.0580 4644 SstpSvc - ok
23:17:27.0673 4644 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23:17:27.0673 4644 StarWindServiceAE - ok
23:17:27.0689 4644 Steam Client Service - ok
23:17:27.0751 4644 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:17:27.0751 4644 Stereo Service - ok
23:17:27.0767 4644 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:17:27.0767 4644 stexstor - ok
23:17:27.0830 4644 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
23:17:27.0845 4644 stisvc - ok
23:17:27.0861 4644 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
23:17:27.0861 4644 storflt - ok
23:17:27.0861 4644 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
23:17:27.0876 4644 storvsc - ok
23:17:27.0908 4644 [ 04CF20310145DEC63D5387BEAFF77D9A ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
23:17:27.0923 4644 SWDUMon - ok
23:17:27.0939 4644 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:17:27.0939 4644 swenum - ok
23:17:28.0033 4644 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:17:28.0033 4644 SwitchBoard - ok
23:17:28.0080 4644 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:17:28.0095 4644 swprv - ok
23:17:28.0126 4644 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
23:17:28.0142 4644 SysMain - ok
23:17:28.0142 4644 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:17:28.0142 4644 TabletInputService - ok
23:17:28.0158 4644 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
23:17:28.0158 4644 TapiSrv - ok
23:17:28.0173 4644 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:17:28.0173 4644 TBS - ok
23:17:28.0205 4644 [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:17:28.0236 4644 Tcpip - ok
23:17:28.0267 4644 [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:17:28.0267 4644 TCPIP6 - ok
23:17:28.0298 4644 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:17:28.0298 4644 tcpipreg - ok
23:17:28.0298 4644 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:17:28.0298 4644 TDPIPE - ok
23:17:28.0314 4644 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:17:28.0314 4644 TDTCP - ok
23:17:28.0330 4644 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:17:28.0330 4644 tdx - ok
23:17:28.0330 4644 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:17:28.0330 4644 TermDD - ok
23:17:28.0361 4644 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
23:17:28.0361 4644 TermService - ok
23:17:28.0376 4644 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:17:28.0376 4644 Themes - ok
23:17:28.0408 4644 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:17:28.0408 4644 THREADORDER - ok
23:17:28.0408 4644 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:17:28.0408 4644 TrkWks - ok
23:17:28.0470 4644 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:17:28.0470 4644 TrustedInstaller - ok
23:17:28.0486 4644 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:17:28.0501 4644 tssecsrv - ok
23:17:28.0548 4644 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:17:28.0548 4644 tunnel - ok
23:17:28.0548 4644 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:17:28.0548 4644 uagp35 - ok
23:17:28.0564 4644 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:17:28.0564 4644 udfs - ok
23:17:28.0580 4644 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:17:28.0580 4644 UI0Detect - ok
23:17:28.0595 4644 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
23:17:28.0595 4644 uliagpkx - ok
23:17:28.0611 4644 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:17:28.0611 4644 umbus - ok
23:17:28.0626 4644 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:17:28.0626 4644 UmPass - ok
23:17:28.0642 4644 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
23:17:28.0642 4644 UmRdpService - ok
23:17:28.0658 4644 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:17:28.0658 4644 upnphost - ok
23:17:28.0705 4644 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:17:28.0705 4644 USBAAPL64 - ok
23:17:28.0736 4644 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:17:28.0736 4644 usbaudio - ok
23:17:28.0751 4644 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:17:28.0751 4644 usbccgp - ok
23:17:28.0783 4644 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
23:17:28.0783 4644 usbcir - ok
23:17:28.0798 4644 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:17:28.0798 4644 usbehci - ok
23:17:28.0814 4644 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:17:28.0814 4644 usbhub - ok
23:17:28.0830 4644 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:17:28.0830 4644 usbohci - ok
23:17:28.0845 4644 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:17:28.0845 4644 usbprint - ok
23:17:28.0861 4644 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:17:28.0876 4644 usbscan - ok
23:17:28.0908 4644 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:17:28.0908 4644 USBSTOR - ok
23:17:28.0923 4644 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:17:28.0923 4644 usbuhci - ok
23:17:28.0970 4644 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:17:28.0970 4644 usbvideo - ok
23:17:28.0986 4644 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:17:28.0986 4644 UxSms - ok
23:17:29.0001 4644 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
23:17:29.0001 4644 VaultSvc - ok
23:17:29.0017 4644 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
23:17:29.0017 4644 vdrvroot - ok
23:17:29.0033 4644 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
23:17:29.0033 4644 vds - ok
23:17:29.0048 4644 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:17:29.0048 4644 vga - ok
23:17:29.0064 4644 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:17:29.0064 4644 VgaSave - ok
23:17:29.0064 4644 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
23:17:29.0064 4644 vhdmp - ok
23:17:29.0080 4644 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
23:17:29.0080 4644 viaide - ok
23:17:29.0111 4644 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
23:17:29.0111 4644 vmbus - ok
23:17:29.0126 4644 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
23:17:29.0126 4644 VMBusHID - ok
23:17:29.0126 4644 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
23:17:29.0126 4644 volmgr - ok
23:17:29.0142 4644 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:17:29.0142 4644 volmgrx - ok
23:17:29.0158 4644 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
23:17:29.0158 4644 volsnap - ok
23:17:29.0173 4644 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:17:29.0173 4644 vsmraid - ok
23:17:29.0236 4644 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
23:17:29.0251 4644 VSS - ok
23:17:29.0251 4644 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:17:29.0251 4644 vwifibus - ok
23:17:29.0283 4644 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:17:29.0283 4644 vwififlt - ok
23:17:29.0298 4644 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:17:29.0298 4644 W32Time - ok
23:17:29.0314 4644 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:17:29.0314 4644 WacomPen - ok
23:17:29.0330 4644 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:17:29.0330 4644 WANARP - ok
23:17:29.0330 4644 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:17:29.0330 4644 Wanarpv6 - ok
23:17:29.0376 4644 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:17:29.0376 4644 WatAdminSvc - ok
23:17:29.0455 4644 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
23:17:29.0470 4644 wbengine - ok
23:17:29.0470 4644 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:17:29.0486 4644 WbioSrvc - ok
23:17:29.0486 4644 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:17:29.0501 4644 wcncsvc - ok
23:17:29.0517 4644 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:17:29.0517 4644 WcsPlugInService - ok
23:17:29.0533 4644 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:17:29.0533 4644 Wd - ok
23:17:29.0548 4644 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:17:29.0548 4644 Wdf01000 - ok
23:17:29.0564 4644 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:17:29.0580 4644 WdiServiceHost - ok
23:17:29.0580 4644 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:17:29.0580 4644 WdiSystemHost - ok
23:17:29.0580 4644 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
23:17:29.0580 4644 WebClient - ok
23:17:29.0595 4644 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:17:29.0595 4644 Wecsvc - ok
23:17:29.0611 4644 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:17:29.0611 4644 wercplsupport - ok
23:17:29.0642 4644 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:17:29.0642 4644 WerSvc - ok
23:17:29.0658 4644 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:17:29.0658 4644 WfpLwf - ok
23:17:29.0673 4644 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:17:29.0673 4644 WIMMount - ok
23:17:29.0673 4644 WinHttpAutoProxySvc - ok
23:17:29.0736 4644 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:17:29.0736 4644 Winmgmt - ok
23:17:29.0767 4644 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
23:17:29.0798 4644 WinRM - ok
23:17:29.0845 4644 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:17:29.0845 4644 WinUsb - ok
23:17:29.0861 4644 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:17:29.0861 4644 Wlansvc - ok
23:17:29.0876 4644 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:17:29.0876 4644 WmiAcpi - ok
23:17:29.0908 4644 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:17:29.0908 4644 wmiApSrv - ok
23:17:29.0939 4644 WMPNetworkSvc - ok
23:17:29.0955 4644 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:17:29.0955 4644 WPCSvc - ok
23:17:29.0970 4644 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:17:29.0970 4644 WPDBusEnum - ok
23:17:30.0017 4644 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:17:30.0017 4644 ws2ifsl - ok
23:17:30.0017 4644 WSearch - ok
23:17:30.0017 4644 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:17:30.0017 4644 WudfPf - ok
23:17:30.0033 4644 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:17:30.0033 4644 WUDFRd - ok
23:17:30.0048 4644 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:17:30.0048 4644 wudfsvc - ok
23:17:30.0064 4644 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:17:30.0064 4644 WwanSvc - ok
23:17:30.0080 4644 ================ Scan global ===============================
23:17:30.0095 4644 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:17:30.0111 4644 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
23:17:30.0111 4644 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
23:17:30.0142 4644 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:17:30.0173 4644 [ FCB084FA3DCB7449F3BAA13312A215B4 ] C:\Windows\system32\services.exe
23:17:30.0173 4644 [Global] - ok
23:17:30.0173 4644 ================ Scan MBR ==================================
23:17:30.0189 4644 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:17:32.0751 4644 \Device\Harddisk0\DR0 - ok
23:17:32.0767 4644 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
23:17:32.0939 4644 \Device\Harddisk1\DR1 - ok
23:17:32.0939 4644 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
23:17:33.0471 4644 \Device\Harddisk2\DR2 - ok
23:17:33.0471 4644 ================ Scan VBR ==================================
23:17:33.0471 4644 [ ED5F9DA05B2924FE0EAC35FDA20215BE ] \Device\Harddisk0\DR0\Partition1
23:17:33.0487 4644 \Device\Harddisk0\DR0\Partition1 - ok
23:17:33.0502 4644 [ 052BBD52FE7AA403D6DFE3BA8E4A376D ] \Device\Harddisk0\DR0\Partition2
23:17:33.0502 4644 \Device\Harddisk0\DR0\Partition2 - ok
23:17:33.0502 4644 [ F16DBAF65A4A86AFF1BF201DDBA195D8 ] \Device\Harddisk1\DR1\Partition1
23:17:33.0502 4644 \Device\Harddisk1\DR1\Partition1 - ok
23:17:33.0518 4644 [ 5F099126A70D49A7A2AAB203E11BD8B2 ] \Device\Harddisk2\DR2\Partition1
23:17:33.0518 4644 \Device\Harddisk2\DR2\Partition1 - ok
23:17:33.0518 4644 ============================================================
23:17:33.0518 4644 Scan finished
23:17:33.0518 4644 ============================================================
23:17:33.0518 4636 Detected object count: 0
23:17:33.0518 4636 Actual detected object count: 0


New FSS log:

Farbar Service Scanner Version: 06-08-2012
Ran by Higgins (administrator) on 26-08-2012 at 00:18:59
Running from "C:\Users\Higgins\Desktop"
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll
[2009-07-13 16:21] - [2009-07-13 18:40] - 0182272 ____A (Microsoft Corporation) 676108C4E3AA6F6B34633748BD0BEBD9

C:\Windows\System32\mpssvc.dll
[2009-07-13 17:09] - [2009-07-13 18:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 16:36] - [2009-07-13 18:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


RKill Log:

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/26/2012 12:19:31 AM in x64 mode.
Windows Version: Windows 7 Ultimate

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Windows\SysWOW64\ASTSRV.exe (PID: 1588) [WD-HEUR]
* C:\Windows\system32\nlsInterface.exe (PID: 1576) [WD-HEUR]

2 proccesses terminated!

Possibly Patched Files.

* C:\Windows\system32\services.exe

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* SMTMP folder detected. Please see this link for more information: http://www.bleepingcomputer.com/forums/topic405109.html

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\ [ZA Dir]
* C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\L\ [ZA Dir]
* C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\L\00000004.@ [ZA File]
* C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\L\1afb2d56 [ZA File]
* C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\U\ [ZA Dir]
* C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\ [ZA Dir]
* C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\L\ [ZA Dir]
* C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\L\00000004.@ [ZA File]
* C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\L\201d3dde [ZA File]
* C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\U\ [ZA Dir]

Checking Windows Service Integrity:

* BITS [Missing Service]
* iphlpsvc [Missing Service]
* WinDefend [Missing Service]

Searching for Missing Digital Signatures:

* C:\Windows\System32\services.exe [NoSig]
+-> C:\Windows\ERDNT\cache64\services.exe : 328,704 : 07/13/2009 06:39 PM : 24acb7e5be595468e3b9aa488b9b4fcb [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe : 328,704 : 07/13/2009 06:39 PM : 24acb7e5be595468e3b9aa488b9b4fcb [Pos Repl]

Program finished at: 08/26/2012 12:20:29 AM
Execution time: 0 hours(s), 0 minute(s), and 57 seconds(s)



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 26 August 2012 - 07:17 AM

Is your FILES hidden? Does your startmenu look empty?

Click on startmenu and type

cmd

Right click on it and select run as administrator and run this command

sfc /scanfile=c:\windows\system32\services.exe

After scan completes,restart the PC

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}
C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}

delete the folders

Download


defender
BITS

Launch them,click YES

Now run RKILL and post the new log

Edited by narenxp, 26 August 2012 - 07:18 AM.


#9 PissedOffPCUser

PissedOffPCUser
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:38 PM

Posted 26 August 2012 - 11:37 AM

My Start Menu was empty a little while back, but I looked up a tutorial to fix it. So, I'm all good.

The computer is working much better so far:

New RKill Log:

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/26/2012 09:36:19 AM in x64 mode.
Windows Version: Windows 7 Ultimate

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Windows\SysWOW64\ASTSRV.exe (PID: 1744) [WD-HEUR]
* C:\Windows\system32\nlsInterface.exe (PID: 2244) [WD-HEUR]
* C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineFormActiveMetadataStatusViewer.exe (PID: 1180) [AU-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* SMTMP folder detected. Please see this link for more information: http://www.bleepingcomputer.com/forums/topic405109.html

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}\ [ZA Dir]
* C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}\ [ZA Dir]

Checking Windows Service Integrity:

* iphlpsvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/26/2012 09:36:32 AM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)


Edited by PissedOffPCUser, 26 August 2012 - 11:37 AM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 26 August 2012 - 11:41 AM

You didnot follow my instruction


Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Higgins\AppData\Local\{48afaba0-991b-612a-ed53-186f2344d51e}
C:\Windows\installer\{48afaba0-991b-612a-ed53-186f2344d51e}

delete the folders



#11 PissedOffPCUser

PissedOffPCUser
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:38 PM

Posted 26 August 2012 - 12:48 PM

I'm sorry, your instructions were not clear. I deleted the two folders inside each of those folders. Are you asking me to delete the folders themselves?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 26 August 2012 - 12:50 PM

yes :)

#13 PissedOffPCUser

PissedOffPCUser
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:38 PM

Posted 26 August 2012 - 12:52 PM

Alrighty! Deleted those two folders. Anything else, sir?

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 26 August 2012 - 12:54 PM

Press Windows+R key and type

notepad and click ok

Copy this script
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,68,00,\
  65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,00,00
"ThreadingModel"="Apartment"

Click on FILE-SAVE AS

Filename:fix.reg
Save as :All files

Launch the FIX.REG

Click YES when you receive a prompt

Run RKILL again and post the new log

#15 PissedOffPCUser

PissedOffPCUser
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:38 PM

Posted 26 August 2012 - 01:17 PM

Done, here's the RKIll Log:

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/26/2012 11:16:53 AM in x64 mode.
Windows Version: Windows 7 Ultimate

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* SMTMP folder detected. Please see this link for more information: http://www.bleepingcomputer.com/forums/topic405109.html

Checking Windows Service Integrity:

* iphlpsvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/26/2012 11:16:57 AM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users