Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with winrscmde; bluescreening, and can be resource intensive


  • Please log in to reply
17 replies to this topic

#1 rscaensd

rscaensd

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 23 October 2012 - 07:17 PM

I keep getting worse than BSOD, screen turns purple fuzzy, then system reboots itself. Thought I had fixed it running a driver update, after system restore did not work. Windows had detected a bad driver on ATI Radeon HD 5450, or so I thought.
System started really acting up. Now can not get a full boot unless in safe mode. Saw the topic listed and am sure I have some malware going on. The winrscmde was taking up a ton of memory. Any help someone can be will be greatly appreciated and compensated!

Thanks very much!



Here is event file from 2nd BSOD:
Log Name: Application
Source: Windows Error Reporting
Date: 10/23/2012 5:01:50 PM
Event ID: 1001
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: RSCAENSD
Description:
Fault bucket , type 0
Event Name: BlueScreen
Response: Not available
Cab Id: 0

Problem signature:
P1:
P2:
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Attached files:
C:\Windows\Minidump\102212-27346-01.dmp
C:\Users\Marshall&Robin\AppData\Local\Temp\WER-110979-0.sysdata.xml
C:\Users\Marshall&Robin\AppData\Local\Temp\WER5483.tmp.WERInternalMetadata.xml

These files may be available here:
C:\Users\Marshall&Robin\AppData\Local\Microsoft\Windows\WER\ReportQueue\Kernel_0_0_cab_08205495

Analysis symbol:
Rechecking for solution: 0
Report Id: 102212-27346-01
Report Status: 4
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Windows Error Reporting" />
<EventID Qualifiers="0">1001</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-10-23T21:01:50.000000000Z" />
<EventRecordID>37628</EventRecordID>
<Channel>Application</Channel>
<Computer>RSCAENSD</Computer>
<Security />
</System>
<EventData>
<Data>
</Data>
<Data>0</Data>
<Data>BlueScreen</Data>
<Data>Not available</Data>
<Data>0</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
C:\Windows\Minidump\102212-27346-01.dmp
C:\Users\Marshall&amp;Robin\AppData\Local\Temp\WER-110979-0.sysdata.xml
C:\Users\Marshall&amp;Robin\AppData\Local\Temp\WER5483.tmp.WERInternalMetadata.xml</Data>
<Data>C:\Users\Marshall&amp;Robin\AppData\Local\Microsoft\Windows\WER\ReportQueue\Kernel_0_0_cab_08205495</Data>
<Data>
</Data>
<Data>0</Data>
<Data>102212-27346-01</Data>
<Data>4</Data>
</EventData>
</Event>

Event #1

Log Name: Application
Source: Windows Error Reporting
Date: 10/23/2012 5:01:49 PM
Event ID: 1001
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: RSCAENSD
Description:
Fault bucket X64_UNKNOWN_SYSTEM_FAILURE_ON_MACHINE, type 0
Event Name: BlueScreen
Response: http://wer.microsoft.com/responses/resredir.aspx?sid=19177&Bucket=X64_UNKNOWN_SYSTEM_FAILURE_ON_MACHINE&ID=d3cb74b7-cacc-45f1-b3a1-cd33693c55e1
Cab Id: 0

Problem signature:
P1:
P2:
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Attached files:
C:\Windows\Minidump\102312-18205-01.dmp
C:\Users\Marshall&Robin\AppData\Local\Temp\WER-110979-0.sysdata.xml
C:\Users\Marshall&Robin\AppData\Local\Temp\WERFB2F.tmp.WERInternalMetadata.xml

These files may be available here:
C:\Users\Marshall&Robin\AppData\Local\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0820534d

Analysis symbol: X64_UNKNOWN_SYSTEM_FAILURE_ON_MACHINE
Rechecking for solution: 0
Report Id: 102312-18205-01
Report Status: 0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Windows Error Reporting" />
<EventID Qualifiers="0">1001</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-10-23T21:01:49.000000000Z" />
<EventRecordID>37626</EventRecordID>
<Channel>Application</Channel>
<Computer>RSCAENSD</Computer>
<Security />
</System>
<EventData>
<Data>X64_UNKNOWN_SYSTEM_FAILURE_ON_MACHINE</Data>
<Data>0</Data>
<Data>BlueScreen</Data>
<Data>http://wer.microsoft.com/responses/resredir.aspx?sid=19177&amp;Bucket=X64_UNKNOWN_SYSTEM_FAILURE_ON_MACHINE&amp;ID=d3cb74b7-cacc-45f1-b3a1-cd33693c55e1</Data>
<Data>0</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
C:\Windows\Minidump\102312-18205-01.dmp
C:\Users\Marshall&amp;Robin\AppData\Local\Temp\WER-110979-0.sysdata.xml
C:\Users\Marshall&amp;Robin\AppData\Local\Temp\WERFB2F.tmp.WERInternalMetadata.xml</Data>
<Data>C:\Users\Marshall&amp;Robin\AppData\Local\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0820534d</Data>
<Data>X64_UNKNOWN_SYSTEM_FAILURE_ON_MACHINE</Data>
<Data>0</Data>
<Data>102312-18205-01</Data>
<Data>0</Data>
</EventData>
</Event>

*** Mod Edit: Moved topic from Windows 7 to the AII forum. ~ bloopie ***


Edited by bloopie, 23 October 2012 - 08:55 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 AM

Posted 23 October 2012 - 07:50 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 24 October 2012 - 03:17 PM

TDSS Killer Log
16:01:55.0582 1088 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
16:01:57.0584 1088 ============================================================
16:01:57.0584 1088 Current date / time: 2012/10/24 16:01:57.0584
16:01:57.0584 1088 SystemInfo:
16:01:57.0584 1088
16:01:57.0584 1088 OS Version: 6.1.7601 ServicePack: 1.0
16:01:57.0584 1088 Product type: Workstation
16:01:57.0584 1088 ComputerName: RSCAENSD
16:01:57.0584 1088 UserName: Marshall&Robin
16:01:57.0584 1088 Windows directory: C:\Windows
16:01:57.0584 1088 System windows directory: C:\Windows
16:01:57.0584 1088 Running under WOW64
16:01:57.0584 1088 Processor architecture: Intel x64
16:01:57.0584 1088 Number of processors: 8
16:01:57.0584 1088 Page size: 0x1000
16:01:57.0584 1088 Boot type: Safe boot with network
16:01:57.0584 1088 ============================================================
16:01:58.0086 1088 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:01:58.0088 1088 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:02:01.0773 1088 ============================================================
16:02:01.0773 1088 \Device\Harddisk0\DR0:
16:02:01.0773 1088 MBR partitions:
16:02:01.0773 1088 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x15C3000
16:02:01.0773 1088 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15D7000, BlocksNum 0x7312F000
16:02:01.0773 1088 \Device\Harddisk1\DR1:
16:02:01.0775 1088 MBR partitions:
16:02:01.0775 1088 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
16:02:01.0775 1088 ============================================================
16:02:01.0799 1088 C: <-> \Device\Harddisk0\DR0\Partition2
16:02:01.0976 1088 F: <-> \Device\Harddisk1\DR1\Partition1
16:02:01.0976 1088 ============================================================
16:02:01.0976 1088 Initialize success
16:02:01.0976 1088 ============================================================
16:03:02.0936 5128 ============================================================
16:03:02.0936 5128 Scan started
16:03:02.0936 5128 Mode: Manual; TDLFS;
16:03:02.0936 5128 ============================================================
16:03:06.0624 5128 ================ Scan system memory ========================
16:03:06.0624 5128 System memory - ok
16:03:06.0625 5128 ================ Scan services =============================
16:03:06.0781 5128 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:03:06.0782 5128 1394ohci - ok
16:03:06.0818 5128 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:03:06.0821 5128 ACPI - ok
16:03:06.0835 5128 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:03:06.0836 5128 AcpiPmi - ok
16:03:06.0916 5128 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:03:06.0918 5128 AdobeFlashPlayerUpdateSvc - ok
16:03:06.0947 5128 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:03:06.0951 5128 adp94xx - ok
16:03:06.0985 5128 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:03:06.0988 5128 adpahci - ok
16:03:06.0993 5128 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:03:06.0995 5128 adpu320 - ok
16:03:07.0014 5128 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:03:07.0015 5128 AeLookupSvc - ok
16:03:07.0078 5128 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:03:07.0081 5128 AFD - ok
16:03:07.0104 5128 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:03:07.0105 5128 agp440 - ok
16:03:07.0137 5128 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:03:07.0138 5128 ALG - ok
16:03:07.0168 5128 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:03:07.0169 5128 aliide - ok
16:03:07.0197 5128 [ 41A0813F22D3330C0CA71CE5BBD42B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:03:07.0199 5128 AMD External Events Utility - ok
16:03:07.0212 5128 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:03:07.0212 5128 amdide - ok
16:03:07.0226 5128 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:03:07.0227 5128 AmdK8 - ok
16:03:07.0340 5128 [ 37456BE85384E4CC38DC899F07F88C45 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:03:07.0424 5128 amdkmdag - ok
16:03:07.0443 5128 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:03:07.0446 5128 amdkmdap - ok
16:03:07.0462 5128 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:03:07.0463 5128 AmdPPM - ok
16:03:07.0481 5128 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:03:07.0482 5128 amdsata - ok
16:03:07.0497 5128 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:03:07.0499 5128 amdsbs - ok
16:03:07.0514 5128 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:03:07.0515 5128 amdxata - ok
16:03:07.0560 5128 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:03:07.0562 5128 AppID - ok
16:03:07.0601 5128 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:03:07.0602 5128 AppIDSvc - ok
16:03:07.0625 5128 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:03:07.0626 5128 Appinfo - ok
16:03:07.0714 5128 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:03:07.0717 5128 Apple Mobile Device - ok
16:03:07.0733 5128 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:03:07.0735 5128 arc - ok
16:03:07.0738 5128 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:03:07.0739 5128 arcsas - ok
16:03:07.0812 5128 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:03:07.0837 5128 aspnet_state - ok
16:03:07.0859 5128 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:03:07.0860 5128 AsyncMac - ok
16:03:07.0882 5128 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:03:07.0883 5128 atapi - ok
16:03:07.0901 5128 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
16:03:07.0902 5128 AtiHdmiService - ok
16:03:08.0056 5128 [ 37456BE85384E4CC38DC899F07F88C45 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:03:08.0080 5128 atikmdag - ok
16:03:08.0137 5128 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:03:08.0142 5128 AudioEndpointBuilder - ok
16:03:08.0160 5128 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:03:08.0163 5128 AudioSrv - ok
16:03:08.0197 5128 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:03:08.0198 5128 AxInstSV - ok
16:03:08.0216 5128 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:03:08.0220 5128 b06bdrv - ok
16:03:08.0231 5128 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:03:08.0234 5128 b57nd60a - ok
16:03:08.0260 5128 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:03:08.0261 5128 BDESVC - ok
16:03:08.0267 5128 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:03:08.0268 5128 Beep - ok
16:03:08.0317 5128 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:03:08.0323 5128 BFE - ok
16:03:08.0370 5128 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:03:08.0390 5128 BITS - ok
16:03:08.0414 5128 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:03:08.0415 5128 blbdrive - ok
16:03:08.0459 5128 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:03:08.0463 5128 Bonjour Service - ok
16:03:08.0498 5128 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:03:08.0500 5128 bowser - ok
16:03:08.0511 5128 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:03:08.0512 5128 BrFiltLo - ok
16:03:08.0520 5128 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:03:08.0521 5128 BrFiltUp - ok
16:03:08.0559 5128 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:03:08.0560 5128 Browser - ok
16:03:08.0574 5128 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:03:08.0577 5128 Brserid - ok
16:03:08.0587 5128 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:03:08.0588 5128 BrSerWdm - ok
16:03:08.0629 5128 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:03:08.0630 5128 BrUsbMdm - ok
16:03:08.0639 5128 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:03:08.0640 5128 BrUsbSer - ok
16:03:08.0666 5128 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:03:08.0667 5128 BTHMODEM - ok
16:03:08.0675 5128 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:03:08.0677 5128 bthserv - ok
16:03:08.0691 5128 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:03:08.0692 5128 cdfs - ok
16:03:08.0719 5128 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:03:08.0720 5128 cdrom - ok
16:03:08.0749 5128 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:03:08.0750 5128 CertPropSvc - ok
16:03:08.0781 5128 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
16:03:08.0782 5128 cfwids - ok
16:03:08.0824 5128 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:03:08.0825 5128 circlass - ok
16:03:08.0857 5128 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:03:08.0860 5128 CLFS - ok
16:03:08.0900 5128 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:03:08.0902 5128 clr_optimization_v2.0.50727_32 - ok
16:03:08.0919 5128 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:03:08.0921 5128 clr_optimization_v2.0.50727_64 - ok
16:03:08.0973 5128 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:03:09.0061 5128 clr_optimization_v4.0.30319_32 - ok
16:03:09.0081 5128 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:03:09.0113 5128 clr_optimization_v4.0.30319_64 - ok
16:03:09.0127 5128 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:03:09.0128 5128 CmBatt - ok
16:03:09.0137 5128 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:03:09.0138 5128 cmdide - ok
16:03:09.0196 5128 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:03:09.0200 5128 CNG - ok
16:03:09.0230 5128 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:03:09.0231 5128 Compbatt - ok
16:03:09.0262 5128 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:03:09.0263 5128 CompositeBus - ok
16:03:09.0278 5128 COMSysApp - ok
16:03:09.0291 5128 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:03:09.0292 5128 crcdisk - ok
16:03:09.0322 5128 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:03:09.0324 5128 CryptSvc - ok
16:03:09.0371 5128 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:03:09.0377 5128 DcomLaunch - ok
16:03:09.0398 5128 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:03:09.0402 5128 defragsvc - ok
16:03:09.0435 5128 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:03:09.0436 5128 DfsC - ok
16:03:09.0450 5128 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:03:09.0453 5128 Dhcp - ok
16:03:09.0491 5128 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:03:09.0491 5128 discache - ok
16:03:09.0503 5128 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:03:09.0504 5128 Disk - ok
16:03:09.0554 5128 [ E0D525515537E60ABA8F3E29209F02E8 ] dleaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
16:03:09.0559 5128 dleaCATSCustConnectService - ok
16:03:09.0561 5128 dlea_device - ok
16:03:09.0590 5128 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:03:09.0592 5128 Dnscache - ok
16:03:09.0619 5128 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
16:03:09.0621 5128 DockLoginService - ok
16:03:09.0649 5128 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:03:09.0652 5128 dot3svc - ok
16:03:09.0682 5128 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:03:09.0683 5128 DPS - ok
16:03:09.0690 5128 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:03:09.0690 5128 drmkaud - ok
16:03:09.0735 5128 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:03:09.0743 5128 DXGKrnl - ok
16:03:09.0752 5128 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:03:09.0754 5128 EapHost - ok
16:03:09.0804 5128 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:03:09.0854 5128 ebdrv - ok
16:03:09.0872 5128 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:03:09.0873 5128 EFS - ok
16:03:09.0900 5128 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:03:09.0907 5128 ehRecvr - ok
16:03:09.0920 5128 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:03:09.0922 5128 ehSched - ok
16:03:09.0942 5128 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:03:09.0947 5128 elxstor - ok
16:03:09.0963 5128 enodpl - ok
16:03:10.0005 5128 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:03:10.0006 5128 ErrDev - ok
16:03:10.0038 5128 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:03:10.0043 5128 EventSystem - ok
16:03:10.0047 5128 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:03:10.0049 5128 exfat - ok
16:03:10.0089 5128 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:03:10.0091 5128 fastfat - ok
16:03:10.0108 5128 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:03:10.0114 5128 Fax - ok
16:03:10.0126 5128 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:03:10.0127 5128 fdc - ok
16:03:10.0138 5128 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:03:10.0139 5128 fdPHost - ok
16:03:10.0161 5128 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:03:10.0162 5128 FDResPub - ok
16:03:10.0168 5128 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:03:10.0169 5128 FileInfo - ok
16:03:10.0172 5128 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:03:10.0172 5128 Filetrace - ok
16:03:10.0209 5128 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:03:10.0220 5128 FLEXnet Licensing Service - ok
16:03:10.0234 5128 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:03:10.0235 5128 flpydisk - ok
16:03:10.0254 5128 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:03:10.0257 5128 FltMgr - ok
16:03:10.0319 5128 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:03:10.0337 5128 FontCache - ok
16:03:10.0373 5128 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:03:10.0375 5128 FontCache3.0.0.0 - ok
16:03:10.0385 5128 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:03:10.0386 5128 FsDepends - ok
16:03:10.0430 5128 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:03:10.0431 5128 Fs_Rec - ok
16:03:10.0445 5128 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:03:10.0448 5128 fvevol - ok
16:03:10.0477 5128 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:03:10.0478 5128 gagp30kx - ok
16:03:10.0503 5128 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:03:10.0504 5128 GEARAspiWDM - ok
16:03:10.0559 5128 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:03:10.0578 5128 GoToAssist - ok
16:03:10.0599 5128 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:03:10.0606 5128 gpsvc - ok
16:03:10.0658 5128 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:03:10.0661 5128 gupdate - ok
16:03:10.0664 5128 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:03:10.0665 5128 gupdatem - ok
16:03:10.0706 5128 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:03:10.0709 5128 gusvc - ok
16:03:10.0722 5128 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:03:10.0723 5128 hcw85cir - ok
16:03:10.0752 5128 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:03:10.0753 5128 HDAudBus - ok
16:03:10.0767 5128 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:03:10.0768 5128 HECIx64 - ok
16:03:10.0789 5128 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:03:10.0790 5128 HidBatt - ok
16:03:10.0804 5128 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:03:10.0805 5128 HidBth - ok
16:03:10.0818 5128 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:03:10.0819 5128 HidIr - ok
16:03:10.0836 5128 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:03:10.0837 5128 hidserv - ok
16:03:10.0860 5128 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:03:10.0861 5128 HidUsb - ok
16:03:10.0888 5128 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:03:10.0890 5128 hkmsvc - ok
16:03:10.0914 5128 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:03:10.0916 5128 HomeGroupListener - ok
16:03:10.0946 5128 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:03:10.0948 5128 HomeGroupProvider - ok
16:03:10.0978 5128 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:03:10.0979 5128 HpSAMD - ok
16:03:11.0011 5128 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:03:11.0017 5128 HTTP - ok
16:03:11.0049 5128 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:03:11.0050 5128 hwpolicy - ok
16:03:11.0070 5128 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:03:11.0072 5128 i8042prt - ok
16:03:11.0098 5128 [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:03:11.0101 5128 iaStor - ok
16:03:11.0132 5128 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:03:11.0133 5128 IAStorDataMgrSvc - ok
16:03:11.0166 5128 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:03:11.0169 5128 iaStorV - ok
16:03:11.0202 5128 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:03:11.0210 5128 idsvc - ok
16:03:11.0223 5128 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:03:11.0224 5128 iirsp - ok
16:03:11.0242 5128 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:03:11.0249 5128 IKEEXT - ok
16:03:11.0293 5128 [ EE64207F2F5C20BFE5F73DB2566C4601 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:03:11.0327 5128 IntcAzAudAddService - ok
16:03:11.0342 5128 [ 49072EDBC5C2F964917D1B585C90ED0A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:03:11.0344 5128 IntcDAud - ok
16:03:11.0355 5128 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:03:11.0356 5128 intelide - ok
16:03:11.0366 5128 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:03:11.0367 5128 intelppm - ok
16:03:11.0378 5128 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:03:11.0380 5128 IPBusEnum - ok
16:03:11.0405 5128 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:03:11.0406 5128 IpFilterDriver - ok
16:03:11.0426 5128 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:03:11.0431 5128 iphlpsvc - ok
16:03:11.0438 5128 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:03:11.0440 5128 IPMIDRV - ok
16:03:11.0452 5128 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:03:11.0454 5128 IPNAT - ok
16:03:11.0496 5128 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:03:11.0506 5128 iPod Service - ok
16:03:11.0515 5128 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:03:11.0517 5128 IRENUM - ok
16:03:11.0529 5128 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:03:11.0530 5128 isapnp - ok
16:03:11.0539 5128 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:03:11.0541 5128 iScsiPrt - ok
16:03:11.0556 5128 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:03:11.0559 5128 k57nd60a - ok
16:03:11.0565 5128 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:03:11.0566 5128 kbdclass - ok
16:03:11.0573 5128 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:03:11.0574 5128 kbdhid - ok
16:03:11.0595 5128 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:03:11.0595 5128 KeyIso - ok
16:03:11.0625 5128 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:03:11.0627 5128 KSecDD - ok
16:03:11.0692 5128 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:03:11.0694 5128 KSecPkg - ok
16:03:11.0714 5128 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:03:11.0715 5128 ksthunk - ok
16:03:11.0740 5128 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:03:11.0744 5128 KtmRm - ok
16:03:11.0758 5128 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:03:11.0761 5128 LanmanServer - ok
16:03:11.0791 5128 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:03:11.0793 5128 LanmanWorkstation - ok
16:03:11.0882 5128 [ 4ADC135F525D38A498F83B089228CC2D ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:03:11.0886 5128 LBTServ - ok
16:03:11.0906 5128 [ 24E09882BA51B9830AE029888A3AAF18 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:03:11.0907 5128 LHidFilt - ok
16:03:11.0939 5128 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:03:11.0940 5128 lltdio - ok
16:03:11.0953 5128 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:03:11.0957 5128 lltdsvc - ok
16:03:11.0975 5128 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:03:11.0976 5128 lmhosts - ok
16:03:11.0983 5128 [ 2F94325D8C10E2B715F3D753C2422AAC ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:03:11.0985 5128 LMouFilt - ok
16:03:12.0000 5128 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:03:12.0002 5128 LSI_FC - ok
16:03:12.0043 5128 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:03:12.0045 5128 LSI_SAS - ok
16:03:12.0055 5128 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:03:12.0056 5128 LSI_SAS2 - ok
16:03:12.0074 5128 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:03:12.0076 5128 LSI_SCSI - ok
16:03:12.0104 5128 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:03:12.0105 5128 luafv - ok
16:03:12.0132 5128 [ B8BE35421B9E8DC1AB4B0CB7B9B0328B ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
16:03:12.0133 5128 LUsbFilt - ok
16:03:12.0195 5128 [ 944B3087B142CD9BF8DA6B3039FBFBA5 ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
16:03:12.0199 5128 McciCMService - ok
16:03:12.0269 5128 [ FBD57A7C443C85CC6C6169493A020FDF ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
16:03:12.0273 5128 McciCMService64 - ok
16:03:12.0341 5128 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:03:12.0342 5128 McMPFSvc - ok
16:03:12.0346 5128 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:03:12.0348 5128 mcmscsvc - ok
16:03:12.0360 5128 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:03:12.0361 5128 McNaiAnn - ok
16:03:12.0365 5128 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:03:12.0366 5128 McNASvc - ok
16:03:12.0435 5128 [ 44D0DA102FA7A1BE22FD7499E80DCF9B ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
16:03:12.0440 5128 McODS - ok
16:03:12.0444 5128 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:03:12.0445 5128 McOobeSv - ok
16:03:12.0470 5128 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:03:12.0471 5128 McProxy - ok
16:03:12.0506 5128 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:03:12.0508 5128 McShield - ok
16:03:12.0545 5128 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:03:12.0547 5128 Mcx2Svc - ok
16:03:12.0556 5128 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:03:12.0557 5128 megasas - ok
16:03:12.0575 5128 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:03:12.0578 5128 MegaSR - ok
16:03:12.0599 5128 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
16:03:12.0601 5128 mfeapfk - ok
16:03:12.0623 5128 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
16:03:12.0625 5128 mfeavfk - ok
16:03:12.0634 5128 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:03:12.0635 5128 mfefire - ok
16:03:12.0677 5128 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
16:03:12.0681 5128 mfefirek - ok
16:03:12.0704 5128 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
16:03:12.0710 5128 mfehidk - ok
16:03:12.0717 5128 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
16:03:12.0719 5128 mfenlfk - ok
16:03:12.0734 5128 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
16:03:12.0736 5128 mferkdet - ok
16:03:12.0769 5128 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
16:03:12.0770 5128 mfevtp - ok
16:03:12.0779 5128 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
16:03:12.0781 5128 mfewfpk - ok
16:03:12.0846 5128 Microsoft SharePoint Workspace Audit Service - ok
16:03:12.0865 5128 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:03:12.0869 5128 MMCSS - ok
16:03:12.0887 5128 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:03:12.0888 5128 Modem - ok
16:03:12.0903 5128 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:03:12.0904 5128 monitor - ok
16:03:12.0913 5128 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
16:03:12.0915 5128 mouclass - ok
16:03:12.0921 5128 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:03:12.0922 5128 mouhid - ok
16:03:12.0952 5128 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:03:12.0954 5128 mountmgr - ok
16:03:12.0986 5128 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:03:12.0988 5128 mpio - ok
16:03:13.0024 5128 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:03:13.0025 5128 mpsdrv - ok
16:03:13.0069 5128 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:03:13.0078 5128 MpsSvc - ok
16:03:13.0111 5128 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
16:03:13.0111 5128 MREMP50 - ok
16:03:13.0113 5128 MREMP50a64 - ok
16:03:13.0115 5128 MREMPR5 - ok
16:03:13.0118 5128 MRENDIS5 - ok
16:03:13.0125 5128 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
16:03:13.0125 5128 MRESP50 - ok
16:03:13.0127 5128 MRESP50a64 - ok
16:03:13.0154 5128 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:03:13.0155 5128 MRxDAV - ok
16:03:13.0189 5128 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:03:13.0191 5128 mrxsmb - ok
16:03:13.0222 5128 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:03:13.0224 5128 mrxsmb10 - ok
16:03:13.0231 5128 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:03:13.0233 5128 mrxsmb20 - ok
16:03:13.0244 5128 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:03:13.0246 5128 msahci - ok
16:03:13.0262 5128 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:03:13.0263 5128 msdsm - ok
16:03:13.0286 5128 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:03:13.0289 5128 MSDTC - ok
16:03:13.0309 5128 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:03:13.0310 5128 Msfs - ok
16:03:13.0317 5128 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:03:13.0318 5128 mshidkmdf - ok
16:03:13.0337 5128 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:03:13.0338 5128 msisadrv - ok
16:03:13.0354 5128 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:03:13.0356 5128 MSiSCSI - ok
16:03:13.0358 5128 msiserver - ok
16:03:13.0364 5128 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:03:13.0365 5128 MSKSSRV - ok
16:03:13.0370 5128 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:03:13.0371 5128 MSPCLOCK - ok
16:03:13.0378 5128 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:03:13.0378 5128 MSPQM - ok
16:03:13.0455 5128 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:03:13.0459 5128 MsRPC - ok
16:03:13.0470 5128 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:03:13.0471 5128 mssmbios - ok
16:03:13.0485 5128 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:03:13.0486 5128 MSTEE - ok
16:03:13.0497 5128 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:03:13.0498 5128 MTConfig - ok
16:03:13.0511 5128 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:03:13.0513 5128 Mup - ok
16:03:13.0529 5128 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:03:13.0533 5128 napagent - ok
16:03:13.0551 5128 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:03:13.0554 5128 NativeWifiP - ok
16:03:13.0594 5128 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:03:13.0601 5128 NDIS - ok
16:03:13.0610 5128 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:03:13.0612 5128 NdisCap - ok
16:03:13.0624 5128 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:03:13.0625 5128 NdisTapi - ok
16:03:13.0650 5128 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:03:13.0651 5128 Ndisuio - ok
16:03:13.0682 5128 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:03:13.0683 5128 NdisWan - ok
16:03:13.0712 5128 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:03:13.0714 5128 NDProxy - ok
16:03:13.0721 5128 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:03:13.0723 5128 NetBIOS - ok
16:03:13.0733 5128 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:03:13.0735 5128 NetBT - ok
16:03:13.0742 5128 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:03:13.0743 5128 Netlogon - ok
16:03:13.0756 5128 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:03:13.0760 5128 Netman - ok
16:03:13.0806 5128 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:13.0865 5128 NetMsmqActivator - ok
16:03:13.0868 5128 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:13.0868 5128 NetPipeActivator - ok
16:03:13.0890 5128 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:03:13.0894 5128 netprofm - ok
16:03:13.0897 5128 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:13.0898 5128 NetTcpActivator - ok
16:03:13.0900 5128 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:13.0901 5128 NetTcpPortSharing - ok
16:03:13.0917 5128 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:03:13.0918 5128 nfrd960 - ok
16:03:13.0935 5128 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:03:13.0938 5128 NlaSvc - ok
16:03:13.0951 5128 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:03:13.0952 5128 Npfs - ok
16:03:13.0980 5128 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:03:13.0981 5128 nsi - ok
16:03:14.0020 5128 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:03:14.0021 5128 nsiproxy - ok
16:03:14.0065 5128 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:03:14.0090 5128 Ntfs - ok
16:03:14.0106 5128 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:03:14.0107 5128 Null - ok
16:03:14.0130 5128 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:03:14.0131 5128 nvraid - ok
16:03:14.0156 5128 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:03:14.0158 5128 nvstor - ok
16:03:14.0171 5128 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:03:14.0173 5128 nv_agp - ok
16:03:14.0199 5128 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:03:14.0201 5128 ohci1394 - ok
16:03:14.0240 5128 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:03:14.0242 5128 ose - ok
16:03:14.0362 5128 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:03:14.0438 5128 osppsvc - ok
16:03:14.0464 5128 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:03:14.0467 5128 p2pimsvc - ok
16:03:14.0483 5128 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:03:14.0487 5128 p2psvc - ok
16:03:14.0500 5128 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:03:14.0502 5128 Parport - ok
16:03:14.0555 5128 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:03:14.0557 5128 partmgr - ok
16:03:14.0568 5128 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:03:14.0571 5128 PcaSvc - ok
16:03:14.0590 5128 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:03:14.0591 5128 pci - ok
16:03:14.0604 5128 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:03:14.0605 5128 pciide - ok
16:03:14.0622 5128 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:03:14.0624 5128 pcmcia - ok
16:03:14.0638 5128 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:03:14.0639 5128 pcw - ok
16:03:14.0660 5128 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:03:14.0666 5128 PEAUTH - ok
16:03:14.0709 5128 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:03:14.0736 5128 PerfHost - ok
16:03:14.0788 5128 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:03:14.0813 5128 pla - ok
16:03:14.0846 5128 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:03:14.0850 5128 PlugPlay - ok
16:03:14.0857 5128 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:03:14.0859 5128 PNRPAutoReg - ok
16:03:14.0864 5128 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:03:14.0865 5128 PNRPsvc - ok
16:03:14.0882 5128 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:03:14.0886 5128 PolicyAgent - ok
16:03:14.0903 5128 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:03:14.0906 5128 Power - ok
16:03:14.0947 5128 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:03:14.0949 5128 PptpMiniport - ok
16:03:14.0967 5128 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:03:14.0968 5128 Processor - ok
16:03:15.0033 5128 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:03:15.0036 5128 ProfSvc - ok
16:03:15.0041 5128 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:03:15.0042 5128 ProtectedStorage - ok
16:03:15.0071 5128 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:03:15.0072 5128 Psched - ok
16:03:15.0131 5128 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:03:15.0133 5128 PxHlpa64 - ok
16:03:15.0184 5128 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:03:15.0210 5128 ql2300 - ok
16:03:15.0225 5128 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:03:15.0227 5128 ql40xx - ok
16:03:15.0243 5128 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:03:15.0246 5128 QWAVE - ok
16:03:15.0258 5128 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:03:15.0260 5128 QWAVEdrv - ok
16:03:15.0308 5128 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
16:03:15.0312 5128 RapiMgr - ok
16:03:15.0335 5128 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:03:15.0336 5128 RasAcd - ok
16:03:15.0353 5128 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:03:15.0355 5128 RasAgileVpn - ok
16:03:15.0367 5128 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:03:15.0370 5128 RasAuto - ok
16:03:15.0373 5128 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:03:15.0375 5128 Rasl2tp - ok
16:03:15.0431 5128 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:03:15.0435 5128 RasMan - ok
16:03:15.0441 5128 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:03:15.0442 5128 RasPppoe - ok
16:03:15.0467 5128 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:03:15.0468 5128 RasSstp - ok
16:03:15.0484 5128 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:03:15.0487 5128 rdbss - ok
16:03:15.0505 5128 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:03:15.0509 5128 rdpbus - ok
16:03:15.0534 5128 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:03:15.0535 5128 RDPCDD - ok
16:03:15.0541 5128 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:03:15.0541 5128 RDPENCDD - ok
16:03:15.0550 5128 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:03:15.0550 5128 RDPREFMP - ok
16:03:15.0583 5128 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:03:15.0585 5128 RDPWD - ok
16:03:15.0612 5128 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:03:15.0614 5128 rdyboost - ok
16:03:15.0634 5128 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:03:15.0636 5128 RemoteAccess - ok
16:03:15.0653 5128 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:03:15.0655 5128 RemoteRegistry - ok
16:03:15.0740 5128 [ 05FC44D32A144925EAE45570029FD6E1 ] RoxMediaDB10 c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
16:03:15.0765 5128 RoxMediaDB10 - ok
16:03:15.0778 5128 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:03:15.0781 5128 RpcEptMapper - ok
16:03:15.0797 5128 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:03:15.0798 5128 RpcLocator - ok
16:03:15.0831 5128 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:03:15.0834 5128 RpcSs - ok
16:03:15.0860 5128 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:03:15.0862 5128 rspndr - ok
16:03:15.0864 5128 RxFilter - ok
16:03:15.0874 5128 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:03:15.0874 5128 SamSs - ok
16:03:15.0901 5128 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:03:15.0903 5128 sbp2port - ok
16:03:15.0944 5128 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:03:15.0946 5128 SCardSvr - ok
16:03:15.0980 5128 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:03:15.0981 5128 scfilter - ok
16:03:16.0016 5128 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:03:16.0033 5128 Schedule - ok
16:03:16.0066 5128 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:03:16.0067 5128 SCPolicySvc - ok
16:03:16.0086 5128 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:03:16.0088 5128 SDRSVC - ok
16:03:16.0100 5128 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:03:16.0101 5128 secdrv - ok
16:03:16.0120 5128 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:03:16.0123 5128 seclogon - ok
16:03:16.0147 5128 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:03:16.0149 5128 SENS - ok
16:03:16.0192 5128 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:03:16.0195 5128 SensrSvc - ok
16:03:16.0215 5128 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:03:16.0216 5128 Serenum - ok
16:03:16.0226 5128 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:03:16.0228 5128 Serial - ok
16:03:16.0255 5128 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:03:16.0257 5128 sermouse - ok
16:03:16.0296 5128 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:03:16.0299 5128 SessionEnv - ok
16:03:16.0316 5128 SessionLauncher - ok
16:03:16.0340 5128 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:03:16.0342 5128 sffdisk - ok
16:03:16.0352 5128 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:03:16.0354 5128 sffp_mmc - ok
16:03:16.0364 5128 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:03:16.0366 5128 sffp_sd - ok
16:03:16.0377 5128 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:03:16.0379 5128 sfloppy - ok
16:03:16.0436 5128 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:03:16.0462 5128 SftService - ok
16:03:16.0543 5128 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:03:16.0546 5128 SharedAccess - ok
16:03:16.0557 5128 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:03:16.0561 5128 ShellHWDetection - ok
16:03:16.0603 5128 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:03:16.0605 5128 SiSRaid2 - ok
16:03:16.0621 5128 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:03:16.0622 5128 SiSRaid4 - ok
16:03:16.0650 5128 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:03:16.0652 5128 Smb - ok
16:03:16.0669 5128 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:03:16.0672 5128 SNMPTRAP - ok
16:03:16.0677 5128 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:03:16.0679 5128 spldr - ok
16:03:16.0742 5128 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:03:16.0748 5128 Spooler - ok
16:03:16.0840 5128 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:03:16.0899 5128 sppsvc - ok
16:03:16.0913 5128 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:03:16.0915 5128 sppuinotify - ok
16:03:16.0961 5128 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
16:03:16.0965 5128 sprtsvc_DellSupportCenter - ok
16:03:17.0003 5128 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:03:17.0007 5128 srv - ok
16:03:17.0029 5128 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:03:17.0033 5128 srv2 - ok
16:03:17.0043 5128 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:03:17.0044 5128 srvnet - ok
16:03:17.0058 5128 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:03:17.0061 5128 SSDPSRV - ok
16:03:17.0085 5128 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:03:17.0088 5128 SstpSvc - ok
16:03:17.0097 5128 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:03:17.0099 5128 stexstor - ok
16:03:17.0126 5128 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:03:17.0143 5128 stisvc - ok
16:03:17.0183 5128 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:03:17.0185 5128 stllssvr - ok
16:03:17.0216 5128 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:03:17.0217 5128 swenum - ok
16:03:17.0240 5128 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:03:17.0245 5128 swprv - ok
16:03:17.0319 5128 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:03:17.0345 5128 SysMain - ok
16:03:17.0358 5128 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:03:17.0361 5128 TabletInputService - ok
16:03:17.0374 5128 tandpl - ok
16:03:17.0415 5128 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:03:17.0419 5128 TapiSrv - ok
16:03:17.0432 5128 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:03:17.0435 5128 TBS - ok
16:03:17.0512 5128 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:03:17.0543 5128 Tcpip - ok
16:03:17.0575 5128 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:03:17.0583 5128 TCPIP6 - ok
16:03:17.0619 5128 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:03:17.0620 5128 tcpipreg - ok
16:03:17.0656 5128 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:03:17.0658 5128 TDPIPE - ok
16:03:17.0682 5128 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:03:17.0684 5128 TDTCP - ok
16:03:17.0718 5128 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:03:17.0720 5128 tdx - ok
16:03:17.0764 5128 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:03:17.0766 5128 TermDD - ok
16:03:17.0780 5128 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:03:17.0786 5128 TermService - ok
16:03:17.0798 5128 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:03:17.0801 5128 Themes - ok
16:03:17.0818 5128 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:03:17.0819 5128 THREADORDER - ok
16:03:17.0920 5128 [ 783D17247D34370212B26097FBFBAD80 ] TracSrvWrapper C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
16:03:17.0971 5128 TracSrvWrapper - ok
16:03:17.0985 5128 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:03:17.0988 5128 TrkWks - ok
16:03:18.0012 5128 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:03:18.0014 5128 TrustedInstaller - ok
16:03:18.0040 5128 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:03:18.0042 5128 tssecsrv - ok
16:03:18.0052 5128 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:03:18.0055 5128 TsUsbFlt - ok
16:03:18.0080 5128 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:03:18.0082 5128 tunnel - ok
16:03:18.0091 5128 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:03:18.0092 5128 uagp35 - ok
16:03:18.0144 5128 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:03:18.0168 5128 udfs - ok
16:03:18.0176 5128 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:03:18.0178 5128 UI0Detect - ok
16:03:18.0190 5128 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:03:18.0192 5128 uliagpkx - ok
16:03:18.0235 5128 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:03:18.0237 5128 umbus - ok
16:03:18.0248 5128 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:03:18.0249 5128 UmPass - ok
16:03:18.0274 5128 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:03:18.0278 5128 upnphost - ok
16:03:18.0288 5128 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:03:18.0289 5128 USBAAPL64 - ok
16:03:18.0334 5128 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:03:18.0336 5128 usbccgp - ok
16:03:18.0369 5128 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:03:18.0371 5128 usbcir - ok
16:03:18.0421 5128 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:03:18.0423 5128 usbehci - ok
16:03:18.0471 5128 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:03:18.0474 5128 usbhub - ok
16:03:18.0488 5128 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:03:18.0490 5128 usbohci - ok
16:03:18.0499 5128 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:03:18.0500 5128 usbprint - ok
16:03:18.0534 5128 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:03:18.0535 5128 usbscan - ok
16:03:18.0545 5128 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:03:18.0547 5128 USBSTOR - ok
16:03:18.0554 5128 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:03:18.0555 5128 usbuhci - ok
16:03:18.0563 5128 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:03:18.0566 5128 UxSms - ok
16:03:18.0579 5128 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:03:18.0580 5128 VaultSvc - ok
16:03:18.0591 5128 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:03:18.0592 5128 vdrvroot - ok
16:03:18.0609 5128 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:03:18.0615 5128 vds - ok
16:03:18.0625 5128 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:03:18.0625 5128 vga - ok
16:03:18.0632 5128 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:03:18.0633 5128 VgaSave - ok
16:03:18.0646 5128 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:03:18.0648 5128 vhdmp - ok
16:03:18.0650 5128 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:03:18.0651 5128 viaide - ok
16:03:18.0686 5128 [ A96AFA32F73C065B9AE9D1554CDD00FC ] vna_ap C:\Windows\system32\DRIVERS\vnaap.sys
16:03:18.0688 5128 vna_ap - ok
16:03:18.0708 5128 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:03:18.0710 5128 volmgr - ok
16:03:18.0728 5128 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:03:18.0731 5128 volmgrx - ok
16:03:18.0747 5128 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:03:18.0750 5128 volsnap - ok
16:03:18.0769 5128 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:03:18.0771 5128 vsmraid - ok
16:03:18.0823 5128 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:03:18.0849 5128 VSS - ok
16:03:18.0860 5128 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:03:18.0861 5128 vwifibus - ok
16:03:18.0874 5128 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:03:18.0878 5128 W32Time - ok
16:03:18.0895 5128 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:03:18.0896 5128 WacomPen - ok
16:03:18.0906 5128 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:03:18.0908 5128 WANARP - ok
16:03:18.0917 5128 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:03:18.0918 5128 Wanarpv6 - ok
16:03:18.0967 5128 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:03:18.0992 5128 WatAdminSvc - ok
16:03:19.0044 5128 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:03:19.0070 5128 wbengine - ok
16:03:19.0085 5128 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:03:19.0088 5128 WbioSrvc - ok
16:03:19.0100 5128 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
16:03:19.0104 5128 WcesComm - ok
16:03:19.0117 5128 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:03:19.0121 5128 wcncsvc - ok
16:03:19.0146 5128 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:03:19.0148 5128 WcsPlugInService - ok
16:03:19.0151 5128 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:03:19.0152 5128 Wd - ok
16:03:19.0191 5128 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:03:19.0208 5128 Wdf01000 - ok
16:03:19.0211 5128 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:03:19.0213 5128 WdiServiceHost - ok
16:03:19.0215 5128 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:03:19.0217 5128 WdiSystemHost - ok
16:03:19.0244 5128 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:03:19.0247 5128 WebClient - ok
16:03:19.0270 5128 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:03:19.0273 5128 Wecsvc - ok
16:03:19.0284 5128 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:03:19.0287 5128 wercplsupport - ok
16:03:19.0293 5128 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:03:19.0296 5128 WerSvc - ok
16:03:19.0302 5128 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:03:19.0304 5128 WfpLwf - ok
16:03:19.0323 5128 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
16:03:19.0325 5128 WimFltr - ok
16:03:19.0335 5128 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:03:19.0336 5128 WIMMount - ok
16:03:19.0348 5128 WinDefend - ok
16:03:19.0351 5128 WinHttpAutoProxySvc - ok
16:03:19.0380 5128 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:03:19.0383 5128 Winmgmt - ok
16:03:19.0442 5128 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:03:19.0476 5128 WinRM - ok
16:03:19.0509 5128 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\drivers\WinUSB.SYS
16:03:19.0510 5128 WinUsb - ok
16:03:19.0537 5128 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:03:19.0545 5128 Wlansvc - ok
16:03:19.0672 5128 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:03:19.0723 5128 wlidsvc - ok
16:03:19.0729 5128 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:03:19.0730 5128 WmiAcpi - ok
16:03:19.0741 5128 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:03:19.0743 5128 wmiApSrv - ok
16:03:19.0752 5128 WMPNetworkSvc - ok
16:03:19.0780 5128 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:03:19.0788 5128 WPCSvc - ok
16:03:19.0829 5128 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:03:19.0832 5128 WPDBusEnum - ok
16:03:19.0841 5128 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:03:19.0843 5128 ws2ifsl - ok
16:03:19.0851 5128 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:03:19.0854 5128 wscsvc - ok
16:03:19.0855 5128 WSearch - ok
16:03:19.0918 5128 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:03:19.0969 5128 wuauserv - ok
16:03:19.0980 5128 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:03:19.0982 5128 WudfPf - ok
16:03:20.0014 5128 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:03:20.0016 5128 WUDFRd - ok
16:03:20.0044 5128 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:03:20.0047 5128 wudfsvc - ok
16:03:20.0060 5128 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:03:20.0063 5128 WwanSvc - ok
16:03:20.0072 5128 ================ Scan global ===============================
16:03:20.0096 5128 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:03:20.0130 5128 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:03:20.0136 5128 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:03:20.0158 5128 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:03:20.0170 5128 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:03:20.0172 5128 [Global] - ok
16:03:20.0183 5128 ================ Scan MBR ==================================
16:03:20.0188 5128 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
16:03:20.0189 5128 Suspicious mbr (Forged): \Device\Harddisk0\DR0
16:03:20.0239 5128 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
16:03:20.0239 5128 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
16:03:20.0355 5128 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:03:20.0355 5128 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:03:20.0366 5128 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:03:20.0517 5128 \Device\Harddisk1\DR1 - ok
16:03:20.0517 5128 ================ Scan VBR ==================================
16:03:20.0519 5128 [ 8E65A0CA1EF55EB76510CCCF1BE8ACF0 ] \Device\Harddisk0\DR0\Partition1
16:03:20.0521 5128 \Device\Harddisk0\DR0\Partition1 - ok
16:03:20.0540 5128 [ FDCEA2D05E62597881D8C5F0AEDDDA1F ] \Device\Harddisk0\DR0\Partition2
16:03:20.0542 5128 \Device\Harddisk0\DR0\Partition2 - ok
16:03:20.0544 5128 [ EBDDFD153FEB713BFEC939CA579F8CA0 ] \Device\Harddisk1\DR1\Partition1
16:03:20.0547 5128 \Device\Harddisk1\DR1\Partition1 - ok
16:03:20.0547 5128 ============================================================
16:03:20.0547 5128 Scan finished
16:03:20.0547 5128 ============================================================
16:03:20.0552 2416 Detected object count: 2
16:03:20.0552 2416 Actual detected object count: 2
16:05:02.0260 2416 \Device\Harddisk0\DR0\# - copied to quarantine
16:05:02.0262 2416 \Device\Harddisk0\DR0 - copied to quarantine
16:05:02.0297 2416 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
16:05:02.0298 2416 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
16:05:02.0309 2416 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:05:02.0316 2416 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:05:02.0316 2416 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
16:05:02.0317 2416 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
16:05:02.0318 2416 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
16:05:02.0320 2416 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:05:02.0321 2416 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:05:02.0322 2416 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
16:05:02.0323 2416 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
16:05:02.0323 2416 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
16:05:02.0333 2416 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:05:02.0333 2416 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Quarantine
16:05:02.0344 2416 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
16:05:02.0346 2416 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
16:05:02.0356 2416 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:05:02.0363 2416 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:05:02.0364 2416 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
16:05:02.0364 2416 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
16:05:02.0366 2416 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
16:05:02.0367 2416 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:05:02.0369 2416 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:05:02.0370 2416 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
16:05:02.0371 2416 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
16:05:02.0371 2416 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
16:05:02.0381 2416 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:05:02.0381 2416 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

#4 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 24 October 2012 - 06:59 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-24 16:19:34
-----------------------------
16:19:34.244 OS Version: Windows x64 6.1.7601 Service Pack 1
16:19:34.244 Number of processors: 8 586 0x1E05
16:19:34.244 ComputerName: RSCAENSD UserName:
16:19:38.469 Initialize success
16:22:07.651 AVAST engine defs: 12102400
16:22:53.801 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:22:53.801 Disk 0 Vendor: ST310005 CC46 Size: 953869MB BusType: 8
16:22:53.801 Device \Driver\iaStor -> MajorFunction fffffa80095c25e8
16:22:53.801 Disk 0 MBR read successfully
16:22:53.801 Disk 0 MBR scan
16:22:53.811 Disk 0 Windows VISTA default MBR code
16:22:53.811 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:22:53.831 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11142 MB offset 81920
16:22:53.851 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 942686 MB offset 22900736
16:22:53.871 Disk 0 scanning C:\Windows\system32\drivers
16:23:02.291 Service scanning
16:23:19.354 Modules scanning
16:23:19.354 Disk 0 trace - called modules:
16:23:19.354 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80095c25e8]<<
16:23:19.354 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e28060]
16:23:19.369 3 CLASSPNP.SYS[fffff880013a643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007ade050]
16:23:19.369 \Driver\iaStor[0xfffffa80094a8420] -> IRP_MJ_CREATE -> 0xfffffa80095c25e8
16:23:22.440 AVAST engine scan C:\Windows
16:23:24.936 AVAST engine scan C:\Windows\system32
16:26:04.184 AVAST engine scan C:\Windows\system32\drivers
16:26:15.104 AVAST engine scan C:\Users\Marshall&Robin
16:33:48.768 Disk 0 MBR has been saved successfully to "C:\Users\Marshall&Robin\Documents\My Play Stuff\Computer Items\MBR.dat"
16:33:48.768 The log file has been saved successfully to "C:\Users\Marshall&Robin\Documents\My Play Stuff\Computer Items\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-24 16:19:34
-----------------------------
16:19:34.244 OS Version: Windows x64 6.1.7601 Service Pack 1
16:19:34.244 Number of processors: 8 586 0x1E05
16:19:34.244 ComputerName: RSCAENSD UserName:
16:19:38.469 Initialize success
16:22:07.651 AVAST engine defs: 12102400
16:22:53.801 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:22:53.801 Disk 0 Vendor: ST310005 CC46 Size: 953869MB BusType: 8
16:22:53.801 Device \Driver\iaStor -> MajorFunction fffffa80095c25e8
16:22:53.801 Disk 0 MBR read successfully
16:22:53.801 Disk 0 MBR scan
16:22:53.811 Disk 0 Windows VISTA default MBR code
16:22:53.811 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:22:53.831 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11142 MB offset 81920
16:22:53.851 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 942686 MB offset 22900736
16:22:53.871 Disk 0 scanning C:\Windows\system32\drivers
16:23:02.291 Service scanning
16:23:19.354 Modules scanning
16:23:19.354 Disk 0 trace - called modules:
16:23:19.354 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80095c25e8]<<
16:23:19.354 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e28060]
16:23:19.369 3 CLASSPNP.SYS[fffff880013a643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007ade050]
16:23:19.369 \Driver\iaStor[0xfffffa80094a8420] -> IRP_MJ_CREATE -> 0xfffffa80095c25e8
16:23:22.440 AVAST engine scan C:\Windows
16:23:24.936 AVAST engine scan C:\Windows\system32
16:26:04.184 AVAST engine scan C:\Windows\system32\drivers
16:26:15.104 AVAST engine scan C:\Users\Marshall&Robin
16:33:48.768 Disk 0 MBR has been saved successfully to "C:\Users\Marshall&Robin\Documents\My Play Stuff\Computer Items\MBR.dat"
16:33:48.768 The log file has been saved successfully to "C:\Users\Marshall&Robin\Documents\My Play Stuff\Computer Items\aswMBR.txt"
16:58:08.074 AVAST engine scan C:\ProgramData
17:07:41.975 File: C:\ProgramData\Microsoft\Windows\DRM\9161.tmp **INFECTED** Win32:Malware-gen
17:08:00.527 File: C:\ProgramData\ogyetqjb.exe **HIDDEN**
17:08:00.621 Scan finished successfully
17:08:26.485 Disk 0 MBR has been saved successfully to "C:\Users\Marshall&Robin\Documents\My Play Stuff\Computer Items\MBR.dat"
17:08:26.485 The log file has been saved successfully to "C:\Users\Marshall&Robin\Documents\My Play Stuff\Computer Items\aswMBR.txt"

ESET log
C:\ProgramData\Microsoft\Windows\DRM\9150.tmp Win64/Olmarik.AO trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\9161.tmp Win64/Olmarik.AO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\mbr0000\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.OX trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\mbr0000\tdlfs0000\tsk0012.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.OX trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.10.2012_16.01.57\tdlfs0000\tsk0012.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\Users\Marshall&Robin\AppData\Local\Google\Chrome\User Data\Default\Default\aadagegddedidedcdcdcdfdbdedbdidj\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Marshall&Robin\AppData\Local\Google\Chrome\User Data\Default\Default\aadagegddedidedcdcdcdfdbdedbdidj\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined

Wow looks like trojan city! Thanks so much for the help!

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 AM

Posted 24 October 2012 - 07:13 PM

Run TDSSkiller again and post the new log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#6 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 25 October 2012 - 04:01 PM

16:59:26.0566 9468 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
16:59:27.0058 9468 ============================================================
16:59:27.0058 9468 Current date / time: 2012/10/25 16:59:27.0058
16:59:27.0058 9468 SystemInfo:
16:59:27.0058 9468
16:59:27.0058 9468 OS Version: 6.1.7601 ServicePack: 1.0
16:59:27.0058 9468 Product type: Workstation
16:59:27.0058 9468 ComputerName: RSCAENSD
16:59:27.0058 9468 UserName: Marshall&Robin
16:59:27.0059 9468 Windows directory: C:\Windows
16:59:27.0059 9468 System windows directory: C:\Windows
16:59:27.0059 9468 Running under WOW64
16:59:27.0059 9468 Processor architecture: Intel x64
16:59:27.0059 9468 Number of processors: 8
16:59:27.0059 9468 Page size: 0x1000
16:59:27.0059 9468 Boot type: Normal boot
16:59:27.0059 9468 ============================================================
16:59:27.0581 9468 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:59:27.0587 9468 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:59:31.0291 9468 ============================================================
16:59:31.0291 9468 \Device\Harddisk0\DR0:
16:59:31.0291 9468 MBR partitions:
16:59:31.0291 9468 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x15C3000
16:59:31.0291 9468 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15D7000, BlocksNum 0x7312F000
16:59:31.0291 9468 \Device\Harddisk1\DR1:
16:59:31.0292 9468 MBR partitions:
16:59:31.0292 9468 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
16:59:31.0292 9468 ============================================================
16:59:31.0321 9468 C: <-> \Device\Harddisk0\DR0\Partition2
16:59:31.0367 9468 F: <-> \Device\Harddisk1\DR1\Partition1
16:59:31.0368 9468 ============================================================
16:59:31.0368 9468 Initialize success
16:59:31.0368 9468 ============================================================
16:59:38.0133 7408 ============================================================
16:59:38.0133 7408 Scan started
16:59:38.0133 7408 Mode: Manual;
16:59:38.0133 7408 ============================================================
16:59:42.0941 7408 ================ Scan system memory ========================
16:59:42.0941 7408 System memory - ok
16:59:42.0942 7408 ================ Scan services =============================
16:59:43.0073 7408 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:59:43.0074 7408 1394ohci - ok
16:59:43.0111 7408 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:59:43.0112 7408 ACPI - ok
16:59:43.0127 7408 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:59:43.0162 7408 AcpiPmi - ok
16:59:43.0249 7408 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:59:43.0250 7408 AdobeFlashPlayerUpdateSvc - ok
16:59:43.0280 7408 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:59:43.0289 7408 adp94xx - ok
16:59:43.0311 7408 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:59:43.0318 7408 adpahci - ok
16:59:43.0322 7408 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:59:43.0328 7408 adpu320 - ok
16:59:43.0348 7408 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:59:43.0348 7408 AeLookupSvc - ok
16:59:43.0403 7408 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:59:43.0472 7408 AFD - ok
16:59:43.0494 7408 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:59:43.0499 7408 agp440 - ok
16:59:43.0519 7408 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:59:43.0524 7408 ALG - ok
16:59:43.0534 7408 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:59:43.0538 7408 aliide - ok
16:59:43.0563 7408 [ 41A0813F22D3330C0CA71CE5BBD42B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:59:43.0597 7408 AMD External Events Utility - ok
16:59:43.0619 7408 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:59:43.0622 7408 amdide - ok
16:59:43.0633 7408 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:59:43.0638 7408 AmdK8 - ok
16:59:43.0763 7408 [ 37456BE85384E4CC38DC899F07F88C45 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:59:43.0896 7408 amdkmdag - ok
16:59:43.0908 7408 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:59:43.0946 7408 amdkmdap - ok
16:59:43.0977 7408 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:59:43.0981 7408 AmdPPM - ok
16:59:43.0997 7408 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:59:44.0034 7408 amdsata - ok
16:59:44.0062 7408 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:59:44.0068 7408 amdsbs - ok
16:59:44.0080 7408 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:59:44.0082 7408 amdxata - ok
16:59:44.0118 7408 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:59:44.0151 7408 AppID - ok
16:59:44.0167 7408 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:59:44.0170 7408 AppIDSvc - ok
16:59:44.0199 7408 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:59:44.0224 7408 Appinfo - ok
16:59:44.0305 7408 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:59:44.0306 7408 Apple Mobile Device - ok
16:59:44.0324 7408 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:59:44.0327 7408 arc - ok
16:59:44.0331 7408 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:59:44.0336 7408 arcsas - ok
16:59:44.0419 7408 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:59:44.0421 7408 aspnet_state - ok
16:59:44.0441 7408 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:59:44.0446 7408 AsyncMac - ok
16:59:44.0456 7408 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:59:44.0459 7408 atapi - ok
16:59:44.0483 7408 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
16:59:44.0520 7408 AtiHdmiService - ok
16:59:44.0620 7408 [ 37456BE85384E4CC38DC899F07F88C45 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:59:44.0644 7408 atikmdag - ok
16:59:44.0686 7408 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:59:44.0718 7408 AudioEndpointBuilder - ok
16:59:44.0727 7408 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:59:44.0730 7408 AudioSrv - ok
16:59:44.0779 7408 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:59:44.0806 7408 AxInstSV - ok
16:59:44.0848 7408 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:59:44.0856 7408 b06bdrv - ok
16:59:44.0864 7408 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:59:44.0869 7408 b57nd60a - ok
16:59:44.0892 7408 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:59:44.0897 7408 BDESVC - ok
16:59:44.0908 7408 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:59:44.0912 7408 Beep - ok
16:59:44.0950 7408 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:59:44.0983 7408 BFE - ok
16:59:45.0002 7408 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:59:45.0007 7408 BITS - ok
16:59:45.0021 7408 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:59:45.0027 7408 blbdrive - ok
16:59:45.0066 7408 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:59:45.0069 7408 Bonjour Service - ok
16:59:45.0105 7408 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:59:45.0108 7408 bowser - ok
16:59:45.0118 7408 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:59:45.0123 7408 BrFiltLo - ok
16:59:45.0136 7408 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:59:45.0140 7408 BrFiltUp - ok
16:59:45.0166 7408 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:59:45.0192 7408 Browser - ok
16:59:45.0223 7408 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:59:45.0235 7408 Brserid - ok
16:59:45.0245 7408 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:59:45.0249 7408 BrSerWdm - ok
16:59:45.0261 7408 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:59:45.0265 7408 BrUsbMdm - ok
16:59:45.0280 7408 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:59:45.0283 7408 BrUsbSer - ok
16:59:45.0298 7408 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:59:45.0301 7408 BTHMODEM - ok
16:59:45.0324 7408 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:59:45.0327 7408 bthserv - ok
16:59:45.0340 7408 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:59:45.0345 7408 cdfs - ok
16:59:45.0376 7408 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:59:45.0411 7408 cdrom - ok
16:59:45.0456 7408 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:59:45.0484 7408 CertPropSvc - ok
16:59:45.0505 7408 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
16:59:45.0537 7408 cfwids - ok
16:59:45.0557 7408 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:59:45.0560 7408 circlass - ok
16:59:45.0589 7408 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:59:45.0591 7408 CLFS - ok
16:59:45.0640 7408 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:59:45.0644 7408 clr_optimization_v2.0.50727_32 - ok
16:59:45.0659 7408 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:59:45.0664 7408 clr_optimization_v2.0.50727_64 - ok
16:59:45.0730 7408 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:59:45.0731 7408 clr_optimization_v4.0.30319_32 - ok
16:59:45.0755 7408 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:59:45.0756 7408 clr_optimization_v4.0.30319_64 - ok
16:59:45.0767 7408 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:59:45.0771 7408 CmBatt - ok
16:59:45.0786 7408 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:59:45.0789 7408 cmdide - ok
16:59:45.0828 7408 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:59:45.0833 7408 CNG - ok
16:59:45.0846 7408 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:59:45.0850 7408 Compbatt - ok
16:59:45.0861 7408 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:59:45.0897 7408 CompositeBus - ok
16:59:45.0901 7408 COMSysApp - ok
16:59:45.0915 7408 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:59:45.0918 7408 crcdisk - ok
16:59:45.0946 7408 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:59:45.0972 7408 CryptSvc - ok
16:59:46.0020 7408 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:59:46.0023 7408 DcomLaunch - ok
16:59:46.0056 7408 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:59:46.0061 7408 defragsvc - ok
16:59:46.0101 7408 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:59:46.0105 7408 DfsC - ok
16:59:46.0125 7408 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:59:46.0190 7408 Dhcp - ok
16:59:46.0240 7408 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:59:46.0244 7408 discache - ok
16:59:46.0260 7408 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:59:46.0263 7408 Disk - ok
16:59:46.0311 7408 [ E0D525515537E60ABA8F3E29209F02E8 ] dleaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
16:59:46.0363 7408 dleaCATSCustConnectService - ok
16:59:46.0368 7408 dlea_device - ok
16:59:46.0422 7408 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:59:46.0449 7408 Dnscache - ok
16:59:46.0485 7408 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
16:59:46.0485 7408 DockLoginService - ok
16:59:46.0522 7408 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:59:46.0550 7408 dot3svc - ok
16:59:46.0597 7408 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:59:46.0598 7408 DPS - ok
16:59:46.0605 7408 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:59:46.0611 7408 drmkaud - ok
16:59:46.0655 7408 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:59:46.0726 7408 DXGKrnl - ok
16:59:46.0758 7408 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:59:46.0762 7408 EapHost - ok
16:59:46.0818 7408 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:59:46.0864 7408 ebdrv - ok
16:59:46.0920 7408 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:59:46.0957 7408 EFS - ok
16:59:47.0010 7408 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:59:47.0068 7408 ehRecvr - ok
16:59:47.0085 7408 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:59:47.0089 7408 ehSched - ok
16:59:47.0107 7408 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:59:47.0117 7408 elxstor - ok
16:59:47.0138 7408 enodpl - ok
16:59:47.0170 7408 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:59:47.0173 7408 ErrDev - ok
16:59:47.0192 7408 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:59:47.0194 7408 EventSystem - ok
16:59:47.0198 7408 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:59:47.0204 7408 exfat - ok
16:59:47.0213 7408 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:59:47.0214 7408 fastfat - ok
16:59:47.0248 7408 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:59:47.0281 7408 Fax - ok
16:59:47.0291 7408 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:59:47.0295 7408 fdc - ok
16:59:47.0311 7408 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:59:47.0314 7408 fdPHost - ok
16:59:47.0325 7408 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:59:47.0327 7408 FDResPub - ok
16:59:47.0333 7408 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:59:47.0336 7408 FileInfo - ok
16:59:47.0338 7408 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:59:47.0341 7408 Filetrace - ok
16:59:47.0379 7408 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:59:47.0463 7408 FLEXnet Licensing Service - ok
16:59:47.0482 7408 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:59:47.0486 7408 flpydisk - ok
16:59:47.0502 7408 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:59:47.0505 7408 FltMgr - ok
16:59:47.0542 7408 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:59:47.0572 7408 FontCache - ok
16:59:47.0630 7408 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:59:47.0669 7408 FontCache3.0.0.0 - ok
16:59:47.0691 7408 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:59:47.0695 7408 FsDepends - ok
16:59:47.0720 7408 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:59:47.0809 7408 Fs_Rec - ok
16:59:47.0836 7408 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:59:47.0839 7408 fvevol - ok
16:59:47.0867 7408 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:59:47.0877 7408 gagp30kx - ok
16:59:47.0915 7408 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:59:47.0975 7408 GEARAspiWDM - ok
16:59:48.0040 7408 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:59:48.0043 7408 GoToAssist - ok
16:59:48.0092 7408 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:59:48.0151 7408 gpsvc - ok
16:59:48.0207 7408 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:59:48.0209 7408 gupdate - ok
16:59:48.0215 7408 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:59:48.0217 7408 gupdatem - ok
16:59:48.0263 7408 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:59:48.0305 7408 gusvc - ok
16:59:48.0328 7408 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:59:48.0332 7408 hcw85cir - ok
16:59:48.0366 7408 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:59:48.0367 7408 HDAudBus - ok
16:59:48.0390 7408 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:59:48.0455 7408 HECIx64 - ok
16:59:48.0479 7408 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:59:48.0482 7408 HidBatt - ok
16:59:48.0493 7408 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:59:48.0497 7408 HidBth - ok
16:59:48.0507 7408 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:59:48.0513 7408 HidIr - ok
16:59:48.0534 7408 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:59:48.0540 7408 hidserv - ok
16:59:48.0549 7408 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:59:48.0625 7408 HidUsb - ok
16:59:48.0644 7408 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:59:48.0669 7408 hkmsvc - ok
16:59:48.0712 7408 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:59:48.0736 7408 HomeGroupListener - ok
16:59:48.0769 7408 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:59:48.0831 7408 HomeGroupProvider - ok
16:59:48.0851 7408 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:59:48.0938 7408 HpSAMD - ok
16:59:48.0978 7408 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:59:49.0052 7408 HTTP - ok
16:59:49.0080 7408 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:59:49.0080 7408 hwpolicy - ok
16:59:49.0092 7408 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:59:49.0098 7408 i8042prt - ok
16:59:49.0121 7408 [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:59:49.0123 7408 iaStor - ok
16:59:49.0155 7408 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:59:49.0155 7408 IAStorDataMgrSvc - ok
16:59:49.0180 7408 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:59:49.0224 7408 iaStorV - ok
16:59:49.0266 7408 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:59:49.0349 7408 idsvc - ok
16:59:49.0395 7408 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:59:49.0400 7408 iirsp - ok
16:59:49.0423 7408 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:59:49.0461 7408 IKEEXT - ok
16:59:49.0515 7408 [ EE64207F2F5C20BFE5F73DB2566C4601 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:59:49.0607 7408 IntcAzAudAddService - ok
16:59:49.0625 7408 [ 49072EDBC5C2F964917D1B585C90ED0A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:59:49.0700 7408 IntcDAud - ok
16:59:49.0715 7408 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:59:49.0720 7408 intelide - ok
16:59:49.0728 7408 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:59:49.0730 7408 intelppm - ok
16:59:49.0750 7408 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:59:49.0755 7408 IPBusEnum - ok
16:59:49.0785 7408 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:59:49.0818 7408 IpFilterDriver - ok
16:59:49.0838 7408 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:59:49.0870 7408 iphlpsvc - ok
16:59:49.0885 7408 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:59:49.0918 7408 IPMIDRV - ok
16:59:49.0933 7408 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:59:49.0938 7408 IPNAT - ok
16:59:49.0975 7408 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:59:49.0983 7408 iPod Service - ok
16:59:49.0995 7408 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:59:49.0998 7408 IRENUM - ok
16:59:50.0010 7408 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:59:50.0013 7408 isapnp - ok
16:59:50.0028 7408 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:59:50.0065 7408 iScsiPrt - ok
16:59:50.0085 7408 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:59:50.0126 7408 k57nd60a - ok
16:59:50.0129 7408 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:59:50.0134 7408 kbdclass - ok
16:59:50.0145 7408 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:59:50.0180 7408 kbdhid - ok
16:59:50.0191 7408 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:59:50.0193 7408 KeyIso - ok
16:59:50.0230 7408 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:59:50.0231 7408 KSecDD - ok
16:59:50.0265 7408 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:59:50.0267 7408 KSecPkg - ok
16:59:50.0278 7408 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:59:50.0282 7408 ksthunk - ok
16:59:50.0304 7408 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:59:50.0312 7408 KtmRm - ok
16:59:50.0330 7408 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:59:50.0355 7408 LanmanServer - ok
16:59:50.0385 7408 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:59:50.0411 7408 LanmanWorkstation - ok
16:59:50.0506 7408 [ 4ADC135F525D38A498F83B089228CC2D ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:59:50.0596 7408 LBTServ - ok
16:59:50.0628 7408 [ 24E09882BA51B9830AE029888A3AAF18 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:59:50.0667 7408 LHidFilt - ok
16:59:50.0703 7408 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:59:50.0707 7408 lltdio - ok
16:59:50.0727 7408 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:59:50.0738 7408 lltdsvc - ok
16:59:50.0756 7408 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:59:50.0765 7408 lmhosts - ok
16:59:50.0781 7408 [ 2F94325D8C10E2B715F3D753C2422AAC ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:59:50.0850 7408 LMouFilt - ok
16:59:50.0864 7408 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:59:50.0868 7408 LSI_FC - ok
16:59:50.0871 7408 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:59:50.0874 7408 LSI_SAS - ok
16:59:50.0886 7408 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:59:50.0889 7408 LSI_SAS2 - ok
16:59:50.0905 7408 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:59:50.0908 7408 LSI_SCSI - ok
16:59:50.0934 7408 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:59:50.0937 7408 luafv - ok
16:59:50.0940 7408 [ B8BE35421B9E8DC1AB4B0CB7B9B0328B ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
16:59:50.0973 7408 LUsbFilt - ok
16:59:51.0011 7408 [ 944B3087B142CD9BF8DA6B3039FBFBA5 ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
16:59:51.0054 7408 McciCMService - ok
16:59:51.0108 7408 [ FBD57A7C443C85CC6C6169493A020FDF ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
16:59:51.0141 7408 McciCMService64 - ok
16:59:51.0206 7408 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:59:51.0209 7408 McMPFSvc - ok
16:59:51.0217 7408 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:59:51.0220 7408 mcmscsvc - ok
16:59:51.0228 7408 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:59:51.0231 7408 McNaiAnn - ok
16:59:51.0238 7408 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:59:51.0241 7408 McNASvc - ok
16:59:51.0326 7408 [ 44D0DA102FA7A1BE22FD7499E80DCF9B ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
16:59:51.0331 7408 McODS - ok
16:59:51.0339 7408 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:59:51.0343 7408 McOobeSv - ok
16:59:51.0350 7408 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:59:51.0353 7408 McProxy - ok
16:59:51.0412 7408 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:59:51.0462 7408 McShield - ok
16:59:51.0492 7408 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:59:51.0519 7408 Mcx2Svc - ok
16:59:51.0528 7408 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:59:51.0532 7408 megasas - ok
16:59:51.0547 7408 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:59:51.0554 7408 MegaSR - ok
16:59:51.0571 7408 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
16:59:51.0604 7408 mfeapfk - ok
16:59:51.0628 7408 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
16:59:51.0664 7408 mfeavfk - ok
16:59:51.0705 7408 mfeavfk01 - ok
16:59:51.0714 7408 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:59:51.0747 7408 mfefire - ok
16:59:51.0782 7408 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
16:59:51.0820 7408 mfefirek - ok
16:59:51.0851 7408 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
16:59:51.0856 7408 mfehidk - ok
16:59:51.0864 7408 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
16:59:51.0931 7408 mfenlfk - ok
16:59:51.0947 7408 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
16:59:51.0982 7408 mferkdet - ok
16:59:51.0990 7408 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
16:59:52.0025 7408 mfevtp - ok
16:59:52.0031 7408 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
16:59:52.0041 7408 mfewfpk - ok
16:59:52.0095 7408 Microsoft SharePoint Workspace Audit Service - ok
16:59:52.0120 7408 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:59:52.0121 7408 MMCSS - ok
16:59:52.0142 7408 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:59:52.0145 7408 Modem - ok
16:59:52.0158 7408 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:59:52.0158 7408 monitor - ok
16:59:52.0168 7408 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
16:59:52.0173 7408 mouclass - ok
16:59:52.0184 7408 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:59:52.0189 7408 mouhid - ok
16:59:52.0224 7408 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:59:52.0226 7408 mountmgr - ok
16:59:52.0258 7408 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:59:52.0327 7408 mpio - ok
16:59:52.0345 7408 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:59:52.0350 7408 mpsdrv - ok
16:59:52.0388 7408 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:59:52.0450 7408 MpsSvc - ok
16:59:52.0482 7408 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
16:59:52.0540 7408 MREMP50 - ok
16:59:52.0542 7408 MREMP50a64 - ok
16:59:52.0544 7408 MREMPR5 - ok
16:59:52.0547 7408 MRENDIS5 - ok
16:59:52.0555 7408 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
16:59:52.0589 7408 MRESP50 - ok
16:59:52.0591 7408 MRESP50a64 - ok
16:59:52.0625 7408 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:59:52.0700 7408 MRxDAV - ok
16:59:52.0744 7408 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:59:52.0746 7408 mrxsmb - ok
16:59:52.0786 7408 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:59:52.0791 7408 mrxsmb10 - ok
16:59:52.0803 7408 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:59:52.0806 7408 mrxsmb20 - ok
16:59:52.0840 7408 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:59:52.0878 7408 msahci - ok
16:59:52.0891 7408 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:59:52.0933 7408 msdsm - ok
16:59:52.0949 7408 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:59:52.0954 7408 MSDTC - ok
16:59:52.0963 7408 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:59:52.0965 7408 Msfs - ok
16:59:52.0971 7408 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:59:52.0975 7408 mshidkmdf - ok
16:59:52.0983 7408 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:59:52.0984 7408 msisadrv - ok
16:59:53.0000 7408 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:59:53.0013 7408 MSiSCSI - ok
16:59:53.0015 7408 msiserver - ok
16:59:53.0027 7408 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:59:53.0032 7408 MSKSSRV - ok
16:59:53.0050 7408 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:59:53.0054 7408 MSPCLOCK - ok
16:59:53.0065 7408 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:59:53.0070 7408 MSPQM - ok
16:59:53.0087 7408 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:59:53.0092 7408 MsRPC - ok
16:59:53.0116 7408 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:59:53.0118 7408 mssmbios - ok
16:59:53.0131 7408 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:59:53.0138 7408 MSTEE - ok
16:59:53.0152 7408 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:59:53.0158 7408 MTConfig - ok
16:59:53.0175 7408 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:59:53.0177 7408 Mup - ok
16:59:53.0191 7408 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:59:53.0194 7408 napagent - ok
16:59:53.0205 7408 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:59:53.0212 7408 NativeWifiP - ok
16:59:53.0256 7408 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:59:53.0260 7408 NDIS - ok
16:59:53.0273 7408 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:59:53.0277 7408 NdisCap - ok
16:59:53.0287 7408 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:59:53.0290 7408 NdisTapi - ok
16:59:53.0321 7408 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:59:53.0355 7408 Ndisuio - ok
16:59:53.0411 7408 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:59:53.0446 7408 NdisWan - ok
16:59:53.0475 7408 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:59:53.0510 7408 NDProxy - ok
16:59:53.0517 7408 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:59:53.0519 7408 NetBIOS - ok
16:59:53.0529 7408 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:59:53.0564 7408 NetBT - ok
16:59:53.0572 7408 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:59:53.0573 7408 Netlogon - ok
16:59:53.0585 7408 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:59:53.0590 7408 Netman - ok
16:59:53.0618 7408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:59:53.0621 7408 NetMsmqActivator - ok
16:59:53.0639 7408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:59:53.0640 7408 NetPipeActivator - ok
16:59:53.0652 7408 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:59:53.0655 7408 netprofm - ok
16:59:53.0658 7408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:59:53.0659 7408 NetTcpActivator - ok
16:59:53.0662 7408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:59:53.0663 7408 NetTcpPortSharing - ok
16:59:53.0680 7408 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:59:53.0683 7408 nfrd960 - ok
16:59:53.0697 7408 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:59:53.0699 7408 NlaSvc - ok
16:59:53.0705 7408 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:59:53.0706 7408 Npfs - ok
16:59:53.0718 7408 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:59:53.0720 7408 nsi - ok
16:59:53.0733 7408 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:59:53.0736 7408 nsiproxy - ok
16:59:53.0794 7408 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:59:53.0828 7408 Ntfs - ok
16:59:53.0844 7408 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:59:53.0848 7408 Null - ok
16:59:53.0876 7408 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:59:53.0914 7408 nvraid - ok
16:59:53.0927 7408 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:59:53.0964 7408 nvstor - ok
16:59:54.0000 7408 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:59:54.0006 7408 nv_agp - ok
16:59:54.0012 7408 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:59:54.0016 7408 ohci1394 - ok
16:59:54.0054 7408 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:59:54.0057 7408 ose - ok
16:59:54.0165 7408 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:59:54.0250 7408 osppsvc - ok
16:59:54.0285 7408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:59:54.0290 7408 p2pimsvc - ok
16:59:54.0304 7408 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:59:54.0311 7408 p2psvc - ok
16:59:54.0317 7408 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:59:54.0317 7408 Parport - ok
16:59:54.0347 7408 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:59:54.0347 7408 partmgr - ok
16:59:54.0362 7408 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:59:54.0367 7408 PcaSvc - ok
16:59:54.0377 7408 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:59:54.0377 7408 pci - ok
16:59:54.0392 7408 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:59:54.0392 7408 pciide - ok
16:59:54.0397 7408 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:59:54.0402 7408 pcmcia - ok
16:59:54.0417 7408 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:59:54.0417 7408 pcw - ok
16:59:54.0437 7408 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:59:54.0447 7408 PEAUTH - ok
16:59:54.0504 7408 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:59:54.0509 7408 PerfHost - ok
16:59:54.0567 7408 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:59:54.0619 7408 pla - ok
16:59:54.0649 7408 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:59:54.0681 7408 PlugPlay - ok
16:59:54.0727 7408 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:59:54.0732 7408 PNRPAutoReg - ok
16:59:54.0737 7408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:59:54.0739 7408 PNRPsvc - ok
16:59:54.0752 7408 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:59:54.0781 7408 PolicyAgent - ok
16:59:54.0791 7408 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:59:54.0796 7408 Power - ok
16:59:54.0809 7408 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:59:54.0844 7408 PptpMiniport - ok
16:59:54.0854 7408 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:59:54.0857 7408 Processor - ok
16:59:54.0887 7408 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:59:54.0913 7408 ProfSvc - ok
16:59:54.0921 7408 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:59:54.0921 7408 ProtectedStorage - ok
16:59:54.0949 7408 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:59:54.0982 7408 Psched - ok
16:59:55.0027 7408 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:59:55.0029 7408 PxHlpa64 - ok
16:59:55.0069 7408 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:59:55.0106 7408 ql2300 - ok
16:59:55.0129 7408 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:59:55.0134 7408 ql40xx - ok
16:59:55.0148 7408 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:59:55.0156 7408 QWAVE - ok
16:59:55.0162 7408 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:59:55.0168 7408 QWAVEdrv - ok
16:59:55.0221 7408 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
16:59:55.0244 7408 RapiMgr - ok
16:59:55.0256 7408 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:59:55.0259 7408 RasAcd - ok
16:59:55.0282 7408 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:59:55.0286 7408 RasAgileVpn - ok
16:59:55.0296 7408 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:59:55.0302 7408 RasAuto - ok
16:59:55.0306 7408 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:59:55.0339 7408 Rasl2tp - ok
16:59:55.0359 7408 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:59:55.0387 7408 RasMan - ok
16:59:55.0419 7408 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:59:55.0424 7408 RasPppoe - ok
16:59:55.0437 7408 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:59:55.0441 7408 RasSstp - ok
16:59:55.0454 7408 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:59:55.0457 7408 rdbss - ok
16:59:55.0468 7408 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:59:55.0476 7408 rdpbus - ok
16:59:55.0488 7408 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:59:55.0493 7408 RDPCDD - ok
16:59:55.0503 7408 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:59:55.0508 7408 RDPENCDD - ok
16:59:55.0521 7408 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:59:55.0523 7408 RDPREFMP - ok
16:59:55.0553 7408 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:59:55.0587 7408 RDPWD - ok
16:59:55.0623 7408 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:59:55.0626 7408 rdyboost - ok
16:59:55.0647 7408 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:59:55.0656 7408 RemoteAccess - ok
16:59:55.0674 7408 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:59:55.0682 7408 RemoteRegistry - ok
16:59:55.0774 7408 [ 05FC44D32A144925EAE45570029FD6E1 ] RoxMediaDB10 c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
16:59:55.0799 7408 RoxMediaDB10 - ok
16:59:55.0816 7408 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:59:55.0823 7408 RpcEptMapper - ok
16:59:55.0843 7408 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:59:55.0847 7408 RpcLocator - ok
16:59:55.0877 7408 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:59:55.0879 7408 RpcSs - ok
16:59:55.0906 7408 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:59:55.0909 7408 rspndr - ok
16:59:55.0912 7408 RxFilter - ok
16:59:55.0919 7408 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:59:55.0919 7408 SamSs - ok
16:59:55.0946 7408 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:59:55.0984 7408 sbp2port - ok
16:59:56.0014 7408 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:59:56.0019 7408 SCardSvr - ok
16:59:56.0051 7408 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:59:56.0086 7408 scfilter - ok
16:59:56.0133 7408 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:59:56.0224 7408 Schedule - ok
16:59:56.0253 7408 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:59:56.0254 7408 SCPolicySvc - ok
16:59:56.0281 7408 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:59:56.0306 7408 SDRSVC - ok
16:59:56.0337 7408 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:59:56.0339 7408 secdrv - ok
16:59:56.0349 7408 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:59:56.0398 7408 seclogon - ok
16:59:56.0409 7408 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:59:56.0412 7408 SENS - ok
16:59:56.0421 7408 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:59:56.0424 7408 SensrSvc - ok
16:59:56.0436 7408 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:59:56.0438 7408 Serenum - ok
16:59:56.0454 7408 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:59:56.0457 7408 Serial - ok
16:59:56.0467 7408 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:59:56.0471 7408 sermouse - ok
16:59:56.0501 7408 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:59:56.0571 7408 SessionEnv - ok
16:59:56.0586 7408 SessionLauncher - ok
16:59:56.0601 7408 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:59:56.0611 7408 sffdisk - ok
16:59:56.0621 7408 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:59:56.0626 7408 sffp_mmc - ok
16:59:56.0656 7408 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:59:56.0729 7408 sffp_sd - ok
16:59:56.0748 7408 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:59:56.0751 7408 sfloppy - ok
16:59:56.0797 7408 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:59:56.0812 7408 SftService - ok
16:59:56.0832 7408 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:59:56.0843 7408 SharedAccess - ok
16:59:56.0877 7408 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:59:56.0903 7408 ShellHWDetection - ok
16:59:56.0916 7408 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:59:56.0919 7408 SiSRaid2 - ok
16:59:56.0933 7408 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:59:56.0937 7408 SiSRaid4 - ok
16:59:56.0954 7408 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:59:56.0958 7408 Smb - ok
16:59:56.0989 7408 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:59:56.0999 7408 SNMPTRAP - ok
16:59:57.0014 7408 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:59:57.0017 7408 spldr - ok
16:59:57.0058 7408 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:59:57.0109 7408 Spooler - ok
16:59:57.0186 7408 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:59:57.0199 7408 sppsvc - ok
16:59:57.0258 7408 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:59:57.0267 7408 sppuinotify - ok
16:59:57.0308 7408 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
16:59:57.0312 7408 sprtsvc_DellSupportCenter - ok
16:59:57.0358 7408 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:59:57.0363 7408 srv - ok
16:59:57.0383 7408 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:59:57.0384 7408 srv2 - ok
16:59:57.0396 7408 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:59:57.0398 7408 srvnet - ok
16:59:57.0412 7408 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:59:57.0416 7408 SSDPSRV - ok
16:59:57.0422 7408 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:59:57.0426 7408 SstpSvc - ok
16:59:57.0434 7408 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:59:57.0438 7408 stexstor - ok
16:59:57.0472 7408 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:59:57.0503 7408 stisvc - ok
16:59:57.0544 7408 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:59:57.0622 7408 stllssvr - ok
16:59:57.0676 7408 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:59:57.0679 7408 swenum - ok
16:59:57.0704 7408 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:59:57.0711 7408 swprv - ok
16:59:57.0763 7408 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:59:57.0789 7408 SysMain - ok
16:59:57.0803 7408 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:59:57.0863 7408 TabletInputService - ok
16:59:57.0877 7408 tandpl - ok
16:59:57.0893 7408 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:59:57.0921 7408 TapiSrv - ok
16:59:57.0928 7408 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:59:57.0931 7408 TBS - ok
16:59:57.0978 7408 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:59:58.0004 7408 Tcpip - ok
16:59:58.0037 7408 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:59:58.0044 7408 TCPIP6 - ok
16:59:58.0072 7408 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:59:58.0104 7408 tcpipreg - ok
16:59:58.0118 7408 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:59:58.0123 7408 TDPIPE - ok
16:59:58.0161 7408 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:59:58.0192 7408 TDTCP - ok
16:59:58.0222 7408 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:59:58.0291 7408 tdx - ok
16:59:58.0293 7408 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:59:58.0321 7408 TermDD - ok
16:59:58.0342 7408 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:59:58.0376 7408 TermService - ok
16:59:58.0385 7408 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:59:58.0389 7408 Themes - ok
16:59:58.0404 7408 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:59:58.0405 7408 THREADORDER - ok
16:59:58.0505 7408 [ 783D17247D34370212B26097FBFBAD80 ] TracSrvWrapper C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
16:59:58.0518 7408 TracSrvWrapper - ok
16:59:58.0530 7408 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:59:58.0534 7408 TrkWks - ok
16:59:58.0557 7408 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:59:58.0558 7408 TrustedInstaller - ok
16:59:58.0585 7408 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:59:58.0620 7408 tssecsrv - ok
16:59:58.0697 7408 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:59:58.0732 7408 TsUsbFlt - ok
16:59:58.0758 7408 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:59:58.0792 7408 tunnel - ok
16:59:58.0802 7408 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:59:58.0806 7408 uagp35 - ok
16:59:58.0821 7408 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:59:58.0857 7408 udfs - ok
16:59:58.0871 7408 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:59:58.0875 7408 UI0Detect - ok
16:59:58.0885 7408 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:59:58.0888 7408 uliagpkx - ok
16:59:58.0930 7408 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:59:58.0964 7408 umbus - ok
16:59:58.0976 7408 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:59:58.0978 7408 UmPass - ok
16:59:58.0994 7408 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:59:58.0999 7408 upnphost - ok
16:59:59.0014 7408 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:59:59.0049 7408 USBAAPL64 - ok
16:59:59.0070 7408 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:59:59.0104 7408 usbccgp - ok
16:59:59.0155 7408 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:59:59.0159 7408 usbcir - ok
16:59:59.0166 7408 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:59:59.0200 7408 usbehci - ok
16:59:59.0216 7408 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:59:59.0254 7408 usbhub - ok
16:59:59.0283 7408 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:59:59.0339 7408 usbohci - ok
16:59:59.0359 7408 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:59:59.0363 7408 usbprint - ok
16:59:59.0390 7408 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:59:59.0393 7408 usbscan - ok
16:59:59.0408 7408 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:59:59.0441 7408 USBSTOR - ok
16:59:59.0463 7408 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:59:59.0522 7408 usbuhci - ok
16:59:59.0527 7408 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:59:59.0534 7408 UxSms - ok
16:59:59.0549 7408 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:59:59.0550 7408 VaultSvc - ok
16:59:59.0561 7408 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:59:59.0562 7408 vdrvroot - ok
16:59:59.0579 7408 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:59:59.0619 7408 vds - ok
16:59:59.0622 7408 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:59:59.0624 7408 vga - ok
16:59:59.0652 7408 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:59:59.0656 7408 VgaSave - ok
16:59:59.0671 7408 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:59:59.0708 7408 vhdmp - ok
16:59:59.0720 7408 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:59:59.0723 7408 viaide - ok
16:59:59.0791 7408 [ A96AFA32F73C065B9AE9D1554CDD00FC ] vna_ap C:\Windows\system32\DRIVERS\vnaap.sys
16:59:59.0878 7408 vna_ap - ok
16:59:59.0895 7408 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:59:59.0898 7408 volmgr - ok
16:59:59.0948 7408 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:59:59.0949 7408 volmgrx - ok
16:59:59.0959 7408 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:59:59.0962 7408 volsnap - ok
16:59:59.0966 7408 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:59:59.0972 7408 vsmraid - ok
17:00:00.0035 7408 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:00:00.0043 7408 VSS - ok
17:00:00.0055 7408 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:00:00.0063 7408 vwifibus - ok
17:00:00.0087 7408 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:00:00.0103 7408 W32Time - ok
17:00:00.0112 7408 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:00:00.0120 7408 WacomPen - ok
17:00:00.0135 7408 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:00:00.0208 7408 WANARP - ok
17:00:00.0221 7408 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:00:00.0222 7408 Wanarpv6 - ok
17:00:00.0279 7408 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:00:00.0340 7408 WatAdminSvc - ok
17:00:00.0396 7408 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:00:00.0465 7408 wbengine - ok
17:00:00.0480 7408 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:00:00.0486 7408 WbioSrvc - ok
17:00:00.0505 7408 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:00:00.0565 7408 WcesComm - ok
17:00:00.0603 7408 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:00:00.0644 7408 wcncsvc - ok
17:00:00.0666 7408 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:00:00.0672 7408 WcsPlugInService - ok
17:00:00.0677 7408 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:00:00.0685 7408 Wd - ok
17:00:00.0705 7408 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:00:00.0715 7408 Wdf01000 - ok
17:00:00.0722 7408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:00:00.0733 7408 WdiServiceHost - ok
17:00:00.0738 7408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:00:00.0742 7408 WdiSystemHost - ok
17:00:00.0757 7408 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:00:00.0824 7408 WebClient - ok
17:00:00.0841 7408 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:00:00.0854 7408 Wecsvc - ok
17:00:00.0871 7408 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:00:00.0880 7408 wercplsupport - ok
17:00:00.0888 7408 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:00:00.0892 7408 WerSvc - ok
17:00:00.0914 7408 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:00:00.0919 7408 WfpLwf - ok
17:00:00.0942 7408 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
17:00:00.0999 7408 WimFltr - ok
17:00:01.0004 7408 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:00:01.0008 7408 WIMMount - ok
17:00:01.0026 7408 WinDefend - ok
17:00:01.0030 7408 WinHttpAutoProxySvc - ok
17:00:01.0068 7408 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:00:01.0079 7408 Winmgmt - ok
17:00:01.0154 7408 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:00:01.0252 7408 WinRM - ok
17:00:01.0315 7408 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\drivers\WinUSB.SYS
17:00:01.0396 7408 WinUsb - ok
17:00:01.0423 7408 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:00:01.0437 7408 Wlansvc - ok
17:00:01.0564 7408 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:00:01.0659 7408 wlidsvc - ok
17:00:01.0707 7408 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:00:01.0714 7408 WmiAcpi - ok
17:00:01.0736 7408 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:00:01.0747 7408 wmiApSrv - ok
17:00:01.0763 7408 WMPNetworkSvc - ok
17:00:01.0775 7408 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:00:01.0783 7408 WPCSvc - ok
17:00:01.0815 7408 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:00:01.0877 7408 WPDBusEnum - ok
17:00:01.0911 7408 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:00:01.0913 7408 ws2ifsl - ok
17:00:01.0920 7408 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:00:01.0923 7408 wscsvc - ok
17:00:01.0925 7408 WSearch - ok
17:00:01.0987 7408 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:00:01.0998 7408 wuauserv - ok
17:00:02.0008 7408 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:00:02.0042 7408 WudfPf - ok
17:00:02.0067 7408 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:00:02.0100 7408 WUDFRd - ok
17:00:02.0147 7408 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:00:02.0174 7408 wudfsvc - ok
17:00:02.0187 7408 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:00:02.0194 7408 WwanSvc - ok
17:00:02.0198 7408 ================ Scan global ===============================
17:00:02.0224 7408 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:00:02.0250 7408 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:00:02.0281 7408 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:00:02.0319 7408 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:00:02.0348 7408 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:00:02.0350 7408 [Global] - ok
17:00:02.0350 7408 ================ Scan MBR ==================================
17:00:02.0352 7408 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
17:00:02.0352 7408 Suspicious mbr (Forged): \Device\Harddisk0\DR0
17:00:02.0400 7408 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
17:00:02.0400 7408 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
17:00:02.0422 7408 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:00:02.0428 7408 \Device\Harddisk1\DR1 - ok
17:00:02.0429 7408 ================ Scan VBR ==================================
17:00:02.0430 7408 [ 8E65A0CA1EF55EB76510CCCF1BE8ACF0 ] \Device\Harddisk0\DR0\Partition1
17:00:02.0433 7408 \Device\Harddisk0\DR0\Partition1 - ok
17:00:02.0460 7408 [ FDCEA2D05E62597881D8C5F0AEDDDA1F ] \Device\Harddisk0\DR0\Partition2
17:00:02.0461 7408 \Device\Harddisk0\DR0\Partition2 - ok
17:00:02.0464 7408 [ EBDDFD153FEB713BFEC939CA579F8CA0 ] \Device\Harddisk1\DR1\Partition1
17:00:02.0467 7408 \Device\Harddisk1\DR1\Partition1 - ok
17:00:02.0467 7408 ============================================================
17:00:02.0467 7408 Scan finished
17:00:02.0467 7408 ============================================================
17:00:02.0473 10464 Detected object count: 1
17:00:02.0473 10464 Actual detected object count: 1
17:00:24.0354 10464 \Device\Harddisk0\DR0\# - copied to quarantine
17:00:24.0358 10464 \Device\Harddisk0\DR0 - copied to quarantine
17:00:24.0451 10464 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
17:00:36.0509 10464 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:00:36.0566 10464 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:00:38.0715 10464 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:00:38.0741 10464 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
17:00:38.0744 10464 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
17:00:38.0749 10464 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:00:38.0754 10464 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:00:38.0946 10464 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:00:39.0037 10464 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
17:00:39.0042 10464 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
17:00:39.0046 10464 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
17:00:39.0073 10464 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
17:00:39.0996 10464 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
17:00:39.0998 10464 \Device\Harddisk0\DR0 - ok
17:00:40.0015 10464 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

#7 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 25 October 2012 - 08:21 PM

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.25.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Marshall&Robin :: RSCAENSD [administrator]

Protection: Enabled

10/25/2012 5:12:53 PM
mbam-log-2012-10-25 (17-12-53).txt

Scan type: Full scan (C:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 573568
Time elapsed: 3 hour(s), 41 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\TDSSKiller_Quarantine\25.10.2012_16.59.27\mbr0000\tdlfs0000\tsk0002.dta (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\0.005232215210181579.exe (Exploit.Drop.UR.2) -> Quarantined and deleted successfully.
C:\Windows\svchost(91).exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

(end)

Thanks again for all the help!

#8 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 25 October 2012 - 08:28 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Marshall&Robin (administrator) on 25-10-2012 at 21:26:00
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : RSCAENSD
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lcec.pwr

Ethernet adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Check Point Virtual Network Adapter For Endpoint VPN Client
Physical Address. . . . . . . . . : 54-CF-56-04-72-0D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : B8-AC-6F-AF-04-E4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7997:21d7:45a0:da48%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, October 25, 2012 9:23:19 PM
Lease Expires . . . . . . . . . . : Friday, October 26, 2012 9:23:08 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 246983791
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-F6-28-54-B8-AC-6F-AF-04-E4
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{2B9CA078-D7BD-4D8A-A4A9-3B766E3374A3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3825:9196:b8fc:f32(Preferred)
Link-local IPv6 Address . . . . . : fe80::3825:9196:b8fc:f32%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{19B09F54-1C5B-4845-B215-44C19DB0322F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:4008:801::1003
74.125.229.201
74.125.229.206
74.125.229.192
74.125.229.193
74.125.229.194
74.125.229.195
74.125.229.196
74.125.229.197
74.125.229.198
74.125.229.199
74.125.229.200


Pinging google.com [74.125.229.206] with 32 bytes of data:
Reply from 74.125.229.206: bytes=32 time=118ms TTL=54
Reply from 74.125.229.206: bytes=32 time=16ms TTL=54

Ping statistics for 74.125.229.206:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 118ms, Average = 67ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=208ms TTL=46
Request timed out.

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 208ms, Maximum = 208ms, Average = 208ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 6ms, Average = 4ms
===========================================================================
Interface List
14...54 cf 56 04 72 0d ......Check Point Virtual Network Adapter For Endpoint VPN Client
10...b8 ac 6f af 04 e4 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.5 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.5 276
192.168.0.5 255.255.255.255 On-link 192.168.0.5 276
192.168.0.255 255.255.255.255 On-link 192.168.0.5 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.5 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.5 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:3825:9196:b8fc:f32/128
On-link
10 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::3825:9196:b8fc:f32/128
On-link
10 276 fe80::7997:21d7:45a0:da48/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/25/2012 04:59:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/25/2012 02:45:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a
Exception code: 0xc0000005
Fault offset: 0x001d9ad6
Faulting process id: 0xdb8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/25/2012 02:05:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a
Exception code: 0xc0000005
Fault offset: 0x001d9ad6
Faulting process id: 0x24c4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/25/2012 00:51:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a
Exception code: 0xc0000005
Fault offset: 0x001d9ad6
Faulting process id: 0x1854
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/25/2012 11:14:03 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a
Exception code: 0xc0000005
Fault offset: 0x001d9ad6
Faulting process id: 0x1aa0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/25/2012 03:24:21 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a
Exception code: 0xc0000005
Fault offset: 0x001d9ad6
Faulting process id: 0x1c58
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/25/2012 00:30:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/24/2012 11:30:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a
Exception code: 0xc0000005
Fault offset: 0x001d9ad6
Faulting process id: 0x122c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/24/2012 09:10:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/24/2012 04:27:07 AM) (Source: .NET Runtime) (User: )
Description: Application: svchost.exe
CoreCLR Version: 4.1.10329.0
Description: The process was terminated due to an internal error in the .NET Runtime at IP 7374E26A (73730000) with exit code 80131506.


System errors:
=============
Error: (10/25/2012 09:23:38 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (10/25/2012 09:23:18 PM) (Source: Service Control Manager) (User: )
Description: The tandpl service failed to start due to the following error:
%%1275

Error: (10/25/2012 09:23:18 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\tandpl.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/25/2012 09:23:13 PM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (10/25/2012 09:23:10 PM) (Source: Service Control Manager) (User: )
Description: The enodpl service failed to start due to the following error:
%%1275

Error: (10/25/2012 09:23:10 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\enodpl.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/25/2012 09:23:10 PM) (Source: Service Control Manager) (User: )
Description: The dleaCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (10/25/2012 09:23:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the dleaCATSCustConnectService service to connect.

Error: (10/25/2012 05:08:38 PM) (Source: DCOM) (User: )
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}

Error: (10/25/2012 05:05:51 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.


Microsoft Office Sessions:
=========================
Error: (10/25/2012 04:59:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marshall&Robin\Downloads\esetsmartinstaller_enu.exe

Error: (10/25/2012 02:45:17 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5MSHTML.dll9.0.8112.1645050372c8ac0000005001d9ad6db801cdb2db5c0fa9b6\\.\globalroot\systemroot\svchost.exeC:\Windows\system32\MSHTML.dll1e1c169c-1ed4-11e2-98cf-54cf5604720d

Error: (10/25/2012 02:05:37 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5MSHTML.dll9.0.8112.1645050372c8ac0000005001d9ad624c401cdb2d0ff957398\\.\globalroot\systemroot\svchost.exeC:\Windows\system32\MSHTML.dll939b1c62-1ece-11e2-98cf-54cf5604720d

Error: (10/25/2012 00:51:27 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5MSHTML.dll9.0.8112.1645050372c8ac0000005001d9ad6185401cdb2c364829bf3\\.\globalroot\systemroot\svchost.exeC:\Windows\system32\MSHTML.dll371d0614-1ec4-11e2-98cf-54cf5604720d

Error: (10/25/2012 11:14:03 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5MSHTML.dll9.0.8112.1645050372c8ac0000005001d9ad61aa001cdb281c696b997\\.\globalroot\systemroot\svchost.exeC:\Windows\system32\MSHTML.dll9be894dc-1eb6-11e2-98cf-54cf5604720d

Error: (10/25/2012 03:24:21 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5MSHTML.dll9.0.8112.1645050372c8ac0000005001d9ad61c5801cdb2611fc68654\\.\globalroot\systemroot\svchost.exeC:\Windows\system32\MSHTML.dllfe16d203-1e74-11e2-98cf-54cf5604720d

Error: (10/25/2012 00:30:53 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/24/2012 11:30:37 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5MSHTML.dll9.0.8112.1645050372c8ac0000005001d9ad6122c01cdb244f38a81e7\\.\globalroot\systemroot\svchost.exeC:\Windows\system32\MSHTML.dll57490020-1e54-11e2-98cf-54cf5604720d

Error: (10/24/2012 09:10:17 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/24/2012 04:27:07 AM) (Source: .NET Runtime)(User: )
Description: Application: svchost.exe
CoreCLR Version: 4.1.10329.0
Description: The process was terminated due to an internal error in the .NET Runtime at IP 7374E26A (73730000) with exit code 80131506.


=========================== Installed Programs ============================

ActivePrint for iPhone (Version: 7.3.8)
Adobe AIR (Version: 3.4.0.2540)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 9.4.4 (Version: 9.4.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Air Photo Server (Version: 1.1.0)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.009.1209.2334)
Audacity 1.2.6
Bonjour (Version: 3.0.0.10)
Bonjour Print Services (Version: 2.0.2.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Full Existing (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Full New (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Light (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Previews Common (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Previews Vista (Version: 2009.1209.2335.42329)
Catalyst Control Center InstallProxy (Version: 2009.1209.2335.42329)
Catalyst Control Center InstallProxy (Version: 2012.0806.1213.19931)
Catalyst Control Center Localization All (Version: 2009.1209.2335.42329)
ccc-core-static (Version: 2009.1209.2335.42329)
ccc-utility64 (Version: 2009.1209.2335.42329)
CCC Help Chinese Standard (Version: 2009.1209.2334.42329)
CCC Help Chinese Traditional (Version: 2009.1209.2334.42329)
CCC Help Czech (Version: 2009.1209.2334.42329)
CCC Help Danish (Version: 2009.1209.2334.42329)
CCC Help Dutch (Version: 2009.1209.2334.42329)
CCC Help English (Version: 2009.1209.2334.42329)
CCC Help Finnish (Version: 2009.1209.2334.42329)
CCC Help French (Version: 2009.1209.2334.42329)
CCC Help German (Version: 2009.1209.2334.42329)
CCC Help Greek (Version: 2009.1209.2334.42329)
CCC Help Hungarian (Version: 2009.1209.2334.42329)
CCC Help Italian (Version: 2009.1209.2334.42329)
CCC Help Japanese (Version: 2009.1209.2334.42329)
CCC Help Korean (Version: 2009.1209.2334.42329)
CCC Help Norwegian (Version: 2009.1209.2334.42329)
CCC Help Polish (Version: 2009.1209.2334.42329)
CCC Help Portuguese (Version: 2009.1209.2334.42329)
CCC Help Russian (Version: 2009.1209.2334.42329)
CCC Help Spanish (Version: 2009.1209.2334.42329)
CCC Help Swedish (Version: 2009.1209.2334.42329)
CCC Help Thai (Version: 2009.1209.2334.42329)
CCC Help Turkish (Version: 2009.1209.2334.42329)
Check Point Endpoint Connect (Version: 5.41.0000)
Consumer In-Home Service Agreement (Version: 2.0.0)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 1.2.0011)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Toolbar (Version: 1.8.12.0)
Dell V310-V510 Series
DHTML Editing Component (Version: 6.02.0001)
DirectXInstallService (Version: 9.0.2)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
Geocaching Tools (Version: 0.3.45)
Google Chrome (Version: 22.0.1229.94)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GoToAssist 8.0.0.514
GPSBabel 1.4.2
GpxView
GSAK 7.7.3.53 (Final)
hx2000 WM5 Drivers Update
iCloud (Version: 1.1.0.40)
Intel® Control Center (Version: 1.2.0.1006)
Intel® Rapid Storage Technology (Version: 9.5.0.1037)
iTunes (Version: 10.6.3.25)
iTunesFolderWatch (Version: 2.0.04)
Japanese Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 26 (Version: 6.0.260)
Junk Mail filter update (Version: 15.4.3502.0922)
Korean Fonts Support For Adobe Reader 9 (Version: 9.0.0)
LAME v3.98.3 for Audacity
Logitech SetPoint 6.20 (Version: 6.20.64)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MapSend DirectRoute North America
MapSend Lite
MapSend Manager
McAfee SecurityCenter (Version: 11.6.435)
Messageware AttachView Add-in for Saving Files x64
meta-iPod, the iTunes Cleaner 1.7
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.4.915.1)
Quicken 2009 (Version: 18.1.1.29)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.5953)
Rinse (uninstall)
Roblox for Marshall&Robin
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.33.19.4)
Satellite Direct v8.13.1.0
Shared C Run-time for x64 (Version: 10.0.0)
Skins (Version: 2009.1209.2335.42329)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
THX TruStudio PC (Version: 1.0)
Turbo Lister 2 (Version: 2.00.0000)
Unity Web Player (Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VD64Inst (Version: 1.00.0000)
Veetle TV 0.9.18 (Version: 0.9.18)
vShare Plugin
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Center (Version: 6.1.6965.0)

========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 8151.08 MB
Available physical RAM: 6333.94 MB
Total Pagefile: 16300.35 MB
Available Pagefile: 14240.95 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.55 MB

========================= Partitions: =====================================

1 Drive c: (RSCAENSD) (Fixed) (Total:920.59 GB) (Free:713.1 GB) NTFS
3 Drive f: (RSCAENSD_BU_500GB) (Fixed) (Total:465.76 GB) (Free:93.93 GB) NTFS

========================= Users: ========================================

User accounts for \\RSCAENSD

Administrator Guest Marshall&Robin

========================= Restore Points ==================================

18-10-2012 07:00:22 Windows Update
18-10-2012 22:31:14 Windows Update
19-10-2012 07:00:25 Windows Update
20-10-2012 07:00:12 Windows Update
21-10-2012 07:00:32 Windows Update
21-10-2012 16:00:13 Windows Backup
22-10-2012 23:47:13 Windows Update
23-10-2012 07:00:25 Windows Update
25-10-2012 00:12:12 Windows Update
25-10-2012 07:00:11 Windows Update

**** End of log ****

#9 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 25 October 2012 - 08:33 PM

Farbar Service Scanner Version: 19-10-2012
Ran by Marshall&Robin (administrator) on 25-10-2012 at 21:30:48
Running from "C:\Users\Marshall&Robin\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Not sure how or why system restore, windows update, and windows defender are "disabled policy" - usually thought those were auto start services?

#10 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 25 October 2012 - 08:38 PM

# AdwCleaner v2.005 - Logfile created 10/25/2012 at 21:35:21
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Marshall&Robin - RSCAENSD
# Boot Mode : Normal
# Running from : C:\Users\Marshall&Robin\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\vShare
Folder Deleted : C:\Users\Marshall&Robin\AppData\LocalLow\vShare

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Deleted : HKCU\Software\vShare
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E315C81-442B-431C-AEC8-ED189699EC24}
Key Deleted : HKLM\SOFTWARE\Classes\vShare.IMedixProtocol
Key Deleted : HKLM\SOFTWARE\Classes\vShare.IMedixProtocol.1
Key Deleted : HKLM\SOFTWARE\Classes\vShare.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\vShare.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers
Key Deleted : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\vShare
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{043C5167-00BB-4324-AF7E-62013FAEDACF}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{043C5167-00BB-4324-AF7E-62013FAEDACF}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Marshall&Robin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3349 octets] - [25/10/2012 21:35:21]

########## EOF - C:\AdwCleaner[S1].txt - [3409 octets] ##########

#11 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 25 October 2012 - 09:38 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 2.1.6 (10.25.2012)
OS: Windows 7 Home Premium x64
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Thu 10/25/2012 at 21:55:35.92
End of Report


Lots of scanning, looking better, I think? Thanks!

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 AM

Posted 25 October 2012 - 09:40 PM

Restart the PC.Run TDSSkiller again and post the log.

NOTE:If TDSSkiller still detects rootkit,let me know

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#13 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 26 October 2012 - 04:35 PM

Yeah - No detect on rootkit!

17:32:43.0257 6384 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
17:32:44.0131 6384 ============================================================
17:32:44.0131 6384 Current date / time: 2012/10/26 17:32:44.0131
17:32:44.0131 6384 SystemInfo:
17:32:44.0131 6384
17:32:44.0131 6384 OS Version: 6.1.7601 ServicePack: 1.0
17:32:44.0131 6384 Product type: Workstation
17:32:44.0131 6384 ComputerName: RSCAENSD
17:32:44.0131 6384 UserName: Marshall&Robin
17:32:44.0131 6384 Windows directory: C:\Windows
17:32:44.0131 6384 System windows directory: C:\Windows
17:32:44.0131 6384 Running under WOW64
17:32:44.0131 6384 Processor architecture: Intel x64
17:32:44.0131 6384 Number of processors: 8
17:32:44.0131 6384 Page size: 0x1000
17:32:44.0131 6384 Boot type: Normal boot
17:32:44.0131 6384 ============================================================
17:32:44.0755 6384 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:32:44.0771 6384 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:32:44.0817 6384 ============================================================
17:32:44.0817 6384 \Device\Harddisk0\DR0:
17:32:44.0817 6384 MBR partitions:
17:32:44.0817 6384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x15C3000
17:32:44.0817 6384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15D7000, BlocksNum 0x7312F000
17:32:44.0817 6384 \Device\Harddisk1\DR1:
17:32:44.0833 6384 MBR partitions:
17:32:44.0833 6384 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
17:32:44.0833 6384 ============================================================
17:32:44.0864 6384 C: <-> \Device\Harddisk0\DR0\Partition2
17:32:44.0880 6384 F: <-> \Device\Harddisk1\DR1\Partition1
17:32:44.0880 6384 ============================================================
17:32:44.0880 6384 Initialize success
17:32:44.0880 6384 ============================================================
17:32:49.0123 7752 ============================================================
17:32:49.0123 7752 Scan started
17:32:49.0123 7752 Mode: Manual;
17:32:49.0123 7752 ============================================================
17:32:51.0666 7752 ================ Scan system memory ========================
17:32:51.0666 7752 System memory - ok
17:32:51.0666 7752 ================ Scan services =============================
17:32:51.0775 7752 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:32:51.0853 7752 1394ohci - ok
17:32:51.0884 7752 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:32:51.0884 7752 ACPI - ok
17:32:51.0900 7752 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:32:51.0962 7752 AcpiPmi - ok
17:32:52.0056 7752 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:32:52.0056 7752 AdobeFlashPlayerUpdateSvc - ok
17:32:52.0103 7752 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:32:52.0118 7752 adp94xx - ok
17:32:52.0149 7752 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:32:52.0165 7752 adpahci - ok
17:32:52.0165 7752 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:32:52.0181 7752 adpu320 - ok
17:32:52.0212 7752 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:32:52.0212 7752 AeLookupSvc - ok
17:32:52.0259 7752 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:32:52.0274 7752 AFD - ok
17:32:52.0290 7752 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:32:52.0290 7752 agp440 - ok
17:32:52.0305 7752 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:32:52.0321 7752 ALG - ok
17:32:52.0337 7752 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:32:52.0337 7752 aliide - ok
17:32:52.0368 7752 [ 41A0813F22D3330C0CA71CE5BBD42B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:32:52.0446 7752 AMD External Events Utility - ok
17:32:52.0477 7752 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:32:52.0477 7752 amdide - ok
17:32:52.0477 7752 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:32:52.0493 7752 AmdK8 - ok
17:32:52.0789 7752 [ 37456BE85384E4CC38DC899F07F88C45 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:32:53.0101 7752 amdkmdag - ok
17:32:53.0132 7752 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:32:53.0163 7752 amdkmdap - ok
17:32:53.0195 7752 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:32:53.0195 7752 AmdPPM - ok
17:32:53.0210 7752 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:32:53.0288 7752 amdsata - ok
17:32:53.0319 7752 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:32:53.0319 7752 amdsbs - ok
17:32:53.0335 7752 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:32:53.0397 7752 amdxata - ok
17:32:53.0429 7752 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:32:53.0460 7752 AppID - ok
17:32:53.0475 7752 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:32:53.0491 7752 AppIDSvc - ok
17:32:53.0522 7752 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:32:53.0522 7752 Appinfo - ok
17:32:53.0663 7752 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:32:53.0663 7752 Apple Mobile Device - ok
17:32:53.0678 7752 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:32:53.0694 7752 arc - ok
17:32:53.0694 7752 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:32:53.0709 7752 arcsas - ok
17:32:53.0881 7752 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:32:53.0897 7752 aspnet_state - ok
17:32:53.0959 7752 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:32:53.0959 7752 AsyncMac - ok
17:32:53.0975 7752 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:32:53.0975 7752 atapi - ok
17:32:54.0037 7752 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
17:32:54.0037 7752 AtiHdmiService - ok
17:32:54.0162 7752 [ 37456BE85384E4CC38DC899F07F88C45 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:32:54.0193 7752 atikmdag - ok
17:32:54.0240 7752 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:32:54.0240 7752 AudioEndpointBuilder - ok
17:32:54.0255 7752 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:32:54.0255 7752 AudioSrv - ok
17:32:54.0287 7752 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:32:54.0349 7752 AxInstSV - ok
17:32:54.0380 7752 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:32:54.0380 7752 b06bdrv - ok
17:32:54.0396 7752 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:32:54.0396 7752 b57nd60a - ok
17:32:54.0427 7752 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:32:54.0427 7752 BDESVC - ok
17:32:54.0443 7752 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:32:54.0443 7752 Beep - ok
17:32:54.0489 7752 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:32:54.0505 7752 BFE - ok
17:32:54.0552 7752 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:32:54.0567 7752 BITS - ok
17:32:54.0599 7752 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:32:54.0614 7752 blbdrive - ok
17:32:54.0645 7752 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:32:54.0661 7752 Bonjour Service - ok
17:32:54.0708 7752 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:32:54.0708 7752 bowser - ok
17:32:54.0723 7752 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:32:54.0739 7752 BrFiltLo - ok
17:32:54.0739 7752 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:32:54.0755 7752 BrFiltUp - ok
17:32:54.0786 7752 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:32:54.0848 7752 Browser - ok
17:32:54.0911 7752 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:32:54.0957 7752 Brserid - ok
17:32:54.0973 7752 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:32:54.0973 7752 BrSerWdm - ok
17:32:54.0989 7752 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:32:54.0989 7752 BrUsbMdm - ok
17:32:55.0004 7752 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:32:55.0004 7752 BrUsbSer - ok
17:32:55.0020 7752 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:32:55.0035 7752 BTHMODEM - ok
17:32:55.0051 7752 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:32:55.0051 7752 bthserv - ok
17:32:55.0067 7752 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:32:55.0067 7752 cdfs - ok
17:32:55.0113 7752 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:32:55.0113 7752 cdrom - ok
17:32:55.0145 7752 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:32:55.0145 7752 CertPropSvc - ok
17:32:55.0176 7752 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
17:32:55.0176 7752 cfwids - ok
17:32:55.0191 7752 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:32:55.0207 7752 circlass - ok
17:32:55.0238 7752 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:32:55.0238 7752 CLFS - ok
17:32:55.0285 7752 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:32:55.0285 7752 clr_optimization_v2.0.50727_32 - ok
17:32:55.0316 7752 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:32:55.0332 7752 clr_optimization_v2.0.50727_64 - ok
17:32:55.0394 7752 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:32:55.0441 7752 clr_optimization_v4.0.30319_32 - ok
17:32:55.0488 7752 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:32:55.0581 7752 clr_optimization_v4.0.30319_64 - ok
17:32:55.0581 7752 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:32:55.0581 7752 CmBatt - ok
17:32:55.0597 7752 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:32:55.0597 7752 cmdide - ok
17:32:55.0644 7752 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:32:55.0659 7752 CNG - ok
17:32:55.0675 7752 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:32:55.0675 7752 Compbatt - ok
17:32:55.0691 7752 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:32:55.0691 7752 CompositeBus - ok
17:32:55.0706 7752 COMSysApp - ok
17:32:55.0722 7752 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:32:55.0722 7752 crcdisk - ok
17:32:55.0753 7752 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:32:55.0753 7752 CryptSvc - ok
17:32:55.0800 7752 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:32:55.0815 7752 DcomLaunch - ok
17:32:55.0831 7752 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:32:55.0831 7752 defragsvc - ok
17:32:55.0878 7752 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:32:55.0878 7752 DfsC - ok
17:32:55.0909 7752 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:32:55.0925 7752 Dhcp - ok
17:32:55.0971 7752 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:32:55.0971 7752 discache - ok
17:32:56.0003 7752 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:32:56.0003 7752 Disk - ok
17:32:56.0112 7752 [ E0D525515537E60ABA8F3E29209F02E8 ] dleaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
17:32:56.0190 7752 dleaCATSCustConnectService - ok
17:32:56.0190 7752 dlea_device - ok
17:32:56.0205 7752 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:32:56.0221 7752 Dnscache - ok
17:32:56.0252 7752 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
17:32:56.0299 7752 DockLoginService - ok
17:32:56.0346 7752 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:32:56.0408 7752 dot3svc - ok
17:32:56.0439 7752 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:32:56.0439 7752 DPS - ok
17:32:56.0455 7752 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:32:56.0455 7752 drmkaud - ok
17:32:56.0564 7752 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:32:56.0658 7752 DXGKrnl - ok
17:32:56.0673 7752 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:32:56.0673 7752 EapHost - ok
17:32:56.0736 7752 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:32:56.0814 7752 ebdrv - ok
17:32:56.0829 7752 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:32:56.0845 7752 EFS - ok
17:32:56.0861 7752 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:32:56.0954 7752 ehRecvr - ok
17:32:56.0970 7752 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:32:56.0985 7752 ehSched - ok
17:32:57.0001 7752 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:32:57.0017 7752 elxstor - ok
17:32:57.0032 7752 enodpl - ok
17:32:57.0157 7752 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:32:57.0173 7752 ErrDev - ok
17:32:57.0219 7752 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:32:57.0219 7752 EventSystem - ok
17:32:57.0235 7752 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:32:57.0251 7752 exfat - ok
17:32:57.0266 7752 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:32:57.0282 7752 fastfat - ok
17:32:57.0313 7752 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:32:57.0329 7752 Fax - ok
17:32:57.0344 7752 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:32:57.0344 7752 fdc - ok
17:32:57.0360 7752 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:32:57.0360 7752 fdPHost - ok
17:32:57.0375 7752 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:32:57.0375 7752 FDResPub - ok
17:32:57.0391 7752 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:32:57.0391 7752 FileInfo - ok
17:32:57.0407 7752 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:32:57.0407 7752 Filetrace - ok
17:32:57.0469 7752 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:32:57.0563 7752 FLEXnet Licensing Service - ok
17:32:57.0578 7752 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:32:57.0578 7752 flpydisk - ok
17:32:57.0594 7752 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:32:57.0594 7752 FltMgr - ok
17:32:57.0641 7752 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:32:57.0672 7752 FontCache - ok
17:32:57.0719 7752 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:32:57.0812 7752 FontCache3.0.0.0 - ok
17:32:57.0828 7752 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:32:57.0828 7752 FsDepends - ok
17:32:57.0859 7752 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:32:57.0953 7752 Fs_Rec - ok
17:32:57.0968 7752 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:32:57.0968 7752 fvevol - ok
17:32:57.0984 7752 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:32:57.0984 7752 gagp30kx - ok
17:32:58.0015 7752 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:32:58.0015 7752 GEARAspiWDM - ok
17:32:58.0046 7752 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
17:32:58.0046 7752 GoToAssist - ok
17:32:58.0093 7752 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:32:58.0093 7752 gpsvc - ok
17:32:58.0155 7752 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:32:58.0155 7752 gupdate - ok
17:32:58.0155 7752 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:32:58.0155 7752 gupdatem - ok
17:32:58.0327 7752 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:32:58.0405 7752 gusvc - ok
17:32:58.0405 7752 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:32:58.0421 7752 hcw85cir - ok
17:32:58.0436 7752 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:32:58.0436 7752 HDAudBus - ok
17:32:58.0452 7752 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:32:58.0452 7752 HECIx64 - ok
17:32:58.0483 7752 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:32:58.0483 7752 HidBatt - ok
17:32:58.0499 7752 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:32:58.0499 7752 HidBth - ok
17:32:58.0514 7752 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:32:58.0514 7752 HidIr - ok
17:32:58.0545 7752 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:32:58.0545 7752 hidserv - ok
17:32:58.0561 7752 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:32:58.0623 7752 HidUsb - ok
17:32:58.0686 7752 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
17:32:58.0701 7752 HipShieldK - ok
17:32:58.0733 7752 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:32:58.0733 7752 hkmsvc - ok
17:32:58.0764 7752 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:32:58.0764 7752 HomeGroupListener - ok
17:32:58.0795 7752 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:32:58.0811 7752 HomeGroupProvider - ok
17:32:58.0826 7752 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:32:58.0920 7752 HpSAMD - ok
17:32:58.0951 7752 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:32:58.0951 7752 HTTP - ok
17:32:58.0982 7752 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:32:58.0982 7752 hwpolicy - ok
17:32:59.0013 7752 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:32:59.0013 7752 i8042prt - ok
17:32:59.0060 7752 [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:32:59.0060 7752 iaStor - ok
17:32:59.0091 7752 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:32:59.0091 7752 IAStorDataMgrSvc - ok
17:32:59.0138 7752 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:32:59.0232 7752 iaStorV - ok
17:32:59.0263 7752 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:32:59.0325 7752 idsvc - ok
17:32:59.0388 7752 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:32:59.0388 7752 iirsp - ok
17:32:59.0466 7752 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:32:59.0481 7752 IKEEXT - ok
17:32:59.0544 7752 [ EE64207F2F5C20BFE5F73DB2566C4601 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:32:59.0653 7752 IntcAzAudAddService - ok
17:32:59.0669 7752 [ 49072EDBC5C2F964917D1B585C90ED0A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:32:59.0762 7752 IntcDAud - ok
17:32:59.0778 7752 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:32:59.0793 7752 intelide - ok
17:32:59.0793 7752 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:32:59.0793 7752 intelppm - ok
17:32:59.0825 7752 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:32:59.0840 7752 IPBusEnum - ok
17:32:59.0871 7752 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:32:59.0949 7752 IpFilterDriver - ok
17:32:59.0981 7752 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:32:59.0981 7752 iphlpsvc - ok
17:32:59.0981 7752 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:33:00.0027 7752 IPMIDRV - ok
17:33:00.0043 7752 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:33:00.0059 7752 IPNAT - ok
17:33:00.0105 7752 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:33:00.0121 7752 iPod Service - ok
17:33:00.0137 7752 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:33:00.0137 7752 IRENUM - ok
17:33:00.0168 7752 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:33:00.0168 7752 isapnp - ok
17:33:00.0183 7752 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:33:00.0246 7752 iScsiPrt - ok
17:33:00.0277 7752 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
17:33:00.0277 7752 k57nd60a - ok
17:33:00.0277 7752 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:33:00.0293 7752 kbdclass - ok
17:33:00.0293 7752 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:33:00.0293 7752 kbdhid - ok
17:33:00.0308 7752 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:33:00.0308 7752 KeyIso - ok
17:33:00.0355 7752 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:33:00.0355 7752 KSecDD - ok
17:33:00.0386 7752 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:33:00.0386 7752 KSecPkg - ok
17:33:00.0402 7752 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:33:00.0402 7752 ksthunk - ok
17:33:00.0464 7752 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:33:00.0511 7752 KtmRm - ok
17:33:00.0558 7752 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:33:00.0558 7752 LanmanServer - ok
17:33:00.0605 7752 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:33:00.0605 7752 LanmanWorkstation - ok
17:33:00.0698 7752 [ 4ADC135F525D38A498F83B089228CC2D ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:33:00.0792 7752 LBTServ - ok
17:33:00.0823 7752 [ 24E09882BA51B9830AE029888A3AAF18 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:33:00.0823 7752 LHidFilt - ok
17:33:00.0839 7752 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:33:00.0839 7752 lltdio - ok
17:33:00.0854 7752 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:33:00.0870 7752 lltdsvc - ok
17:33:00.0885 7752 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:33:00.0885 7752 lmhosts - ok
17:33:00.0901 7752 [ 2F94325D8C10E2B715F3D753C2422AAC ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:33:00.0963 7752 LMouFilt - ok
17:33:00.0979 7752 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:33:00.0979 7752 LSI_FC - ok
17:33:00.0995 7752 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:33:00.0995 7752 LSI_SAS - ok
17:33:01.0010 7752 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:33:01.0010 7752 LSI_SAS2 - ok
17:33:01.0026 7752 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:33:01.0041 7752 LSI_SCSI - ok
17:33:01.0073 7752 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:33:01.0073 7752 luafv - ok
17:33:01.0088 7752 [ B8BE35421B9E8DC1AB4B0CB7B9B0328B ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
17:33:01.0151 7752 LUsbFilt - ok
17:33:01.0182 7752 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:33:01.0213 7752 MBAMProtector - ok
17:33:01.0244 7752 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:33:01.0260 7752 MBAMScheduler - ok
17:33:01.0291 7752 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:33:01.0307 7752 MBAMService - ok
17:33:01.0369 7752 [ 944B3087B142CD9BF8DA6B3039FBFBA5 ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
17:33:01.0572 7752 McciCMService - ok
17:33:01.0712 7752 [ FBD57A7C443C85CC6C6169493A020FDF ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
17:33:01.0728 7752 McciCMService64 - ok
17:33:01.0775 7752 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:33:01.0790 7752 McMPFSvc - ok
17:33:01.0806 7752 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:33:01.0806 7752 mcmscsvc - ok
17:33:01.0821 7752 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:33:01.0821 7752 McNaiAnn - ok
17:33:01.0821 7752 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:33:01.0821 7752 McNASvc - ok
17:33:01.0915 7752 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
17:33:01.0915 7752 McODS - ok
17:33:01.0931 7752 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:33:01.0931 7752 McOobeSv - ok
17:33:01.0931 7752 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:33:01.0946 7752 McProxy - ok
17:33:01.0993 7752 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:33:02.0055 7752 McShield - ok
17:33:02.0102 7752 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:33:02.0165 7752 Mcx2Svc - ok
17:33:02.0196 7752 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:33:02.0196 7752 megasas - ok
17:33:02.0211 7752 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:33:02.0211 7752 MegaSR - ok
17:33:02.0243 7752 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
17:33:02.0243 7752 mfeapfk - ok
17:33:02.0258 7752 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
17:33:02.0352 7752 mfeavfk - ok
17:33:02.0367 7752 mfeavfk01 - ok
17:33:02.0399 7752 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:33:02.0399 7752 mfefire - ok
17:33:02.0414 7752 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
17:33:02.0492 7752 mfefirek - ok
17:33:02.0523 7752 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
17:33:02.0523 7752 mfehidk - ok
17:33:02.0555 7752 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
17:33:02.0555 7752 mferkdet - ok
17:33:02.0586 7752 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
17:33:02.0648 7752 mfevtp - ok
17:33:02.0711 7752 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
17:33:02.0789 7752 mfewfpk - ok
17:33:02.0976 7752 Microsoft SharePoint Workspace Audit Service - ok
17:33:03.0007 7752 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:33:03.0007 7752 MMCSS - ok
17:33:03.0038 7752 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:33:03.0054 7752 Modem - ok
17:33:03.0069 7752 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:33:03.0069 7752 monitor - ok
17:33:03.0085 7752 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
17:33:03.0101 7752 mouclass - ok
17:33:03.0101 7752 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:33:03.0116 7752 mouhid - ok
17:33:03.0147 7752 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:33:03.0147 7752 mountmgr - ok
17:33:03.0179 7752 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:33:03.0241 7752 mpio - ok
17:33:03.0272 7752 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:33:03.0272 7752 mpsdrv - ok
17:33:03.0319 7752 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:33:03.0335 7752 MpsSvc - ok
17:33:03.0366 7752 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
17:33:03.0444 7752 MREMP50 - ok
17:33:03.0444 7752 MREMP50a64 - ok
17:33:03.0444 7752 MREMPR5 - ok
17:33:03.0459 7752 MRENDIS5 - ok
17:33:03.0475 7752 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
17:33:03.0537 7752 MRESP50 - ok
17:33:03.0537 7752 MRESP50a64 - ok
17:33:03.0569 7752 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:33:03.0615 7752 MRxDAV - ok
17:33:03.0662 7752 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:33:03.0662 7752 mrxsmb - ok
17:33:03.0693 7752 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:33:03.0709 7752 mrxsmb10 - ok
17:33:03.0725 7752 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:33:03.0725 7752 mrxsmb20 - ok
17:33:03.0725 7752 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:33:03.0803 7752 msahci - ok
17:33:03.0803 7752 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:33:03.0849 7752 msdsm - ok
17:33:03.0865 7752 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:33:03.0881 7752 MSDTC - ok
17:33:03.0896 7752 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:33:03.0896 7752 Msfs - ok
17:33:03.0912 7752 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:33:03.0912 7752 mshidkmdf - ok
17:33:03.0943 7752 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:33:03.0943 7752 msisadrv - ok
17:33:04.0005 7752 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:33:04.0005 7752 MSiSCSI - ok
17:33:04.0021 7752 msiserver - ok
17:33:04.0037 7752 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:33:04.0037 7752 MSKSSRV - ok
17:33:04.0052 7752 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:33:04.0068 7752 MSPCLOCK - ok
17:33:04.0068 7752 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:33:04.0068 7752 MSPQM - ok
17:33:04.0099 7752 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:33:04.0099 7752 MsRPC - ok
17:33:04.0130 7752 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:33:04.0130 7752 mssmbios - ok
17:33:04.0146 7752 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:33:04.0146 7752 MSTEE - ok
17:33:04.0161 7752 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:33:04.0177 7752 MTConfig - ok
17:33:04.0193 7752 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:33:04.0193 7752 Mup - ok
17:33:04.0239 7752 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:33:04.0239 7752 napagent - ok
17:33:04.0271 7752 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:33:04.0271 7752 NativeWifiP - ok
17:33:04.0349 7752 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:33:04.0380 7752 NDIS - ok
17:33:04.0395 7752 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:33:04.0395 7752 NdisCap - ok
17:33:04.0411 7752 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:33:04.0411 7752 NdisTapi - ok
17:33:04.0442 7752 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:33:04.0520 7752 Ndisuio - ok
17:33:04.0536 7752 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:33:04.0614 7752 NdisWan - ok
17:33:04.0645 7752 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:33:04.0645 7752 NDProxy - ok
17:33:04.0661 7752 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:33:04.0661 7752 NetBIOS - ok
17:33:04.0692 7752 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:33:04.0692 7752 NetBT - ok
17:33:04.0707 7752 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:33:04.0707 7752 Netlogon - ok
17:33:04.0723 7752 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:33:04.0739 7752 Netman - ok
17:33:04.0770 7752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:33:04.0785 7752 NetMsmqActivator - ok
17:33:04.0785 7752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:33:04.0785 7752 NetPipeActivator - ok
17:33:04.0817 7752 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:33:04.0817 7752 netprofm - ok
17:33:04.0817 7752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:33:04.0832 7752 NetTcpActivator - ok
17:33:04.0832 7752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:33:04.0832 7752 NetTcpPortSharing - ok
17:33:04.0848 7752 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:33:04.0863 7752 nfrd960 - ok
17:33:04.0879 7752 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:33:04.0879 7752 NlaSvc - ok
17:33:04.0895 7752 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:33:04.0895 7752 Npfs - ok
17:33:04.0910 7752 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:33:04.0910 7752 nsi - ok
17:33:04.0926 7752 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:33:04.0926 7752 nsiproxy - ok
17:33:04.0988 7752 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:33:05.0019 7752 Ntfs - ok
17:33:05.0035 7752 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:33:05.0051 7752 Null - ok
17:33:05.0144 7752 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:33:05.0222 7752 nvraid - ok
17:33:05.0253 7752 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:33:05.0285 7752 nvstor - ok
17:33:05.0316 7752 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:33:05.0316 7752 nv_agp - ok
17:33:05.0331 7752 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:33:05.0331 7752 ohci1394 - ok
17:33:05.0378 7752 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:33:05.0472 7752 ose - ok
17:33:05.0612 7752 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:33:05.0643 7752 osppsvc - ok
17:33:05.0675 7752 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:33:05.0690 7752 p2pimsvc - ok
17:33:05.0706 7752 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:33:05.0721 7752 p2psvc - ok
17:33:05.0737 7752 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:33:05.0737 7752 Parport - ok
17:33:05.0768 7752 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:33:05.0784 7752 partmgr - ok
17:33:05.0799 7752 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:33:05.0799 7752 PcaSvc - ok
17:33:05.0815 7752 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:33:05.0815 7752 pci - ok
17:33:05.0862 7752 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:33:05.0862 7752 pciide - ok
17:33:05.0877 7752 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:33:05.0877 7752 pcmcia - ok
17:33:05.0909 7752 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:33:05.0924 7752 pcw - ok
17:33:05.0940 7752 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:33:05.0955 7752 PEAUTH - ok
17:33:06.0018 7752 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:33:06.0018 7752 PerfHost - ok
17:33:06.0080 7752 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:33:06.0174 7752 pla - ok
17:33:06.0267 7752 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:33:06.0283 7752 PlugPlay - ok
17:33:06.0330 7752 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:33:06.0330 7752 PNRPAutoReg - ok
17:33:06.0345 7752 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:33:06.0361 7752 PNRPsvc - ok
17:33:06.0377 7752 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:33:06.0392 7752 PolicyAgent - ok
17:33:06.0408 7752 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:33:06.0423 7752 Power - ok
17:33:06.0439 7752 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:33:06.0501 7752 PptpMiniport - ok
17:33:06.0517 7752 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:33:06.0517 7752 Processor - ok
17:33:06.0548 7752 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:33:06.0548 7752 ProfSvc - ok
17:33:06.0564 7752 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:33:06.0564 7752 ProtectedStorage - ok
17:33:06.0595 7752 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:33:06.0595 7752 Psched - ok
17:33:06.0657 7752 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:33:06.0657 7752 PxHlpa64 - ok
17:33:06.0704 7752 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:33:06.0751 7752 ql2300 - ok
17:33:06.0767 7752 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:33:06.0767 7752 ql40xx - ok
17:33:06.0782 7752 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:33:06.0798 7752 QWAVE - ok
17:33:06.0813 7752 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:33:06.0813 7752 QWAVEdrv - ok
17:33:06.0860 7752 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
17:33:06.0860 7752 RapiMgr - ok
17:33:06.0876 7752 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:33:06.0876 7752 RasAcd - ok
17:33:06.0907 7752 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:33:06.0907 7752 RasAgileVpn - ok
17:33:06.0938 7752 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:33:06.0954 7752 RasAuto - ok
17:33:06.0969 7752 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:33:06.0969 7752 Rasl2tp - ok
17:33:06.0985 7752 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:33:06.0985 7752 RasMan - ok
17:33:07.0001 7752 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:33:07.0001 7752 RasPppoe - ok
17:33:07.0016 7752 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:33:07.0016 7752 RasSstp - ok
17:33:07.0032 7752 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:33:07.0047 7752 rdbss - ok
17:33:07.0063 7752 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:33:07.0063 7752 rdpbus - ok
17:33:07.0079 7752 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:33:07.0079 7752 RDPCDD - ok
17:33:07.0094 7752 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:33:07.0094 7752 RDPENCDD - ok
17:33:07.0110 7752 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:33:07.0110 7752 RDPREFMP - ok
17:33:07.0157 7752 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:33:07.0203 7752 RDPWD - ok
17:33:07.0235 7752 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:33:07.0235 7752 rdyboost - ok
17:33:07.0250 7752 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:33:07.0250 7752 RemoteAccess - ok
17:33:07.0266 7752 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:33:07.0281 7752 RemoteRegistry - ok
17:33:07.0453 7752 [ 05FC44D32A144925EAE45570029FD6E1 ] RoxMediaDB10 c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
17:33:07.0469 7752 RoxMediaDB10 - ok
17:33:07.0484 7752 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:33:07.0484 7752 RpcEptMapper - ok
17:33:07.0531 7752 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:33:07.0531 7752 RpcLocator - ok
17:33:07.0593 7752 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:33:07.0593 7752 RpcSs - ok
17:33:07.0625 7752 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:33:07.0640 7752 rspndr - ok
17:33:07.0640 7752 RxFilter - ok
17:33:07.0656 7752 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:33:07.0656 7752 SamSs - ok
17:33:07.0687 7752 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:33:07.0749 7752 sbp2port - ok
17:33:07.0781 7752 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:33:07.0796 7752 SCardSvr - ok
17:33:07.0812 7752 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:33:07.0890 7752 scfilter - ok
17:33:07.0905 7752 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:33:07.0937 7752 Schedule - ok
17:33:07.0968 7752 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:33:07.0968 7752 SCPolicySvc - ok
17:33:07.0983 7752 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:33:07.0999 7752 SDRSVC - ok
17:33:08.0015 7752 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:33:08.0015 7752 secdrv - ok
17:33:08.0030 7752 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:33:08.0093 7752 seclogon - ok
17:33:08.0108 7752 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:33:08.0124 7752 SENS - ok
17:33:08.0124 7752 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:33:08.0124 7752 SensrSvc - ok
17:33:08.0139 7752 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:33:08.0139 7752 Serenum - ok
17:33:08.0155 7752 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:33:08.0155 7752 Serial - ok
17:33:08.0171 7752 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:33:08.0171 7752 sermouse - ok
17:33:08.0217 7752 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:33:08.0280 7752 SessionEnv - ok
17:33:08.0295 7752 SessionLauncher - ok
17:33:08.0311 7752 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:33:08.0327 7752 sffdisk - ok
17:33:08.0327 7752 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:33:08.0327 7752 sffp_mmc - ok
17:33:08.0342 7752 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:33:08.0405 7752 sffp_sd - ok
17:33:08.0420 7752 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:33:08.0420 7752 sfloppy - ok
17:33:08.0623 7752 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:33:08.0654 7752 SftService - ok
17:33:08.0701 7752 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:33:08.0701 7752 SharedAccess - ok
17:33:08.0732 7752 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:33:08.0732 7752 ShellHWDetection - ok
17:33:08.0748 7752 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:33:08.0748 7752 SiSRaid2 - ok
17:33:08.0779 7752 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:33:08.0779 7752 SiSRaid4 - ok
17:33:08.0795 7752 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:33:08.0810 7752 Smb - ok
17:33:08.0841 7752 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:33:08.0841 7752 SNMPTRAP - ok
17:33:08.0857 7752 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:33:08.0857 7752 spldr - ok
17:33:08.0888 7752 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:33:08.0904 7752 Spooler - ok
17:33:08.0997 7752 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:33:09.0060 7752 sppsvc - ok
17:33:09.0091 7752 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:33:09.0091 7752 sppuinotify - ok
17:33:09.0153 7752 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
17:33:09.0153 7752 sprtsvc_DellSupportCenter - ok
17:33:09.0200 7752 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:33:09.0216 7752 srv - ok
17:33:09.0247 7752 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:33:09.0247 7752 srv2 - ok
17:33:09.0263 7752 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:33:09.0341 7752 srvnet - ok
17:33:09.0372 7752 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:33:09.0387 7752 SSDPSRV - ok
17:33:09.0403 7752 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:33:09.0403 7752 SstpSvc - ok
17:33:09.0450 7752 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:33:09.0450 7752 stexstor - ok
17:33:09.0512 7752 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:33:09.0512 7752 stisvc - ok
17:33:09.0559 7752 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:33:09.0668 7752 stllssvr - ok
17:33:09.0715 7752 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:33:09.0715 7752 swenum - ok
17:33:09.0731 7752 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:33:09.0746 7752 swprv - ok
17:33:09.0809 7752 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:33:09.0871 7752 SysMain - ok
17:33:09.0902 7752 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:33:09.0965 7752 TabletInputService - ok
17:33:09.0996 7752 tandpl - ok
17:33:10.0027 7752 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:33:10.0089 7752 TapiSrv - ok
17:33:10.0105 7752 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:33:10.0105 7752 TBS - ok
17:33:10.0167 7752 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:33:10.0245 7752 Tcpip - ok
17:33:10.0292 7752 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:33:10.0308 7752 TCPIP6 - ok
17:33:10.0339 7752 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:33:10.0417 7752 tcpipreg - ok
17:33:10.0448 7752 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:33:10.0448 7752 TDPIPE - ok
17:33:10.0479 7752 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:33:10.0526 7752 TDTCP - ok
17:33:10.0573 7752 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:33:10.0573 7752 tdx - ok
17:33:10.0589 7752 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:33:10.0651 7752 TermDD - ok
17:33:10.0682 7752 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:33:10.0698 7752 TermService - ok
17:33:10.0776 7752 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:33:10.0776 7752 Themes - ok
17:33:10.0807 7752 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:33:10.0807 7752 THREADORDER - ok
17:33:10.0916 7752 [ 783D17247D34370212B26097FBFBAD80 ] TracSrvWrapper C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
17:33:10.0994 7752 TracSrvWrapper - ok
17:33:11.0010 7752 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:33:11.0010 7752 TrkWks - ok
17:33:11.0088 7752 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:33:11.0088 7752 TrustedInstaller - ok
17:33:11.0119 7752 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:33:11.0213 7752 tssecsrv - ok
17:33:11.0259 7752 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:33:11.0291 7752 TsUsbFlt - ok
17:33:11.0306 7752 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:33:11.0306 7752 tunnel - ok
17:33:11.0337 7752 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:33:11.0337 7752 uagp35 - ok
17:33:11.0369 7752 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:33:11.0447 7752 udfs - ok
17:33:11.0478 7752 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:33:11.0493 7752 UI0Detect - ok
17:33:11.0493 7752 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:33:11.0509 7752 uliagpkx - ok
17:33:11.0525 7752 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:33:11.0525 7752 umbus - ok
17:33:11.0556 7752 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:33:11.0556 7752 UmPass - ok
17:33:11.0571 7752 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:33:11.0587 7752 upnphost - ok
17:33:11.0618 7752 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:33:11.0712 7752 USBAAPL64 - ok
17:33:11.0727 7752 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:33:11.0759 7752 usbccgp - ok
17:33:11.0774 7752 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:33:11.0774 7752 usbcir - ok
17:33:11.0774 7752 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:33:11.0774 7752 usbehci - ok
17:33:11.0805 7752 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:33:11.0805 7752 usbhub - ok
17:33:11.0837 7752 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:33:11.0915 7752 usbohci - ok
17:33:11.0946 7752 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:33:11.0946 7752 usbprint - ok
17:33:11.0977 7752 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:33:11.0977 7752 usbscan - ok
17:33:11.0993 7752 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:33:12.0055 7752 USBSTOR - ok
17:33:12.0055 7752 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:33:12.0086 7752 usbuhci - ok
17:33:12.0102 7752 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:33:12.0102 7752 UxSms - ok
17:33:12.0117 7752 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:33:12.0117 7752 VaultSvc - ok
17:33:12.0117 7752 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:33:12.0117 7752 vdrvroot - ok
17:33:12.0149 7752 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:33:12.0180 7752 vds - ok
17:33:12.0180 7752 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:33:12.0180 7752 vga - ok
17:33:12.0195 7752 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:33:12.0195 7752 VgaSave - ok
17:33:12.0211 7752 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:33:12.0242 7752 vhdmp - ok
17:33:12.0258 7752 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:33:12.0258 7752 viaide - ok
17:33:12.0289 7752 [ A96AFA32F73C065B9AE9D1554CDD00FC ] vna_ap C:\Windows\system32\DRIVERS\vnaap.sys
17:33:12.0367 7752 vna_ap - ok
17:33:12.0367 7752 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:33:12.0414 7752 volmgr - ok
17:33:12.0429 7752 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:33:12.0445 7752 volmgrx - ok
17:33:12.0461 7752 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:33:12.0461 7752 volsnap - ok
17:33:12.0476 7752 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:33:12.0476 7752 vsmraid - ok
17:33:12.0539 7752 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:33:12.0601 7752 VSS - ok
17:33:12.0632 7752 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:33:12.0632 7752 vwifibus - ok
17:33:12.0648 7752 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:33:12.0648 7752 W32Time - ok
17:33:12.0663 7752 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:33:12.0663 7752 WacomPen - ok
17:33:12.0679 7752 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:33:12.0679 7752 WANARP - ok
17:33:12.0695 7752 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:33:12.0695 7752 Wanarpv6 - ok
17:33:12.0757 7752 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:33:12.0851 7752 WatAdminSvc - ok
17:33:12.0882 7752 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:33:12.0975 7752 wbengine - ok
17:33:13.0022 7752 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:33:13.0022 7752 WbioSrvc - ok
17:33:13.0053 7752 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:33:13.0053 7752 WcesComm - ok
17:33:13.0131 7752 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:33:13.0147 7752 wcncsvc - ok
17:33:13.0163 7752 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:33:13.0163 7752 WcsPlugInService - ok
17:33:13.0178 7752 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:33:13.0178 7752 Wd - ok
17:33:13.0209 7752 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:33:13.0225 7752 Wdf01000 - ok
17:33:13.0241 7752 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:33:13.0256 7752 WdiServiceHost - ok
17:33:13.0256 7752 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:33:13.0256 7752 WdiSystemHost - ok
17:33:13.0287 7752 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:33:13.0365 7752 WebClient - ok
17:33:13.0381 7752 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:33:13.0397 7752 Wecsvc - ok
17:33:13.0412 7752 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:33:13.0428 7752 wercplsupport - ok
17:33:13.0428 7752 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:33:13.0443 7752 WerSvc - ok
17:33:13.0475 7752 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:33:13.0475 7752 WfpLwf - ok
17:33:13.0490 7752 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
17:33:13.0568 7752 WimFltr - ok
17:33:13.0568 7752 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:33:13.0568 7752 WIMMount - ok
17:33:13.0599 7752 WinDefend - ok
17:33:13.0615 7752 WinHttpAutoProxySvc - ok
17:33:13.0646 7752 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:33:13.0662 7752 Winmgmt - ok
17:33:13.0740 7752 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:33:13.0818 7752 WinRM - ok
17:33:13.0880 7752 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\drivers\WinUSB.SYS
17:33:13.0958 7752 WinUsb - ok
17:33:14.0005 7752 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:33:14.0021 7752 Wlansvc - ok
17:33:14.0255 7752 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:33:14.0270 7752 wlidsvc - ok
17:33:14.0301 7752 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:33:14.0301 7752 WmiAcpi - ok
17:33:14.0333 7752 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:33:14.0348 7752 wmiApSrv - ok
17:33:14.0364 7752 WMPNetworkSvc - ok
17:33:14.0364 7752 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:33:14.0379 7752 WPCSvc - ok
17:33:14.0426 7752 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:33:14.0426 7752 WPDBusEnum - ok
17:33:14.0442 7752 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:33:14.0442 7752 ws2ifsl - ok
17:33:14.0457 7752 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:33:14.0457 7752 wscsvc - ok
17:33:14.0473 7752 WSearch - ok
17:33:14.0551 7752 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:33:14.0582 7752 wuauserv - ok
17:33:14.0582 7752 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:33:14.0582 7752 WudfPf - ok
17:33:14.0629 7752 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:33:14.0629 7752 WUDFRd - ok
17:33:14.0629 7752 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:33:14.0645 7752 wudfsvc - ok
17:33:14.0645 7752 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:33:14.0660 7752 WwanSvc - ok
17:33:14.0676 7752 ================ Scan global ===============================
17:33:14.0707 7752 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:33:14.0738 7752 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:33:14.0754 7752 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:33:14.0785 7752 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:33:14.0801 7752 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:33:14.0816 7752 [Global] - ok
17:33:14.0816 7752 ================ Scan MBR ==================================
17:33:14.0816 7752 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
17:33:14.0988 7752 \Device\Harddisk0\DR0 - ok
17:33:15.0019 7752 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:33:15.0035 7752 \Device\Harddisk1\DR1 - ok
17:33:15.0035 7752 ================ Scan VBR ==================================
17:33:15.0035 7752 [ 8E65A0CA1EF55EB76510CCCF1BE8ACF0 ] \Device\Harddisk0\DR0\Partition1
17:33:15.0035 7752 \Device\Harddisk0\DR0\Partition1 - ok
17:33:15.0035 7752 [ FDCEA2D05E62597881D8C5F0AEDDDA1F ] \Device\Harddisk0\DR0\Partition2
17:33:15.0050 7752 \Device\Harddisk0\DR0\Partition2 - ok
17:33:15.0050 7752 [ EBDDFD153FEB713BFEC939CA579F8CA0 ] \Device\Harddisk1\DR1\Partition1
17:33:15.0050 7752 \Device\Harddisk1\DR1\Partition1 - ok
17:33:15.0050 7752 ============================================================
17:33:15.0050 7752 Scan finished
17:33:15.0050 7752 ============================================================
17:33:15.0066 3280 Detected object count: 0
17:33:15.0066 3280 Actual detected object count: 0

#14 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 26 October 2012 - 04:37 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/26/2012 05:35:32 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Marshall&Robin\Desktop\rkill\rkill-10-26-2012-05-35-49.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
* HKCU\SOFTWARE\Classes\.exe has been deleted!

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/26/2012 05:36:00 PM
Execution time: 0 hours(s), 0 minute(s), and 27 seconds(s)

#15 rscaensd

rscaensd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 26 October 2012 - 04:42 PM

Autoruns.txt

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "dleamon.exe" "Printer Device Monitor" "" "c:\program files (x86)\dell v310-v510 series\dleamon.exe"
+ "EvtMgr6" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpointp\setpoint.exe"
+ "EzPrint" "" "" "c:\program files (x86)\dell v310-v510 series\ezprint.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "RunDLLEntry_EptMon" "" "Creative Technology Ltd." "c:\windows\system32\eptmon64.dll"
+ "RunDLLEntry_THXCfg" "" "Creative Technology Ltd." "c:\windows\system32\thxcfg64.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "Check Point Endpoint Connect" "Check Point Endpoint Connect GUI" "Check Point Software Technologies" "c:\program files (x86)\checkpoint\endpoint connect\trgui.exe"
+ "Dell DataSafe Online" "DataSafeOnline" "" "c:\program files (x86)\dell datasafe online\datasafeonline.exe"
+ "DellSupportCenter" "Dell Support Center Updates" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtcmd.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "ShwiconXP9106" "IconUtility ShwiconXP Application" "Alcor Micro Corp." "c:\program files (x86)\multimedia card reader(9106)\shwiconxp9106.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "THX Audio Control Panel" "THXAudio" "Creative Technology Ltd" "c:\program files (x86)\creative\thx trustudio pc\thxaudiocp\thxaudio.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ ""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"" "Update Client for Dell DataSafe Local Backup" "Dell" "c:\program files (x86)\dell datasafe local backup\components\dsupdate\dsupdate.exe"
"C:\Users\Marshall&Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apple Computer" "" "" "File not found: C:\Users\Marshall&Robin\AppData\Local\ATI\Apple Computer\jhczs.dll"
+ "CLink_Installer.Activation" "" "" "File not found: C:\Users\MARSHA~1\AppData\Local\Temp\CLink_Installer\McciInitializer.exe"
+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\ubd.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
+ "{6CE6B062-EF6C-465c-AF36-96C67DAD3B65}" "ActivePrint System" "Pocket Watch, LLC." "c:\program files (x86)\pocket watch, llc\activeprint for iphone\activeprintsystem.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120623040919.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Dell Toolbar" "" "" "c:\program files\dell printable web\toolband.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20120623040919.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Dell Toolbar" "" "" "c:\program files\dell printable web\toolband.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe online update program" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Java Update Scheduler" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "dlea_device" "Printer Communication System" " " "c:\windows\system32\dleacoms.exe"
+ "dleaCATSCustConnectService" "Service Executable" "" "c:\windows\system32\spool\drivers\x64\3\dleaserv.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\514\g2aservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McciCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files (x86)\common files\motive\mccicmservice.exe"
+ "McciCMService64" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfevtps.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RoxMediaDB10" "Roxio RoxMediaDB10 Service" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxmediadb10.exe"
+ "SessionLauncher" "Sonic" "" "File not found: c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks SAS" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "TracSrvWrapper" "" "Check Point Software Technologies" "c:\program files (x86)\checkpoint\endpoint connect\tracsrvwrapper.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "enodpl" "" "" "File not found: system32\drivers\enodpl.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display HD Audio driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LUsbFilt" "Logitech USB Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lusbfilt.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mremp50.sys"
+ "MREMP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS"
+ "MREMPR5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"
+ "MRENDIS5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mresp50.sys"
+ "MRESP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RxFilter" "RxFilter mini-filter driver" "" "File not found: system32\DRIVERS\RxFilter.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "tandpl" "" "" "File not found: system32\drivers\tandpl.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vna_ap" "" "Check Point Software Technologies" "c:\windows\system32\drivers\vnaap.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\program files\cucusoft\ipod to computer\filter\ac3filter.ax"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\cucusoft\ipod to computer\filter\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\cucusoft\ipod to computer\filter\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\cucusoft\ipod to computer\filter\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\cucusoft\ipod to computer\filter\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\cucusoft\ipod to computer\filter\ffdshow.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\lvmwriter.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mediaanalyser.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MP4 Source" "MP4 Splitter" "Gabest" "c:\program files\cucusoft\ipod to computer\filter\mp4splitter.ax"
+ "MP4 Splitter" "MP4 Splitter" "Gabest" "c:\program files\cucusoft\ipod to computer\filter\mp4splitter.ax"
+ "MPEG4 Video Source" "MP4 Splitter" "Gabest" "c:\program files\cucusoft\ipod to computer\filter\mp4splitter.ax"
+ "MPEG4 Video Splitter" "MP4 Splitter" "Gabest" "c:\program files\cucusoft\ipod to computer\filter\mp4splitter.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\vobloader.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mvwcdsutil.dll"
+ "Sonic Cinemaster® Audio Decoder 4.3" "SonicHDAudio" "Sonic Solutions" "c:\program files (x86)\common files\sonic shared\cinemasteraudio.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3" "CinemasterVideo" "Sonic Solutions" "c:\program files (x86)\common files\sonic shared\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files (x86)\roxio\sonichddemuxer.dll"
+ "Sonic HD Nav" "SonicHDNav" "" "c:\program files (x86)\common files\sonic shared\sonichdnav.dll"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files (x86)\common files\sonic shared\sonicmc02\sonic7m2vd.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "V310-V510 Series Port" "Printer Communication System" " " "c:\windows\system32\dlealmpm.dll"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users