Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help


  • Please log in to reply
13 replies to this topic

#1 bradyd3

bradyd3

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:27 PM

Posted 26 October 2012 - 10:56 AM

Hi all,

I am new to the website, so if this post is in the wrong area will the mods please re-direct to the proper area.

My issue is that i am using Vipre for security on my computer, but it keeps telling me that i need to update it, even though i have it set for auto update. I know 100% sure it is maleware, because it links me to a random website. On a side note, i had the infamous "google re-direct virus" as well, where i would click on a link and get sent to random places, but i have seemed to get rid of that using malewarebytes. But for the life of me, i cant find out how to get rid of the vipre message. Its the first thing that pops up everytime i load my cpu.

Can someone help?

Thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 26 October 2012 - 11:29 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 bradyd3

bradyd3
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:27 PM

Posted 26 October 2012 - 12:22 PM

Tdskiller log:

11:52:00.0826 2480 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
11:52:01.0023 2480 ============================================================
11:52:01.0023 2480 Current date / time: 2012/10/26 11:52:01.0023
11:52:01.0023 2480 SystemInfo:
11:52:01.0023 2480
11:52:01.0023 2480 OS Version: 6.1.7601 ServicePack: 1.0
11:52:01.0024 2480 Product type: Workstation
11:52:01.0024 2480 ComputerName: PC102
11:52:01.0024 2480 UserName: Admin
11:52:01.0024 2480 Windows directory: C:\Windows
11:52:01.0024 2480 System windows directory: C:\Windows
11:52:01.0024 2480 Processor architecture: Intel x86
11:52:01.0024 2480 Number of processors: 2
11:52:01.0024 2480 Page size: 0x1000
11:52:01.0024 2480 Boot type: Normal boot
11:52:01.0024 2480 ============================================================
11:52:02.0645 2480 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:52:02.0648 2480 Drive \Device\Harddisk1\DR1 - Size: 0x746EC00000 (465.73 Gb), SectorSize: 0x200, Cylinders: 0xED7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:52:02.0650 2480 ============================================================
11:52:02.0650 2480 \Device\Harddisk0\DR0:
11:52:02.0650 2480 MBR partitions:
11:52:02.0650 2480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:52:02.0650 2480 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D18E170
11:52:02.0650 2480 ============================================================
11:52:02.0687 2480 C: <-> \Device\Harddisk0\DR0\Partition2
11:52:02.0687 2480 ============================================================
11:52:02.0687 2480 Initialize success
11:52:02.0687 2480 ============================================================
11:52:43.0871 2528 ============================================================
11:52:43.0871 2528 Scan started
11:52:43.0871 2528 Mode: Manual; TDLFS;
11:52:43.0871 2528 ============================================================
11:52:44.0866 2528 ================ Scan system memory ========================
11:52:44.0866 2528 System memory - ok
11:52:44.0867 2528 ================ Scan services =============================
11:52:45.0185 2528 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:52:45.0207 2528 1394ohci - ok
11:52:45.0261 2528 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:52:45.0265 2528 ACPI - ok
11:52:45.0315 2528 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:52:45.0331 2528 AcpiPmi - ok
11:52:45.0447 2528 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:52:45.0464 2528 AdobeARMservice - ok
11:52:45.0527 2528 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:52:45.0530 2528 AdobeFlashPlayerUpdateSvc - ok
11:52:45.0599 2528 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:52:45.0625 2528 adp94xx - ok
11:52:45.0653 2528 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:52:45.0671 2528 adpahci - ok
11:52:45.0692 2528 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:52:45.0714 2528 adpu320 - ok
11:52:45.0756 2528 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:52:45.0757 2528 AeLookupSvc - ok
11:52:45.0813 2528 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
11:52:45.0844 2528 AFD - ok
11:52:45.0889 2528 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
11:52:45.0908 2528 agp440 - ok
11:52:45.0960 2528 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
11:52:45.0974 2528 aic78xx - ok
11:52:46.0038 2528 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
11:52:46.0059 2528 ALG - ok
11:52:46.0099 2528 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
11:52:46.0112 2528 aliide - ok
11:52:46.0133 2528 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:52:46.0153 2528 amdagp - ok
11:52:46.0172 2528 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
11:52:46.0185 2528 amdide - ok
11:52:46.0231 2528 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:52:46.0247 2528 AmdK8 - ok
11:52:46.0253 2528 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:52:46.0261 2528 AmdPPM - ok
11:52:46.0311 2528 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:52:46.0328 2528 amdsata - ok
11:52:46.0385 2528 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:52:46.0390 2528 amdsbs - ok
11:52:46.0404 2528 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:52:46.0419 2528 amdxata - ok
11:52:46.0472 2528 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
11:52:46.0484 2528 AppID - ok
11:52:46.0535 2528 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:52:46.0557 2528 AppIDSvc - ok
11:52:46.0616 2528 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
11:52:46.0631 2528 Appinfo - ok
11:52:46.0674 2528 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
11:52:46.0693 2528 AppMgmt - ok
11:52:46.0736 2528 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:52:46.0758 2528 arc - ok
11:52:46.0779 2528 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:52:46.0790 2528 arcsas - ok
11:52:46.0837 2528 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:52:46.0837 2528 AsyncMac - ok
11:52:46.0863 2528 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
11:52:46.0864 2528 atapi - ok
11:52:46.0910 2528 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:52:46.0938 2528 AudioEndpointBuilder - ok
11:52:46.0948 2528 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:52:46.0951 2528 Audiosrv - ok
11:52:47.0007 2528 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:52:47.0011 2528 AxInstSV - ok
11:52:47.0065 2528 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
11:52:47.0088 2528 b06bdrv - ok
11:52:47.0132 2528 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
11:52:47.0162 2528 b57nd60x - ok
11:52:47.0208 2528 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
11:52:47.0226 2528 BDESVC - ok
11:52:47.0272 2528 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
11:52:47.0291 2528 Beep - ok
11:52:47.0352 2528 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
11:52:47.0374 2528 BFE - ok
11:52:47.0412 2528 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
11:52:47.0423 2528 BITS - ok
11:52:47.0435 2528 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:52:47.0450 2528 blbdrive - ok
11:52:47.0502 2528 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:52:47.0522 2528 bowser - ok
11:52:47.0546 2528 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:52:47.0566 2528 BrFiltLo - ok
11:52:47.0587 2528 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:52:47.0602 2528 BrFiltUp - ok
11:52:47.0640 2528 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:52:47.0657 2528 BridgeMP - ok
11:52:47.0705 2528 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
11:52:47.0725 2528 Browser - ok
11:52:47.0787 2528 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:52:47.0810 2528 Brserid - ok
11:52:47.0832 2528 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:52:47.0851 2528 BrSerWdm - ok
11:52:47.0869 2528 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:52:47.0887 2528 BrUsbMdm - ok
11:52:47.0893 2528 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:52:47.0896 2528 BrUsbSer - ok
11:52:47.0913 2528 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:52:47.0932 2528 BTHMODEM - ok
11:52:47.0981 2528 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
11:52:47.0998 2528 bthserv - ok
11:52:48.0078 2528 catchme - ok
11:52:48.0120 2528 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:52:48.0135 2528 cdfs - ok
11:52:48.0193 2528 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
11:52:48.0214 2528 cdrom - ok
11:52:48.0264 2528 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
11:52:48.0281 2528 CertPropSvc - ok
11:52:48.0330 2528 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:52:48.0346 2528 circlass - ok
11:52:48.0384 2528 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
11:52:48.0407 2528 CLFS - ok
11:52:48.0503 2528 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:52:48.0523 2528 clr_optimization_v2.0.50727_32 - ok
11:52:48.0608 2528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:52:48.0626 2528 clr_optimization_v4.0.30319_32 - ok
11:52:48.0648 2528 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:52:48.0697 2528 CmBatt - ok
11:52:48.0740 2528 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:52:48.0760 2528 cmdide - ok
11:52:48.0798 2528 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
11:52:48.0824 2528 CNG - ok
11:52:48.0849 2528 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:52:48.0868 2528 Compbatt - ok
11:52:48.0915 2528 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:52:48.0918 2528 CompositeBus - ok
11:52:48.0943 2528 COMSysApp - ok
11:52:48.0972 2528 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:52:48.0986 2528 crcdisk - ok
11:52:49.0046 2528 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:52:49.0062 2528 CryptSvc - ok
11:52:49.0100 2528 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
11:52:49.0123 2528 CSC - ok
11:52:49.0145 2528 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
11:52:49.0149 2528 CscService - ok
11:52:49.0172 2528 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
11:52:49.0178 2528 DcomLaunch - ok
11:52:49.0235 2528 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
11:52:49.0380 2528 defragsvc - ok
11:52:49.0501 2528 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:52:49.0523 2528 DfsC - ok
11:52:49.0583 2528 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:52:49.0606 2528 Dhcp - ok
11:52:49.0637 2528 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
11:52:49.0652 2528 discache - ok
11:52:49.0697 2528 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:52:49.0702 2528 Disk - ok
11:52:49.0736 2528 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:52:49.0754 2528 Dnscache - ok
11:52:49.0783 2528 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
11:52:49.0806 2528 dot3svc - ok
11:52:49.0840 2528 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
11:52:49.0864 2528 DPS - ok
11:52:49.0906 2528 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:52:49.0923 2528 drmkaud - ok
11:52:49.0959 2528 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:52:49.0988 2528 DXGKrnl - ok
11:52:50.0010 2528 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
11:52:50.0024 2528 EapHost - ok
11:52:50.0118 2528 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
11:52:50.0175 2528 ebdrv - ok
11:52:50.0205 2528 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
11:52:50.0208 2528 EFS - ok
11:52:50.0261 2528 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:52:50.0296 2528 ehRecvr - ok
11:52:50.0324 2528 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
11:52:50.0343 2528 ehSched - ok
11:52:50.0403 2528 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:52:50.0412 2528 elxstor - ok
11:52:50.0455 2528 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:52:50.0472 2528 ErrDev - ok
11:52:50.0532 2528 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
11:52:50.0536 2528 EventSystem - ok
11:52:50.0555 2528 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
11:52:50.0569 2528 exfat - ok
11:52:50.0603 2528 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:52:50.0619 2528 fastfat - ok
11:52:50.0674 2528 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
11:52:50.0700 2528 Fax - ok
11:52:50.0723 2528 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:52:50.0743 2528 fdc - ok
11:52:50.0773 2528 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
11:52:50.0789 2528 fdPHost - ok
11:52:50.0808 2528 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
11:52:50.0824 2528 FDResPub - ok
11:52:50.0853 2528 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:52:50.0874 2528 FileInfo - ok
11:52:50.0891 2528 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:52:50.0911 2528 Filetrace - ok
11:52:50.0931 2528 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:52:50.0949 2528 flpydisk - ok
11:52:50.0988 2528 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:52:51.0005 2528 FltMgr - ok
11:52:51.0040 2528 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
11:52:51.0045 2528 FontCache - ok
11:52:51.0117 2528 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:52:51.0134 2528 FontCache3.0.0.0 - ok
11:52:51.0153 2528 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:52:51.0172 2528 FsDepends - ok
11:52:51.0198 2528 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:52:51.0221 2528 Fs_Rec - ok
11:52:51.0277 2528 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:52:51.0298 2528 fvevol - ok
11:52:51.0351 2528 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:52:51.0369 2528 gagp30kx - ok
11:52:51.0403 2528 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
11:52:51.0448 2528 gpsvc - ok
11:52:51.0551 2528 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:52:51.0554 2528 gupdate - ok
11:52:51.0574 2528 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:52:51.0576 2528 gupdatem - ok
11:52:51.0636 2528 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:52:51.0650 2528 gusvc - ok
11:52:51.0677 2528 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:52:51.0692 2528 hcw85cir - ok
11:52:51.0741 2528 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:52:51.0751 2528 HdAudAddService - ok
11:52:51.0785 2528 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:52:51.0788 2528 HDAudBus - ok
11:52:51.0804 2528 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:52:51.0823 2528 HidBatt - ok
11:52:51.0854 2528 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:52:51.0873 2528 HidBth - ok
11:52:51.0900 2528 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:52:51.0919 2528 HidIr - ok
11:52:51.0942 2528 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
11:52:51.0956 2528 hidserv - ok
11:52:52.0005 2528 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
11:52:52.0023 2528 HidUsb - ok
11:52:52.0049 2528 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:52:52.0070 2528 hkmsvc - ok
11:52:52.0094 2528 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:52:52.0109 2528 HomeGroupListener - ok
11:52:52.0131 2528 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:52:52.0135 2528 HomeGroupProvider - ok
11:52:52.0199 2528 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:52:52.0216 2528 HpSAMD - ok
11:52:52.0275 2528 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:52:52.0297 2528 HTTP - ok
11:52:52.0325 2528 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:52:52.0345 2528 hwpolicy - ok
11:52:52.0385 2528 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:52:52.0408 2528 i8042prt - ok
11:52:52.0476 2528 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:52:52.0487 2528 iaStorV - ok
11:52:52.0535 2528 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:52:52.0565 2528 idsvc - ok
11:52:52.0739 2528 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
11:52:53.0255 2528 igfx - ok
11:52:53.0327 2528 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:52:53.0346 2528 iirsp - ok
11:52:53.0411 2528 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
11:52:53.0446 2528 IKEEXT - ok
11:52:53.0554 2528 [ E23457C274E0C8106689DA76FAD789EF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:52:53.0677 2528 IntcAzAudAddService - ok
11:52:53.0726 2528 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
11:52:53.0739 2528 intelide - ok
11:52:53.0793 2528 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:52:53.0795 2528 intelppm - ok
11:52:53.0820 2528 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:52:53.0838 2528 IPBusEnum - ok
11:52:53.0881 2528 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:52:53.0906 2528 IpFilterDriver - ok
11:52:53.0968 2528 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:52:53.0978 2528 iphlpsvc - ok
11:52:54.0016 2528 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:52:54.0032 2528 IPMIDRV - ok
11:52:54.0056 2528 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:52:54.0076 2528 IPNAT - ok
11:52:54.0122 2528 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:52:54.0136 2528 IRENUM - ok
11:52:54.0180 2528 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:52:54.0197 2528 isapnp - ok
11:52:54.0235 2528 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:52:54.0257 2528 iScsiPrt - ok
11:52:54.0313 2528 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:52:54.0332 2528 kbdclass - ok
11:52:54.0367 2528 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:52:54.0371 2528 kbdhid - ok
11:52:54.0383 2528 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
11:52:54.0387 2528 KeyIso - ok
11:52:54.0425 2528 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:52:54.0442 2528 KSecDD - ok
11:52:54.0475 2528 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:52:54.0497 2528 KSecPkg - ok
11:52:54.0527 2528 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
11:52:54.0692 2528 KtmRm - ok
11:52:54.0735 2528 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
11:52:54.0754 2528 LanmanServer - ok
11:52:54.0777 2528 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:52:54.0787 2528 LanmanWorkstation - ok
11:52:54.0847 2528 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:52:54.0864 2528 lltdio - ok
11:52:54.0895 2528 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:52:54.0917 2528 lltdsvc - ok
11:52:54.0941 2528 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
11:52:54.0955 2528 lmhosts - ok
11:52:55.0004 2528 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:52:55.0015 2528 LSI_FC - ok
11:52:55.0038 2528 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:52:55.0055 2528 LSI_SAS - ok
11:52:55.0077 2528 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:52:55.0089 2528 LSI_SAS2 - ok
11:52:55.0109 2528 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:52:55.0126 2528 LSI_SCSI - ok
11:52:55.0165 2528 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
11:52:55.0186 2528 luafv - ok
11:52:55.0205 2528 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:52:55.0221 2528 Mcx2Svc - ok
11:52:55.0242 2528 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:52:55.0260 2528 megasas - ok
11:52:55.0296 2528 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:52:55.0316 2528 MegaSR - ok
11:52:55.0357 2528 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
11:52:55.0359 2528 MMCSS - ok
11:52:55.0376 2528 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
11:52:55.0391 2528 Modem - ok
11:52:55.0434 2528 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:52:55.0435 2528 monitor - ok
11:52:55.0523 2528 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
11:52:55.0564 2528 mouclass - ok
11:52:55.0652 2528 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:52:55.0690 2528 mouhid - ok
11:52:55.0747 2528 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:52:55.0767 2528 mountmgr - ok
11:52:55.0809 2528 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
11:52:55.0833 2528 mpio - ok
11:52:55.0880 2528 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:52:55.0904 2528 mpsdrv - ok
11:52:55.0976 2528 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:52:56.0005 2528 MpsSvc - ok
11:52:56.0065 2528 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:52:56.0088 2528 MRxDAV - ok
11:52:56.0149 2528 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:52:56.0186 2528 mrxsmb - ok
11:52:56.0222 2528 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:52:56.0234 2528 mrxsmb10 - ok
11:52:56.0269 2528 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:52:56.0284 2528 mrxsmb20 - ok
11:52:56.0351 2528 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
11:52:56.0374 2528 msahci - ok
11:52:56.0397 2528 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:52:56.0469 2528 msdsm - ok
11:52:56.0496 2528 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
11:52:56.0515 2528 MSDTC - ok
11:52:56.0588 2528 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:52:56.0627 2528 Msfs - ok
11:52:56.0668 2528 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:52:56.0680 2528 mshidkmdf - ok
11:52:56.0728 2528 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:52:56.0751 2528 msisadrv - ok
11:52:56.0822 2528 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:52:56.0847 2528 MSiSCSI - ok
11:52:56.0856 2528 msiserver - ok
11:52:56.0918 2528 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:52:56.0948 2528 MSKSSRV - ok
11:52:56.0966 2528 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:52:57.0029 2528 MSPCLOCK - ok
11:52:57.0097 2528 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:52:57.0131 2528 MSPQM - ok
11:52:57.0203 2528 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:52:57.0225 2528 MsRPC - ok
11:52:57.0279 2528 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:52:57.0281 2528 mssmbios - ok
11:52:57.0425 2528 MSSQL$ACT7 - ok
11:52:57.0593 2528 [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
11:52:57.0664 2528 MSSQLServerADHelper100 - ok
11:52:57.0742 2528 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:52:57.0794 2528 MSTEE - ok
11:52:57.0833 2528 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:52:57.0852 2528 MTConfig - ok
11:52:57.0887 2528 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
11:52:57.0926 2528 Mup - ok
11:52:57.0991 2528 [ D186D031B0832A5438EC1AC2C5D74E9D ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
11:52:58.0037 2528 mv2 - ok
11:52:58.0115 2528 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
11:52:58.0119 2528 napagent - ok
11:52:58.0222 2528 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:52:58.0248 2528 NativeWifiP - ok
11:52:58.0413 2528 [ 5836B9E91863A00EC1B8E785EFD86ECB ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
11:52:58.0508 2528 NBService - ok
11:52:58.0639 2528 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:52:58.0644 2528 NDIS - ok
11:52:58.0716 2528 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:52:58.0737 2528 NdisCap - ok
11:52:58.0785 2528 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:52:58.0807 2528 NdisTapi - ok
11:52:58.0835 2528 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:52:58.0852 2528 Ndisuio - ok
11:52:58.0870 2528 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:52:58.0892 2528 NdisWan - ok
11:52:58.0928 2528 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:52:58.0963 2528 NDProxy - ok
11:52:59.0019 2528 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:52:59.0040 2528 NetBIOS - ok
11:52:59.0081 2528 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:52:59.0118 2528 NetBT - ok
11:52:59.0162 2528 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
11:52:59.0166 2528 Netlogon - ok
11:52:59.0283 2528 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
11:52:59.0312 2528 Netman - ok
11:52:59.0340 2528 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
11:52:59.0356 2528 netprofm - ok
11:52:59.0397 2528 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:52:59.0422 2528 NetTcpPortSharing - ok
11:52:59.0487 2528 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:52:59.0511 2528 nfrd960 - ok
11:52:59.0550 2528 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:52:59.0573 2528 NlaSvc - ok
11:52:59.0682 2528 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
11:52:59.0778 2528 NMIndexingService - ok
11:52:59.0800 2528 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:52:59.0820 2528 Npfs - ok
11:52:59.0841 2528 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
11:52:59.0859 2528 nsi - ok
11:52:59.0881 2528 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:52:59.0897 2528 nsiproxy - ok
11:52:59.0958 2528 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:53:00.0048 2528 Ntfs - ok
11:53:00.0068 2528 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
11:53:00.0081 2528 Null - ok
11:53:00.0095 2528 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:53:00.0108 2528 nvraid - ok
11:53:00.0152 2528 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:53:00.0173 2528 nvstor - ok
11:53:00.0196 2528 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:53:00.0201 2528 nv_agp - ok
11:53:00.0218 2528 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:53:00.0231 2528 ohci1394 - ok
11:53:00.0320 2528 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:53:00.0373 2528 ose - ok
11:53:00.0569 2528 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:53:00.0667 2528 osppsvc - ok
11:53:00.0706 2528 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:53:00.0727 2528 p2pimsvc - ok
11:53:00.0753 2528 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
11:53:00.0772 2528 p2psvc - ok
11:53:00.0817 2528 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:53:00.0833 2528 Parport - ok
11:53:00.0859 2528 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:53:00.0874 2528 partmgr - ok
11:53:00.0890 2528 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
11:53:00.0893 2528 Parvdm - ok
11:53:00.0918 2528 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:53:00.0921 2528 PcaSvc - ok
11:53:00.0965 2528 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
11:53:00.0993 2528 pci - ok
11:53:01.0018 2528 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
11:53:01.0033 2528 pciide - ok
11:53:01.0070 2528 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:53:01.0091 2528 pcmcia - ok
11:53:01.0111 2528 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
11:53:01.0127 2528 pcw - ok
11:53:01.0175 2528 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:53:01.0205 2528 PEAUTH - ok
11:53:01.0249 2528 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:53:01.0277 2528 PeerDistSvc - ok
11:53:01.0343 2528 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
11:53:01.0427 2528 pla - ok
11:53:01.0485 2528 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:53:01.0508 2528 PlugPlay - ok
11:53:01.0534 2528 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:53:01.0548 2528 PNRPAutoReg - ok
11:53:01.0572 2528 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:53:01.0575 2528 PNRPsvc - ok
11:53:01.0614 2528 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:53:01.0635 2528 PolicyAgent - ok
11:53:01.0661 2528 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
11:53:01.0682 2528 Power - ok
11:53:01.0744 2528 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:53:01.0773 2528 PptpMiniport - ok
11:53:01.0798 2528 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:53:01.0813 2528 Processor - ok
11:53:01.0864 2528 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
11:53:01.0881 2528 ProfSvc - ok
11:53:01.0901 2528 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:53:01.0903 2528 ProtectedStorage - ok
11:53:01.0957 2528 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:53:01.0976 2528 Psched - ok
11:53:02.0026 2528 [ E0D0CB09AA07B22BE984E4F7EC0326F5 ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
11:53:02.0031 2528 PSI_SVC_2 - ok
11:53:02.0077 2528 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:53:02.0113 2528 ql2300 - ok
11:53:02.0131 2528 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:53:02.0147 2528 ql40xx - ok
11:53:02.0218 2528 QuickBooksDB21 - ok
11:53:02.0253 2528 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
11:53:02.0259 2528 QWAVE - ok
11:53:02.0270 2528 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:53:02.0285 2528 QWAVEdrv - ok
11:53:02.0315 2528 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:53:02.0332 2528 RasAcd - ok
11:53:02.0381 2528 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:53:02.0401 2528 RasAgileVpn - ok
11:53:02.0437 2528 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
11:53:02.0454 2528 RasAuto - ok
11:53:02.0500 2528 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:53:02.0517 2528 Rasl2tp - ok
11:53:02.0576 2528 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
11:53:02.0599 2528 RasMan - ok
11:53:02.0643 2528 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:53:02.0647 2528 RasPppoe - ok
11:53:02.0674 2528 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:53:02.0693 2528 RasSstp - ok
11:53:02.0719 2528 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:53:02.0735 2528 rdbss - ok
11:53:02.0752 2528 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:53:02.0769 2528 rdpbus - ok
11:53:02.0794 2528 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:53:02.0809 2528 RDPCDD - ok
11:53:02.0832 2528 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:53:02.0845 2528 RDPDR - ok
11:53:02.0884 2528 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:53:02.0888 2528 RDPENCDD - ok
11:53:02.0899 2528 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:53:02.0918 2528 RDPREFMP - ok
11:53:02.0943 2528 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:53:02.0956 2528 RDPWD - ok
11:53:03.0005 2528 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:53:03.0027 2528 rdyboost - ok
11:53:03.0057 2528 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
11:53:03.0083 2528 RemoteAccess - ok
11:53:03.0174 2528 [ 78EB5E175DE3FC626F58CC942A13963C ] remotepc C:\Program Files\Remote Access Host\RemotePCM.exe
11:53:03.0181 2528 remotepc - ok
11:53:03.0209 2528 [ F7D538958C7EE6CC8DB6E637E23AB379 ] RemotePCmirror C:\Windows\system32\DRIVERS\RemotePCmirror.sys
11:53:03.0428 2528 RemotePCmirror - ok
11:53:03.0454 2528 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:53:03.0476 2528 RemoteRegistry - ok
11:53:03.0582 2528 [ 06A49B7BDC36CFBF97DD90804F833369 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
11:53:03.0606 2528 RichVideo - ok
11:53:03.0663 2528 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:53:03.0683 2528 RpcEptMapper - ok
11:53:03.0711 2528 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
11:53:03.0715 2528 RpcLocator - ok
11:53:03.0731 2528 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
11:53:03.0736 2528 RpcSs - ok
11:53:03.0771 2528 [ A95840A95A9FF74B0009E5D848CDDB39 ] RsFx0150 C:\Windows\system32\DRIVERS\RsFx0150.sys
11:53:03.0803 2528 RsFx0150 - ok
11:53:03.0859 2528 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:53:03.0879 2528 rspndr - ok
11:53:03.0928 2528 [ 3983CEA05BB855351D75F5482B6C42CE ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
11:53:04.0147 2528 RTL8167 - ok
11:53:04.0182 2528 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:53:04.0185 2528 s3cap - ok
11:53:04.0207 2528 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
11:53:04.0209 2528 SamSs - ok
11:53:04.0450 2528 [ 18530D2F605F1EC48CA20A7B184CCBCC ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
11:53:04.0474 2528 SBAMSvc - ok
11:53:04.0565 2528 [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
11:53:04.0571 2528 sbapifs - ok
11:53:04.0633 2528 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:53:04.0652 2528 sbp2port - ok
11:53:04.0714 2528 [ 2815772894855506E94008CC0E602738 ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
11:53:04.0736 2528 SBPIMSvc - ok
11:53:04.0810 2528 [ D03A8CCA8BFA82CBF12A87326EBFE258 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
11:53:04.0835 2528 SBRE - ok
11:53:04.0871 2528 [ BD148DAE125EF15D6451FEF514E8D15B ] sbwtis C:\Windows\system32\DRIVERS\sbwtis.sys
11:53:04.0892 2528 sbwtis - ok
11:53:04.0920 2528 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:53:04.0940 2528 SCardSvr - ok
11:53:04.0960 2528 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:53:04.0975 2528 scfilter - ok
11:53:05.0019 2528 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
11:53:05.0038 2528 Schedule - ok
11:53:05.0070 2528 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:53:05.0072 2528 SCPolicySvc - ok
11:53:05.0082 2528 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:53:05.0099 2528 SDRSVC - ok
11:53:05.0152 2528 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:53:05.0167 2528 secdrv - ok
11:53:05.0188 2528 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
11:53:05.0193 2528 seclogon - ok
11:53:05.0235 2528 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
11:53:05.0250 2528 SENS - ok
11:53:05.0303 2528 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:53:05.0323 2528 SensrSvc - ok
11:53:05.0373 2528 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:53:05.0392 2528 Serenum - ok
11:53:05.0413 2528 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:53:05.0432 2528 Serial - ok
11:53:05.0468 2528 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:53:05.0484 2528 sermouse - ok
11:53:05.0564 2528 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
11:53:05.0628 2528 SessionEnv - ok
11:53:05.0694 2528 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:53:05.0744 2528 sffdisk - ok
11:53:05.0764 2528 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:53:05.0781 2528 sffp_mmc - ok
11:53:05.0795 2528 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:53:05.0806 2528 sffp_sd - ok
11:53:05.0838 2528 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:53:05.0853 2528 sfloppy - ok
11:53:05.0913 2528 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:53:05.0944 2528 SharedAccess - ok
11:53:06.0009 2528 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:53:06.0028 2528 ShellHWDetection - ok
11:53:06.0066 2528 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:53:06.0082 2528 sisagp - ok
11:53:06.0139 2528 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:53:06.0152 2528 SiSRaid2 - ok
11:53:06.0175 2528 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:53:06.0190 2528 SiSRaid4 - ok
11:53:06.0215 2528 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:53:06.0229 2528 Smb - ok
11:53:06.0293 2528 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:53:06.0313 2528 SNMPTRAP - ok
11:53:06.0333 2528 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
11:53:06.0348 2528 spldr - ok
11:53:06.0401 2528 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
11:53:06.0409 2528 Spooler - ok
11:53:06.0481 2528 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
11:53:06.0501 2528 sppsvc - ok
11:53:06.0540 2528 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:53:06.0555 2528 sppuinotify - ok
11:53:06.0587 2528 [ 37761F6BE2EBAED72CC0D43BD4C8C2A6 ] SQLAgent$ACT7 C:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE
11:53:06.0619 2528 SQLAgent$ACT7 - ok
11:53:06.0694 2528 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:53:06.0715 2528 SQLBrowser - ok
11:53:06.0786 2528 [ 8E6E5CFA06769A417B03FD6FAA29E010 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:53:06.0801 2528 SQLWriter - ok
11:53:06.0836 2528 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:53:06.0860 2528 srv - ok
11:53:06.0880 2528 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:53:06.0895 2528 srv2 - ok
11:53:06.0917 2528 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:53:06.0936 2528 srvnet - ok
11:53:06.0966 2528 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:53:06.0984 2528 SSDPSRV - ok
11:53:06.0999 2528 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:53:07.0021 2528 SstpSvc - ok
11:53:07.0062 2528 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:53:07.0092 2528 stexstor - ok
11:53:07.0174 2528 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:53:07.0188 2528 StillCam - ok
11:53:07.0222 2528 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
11:53:07.0255 2528 StiSvc - ok
11:53:07.0279 2528 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:53:07.0302 2528 storflt - ok
11:53:07.0336 2528 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
11:53:07.0351 2528 StorSvc - ok
11:53:07.0395 2528 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:53:07.0406 2528 storvsc - ok
11:53:07.0466 2528 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
11:53:07.0490 2528 swenum - ok
11:53:07.0545 2528 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
11:53:07.0569 2528 swprv - ok
11:53:07.0715 2528 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
11:53:07.0732 2528 SysMain - ok
11:53:07.0773 2528 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:53:07.0791 2528 TabletInputService - ok
11:53:07.0820 2528 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
11:53:07.0858 2528 TapiSrv - ok
11:53:07.0898 2528 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
11:53:07.0930 2528 TBS - ok
11:53:07.0991 2528 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:53:08.0036 2528 Tcpip - ok
11:53:08.0152 2528 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:53:08.0165 2528 TCPIP6 - ok
11:53:08.0214 2528 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:53:08.0235 2528 tcpipreg - ok
11:53:08.0265 2528 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:53:08.0288 2528 TDPIPE - ok
11:53:08.0310 2528 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:53:08.0344 2528 TDTCP - ok
11:53:08.0378 2528 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:53:08.0388 2528 tdx - ok
11:53:08.0431 2528 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:53:08.0450 2528 TermDD - ok
11:53:08.0575 2528 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
11:53:08.0610 2528 TermService - ok
11:53:08.0629 2528 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
11:53:08.0661 2528 Themes - ok
11:53:08.0676 2528 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
11:53:08.0680 2528 THREADORDER - ok
11:53:08.0740 2528 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
11:53:08.0766 2528 TrkWks - ok
11:53:08.0818 2528 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:53:08.0820 2528 TrustedInstaller - ok
11:53:08.0840 2528 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:53:08.0859 2528 tssecsrv - ok
11:53:08.0922 2528 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:53:08.0928 2528 TsUsbFlt - ok
11:53:08.0983 2528 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:53:08.0988 2528 tunnel - ok
11:53:09.0011 2528 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:53:09.0031 2528 uagp35 - ok
11:53:09.0051 2528 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:53:09.0068 2528 udfs - ok
11:53:09.0099 2528 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:53:09.0121 2528 UI0Detect - ok
11:53:09.0172 2528 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:53:09.0189 2528 uliagpkx - ok
11:53:09.0230 2528 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
11:53:09.0246 2528 umbus - ok
11:53:09.0300 2528 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:53:09.0318 2528 UmPass - ok
11:53:09.0342 2528 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
11:53:09.0364 2528 UmRdpService - ok
11:53:09.0388 2528 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
11:53:09.0392 2528 upnphost - ok
11:53:09.0439 2528 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:53:09.0456 2528 usbccgp - ok
11:53:09.0499 2528 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:53:09.0523 2528 usbcir - ok
11:53:09.0583 2528 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:53:09.0604 2528 usbehci - ok
11:53:09.0644 2528 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:53:09.0664 2528 usbhub - ok
11:53:09.0684 2528 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:53:09.0697 2528 usbohci - ok
11:53:09.0720 2528 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:53:09.0735 2528 usbprint - ok
11:53:09.0781 2528 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:53:09.0803 2528 USBSTOR - ok
11:53:09.0831 2528 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:53:09.0851 2528 usbuhci - ok
11:53:09.0882 2528 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
11:53:09.0906 2528 UxSms - ok
11:53:09.0925 2528 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
11:53:09.0929 2528 VaultSvc - ok
11:53:09.0976 2528 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:53:09.0993 2528 vdrvroot - ok
11:53:10.0029 2528 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
11:53:10.0055 2528 vds - ok
11:53:10.0081 2528 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:53:10.0095 2528 vga - ok
11:53:10.0116 2528 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:53:10.0129 2528 VgaSave - ok
11:53:10.0159 2528 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:53:10.0183 2528 vhdmp - ok
11:53:10.0227 2528 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:53:10.0247 2528 viaagp - ok
11:53:10.0274 2528 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
11:53:10.0291 2528 ViaC7 - ok
11:53:10.0315 2528 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
11:53:10.0336 2528 viaide - ok
11:53:10.0383 2528 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:53:10.0402 2528 vmbus - ok
11:53:10.0416 2528 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:53:10.0432 2528 VMBusHID - ok
11:53:10.0448 2528 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:53:10.0466 2528 volmgr - ok
11:53:10.0495 2528 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:53:10.0501 2528 volmgrx - ok
11:53:10.0545 2528 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:53:10.0574 2528 volsnap - ok
11:53:10.0618 2528 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:53:10.0641 2528 vsmraid - ok
11:53:10.0686 2528 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
11:53:10.0730 2528 VSS - ok
11:53:10.0756 2528 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:53:10.0770 2528 vwifibus - ok
11:53:10.0798 2528 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
11:53:10.0820 2528 W32Time - ok
11:53:10.0846 2528 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:53:10.0864 2528 WacomPen - ok
11:53:10.0908 2528 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:53:10.0922 2528 WANARP - ok
11:53:10.0926 2528 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:53:10.0927 2528 Wanarpv6 - ok
11:53:11.0115 2528 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:53:11.0225 2528 WatAdminSvc - ok
11:53:11.0269 2528 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
11:53:11.0310 2528 wbengine - ok
11:53:11.0337 2528 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:53:11.0368 2528 WbioSrvc - ok
11:53:11.0402 2528 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:53:11.0429 2528 wcncsvc - ok
11:53:11.0452 2528 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:53:11.0475 2528 WcsPlugInService - ok
11:53:11.0504 2528 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:53:11.0524 2528 Wd - ok
11:53:11.0651 2528 [ D634CFE93E0CD001499D0D6D68890C9E ] WDBackup C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
11:53:11.0727 2528 WDBackup - ok
11:53:11.0756 2528 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
11:53:11.0906 2528 WDC_SAM - ok
11:53:11.0972 2528 [ 2277CD5B13B18B6DF5F80E8A84254EA7 ] WDDriveService C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
11:53:11.0975 2528 WDDriveService - ok
11:53:11.0995 2528 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:53:12.0015 2528 Wdf01000 - ok
11:53:12.0038 2528 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:53:12.0057 2528 WdiServiceHost - ok
11:53:12.0062 2528 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:53:12.0065 2528 WdiSystemHost - ok
11:53:12.0127 2528 [ A578AE45097ACAD346C86C96F1C0D5A7 ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
11:53:12.0189 2528 WDRulesService - ok
11:53:12.0226 2528 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
11:53:12.0244 2528 WebClient - ok
11:53:12.0277 2528 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:53:12.0299 2528 Wecsvc - ok
11:53:12.0318 2528 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:53:12.0321 2528 wercplsupport - ok
11:53:12.0365 2528 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
11:53:12.0371 2528 WerSvc - ok
11:53:12.0416 2528 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:53:12.0430 2528 WfpLwf - ok
11:53:12.0462 2528 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:53:12.0480 2528 WIMMount - ok
11:53:12.0567 2528 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:53:12.0598 2528 WinDefend - ok
11:53:12.0604 2528 WinHttpAutoProxySvc - ok
11:53:12.0654 2528 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:53:12.0678 2528 Winmgmt - ok
11:53:12.0727 2528 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
11:53:12.0764 2528 WinRM - ok
11:53:12.0824 2528 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:53:12.0847 2528 WinUsb - ok
11:53:12.0888 2528 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:53:12.0907 2528 Wlansvc - ok
11:53:12.0948 2528 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:53:12.0965 2528 WmiAcpi - ok
11:53:12.0999 2528 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:53:13.0018 2528 wmiApSrv - ok
11:53:13.0114 2528 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:53:13.0126 2528 WMPNetworkSvc - ok
11:53:13.0146 2528 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:53:13.0162 2528 WPCSvc - ok
11:53:13.0190 2528 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:53:13.0209 2528 WPDBusEnum - ok
11:53:13.0236 2528 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:53:13.0258 2528 ws2ifsl - ok
11:53:13.0313 2528 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
11:53:13.0320 2528 wscsvc - ok
11:53:13.0328 2528 WSearch - ok
11:53:13.0397 2528 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:53:13.0410 2528 wuauserv - ok
11:53:13.0445 2528 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:53:13.0466 2528 WudfPf - ok
11:53:13.0513 2528 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:53:13.0521 2528 WUDFRd - ok
11:53:13.0562 2528 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:53:13.0583 2528 wudfsvc - ok
11:53:13.0605 2528 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:53:13.0625 2528 WwanSvc - ok
11:53:13.0630 2528 ================ Scan global ===============================
11:53:13.0653 2528 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
11:53:13.0690 2528 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
11:53:13.0791 2528 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
11:53:13.0818 2528 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
11:53:13.0854 2528 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
11:53:13.0858 2528 [Global] - ok
11:53:13.0858 2528 ================ Scan MBR ==================================
11:53:13.0869 2528 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:53:14.0064 2528 \Device\Harddisk0\DR0 - ok
11:53:14.0064 2528 ================ Scan VBR ==================================
11:53:14.0067 2528 [ F774C09EC1A3C0B9EC9135F70ECC99AA ] \Device\Harddisk0\DR0\Partition1
11:53:14.0069 2528 \Device\Harddisk0\DR0\Partition1 - ok
11:53:14.0102 2528 [ 16423BCDAB2198201F5043333384F722 ] \Device\Harddisk0\DR0\Partition2
11:53:14.0104 2528 \Device\Harddisk0\DR0\Partition2 - ok
11:53:14.0104 2528 ============================================================
11:53:14.0104 2528 Scan finished
11:53:14.0104 2528 ============================================================
11:53:14.0117 1908 Detected object count: 0
11:53:14.0118 1908 Actual detected object count: 0
11:54:26.0682 2308 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-26 08:59:37
-----------------------------
08:59:37.325 OS Version: Windows 6.1.7601 Service Pack 1
08:59:37.325 Number of processors: 2 586 0x170A
08:59:37.327 ComputerName: PC102 UserName: Admin
08:59:39.356 Initialize success
09:00:56.708 AVAST engine defs: 12102600
09:01:15.794 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
09:01:15.798 Disk 0 Vendor: ST3250318AS CC38 Size: 238475MB BusType: 3
09:01:15.830 Disk 0 MBR read successfully
09:01:15.835 Disk 0 MBR scan
09:01:15.852 Disk 0 Windows 7 default MBR code
09:01:15.869 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:01:15.887 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238364 MB offset 206848
09:01:15.900 Disk 0 scanning sectors +488376688
09:01:15.981 Disk 0 scanning C:\Windows\system32\drivers
09:01:28.269 Service scanning
09:01:52.343 Modules scanning
09:02:00.376 Disk 0 trace - called modules:
09:02:00.391 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
09:02:00.396 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a0e2d0]
09:02:00.401 3 CLASSPNP.SYS[88bd859e] -> nt!IofCallDriver -> [0x85936918]
09:02:00.405 5 ACPI.sys[888ab3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x8592f338]
09:02:08.602 AVAST engine scan C:\Windows
09:02:11.969 AVAST engine scan C:\Windows\system32
09:05:58.407 AVAST engine scan C:\Windows\system32\drivers
09:06:12.187 AVAST engine scan C:\Users\Admin
09:10:31.035 AVAST engine scan C:\ProgramData
09:11:26.860 Scan finished successfully
09:11:57.986 Disk 0 MBR has been saved successfully to "C:\Users\Admin\Documents\MBR.dat"
09:11:57.996 The log file has been saved successfully to "C:\Users\Admin\Documents\aswMBR log.txt"


AswMBR Log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-26 12:00:28
-----------------------------
12:00:28.624 OS Version: Windows 6.1.7601 Service Pack 1
12:00:28.624 Number of processors: 2 586 0x170A
12:00:28.625 ComputerName: PC102 UserName: Admin
12:00:46.493 Initialize success
12:01:39.995 AVAST engine defs: 12102600
12:01:48.483 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
12:01:48.487 Disk 0 Vendor: ST3250318AS CC38 Size: 238475MB BusType: 3
12:01:48.510 Disk 0 MBR read successfully
12:01:48.512 Disk 0 MBR scan
12:01:48.584 Disk 0 Windows 7 default MBR code
12:01:48.593 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:01:48.611 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238364 MB offset 206848
12:01:48.629 Disk 0 scanning sectors +488376688
12:01:48.747 Disk 0 scanning C:\Windows\system32\drivers
12:02:13.203 Service scanning
12:03:32.846 Modules scanning
12:04:00.673 Disk 0 trace - called modules:
12:04:00.687 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
12:04:01.019 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a0c030]
12:04:01.024 3 CLASSPNP.SYS[88a0459e] -> nt!IofCallDriver -> [0x859378b0]
12:04:01.031 5 ACPI.sys[888ad3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x85935908]
12:04:17.257 AVAST engine scan C:\Windows
12:04:35.971 AVAST engine scan C:\Windows\system32
12:10:21.958 AVAST engine scan C:\Windows\system32\drivers
12:10:34.617 AVAST engine scan C:\Users\Admin
12:16:56.888 AVAST engine scan C:\ProgramData
12:18:20.602 Scan finished successfully
12:18:39.551 Disk 0 MBR has been saved successfully to "C:\Users\Admin\Documents\MBR.dat"
12:18:39.572 The log file has been saved successfully to "C:\Users\Admin\Documents\aswMB


I will send the ESET logs in the next post

#4 bradyd3

bradyd3
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:27 PM

Posted 26 October 2012 - 01:35 PM

ESET LOG:


C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Default\aagddcdfgedbgggegdggdhgedegbdbda\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Windows\System32\gifummid.dll a variant of Win32/Urlbot.NAP trojan cleaned by deleting - quarantined
C:\Windows\System32\minitdde.exe a variant of Win32/Urlbot.NAS trojan cleaned by deleting - quarantined
C:\Windows\System32\tblelcal.dll a variant of Win32/Urlbot.NAO trojan cleaned by deleting - quarantined
C:\Windows\System32\micakbin\dskogcap\dirumbin.dll probably a variant of Win32/Urlbot.NAG trojan cleaned by deleting - quarantined

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 26 October 2012 - 02:39 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#6 bradyd3

bradyd3
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:27 PM

Posted 29 October 2012 - 10:23 AM

MalwareBytes Log: {Note: The Vipre popup was still happening during this process}

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.29.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Admin :: PC102 [administrator]

10/29/2012 7:50:53 AM
mbam-log-2012-10-29 (07-50-53).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 341267
Time elapsed: 1 hour(s), 57 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Mini Toolbox Log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Admin (administrator) on 26-10-2012 at 15:22:49
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : PC102
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-27-0E-32-1F-50
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::297a:e524:c064:98ed%10(Preferred)
IPv4 Address. . . . . . . . . . . : 10.1.10.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, October 26, 2012 10:44:31 AM
Lease Expires . . . . . . . . . . : Friday, November 02, 2012 10:44:31 AM
Default Gateway . . . . . . . . . : 10.1.10.1
DHCP Server . . . . . . . . . . . : 10.1.10.1
DHCPv6 IAID . . . . . . . . . . . : 234891022
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-23-11-76-00-27-0E-14-9B-54
DNS Servers . . . . . . . . . . . : 10.1.10.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{E4048D8A-4BBC-4579-AACC-26AC474B29FA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:4a0:2f42:f5fe:f5f5(Preferred)
Link-local IPv6 Address . . . . . : fe80::4a0:2f42:f5fe:f5f5%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 10.1.10.1

Name: google.com
Addresses: 2607:f8b0:4002:c03::8a
173.194.37.34
173.194.37.39
173.194.37.41
173.194.37.46
173.194.37.35
173.194.37.33
173.194.37.37
173.194.37.40
173.194.37.32
173.194.37.36
173.194.37.38


Pinging google.com [173.194.37.38] with 32 bytes of data:
Reply from 173.194.37.38: bytes=32 time=23ms TTL=55
Reply from 173.194.37.38: bytes=32 time=23ms TTL=55

Ping statistics for 173.194.37.38:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 23ms, Average = 23ms
Server: UnKnown
Address: 10.1.10.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=89ms TTL=50
Reply from 72.30.38.140: bytes=32 time=136ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 89ms, Maximum = 136ms, Average = 112ms
Server: UnKnown
Address: 10.1.10.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 27 0e 32 1f 50 ......Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.1.10.1 10.1.10.10 20
10.1.10.0 255.255.255.0 On-link 10.1.10.10 276
10.1.10.10 255.255.255.255 On-link 10.1.10.10 276
10.1.10.255 255.255.255.255 On-link 10.1.10.10 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.1.10.10 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.1.10.10 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:4a0:2f42:f5fe:f5f5/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::4a0:2f42:f5fe:f5f5/128
On-link
10 276 fe80::297a:e524:c064:98ed/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/26/2012 01:25:27 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (10/26/2012 00:45:50 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/25/2012 03:20:40 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Query Service State gave fatal error

Error: (10/25/2012 03:20:40 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Unable to open service from SCM for checking service status 1060

Error: (10/25/2012 03:20:39 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (10/25/2012 03:20:39 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (10/25/2012 03:20:39 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (10/25/2012 08:39:28 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/25/2012 08:20:43 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (10/25/2012 08:20:43 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle


System errors:
=============
Error: (10/26/2012 10:13:15 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (10/26/2012 10:13:15 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (10/26/2012 10:13:15 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (10/26/2012 10:13:15 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (10/26/2012 10:13:15 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (10/26/2012 10:13:15 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (10/26/2012 10:13:14 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (10/26/2012 10:13:14 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (10/26/2012 10:13:14 AM) (Source: DCOM) (User: )
Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (10/26/2012 10:13:13 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}


Microsoft Office Sessions:
=========================
Error: (10/26/2012 01:25:27 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (10/26/2012 00:45:50 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (10/25/2012 03:20:40 PM) (Source: QuickBooks)(User: )
Description: QuickBooksQuery Service State gave fatal error

Error: (10/25/2012 03:20:40 PM) (Source: QuickBooks)(User: )
Description: QuickBooksUnable to open service from SCM for checking service status 1060

Error: (10/25/2012 03:20:39 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (10/25/2012 03:20:39 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (10/25/2012 03:20:39 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (10/25/2012 08:39:28 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (10/25/2012 08:20:43 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (10/25/2012 08:20:43 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 4.1.1)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
Belarc Advisor 8.1
BufferChm (Version: 100.0.170.000)
CleanUp!
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeviceDiscovery (Version: 100.0.190.000)
DeviceManagementQFolder (Version: 1.00.0000)
DVD Suite (Version: 5.0.1319)
ESET Online Scanner v3
Google Chrome (Version: 22.0.1229.94)
Google Chrome Frame (Version: 22.0.1229.94)
Google Earth (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
HP Color LaserJet CM2320 MFP Series 3.1 (Version: 3.1)
HP Imaging Device Functions 10.0 (Version: 10.0)
hppCLJCM2320 (Version: 003.001.00097)
hppFaxDrvCM2320 (Version: 003.000.00001)
hppFaxUtilityCM2320 (Version: 003.001.00095)
hppFonts (Version: 001.001.00061)
hppLaserJetService (Version: 001.001.0.0)
hppManualsCM2320 (Version: 003.001.00087)
hppPQVideoCM2320 (Version: 003.001.00092)
hppQFolderCM2320 (Version: 1.00.0000)
hppScanToCM2320 (Version: 003.001.00090)
hppSendFaxCM2320 (Version: 003.000.00001)
hppTLBXFXCM2320 (Version: 001.017.00048)
hpzTLBXFX (Version: 005.003.00171)
Intel® TV Wizard
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
LG ODD Auto Firmware Update (Version: 10.01.0712.01)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero 7 Essentials (Version: 7.03.0920)
neroxml (Version: 1.0.0)
OpenOffice.org 3.2 (Version: 3.2.9502)
Plants vs Zombies
PowerDVD (Version: 7.0.3409.a)
PowerProducer
QuickBooks (Version: 21.0.4011.904)
QuickBooks Pro 2011 (Version: 21.0.4011.904)
Realtek High Definition Audio Driver (Version: 6.0.1.6106)
Remote Access Host Ver 4.5.3
Sage ACT! Pro 2011 (Version: 13.0.0.0)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
System Requirements Lab for Intel (Version: 4.1.66.0)
TrayApp (Version: 100.0.170.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VIPRE Antivirus (Version: 5.2.5162)
WD Drive Utilities (Version: 1.0.1.5)
WD Security (Version: 1.0.0)
WD SmartWare (Version: 1.6.2.6)
WebReg (Version: 100.0.170.000)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 2009.53 MB
Available physical RAM: 946.16 MB
Total Pagefile: 4019.06 MB
Available Pagefile: 2597.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.07 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.78 GB) (Free:193.35 GB) NTFS
2 Drive d: (ACT_Pro_2011) (CDROM) (Total:1.94 GB) (Free:0 GB) CDFS
3 Drive e: (WD Unlocker) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\PC102

Admin Administrator Guest
QBDataServiceUser21

========================= Restore Points ==================================

10-10-2012 20:57:58 Windows Update
18-10-2012 20:17:53 Removed Project64 1.6
22-10-2012 18:48:39 ComboFix created restore point
25-10-2012 13:47:18 Installed WD Drive Utilities
25-10-2012 13:49:28 Installed WD Security

**** End of log ****


Farbar Log:

Farbar Service Scanner Version: 27-10-2012
Ran by Admin (administrator) on 29-10-2012 at 10:02:43
Running from "C:\Users\Admin\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-09-25 08:20] - [2012-08-22 12:16] - 1292144 ____A (Microsoft Corporation) A5EBB8F648000E88B7D9390B514976BF

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-10 08:05] - [2012-06-01 23:36] - 0140288 ____A (Microsoft Corporation) 96C0E38905CFD788313BE8E11DAE3F2F

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


Adware Log:

# AdwCleaner v2.005 - Logfile created 10/29/2012 at 10:04:15
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Admin - PC102
# Boot Mode : Normal
# Running from : C:\Users\Admin\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1239 octets] - [25/10/2012 14:59:00]
AdwCleaner[R3].txt - [1401 octets] - [26/10/2012 10:41:47]
AdwCleaner[S3].txt - [791 octets] - [29/10/2012 10:04:15]

########## EOF - C:\AdwCleaner[S3].txt - [850 octets] ##########


Junkware Log:

Junkware Removal Tool (JRT) by Thisisu
Version: 2.2.4 (10.28.2012)
OS: Windows 7 Professional x86
Ran by Admin on Mon 10/29/2012 at 10:17:07.46
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Mon 10/29/2012 at 10:22:24.96
End of Report

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 29 October 2012 - 10:40 AM

Reinstall VIPRE and let me know if you still have issues.

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#8 bradyd3

bradyd3
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:27 PM

Posted 29 October 2012 - 12:18 PM

RKill Log:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/29/2012 11:10:33 AM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/29/2012 11:10:47 AM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)


Autoruns Log:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Act! Preloader" "Sage ACT!" "Sage Software, Inc." "c:\program files\act\act for windows\actsage.exe"
+ "Act.Outlook.Service" "Act.Outlook.Service" "Sage Software, Inc." "c:\program files\act\act for windows\act.outlook.service.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "HP Color LaserJet CM2320 MFP Series Fax" "hppfaxprintersrv" "Hewlett-Packard Company" "c:\program files\hp\hp color laserjet cm2320 mfp series\hppfaxprintersrv.exe"
+ "Intuit SyncManager" "IntuitSyncManager" "Intuit Inc. All rights reserved." "c:\program files\common files\intuit\sync\intuitsyncmanager.exe"
+ "SBAMTray" "SBAMTray Application" "GFI Software" "c:\program files\gfi software\vipre\sbamtray.exe"
+ "SBRegRebootCleaner" "Registry Cleaner" "GFI Software" "c:\program files\gfi software\vipre\sbrc.exe"
+ "WD Drive Unlocker" "WD Drive Auto Unlock" "Western Digital" "c:\program files\western digital\wd apps\wddriveautounlock.exe"
+ "WD Quick View" "WD Quick View" "Western Digital Technologies, Inc." "c:\program files\western digital\wd quick view\wddmstatus.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Sage ACT! Outlook Sync.lnk" "Act.Outlook.Sync" "Sage Software, Inc" "c:\program files\act\act for windows\act.outlook.sync.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "belarc" "Belarc VoilaX Control" "Belarc, Inc." "c:\program files\belarc\advisor\system\bavoilax.dll"
+ "gcf" "Chrome Frame renders the Web of the future in the browsers of the past. It's like strapping a rocket engine to a minivan." "Google Inc." "c:\program files\google\chrome\application\22.0.1229.94\npchrome_frame.dll"
+ "intu-help-qb4" "QuickBooks Assistance Library" "Intuit, Inc." "c:\program files\intuit\quickbooks 2011\helpasyncpluggableprotocol.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Cover Designer" "Cover Designer" "Nero AG" "c:\program files\nero\nero 7\nero coverdesigner\coveredextension.dll"
+ "FileEraserShellExt" "Secure File Eraser Shell Extension" "GFI Software" "c:\program files\gfi software\vipre\sbfe.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "SBAMScanShellExt" "SBAM Scan Shell Extension" "GFI Software" "c:\program files\gfi software\vipre\sbamscanshellext.dll"
+ "WDBackupMenuHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "WDBackupPropSheetHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "FileEraserShellExt" "Secure File Eraser Shell Extension" "GFI Software" "c:\program files\gfi software\vipre\sbfe.dll"
+ "SBAMScanShellExt" "SBAM Scan Shell Extension" "GFI Software" "c:\program files\gfi software\vipre\sbamscanshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WDBackupMenuHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" ""
+ "WDBackupPropSheetHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "ChromeFrame BHO" "Chrome Frame renders the Web of the future in the browsers of the past. It's like strapping a rocket engine to a minivan." "Google Inc." "c:\program files\google\chrome\application\22.0.1229.94\npchrome_frame.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\{6545FE67-9564-4765-9086-E1148FFFA5A4}" "Sage ACT!" "Sage Software, Inc." "c:\program files\act\act for windows\actsage.exe"
+ "\{6B6D371F-4264-42D9-BFF3-F6B30424A629}" "Sage ACT!" "Sage Software, Inc." "c:\program files\act\act for windows\actsage.exe"
+ "\{7FAC4ABF-E833-4215-82A7-BF6BCBF0BDAD}" "Sage ACT!" "Sage Software, Inc." "c:\program files\act\act for windows\actsage.exe"
+ "\{C73E5924-5B18-4770-9E70-7A692097FF6B}" "Sage ACT!" "Sage Software, Inc." "c:\program files\act\act for windows\actsage.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "MSSQL$ACT7" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10_50.act7\mssql\binn\sqlservr.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PSI_SVC_2" "This service provides Protexis licensing functionalty." "Protexis Inc." "c:\program files\common files\protexis\license service\psiservice_2.exe"
+ "QBCFMonitorService" "QuickBooks Company File Monitoring Service" "Intuit" "c:\program files\common files\intuit\quickbooks\qbcfmonitorservice.exe"
+ "QBFCService" "QuickBooks FCS module" "Intuit Inc." "c:\program files\common files\intuit\quickbooks\fcs\intuit.quickbooks.fcs.exe"
+ "QBVSS" "Enables standard users to access Intuit Data Protect service." "Intuit Inc." "c:\program files\common files\intuit\dataprotect\qbidpservice.exe"
+ "QuickBooksDB21" "Quickbooks database service" "Intuit, Inc." "c:\program files\intuit\quickbooks 2011\qbdbmgrn.exe"
+ "remotepc" "" "" "c:\program files\remote access host\remotepcm.exe"
+ "SBAMSvc" "Manages your antispyware and antivirus application" "GFI Software" "c:\program files\gfi software\vipre\sbamsvc.exe"
+ "SBPIMSvc" "SB Recovery Service" "GFI Software" "c:\program files\gfi software\vipre\sbpimsvc.exe"
+ "SQLBrowser" "Provides SQL Server connection information to client computers." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlbrowser.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "WDDriveService" "Provides discovery of WD Drives" "Western Digital" "c:\program files\western digital\wd drive manager\wddriveservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\Users\Admin\AppData\Local\Temp\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mv2" "UltraVnc miniport driver2" "UVNC BVBA" "c:\windows\system32\drivers\mv2.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RemotePCmirror" "RemotePC Mirror Driver" "Pro Softnet Crop provider" "c:\windows\system32\drivers\remotepcmirror.sys"
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver " "Realtek Corporation " "c:\windows\system32\drivers\rt86win7.sys"
+ "sbapifs" "GFI Active Protection Filter Driver" "GFI Software" "c:\windows\system32\drivers\sbapifs.sys"
+ "SBRE" "GFI Anti-Rootkit Driver" "GFI Software" "c:\windows\system32\drivers\sbredrv.sys"
+ "sbwtis" "GFI Software Transport Inspection WFP Driver" "GFI Software" "c:\windows\system32\drivers\sbwtis.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "CyberLink Audio Commercial Cut Analyzer" "CLAudCM" "Cyberlink Corp." "c:\program files\cyberlink\powerproducer\claudcm.ax"
+ "CyberLink Audio Decoder (PDVD7 UPnP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\upnp\claud.ax"
+ "CyberLink Audio Decoder (PDVD7)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD7)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd\audiofilter\claudfx.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD7)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD7)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppdemuxer.ax"
+ "CyberLink Demux (PDVD7 UPnP)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\upnp\cldemuxer.ax"
+ "CyberLink Demux (PDVD7)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\navfilter\cldemuxer.ax"
+ "CyberLink DV Buffer" "DV dump Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerproducer\ppdvdump.ax"
+ "CyberLink DVD Navigator (PDVD7)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\navfilter\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\cledtkrn.dll"
+ "CyberLink Frame Parser" "CLFParser" "CyberLink" "c:\program files\cyberlink\powerproducer\clfparser.ax"
+ "CyberLink Line21 Decoder (PDVD7)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\videofilter\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files\cyberlink\shared files\climage.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\upnp\clsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD7)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\navfilter\clm4splt.ax"
+ "CyberLink Push-Mode CLStream (PDVD7)" "CLStream" "CyberLink" "c:\program files\cyberlink\powerdvd\upnp\clstream(pushmode).ax"
+ "Cyberlink Scene Detect Filter" "CLScnDt" "CyberLink" "c:\program files\cyberlink\powerproducer\ppscndt.ax"
+ "CyberLink Streamming Filter (PDVD7)" "Cyberlink Streaming Source Filter(Scramble)" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\upnp\clstream.ax"
+ "Cyberlink Sub-Picture Filter" "Cyberlink Sub-Picture Filter" "Cyberlink" "c:\program files\cyberlink\powerproducer\clsubpic.ax"
+ "Cyberlink SubTitle Importor (PDVD7)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD7)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\clauts.ax"
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files\cyberlink\powerproducer\pptsinfo.ax"
+ "CyberLink Video/SP Decoder (PDVD7)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\videofilter\clvsd.ax"
+ "CyberLink Video/SP Decoder(PDVD7 HomeNetwork)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\upnp\clvsd.ax"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "HighMAT and MPV Navigator Filter" "MPV Playback Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "HighMAT/MPV Navigation Client Filter" "MPV Playback Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "MPEG-2 PSI Reader Filter" "Mpeg2PsiReader" "Nero AG" "c:\program files\common files\ahead\dsfilter\mpeg2psireader.ax"
+ "MPEG-2 Stream Reader Filter" "Mpeg2StreamReader" "Nero AG" "c:\program files\common files\ahead\dsfilter\mpeg2streamreader.ax"
+ "Nero Audible Decoder" "Nero Audible Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudible.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files\common files\ahead\dsfilter\neavsync.ax"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedeinterlace.ax"
+ "Nero Digital AVC Audio Encoder" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Subpicture Enc" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Video Enc" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendvid.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero File Source" "Nero SVCD source filter" "Nero AG " "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter" "Push Mode VOB Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefsource.ax"
+ "Nero FLV Splitter" "Nero FLV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neflvsplitter.ax"
+ "Nero Format Converter" "Frame rate / Color space converter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\necapture.ax"
+ "Nero FTC" "Frame Time Corrector Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neftc.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero MP3 Encoder" "MP3 Encoding Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp3encoder.ax"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoggsplitter.ax"
+ "Nero Overlay Mixer" "Overlay Mixer Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoverlaymixer.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "" "" "c:\program files\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neresize.ax"
+ "Nero Sample Queue" "Sample Queue Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesamplequeue.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundproc.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Control" "Transport Stream Controller Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nestreamcontrol.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubpicture.ax"
+ "Nero Subtitle" "Subtitle Mixer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubtitle.ax"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdthumbnail.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideorenderer.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundswitch.ax"
+ "PowerProducer Double Tee" "Cyberlink Double Tee Filter" "CtberLink Corporation" "c:\program files\cyberlink\powerproducer\ppdoubletee.ax"
+ "PP Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\claud.ax"
+ "PP Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerproducer\claudfx.ax"
+ "PP Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files\cyberlink\powerproducer\ppaudenc.ax"
+ "PP Audio Noise Reduction (CES)" "CLAuNR" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\claunrwrapper.ax"
+ "PP Byte Counter" "PP Byte Counter" "CyberLink Corporation" "c:\program files\cyberlink\powerproducer\ppbytecounter.ax"
+ "PP DDR" "PP DDR" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\pprender.ax"
+ "PP Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppdumpdispatch.ax"
+ "PP Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppdump.ax"
+ "PP DV Buffer" "CLDVBuffer Filter" "CyberLink" "c:\program files\cyberlink\powerproducer\ppdvbuffer.ax"
+ "PP DV Dump Filter" "DV dump Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerproducer\ppdvdump.ax"
+ "PP DV Reader Filter" "DVMultReader Filter" "CyberLink" "c:\program files\cyberlink\powerproducer\ppdvmrd.ax"
+ "PP DV TCR" "DVTCR" "CyberLink" "c:\program files\cyberlink\powerproducer\ppdvtcr.ax"
+ "PP File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppreader.ax"
+ "PP Gate Filter" "CLGate" "CyberLink" "c:\program files\cyberlink\powerproducer\ppgate.ax"
+ "PP IDM" "idmf" "Cyberlink" "c:\program files\cyberlink\powerproducer\ppidmf.ax"
+ "PP M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files\cyberlink\powerproducer\ppm2vwriter.ax"
+ "PP MPEG Muxer" "MpgMux" "CyberLink" "c:\program files\cyberlink\powerproducer\ppmpgmux.ax"
+ "PP MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files\cyberlink\powerproducer\ppvidenc.ax"
+ "PP MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppm1splter.ax"
+ "PP MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppm2splter.ax"
+ "PP PCM Wrapper" "PP PCM Wrapper" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\pppcmenc.ax"
+ "PP Snapshot Filter" "CLSnapShot Filter" "CyberLink" "c:\program files\cyberlink\powerproducer\ppsnapshot.ax"
+ "PP SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files\cyberlink\powerproducer\ppsshot.ax"
+ "PP TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\clauts.ax"
+ "PP TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\pptlmsplter.ax"
+ "PP Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppgenericvsd.ax"
+ "PP Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerproducer\ppvidfx.ax"
+ "PP Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files\cyberlink\powerproducer\ppresample.ax"
+ "PP Video Regulator" "CLRGL" "Cyberlink" "c:\program files\cyberlink\powerproducer\clrgl.ax"
+ "PP Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files\cyberlink\powerproducer\clvideostabilizer.ax"
+ "PP WAV Dest" "CLWavDest" "CyberLink" "c:\program files\cyberlink\powerproducer\ppwavdest.ax"
+ "PP YUY2 Deinterlace" "DitlYuY2" "CyberLink" "c:\program files\cyberlink\powerproducer\ppditlyuy2.ax"
+ "PP YUY2 Sub-Sampling" "SubYUY2 Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppsubyuy2.ax"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files\cyberlink\powerproducer\avi_audtr.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP Fax Port" "port monitor" "Hewlett-Packard Company" "c:\windows\system32\hppfaxprintermon5.dll"
+ "HP Standard TCP/IP Port" "Standard TCP/IP Port Monitor DLL" "Hewlett Packard" "c:\windows\system32\hptcpmon.dll"



Still having issues with the Vipre pop-up. It pop-up during auto-run.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 29 October 2012 - 12:22 PM

Can you explain issues with VIPRE?

There are no symptoms of malware from your logs.

Reinstall VIPRE and let me know if that helps.

#10 bradyd3

bradyd3
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:27 PM

Posted 30 October 2012 - 10:51 AM

I ran tdsskiller again today. It keeps finding the same 3 issues. Here is the log.


10:44:39.0668 1880 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
10:44:39.0768 1880 ============================================================
10:44:39.0768 1880 Current date / time: 2012/10/30 10:44:39.0768
10:44:39.0768 1880 SystemInfo:
10:44:39.0768 1880
10:44:39.0768 1880 OS Version: 6.1.7601 ServicePack: 1.0
10:44:39.0768 1880 Product type: Workstation
10:44:39.0768 1880 ComputerName: PC102
10:44:39.0769 1880 UserName: Admin
10:44:39.0769 1880 Windows directory: C:\Windows
10:44:39.0769 1880 System windows directory: C:\Windows
10:44:39.0769 1880 Processor architecture: Intel x86
10:44:39.0769 1880 Number of processors: 2
10:44:39.0769 1880 Page size: 0x1000
10:44:39.0769 1880 Boot type: Normal boot
10:44:39.0769 1880 ============================================================
10:44:41.0331 1880 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:44:41.0334 1880 Drive \Device\Harddisk1\DR1 - Size: 0x746EC00000 (465.73 Gb), SectorSize: 0x200, Cylinders: 0xED7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:44:41.0335 1880 ============================================================
10:44:41.0335 1880 \Device\Harddisk0\DR0:
10:44:41.0344 1880 MBR partitions:
10:44:41.0344 1880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:44:41.0344 1880 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D18E170
10:44:41.0344 1880 ============================================================
10:44:41.0389 1880 C: <-> \Device\Harddisk0\DR0\Partition2
10:44:41.0389 1880 ============================================================
10:44:41.0390 1880 Initialize success
10:44:41.0390 1880 ============================================================
10:44:46.0216 4016 ============================================================
10:44:46.0216 4016 Scan started
10:44:46.0216 4016 Mode: Manual; SigCheck; TDLFS;
10:44:46.0216 4016 ============================================================
10:44:47.0748 4016 ================ Scan system memory ========================
10:44:47.0748 4016 System memory - ok
10:44:47.0749 4016 ================ Scan services =============================
10:44:47.0908 4016 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:44:48.0051 4016 1394ohci - ok
10:44:48.0100 4016 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:44:48.0117 4016 ACPI - ok
10:44:48.0163 4016 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:44:48.0240 4016 AcpiPmi - ok
10:44:48.0353 4016 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:44:48.0378 4016 AdobeARMservice - ok
10:44:48.0459 4016 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:44:48.0481 4016 AdobeFlashPlayerUpdateSvc - ok
10:44:48.0546 4016 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:44:48.0567 4016 adp94xx - ok
10:44:48.0659 4016 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:44:48.0720 4016 adpahci - ok
10:44:48.0798 4016 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:44:48.0812 4016 adpu320 - ok
10:44:48.0845 4016 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:44:48.0950 4016 AeLookupSvc - ok
10:44:49.0011 4016 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
10:44:49.0086 4016 AFD - ok
10:44:49.0128 4016 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
10:44:49.0140 4016 agp440 - ok
10:44:49.0191 4016 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
10:44:49.0213 4016 aic78xx - ok
10:44:49.0278 4016 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
10:44:49.0349 4016 ALG - ok
10:44:49.0388 4016 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
10:44:49.0400 4016 aliide - ok
10:44:49.0413 4016 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:44:49.0426 4016 amdagp - ok
10:44:49.0436 4016 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
10:44:49.0448 4016 amdide - ok
10:44:49.0496 4016 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:44:49.0573 4016 AmdK8 - ok
10:44:49.0581 4016 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:44:49.0617 4016 AmdPPM - ok
10:44:49.0651 4016 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:44:49.0663 4016 amdsata - ok
10:44:49.0716 4016 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:44:49.0731 4016 amdsbs - ok
10:44:49.0743 4016 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:44:49.0755 4016 amdxata - ok
10:44:49.0811 4016 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
10:44:49.0947 4016 AppID - ok
10:44:49.0999 4016 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:44:50.0047 4016 AppIDSvc - ok
10:44:50.0097 4016 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
10:44:50.0146 4016 Appinfo - ok
10:44:50.0179 4016 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
10:44:50.0252 4016 AppMgmt - ok
10:44:50.0300 4016 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:44:50.0314 4016 arc - ok
10:44:50.0326 4016 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:44:50.0339 4016 arcsas - ok
10:44:50.0384 4016 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:44:50.0541 4016 AsyncMac - ok
10:44:50.0595 4016 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
10:44:50.0606 4016 atapi - ok
10:44:50.0675 4016 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:44:50.0756 4016 AudioEndpointBuilder - ok
10:44:50.0765 4016 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:44:50.0793 4016 Audiosrv - ok
10:44:50.0846 4016 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:44:50.0934 4016 AxInstSV - ok
10:44:50.0986 4016 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
10:44:51.0058 4016 b06bdrv - ok
10:44:51.0103 4016 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
10:44:51.0120 4016 b57nd60x - ok
10:44:51.0171 4016 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
10:44:51.0242 4016 BDESVC - ok
10:44:51.0284 4016 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
10:44:51.0326 4016 Beep - ok
10:44:51.0416 4016 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
10:44:51.0497 4016 BFE - ok
10:44:51.0549 4016 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
10:44:51.0609 4016 BITS - ok
10:44:51.0631 4016 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:44:51.0662 4016 blbdrive - ok
10:44:51.0707 4016 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:44:51.0762 4016 bowser - ok
10:44:51.0793 4016 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:44:51.0867 4016 BrFiltLo - ok
10:44:51.0884 4016 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:44:51.0923 4016 BrFiltUp - ok
10:44:51.0953 4016 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:44:51.0995 4016 BridgeMP - ok
10:44:52.0034 4016 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
10:44:52.0124 4016 Browser - ok
10:44:52.0157 4016 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:44:52.0221 4016 Brserid - ok
10:44:52.0237 4016 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:44:52.0271 4016 BrSerWdm - ok
10:44:52.0298 4016 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:44:52.0337 4016 BrUsbMdm - ok
10:44:52.0343 4016 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:44:52.0361 4016 BrUsbSer - ok
10:44:52.0384 4016 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:44:52.0417 4016 BTHMODEM - ok
10:44:52.0452 4016 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
10:44:52.0502 4016 bthserv - ok
10:44:52.0608 4016 catchme - ok
10:44:52.0649 4016 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:44:52.0713 4016 cdfs - ok
10:44:52.0756 4016 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:44:52.0793 4016 cdrom - ok
10:44:52.0835 4016 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
10:44:52.0860 4016 CertPropSvc - ok
10:44:52.0910 4016 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:44:52.0927 4016 circlass - ok
10:44:52.0955 4016 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
10:44:52.0972 4016 CLFS - ok
10:44:53.0058 4016 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:44:53.0073 4016 clr_optimization_v2.0.50727_32 - ok
10:44:53.0179 4016 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:44:53.0192 4016 clr_optimization_v4.0.30319_32 - ok
10:44:53.0202 4016 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:44:53.0233 4016 CmBatt - ok
10:44:53.0303 4016 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:44:53.0327 4016 cmdide - ok
10:44:53.0359 4016 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
10:44:53.0391 4016 CNG - ok
10:44:53.0412 4016 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:44:53.0424 4016 Compbatt - ok
10:44:53.0469 4016 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:44:53.0502 4016 CompositeBus - ok
10:44:53.0513 4016 COMSysApp - ok
10:44:53.0543 4016 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:44:53.0555 4016 crcdisk - ok
10:44:53.0608 4016 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:44:53.0692 4016 CryptSvc - ok
10:44:53.0736 4016 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
10:44:53.0811 4016 CSC - ok
10:44:53.0833 4016 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
10:44:53.0865 4016 CscService - ok
10:44:53.0885 4016 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
10:44:53.0937 4016 DcomLaunch - ok
10:44:53.0972 4016 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
10:44:54.0022 4016 defragsvc - ok
10:44:54.0063 4016 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:44:54.0110 4016 DfsC - ok
10:44:54.0154 4016 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:44:54.0198 4016 Dhcp - ok
10:44:54.0234 4016 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
10:44:54.0276 4016 discache - ok
10:44:54.0327 4016 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:44:54.0341 4016 Disk - ok
10:44:54.0374 4016 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:44:54.0452 4016 Dnscache - ok
10:44:54.0479 4016 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
10:44:54.0534 4016 dot3svc - ok
10:44:54.0570 4016 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
10:44:54.0626 4016 DPS - ok
10:44:54.0670 4016 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:44:54.0685 4016 drmkaud - ok
10:44:54.0723 4016 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:44:54.0757 4016 DXGKrnl - ok
10:44:54.0782 4016 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
10:44:54.0829 4016 EapHost - ok
10:44:54.0907 4016 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
10:44:55.0007 4016 ebdrv - ok
10:44:55.0043 4016 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
10:44:55.0139 4016 EFS - ok
10:44:55.0199 4016 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:44:55.0302 4016 ehRecvr - ok
10:44:55.0329 4016 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
10:44:55.0355 4016 ehSched - ok
10:44:55.0416 4016 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:44:55.0436 4016 elxstor - ok
10:44:55.0477 4016 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:44:55.0515 4016 ErrDev - ok
10:44:55.0562 4016 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
10:44:55.0614 4016 EventSystem - ok
10:44:55.0643 4016 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
10:44:55.0690 4016 exfat - ok
10:44:55.0725 4016 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:44:55.0775 4016 fastfat - ok
10:44:55.0820 4016 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
10:44:55.0907 4016 Fax - ok
10:44:55.0928 4016 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:44:55.0964 4016 fdc - ok
10:44:56.0003 4016 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
10:44:56.0029 4016 fdPHost - ok
10:44:56.0038 4016 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
10:44:56.0086 4016 FDResPub - ok
10:44:56.0124 4016 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:44:56.0149 4016 FileInfo - ok
10:44:56.0163 4016 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:44:56.0190 4016 Filetrace - ok
10:44:56.0203 4016 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:44:56.0236 4016 flpydisk - ok
10:44:56.0268 4016 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:44:56.0283 4016 FltMgr - ok
10:44:56.0328 4016 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
10:44:56.0444 4016 FontCache - ok
10:44:56.0489 4016 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:44:56.0509 4016 FontCache3.0.0.0 - ok
10:44:56.0524 4016 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:44:56.0537 4016 FsDepends - ok
10:44:56.0570 4016 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:44:56.0582 4016 Fs_Rec - ok
10:44:56.0640 4016 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:44:56.0658 4016 fvevol - ok
10:44:56.0714 4016 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:44:56.0726 4016 gagp30kx - ok
10:44:56.0764 4016 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
10:44:56.0824 4016 gpsvc - ok
10:44:56.0897 4016 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:44:56.0908 4016 gupdate - ok
10:44:56.0928 4016 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:44:56.0938 4016 gupdatem - ok
10:44:56.0999 4016 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:44:57.0024 4016 gusvc - ok
10:44:57.0057 4016 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:44:57.0135 4016 hcw85cir - ok
10:44:57.0177 4016 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:44:57.0238 4016 HdAudAddService - ok
10:44:57.0365 4016 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:44:57.0535 4016 HDAudBus - ok
10:44:57.0575 4016 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:44:57.0590 4016 HidBatt - ok
10:44:57.0608 4016 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:44:57.0649 4016 HidBth - ok
10:44:57.0686 4016 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:44:57.0718 4016 HidIr - ok
10:44:57.0746 4016 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
10:44:57.0795 4016 hidserv - ok
10:44:57.0842 4016 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:44:57.0889 4016 HidUsb - ok
10:44:57.0920 4016 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:44:57.0947 4016 hkmsvc - ok
10:44:57.0981 4016 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:44:58.0066 4016 HomeGroupListener - ok
10:44:58.0102 4016 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:44:58.0141 4016 HomeGroupProvider - ok
10:44:58.0186 4016 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:44:58.0200 4016 HpSAMD - ok
10:44:58.0254 4016 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:44:58.0286 4016 HTTP - ok
10:44:58.0312 4016 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:44:58.0324 4016 hwpolicy - ok
10:44:58.0363 4016 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:44:58.0382 4016 i8042prt - ok
10:44:58.0430 4016 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:44:58.0447 4016 iaStorV - ok
10:44:58.0496 4016 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:44:58.0527 4016 idsvc - ok
10:44:58.0769 4016 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
10:44:59.0129 4016 igfx - ok
10:44:59.0189 4016 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:44:59.0202 4016 iirsp - ok
10:44:59.0265 4016 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
10:44:59.0332 4016 IKEEXT - ok
10:44:59.0422 4016 [ E23457C274E0C8106689DA76FAD789EF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:44:59.0524 4016 IntcAzAudAddService - ok
10:44:59.0572 4016 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
10:44:59.0610 4016 intelide - ok
10:44:59.0681 4016 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:44:59.0722 4016 intelppm - ok
10:44:59.0757 4016 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:44:59.0805 4016 IPBusEnum - ok
10:44:59.0835 4016 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:44:59.0892 4016 IpFilterDriver - ok
10:44:59.0954 4016 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:45:00.0012 4016 iphlpsvc - ok
10:45:00.0037 4016 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:45:00.0068 4016 IPMIDRV - ok
10:45:00.0101 4016 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:45:00.0144 4016 IPNAT - ok
10:45:00.0176 4016 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:45:00.0243 4016 IRENUM - ok
10:45:00.0284 4016 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:45:00.0311 4016 isapnp - ok
10:45:00.0331 4016 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:45:00.0346 4016 iScsiPrt - ok
10:45:00.0391 4016 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:45:00.0404 4016 kbdclass - ok
10:45:00.0470 4016 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:45:00.0506 4016 kbdhid - ok
10:45:00.0537 4016 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
10:45:00.0552 4016 KeyIso - ok
10:45:00.0629 4016 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:45:00.0731 4016 KSecDD - ok
10:45:00.0770 4016 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:45:00.0785 4016 KSecPkg - ok
10:45:00.0820 4016 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
10:45:00.0876 4016 KtmRm - ok
10:45:00.0905 4016 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
10:45:00.0948 4016 LanmanServer - ok
10:45:00.0972 4016 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:45:01.0022 4016 LanmanWorkstation - ok
10:45:01.0068 4016 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:45:01.0094 4016 lltdio - ok
10:45:01.0115 4016 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:45:01.0162 4016 lltdsvc - ok
10:45:01.0178 4016 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
10:45:01.0222 4016 lmhosts - ok
10:45:01.0282 4016 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:45:01.0296 4016 LSI_FC - ok
10:45:01.0317 4016 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:45:01.0331 4016 LSI_SAS - ok
10:45:01.0347 4016 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:45:01.0360 4016 LSI_SAS2 - ok
10:45:01.0379 4016 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:45:01.0393 4016 LSI_SCSI - ok
10:45:01.0436 4016 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
10:45:01.0484 4016 luafv - ok
10:45:01.0526 4016 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:45:01.0545 4016 Mcx2Svc - ok
10:45:01.0563 4016 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:45:01.0575 4016 megasas - ok
10:45:01.0616 4016 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:45:01.0632 4016 MegaSR - ok
10:45:01.0652 4016 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
10:45:01.0702 4016 MMCSS - ok
10:45:01.0730 4016 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
10:45:01.0792 4016 Modem - ok
10:45:01.0821 4016 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:45:01.0856 4016 monitor - ok
10:45:01.0893 4016 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:45:01.0906 4016 mouclass - ok
10:45:01.0964 4016 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:45:02.0010 4016 mouhid - ok
10:45:02.0042 4016 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:45:02.0055 4016 mountmgr - ok
10:45:02.0137 4016 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
10:45:02.0162 4016 mpio - ok
10:45:02.0184 4016 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:45:02.0230 4016 mpsdrv - ok
10:45:02.0296 4016 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:45:02.0356 4016 MpsSvc - ok
10:45:02.0385 4016 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:45:02.0421 4016 MRxDAV - ok
10:45:02.0461 4016 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:45:02.0533 4016 mrxsmb - ok
10:45:02.0566 4016 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:45:02.0583 4016 mrxsmb10 - ok
10:45:02.0597 4016 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:45:02.0631 4016 mrxsmb20 - ok
10:45:02.0654 4016 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
10:45:02.0666 4016 msahci - ok
10:45:02.0676 4016 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:45:02.0689 4016 msdsm - ok
10:45:02.0716 4016 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
10:45:02.0753 4016 MSDTC - ok
10:45:02.0800 4016 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:45:02.0827 4016 Msfs - ok
10:45:02.0838 4016 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:45:02.0885 4016 mshidkmdf - ok
10:45:02.0895 4016 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:45:02.0907 4016 msisadrv - ok
10:45:02.0942 4016 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:45:02.0986 4016 MSiSCSI - ok
10:45:02.0991 4016 msiserver - ok
10:45:03.0030 4016 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:45:03.0080 4016 MSKSSRV - ok
10:45:03.0103 4016 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:45:03.0172 4016 MSPCLOCK - ok
10:45:03.0193 4016 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:45:03.0242 4016 MSPQM - ok
10:45:03.0268 4016 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:45:03.0284 4016 MsRPC - ok
10:45:03.0333 4016 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:45:03.0356 4016 mssmbios - ok
10:45:03.0496 4016 MSSQL$ACT7 - ok
10:45:03.0572 4016 [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
10:45:03.0582 4016 MSSQLServerADHelper100 - ok
10:45:03.0621 4016 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:45:03.0647 4016 MSTEE - ok
10:45:03.0662 4016 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:45:03.0694 4016 MTConfig - ok
10:45:03.0717 4016 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
10:45:03.0729 4016 Mup - ok
10:45:03.0787 4016 [ D186D031B0832A5438EC1AC2C5D74E9D ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
10:45:03.0810 4016 mv2 - ok
10:45:03.0849 4016 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
10:45:03.0895 4016 napagent - ok
10:45:03.0945 4016 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:45:03.0985 4016 NativeWifiP - ok
10:45:04.0091 4016 [ 5836B9E91863A00EC1B8E785EFD86ECB ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
10:45:04.0140 4016 NBService - ok
10:45:04.0194 4016 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:45:04.0248 4016 NDIS - ok
10:45:04.0303 4016 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:45:04.0347 4016 NdisCap - ok
10:45:04.0413 4016 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:45:04.0479 4016 NdisTapi - ok
10:45:04.0504 4016 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:45:04.0546 4016 Ndisuio - ok
10:45:04.0581 4016 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:45:04.0625 4016 NdisWan - ok
10:45:04.0665 4016 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:45:04.0689 4016 NDProxy - ok
10:45:04.0738 4016 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:45:04.0784 4016 NetBIOS - ok
10:45:04.0817 4016 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:45:04.0866 4016 NetBT - ok
10:45:04.0890 4016 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
10:45:04.0906 4016 Netlogon - ok
10:45:04.0970 4016 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
10:45:05.0001 4016 Netman - ok
10:45:05.0016 4016 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
10:45:05.0049 4016 netprofm - ok
10:45:05.0083 4016 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:45:05.0095 4016 NetTcpPortSharing - ok
10:45:05.0149 4016 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:45:05.0161 4016 nfrd960 - ok
10:45:05.0194 4016 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:45:05.0241 4016 NlaSvc - ok
10:45:05.0335 4016 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
10:45:05.0362 4016 NMIndexingService - ok
10:45:05.0378 4016 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:45:05.0426 4016 Npfs - ok
10:45:05.0453 4016 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
10:45:05.0481 4016 nsi - ok
10:45:05.0493 4016 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:45:05.0534 4016 nsiproxy - ok
10:45:05.0598 4016 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:45:05.0644 4016 Ntfs - ok
10:45:05.0679 4016 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
10:45:05.0726 4016 Null - ok
10:45:05.0757 4016 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:45:05.0770 4016 nvraid - ok
10:45:05.0813 4016 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:45:05.0828 4016 nvstor - ok
10:45:05.0858 4016 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:45:05.0871 4016 nv_agp - ok
10:45:05.0897 4016 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:45:05.0928 4016 ohci1394 - ok
10:45:06.0006 4016 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:45:06.0027 4016 ose - ok
10:45:06.0131 4016 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:45:06.0261 4016 osppsvc - ok
10:45:06.0293 4016 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:45:06.0330 4016 p2pimsvc - ok
10:45:06.0348 4016 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
10:45:06.0389 4016 p2psvc - ok
10:45:06.0428 4016 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:45:06.0444 4016 Parport - ok
10:45:06.0479 4016 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:45:06.0491 4016 partmgr - ok
10:45:06.0502 4016 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
10:45:06.0535 4016 Parvdm - ok
10:45:06.0563 4016 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:45:06.0582 4016 PcaSvc - ok
10:45:06.0627 4016 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
10:45:06.0655 4016 pci - ok
10:45:06.0671 4016 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
10:45:06.0683 4016 pciide - ok
10:45:06.0707 4016 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:45:06.0722 4016 pcmcia - ok
10:45:06.0740 4016 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
10:45:06.0752 4016 pcw - ok
10:45:06.0804 4016 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:45:06.0852 4016 PEAUTH - ok
10:45:06.0885 4016 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:45:06.0963 4016 PeerDistSvc - ok
10:45:07.0035 4016 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
10:45:07.0119 4016 pla - ok
10:45:07.0172 4016 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:45:07.0260 4016 PlugPlay - ok
10:45:07.0279 4016 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:45:07.0317 4016 PNRPAutoReg - ok
10:45:07.0342 4016 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:45:07.0358 4016 PNRPsvc - ok
10:45:07.0391 4016 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:45:07.0439 4016 PolicyAgent - ok
10:45:07.0464 4016 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
10:45:07.0510 4016 Power - ok
10:45:07.0555 4016 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:45:07.0582 4016 PptpMiniport - ok
10:45:07.0601 4016 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:45:07.0637 4016 Processor - ok
10:45:07.0684 4016 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
10:45:07.0790 4016 ProfSvc - ok
10:45:07.0804 4016 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:45:07.0819 4016 ProtectedStorage - ok
10:45:07.0877 4016 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:45:07.0927 4016 Psched - ok
10:45:07.0971 4016 [ E0D0CB09AA07B22BE984E4F7EC0326F5 ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
10:45:07.0982 4016 PSI_SVC_2 - ok
10:45:08.0049 4016 [ 27E26A7DBC17860630CE5065019C348F ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
10:45:08.0062 4016 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
10:45:08.0062 4016 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
10:45:08.0121 4016 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
10:45:08.0133 4016 QBFCService ( UnsignedFile.Multi.Generic ) - warning
10:45:08.0133 4016 QBFCService - detected UnsignedFile.Multi.Generic (1)
10:45:08.0210 4016 [ 9E5E9AF398D1AE13B67B623D5C695BA9 ] QBVSS C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
10:45:08.0277 4016 QBVSS ( UnsignedFile.Multi.Generic ) - warning
10:45:08.0277 4016 QBVSS - detected UnsignedFile.Multi.Generic (1)
10:45:08.0337 4016 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:45:08.0384 4016 ql2300 - ok
10:45:08.0401 4016 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:45:08.0414 4016 ql40xx - ok
10:45:08.0491 4016 QuickBooksDB21 - ok
10:45:08.0523 4016 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
10:45:08.0570 4016 QWAVE - ok
10:45:08.0606 4016 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:45:08.0659 4016 QWAVEdrv - ok
10:45:08.0684 4016 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:45:08.0710 4016 RasAcd - ok
10:45:08.0750 4016 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:45:08.0775 4016 RasAgileVpn - ok
10:45:08.0798 4016 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
10:45:08.0827 4016 RasAuto - ok
10:45:08.0836 4016 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:45:08.0887 4016 Rasl2tp - ok
10:45:08.0921 4016 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
10:45:08.0970 4016 RasMan - ok
10:45:08.0995 4016 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:45:09.0022 4016 RasPppoe - ok
10:45:09.0043 4016 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:45:09.0090 4016 RasSstp - ok
10:45:09.0122 4016 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:45:09.0165 4016 rdbss - ok
10:45:09.0205 4016 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:45:09.0237 4016 rdpbus - ok
10:45:09.0264 4016 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:45:09.0387 4016 RDPCDD - ok
10:45:09.0501 4016 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:45:09.0575 4016 RDPDR - ok
10:45:09.0619 4016 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:45:09.0689 4016 RDPENCDD - ok
10:45:09.0717 4016 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:45:09.0780 4016 RDPREFMP - ok
10:45:09.0820 4016 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:45:09.0920 4016 RDPWD - ok
10:45:09.0974 4016 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:45:09.0988 4016 rdyboost - ok
10:45:10.0017 4016 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
10:45:10.0065 4016 RemoteAccess - ok
10:45:10.0151 4016 [ 78EB5E175DE3FC626F58CC942A13963C ] remotepc C:\Program Files\Remote Access Host\RemotePCM.exe
10:45:10.0170 4016 remotepc - ok
10:45:10.0227 4016 [ F7D538958C7EE6CC8DB6E637E23AB379 ] RemotePCmirror C:\Windows\system32\DRIVERS\RemotePCmirror.sys
10:45:10.0249 4016 RemotePCmirror - ok
10:45:10.0273 4016 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:45:10.0323 4016 RemoteRegistry - ok
10:45:10.0417 4016 [ 06A49B7BDC36CFBF97DD90804F833369 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
10:45:10.0433 4016 RichVideo - ok
10:45:10.0482 4016 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:45:10.0509 4016 RpcEptMapper - ok
10:45:10.0530 4016 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
10:45:10.0564 4016 RpcLocator - ok
10:45:10.0600 4016 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
10:45:10.0628 4016 RpcSs - ok
10:45:10.0664 4016 [ A95840A95A9FF74B0009E5D848CDDB39 ] RsFx0150 C:\Windows\system32\DRIVERS\RsFx0150.sys
10:45:10.0677 4016 RsFx0150 - ok
10:45:10.0719 4016 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:45:10.0764 4016 rspndr - ok
10:45:10.0805 4016 [ 3983CEA05BB855351D75F5482B6C42CE ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
10:45:10.0841 4016 RTL8167 - ok
10:45:10.0876 4016 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:45:10.0946 4016 s3cap - ok
10:45:10.0959 4016 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
10:45:10.0974 4016 SamSs - ok
10:45:11.0103 4016 [ 18530D2F605F1EC48CA20A7B184CCBCC ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
10:45:11.0188 4016 SBAMSvc - ok
10:45:11.0259 4016 [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
10:45:11.0280 4016 sbapifs - ok
10:45:11.0335 4016 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:45:11.0348 4016 sbp2port - ok
10:45:11.0407 4016 [ 2815772894855506E94008CC0E602738 ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
10:45:11.0419 4016 SBPIMSvc - ok
10:45:11.0471 4016 [ D03A8CCA8BFA82CBF12A87326EBFE258 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
10:45:11.0489 4016 SBRE - ok
10:45:11.0531 4016 [ BD148DAE125EF15D6451FEF514E8D15B ] sbwtis C:\Windows\system32\DRIVERS\sbwtis.sys
10:45:11.0542 4016 sbwtis - ok
10:45:11.0572 4016 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:45:11.0625 4016 SCardSvr - ok
10:45:11.0647 4016 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:45:11.0692 4016 scfilter - ok
10:45:11.0741 4016 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
10:45:11.0825 4016 Schedule - ok
10:45:11.0865 4016 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:45:11.0890 4016 SCPolicySvc - ok
10:45:11.0902 4016 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:45:11.0939 4016 SDRSVC - ok
10:45:11.0980 4016 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:45:12.0026 4016 secdrv - ok
10:45:12.0058 4016 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
10:45:12.0102 4016 seclogon - ok
10:45:12.0130 4016 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
10:45:12.0175 4016 SENS - ok
10:45:12.0223 4016 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:45:12.0295 4016 SensrSvc - ok
10:45:12.0368 4016 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:45:12.0398 4016 Serenum - ok
10:45:12.0449 4016 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:45:12.0487 4016 Serial - ok
10:45:12.0512 4016 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:45:12.0534 4016 sermouse - ok
10:45:12.0583 4016 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
10:45:12.0629 4016 SessionEnv - ok
10:45:12.0663 4016 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:45:12.0717 4016 sffdisk - ok
10:45:12.0733 4016 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:45:12.0748 4016 sffp_mmc - ok
10:45:12.0764 4016 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:45:12.0795 4016 sffp_sd - ok
10:45:12.0832 4016 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:45:12.0880 4016 sfloppy - ok
10:45:12.0932 4016 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:45:12.0983 4016 SharedAccess - ok
10:45:13.0011 4016 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:45:13.0057 4016 ShellHWDetection - ok
10:45:13.0086 4016 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:45:13.0099 4016 sisagp - ok
10:45:13.0150 4016 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:45:13.0163 4016 SiSRaid2 - ok
10:45:13.0177 4016 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:45:13.0190 4016 SiSRaid4 - ok
10:45:13.0235 4016 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:45:13.0263 4016 Smb - ok
10:45:13.0320 4016 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:45:13.0336 4016 SNMPTRAP - ok
10:45:13.0344 4016 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
10:45:13.0357 4016 spldr - ok
10:45:13.0412 4016 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
10:45:13.0479 4016 Spooler - ok
10:45:13.0560 4016 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
10:45:13.0663 4016 sppsvc - ok
10:45:13.0701 4016 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:45:13.0772 4016 sppuinotify - ok
10:45:13.0806 4016 [ 37761F6BE2EBAED72CC0D43BD4C8C2A6 ] SQLAgent$ACT7 C:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE
10:45:13.0822 4016 SQLAgent$ACT7 - ok
10:45:13.0896 4016 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:45:13.0919 4016 SQLBrowser - ok
10:45:13.0955 4016 [ 8E6E5CFA06769A417B03FD6FAA29E010 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:45:13.0967 4016 SQLWriter - ok
10:45:14.0004 4016 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:45:14.0070 4016 srv - ok
10:45:14.0091 4016 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:45:14.0125 4016 srv2 - ok
10:45:14.0153 4016 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:45:14.0193 4016 srvnet - ok
10:45:14.0227 4016 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:45:14.0257 4016 SSDPSRV - ok
10:45:14.0268 4016 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:45:14.0296 4016 SstpSvc - ok
10:45:14.0322 4016 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:45:14.0335 4016 stexstor - ok
10:45:14.0385 4016 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
10:45:14.0423 4016 StillCam - ok
10:45:14.0466 4016 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
10:45:14.0490 4016 StiSvc - ok
10:45:14.0523 4016 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:45:14.0536 4016 storflt - ok
10:45:14.0571 4016 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
10:45:14.0755 4016 StorSvc - ok
10:45:14.0806 4016 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:45:14.0830 4016 storvsc - ok
10:45:14.0851 4016 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
10:45:14.0864 4016 swenum - ok
10:45:14.0889 4016 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
10:45:14.0937 4016 swprv - ok
10:45:14.0982 4016 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
10:45:15.0031 4016 SysMain - ok
10:45:15.0068 4016 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:45:15.0107 4016 TabletInputService - ok
10:45:15.0131 4016 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
10:45:15.0180 4016 TapiSrv - ok
10:45:15.0209 4016 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
10:45:15.0261 4016 TBS - ok
10:45:15.0315 4016 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:45:15.0373 4016 Tcpip - ok
10:45:15.0435 4016 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:45:15.0462 4016 TCPIP6 - ok
10:45:15.0500 4016 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:45:15.0541 4016 tcpipreg - ok
10:45:15.0576 4016 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:45:15.0661 4016 TDPIPE - ok
10:45:15.0679 4016 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:45:15.0725 4016 TDTCP - ok
10:45:15.0764 4016 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:45:15.0836 4016 tdx - ok
10:45:15.0867 4016 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:45:15.0880 4016 TermDD - ok
10:45:15.0917 4016 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
10:45:15.0968 4016 TermService - ok
10:45:15.0998 4016 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
10:45:16.0035 4016 Themes - ok
10:45:16.0062 4016 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
10:45:16.0089 4016 THREADORDER - ok
10:45:16.0125 4016 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
10:45:16.0171 4016 TrkWks - ok
10:45:16.0230 4016 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:45:16.0304 4016 TrustedInstaller - ok
10:45:16.0343 4016 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:45:16.0411 4016 tssecsrv - ok
10:45:16.0457 4016 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:45:16.0530 4016 TsUsbFlt - ok
10:45:16.0594 4016 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:45:16.0655 4016 tunnel - ok
10:45:16.0688 4016 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:45:16.0701 4016 uagp35 - ok
10:45:16.0719 4016 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:45:16.0768 4016 udfs - ok
10:45:16.0810 4016 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:45:16.0845 4016 UI0Detect - ok
10:45:16.0882 4016 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:45:16.0895 4016 uliagpkx - ok
10:45:16.0941 4016 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
10:45:16.0977 4016 umbus - ok
10:45:17.0019 4016 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:45:17.0052 4016 UmPass - ok
10:45:17.0086 4016 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
10:45:17.0123 4016 UmRdpService - ok
10:45:17.0166 4016 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
10:45:17.0231 4016 upnphost - ok
10:45:17.0274 4016 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:45:17.0335 4016 usbccgp - ok
10:45:17.0383 4016 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:45:17.0404 4016 usbcir - ok
10:45:17.0443 4016 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:45:17.0458 4016 usbehci - ok
10:45:17.0504 4016 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:45:17.0540 4016 usbhub - ok
10:45:17.0561 4016 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:45:17.0590 4016 usbohci - ok
10:45:17.0622 4016 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:45:17.0638 4016 usbprint - ok
10:45:17.0683 4016 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:45:17.0778 4016 USBSTOR - ok
10:45:17.0800 4016 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:45:17.0814 4016 usbuhci - ok
10:45:17.0834 4016 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
10:45:17.0861 4016 UxSms - ok
10:45:17.0877 4016 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
10:45:17.0892 4016 VaultSvc - ok
10:45:17.0936 4016 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:45:17.0948 4016 vdrvroot - ok
10:45:17.0987 4016 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
10:45:18.0019 4016 vds - ok
10:45:18.0041 4016 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:45:18.0081 4016 vga - ok
10:45:18.0110 4016 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:45:18.0155 4016 VgaSave - ok
10:45:18.0177 4016 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:45:18.0191 4016 vhdmp - ok
10:45:18.0228 4016 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:45:18.0241 4016 viaagp - ok
10:45:18.0268 4016 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
10:45:18.0304 4016 ViaC7 - ok
10:45:18.0316 4016 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
10:45:18.0328 4016 viaide - ok
10:45:18.0367 4016 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:45:18.0381 4016 vmbus - ok
10:45:18.0401 4016 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:45:18.0416 4016 VMBusHID - ok
10:45:18.0433 4016 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:45:18.0445 4016 volmgr - ok
10:45:18.0472 4016 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:45:18.0489 4016 volmgrx - ok
10:45:18.0505 4016 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:45:18.0521 4016 volsnap - ok
10:45:18.0569 4016 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:45:18.0584 4016 vsmraid - ok
10:45:18.0643 4016 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
10:45:18.0724 4016 VSS - ok
10:45:18.0749 4016 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:45:18.0783 4016 vwifibus - ok
10:45:18.0816 4016 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
10:45:18.0868 4016 W32Time - ok
10:45:18.0889 4016 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:45:18.0920 4016 WacomPen - ok
10:45:18.0960 4016 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:45:18.0986 4016 WANARP - ok
10:45:18.0990 4016 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:45:19.0016 4016 Wanarpv6 - ok
10:45:19.0100 4016 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:45:19.0158 4016 WatAdminSvc - ok
10:45:19.0204 4016 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
10:45:19.0303 4016 wbengine - ok
10:45:19.0331 4016 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:45:19.0368 4016 WbioSrvc - ok
10:45:19.0403 4016 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:45:19.0427 4016 wcncsvc - ok
10:45:19.0437 4016 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:45:19.0495 4016 WcsPlugInService - ok
10:45:19.0514 4016 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:45:19.0526 4016 Wd - ok
10:45:19.0653 4016 [ D634CFE93E0CD001499D0D6D68890C9E ] WDBackup C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
10:45:19.0698 4016 WDBackup - ok
10:45:19.0724 4016 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
10:45:19.0767 4016 WDC_SAM - ok
10:45:19.0849 4016 [ 2277CD5B13B18B6DF5F80E8A84254EA7 ] WDDriveService C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
10:45:19.0864 4016 WDDriveService - ok
10:45:19.0888 4016 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:45:19.0907 4016 Wdf01000 - ok
10:45:19.0932 4016 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:45:19.0975 4016 WdiServiceHost - ok
10:45:19.0979 4016 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:45:19.0997 4016 WdiSystemHost - ok
10:45:20.0063 4016 [ A578AE45097ACAD346C86C96F1C0D5A7 ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
10:45:20.0106 4016 WDRulesService - ok
10:45:20.0145 4016 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
10:45:20.0188 4016 WebClient - ok
10:45:20.0229 4016 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:45:20.0262 4016 Wecsvc - ok
10:45:20.0270 4016 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:45:20.0297 4016 wercplsupport - ok
10:45:20.0350 4016 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
10:45:20.0379 4016 WerSvc - ok
10:45:20.0418 4016 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:45:20.0446 4016 WfpLwf - ok
10:45:20.0464 4016 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:45:20.0475 4016 WIMMount - ok
10:45:20.0563 4016 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:45:20.0636 4016 WinDefend - ok
10:45:20.0647 4016 WinHttpAutoProxySvc - ok
10:45:20.0705 4016 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:45:20.0732 4016 Winmgmt - ok
10:45:20.0777 4016 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
10:45:20.0832 4016 WinRM - ok
10:45:20.0891 4016 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:45:20.0919 4016 WinUsb - ok
10:45:20.0956 4016 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:45:20.0992 4016 Wlansvc - ok
10:45:21.0033 4016 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:45:21.0079 4016 WmiAcpi - ok
10:45:21.0117 4016 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:45:21.0154 4016 wmiApSrv - ok
10:45:21.0238 4016 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:45:21.0353 4016 WMPNetworkSvc - ok
10:45:21.0381 4016 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:45:21.0472 4016 WPCSvc - ok
10:45:21.0516 4016 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:45:21.0659 4016 WPDBusEnum - ok
10:45:21.0704 4016 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:45:21.0808 4016 ws2ifsl - ok
10:45:21.0914 4016 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
10:45:21.0988 4016 wscsvc - ok
10:45:21.0994 4016 WSearch - ok
10:45:22.0064 4016 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
10:45:22.0125 4016 wuauserv - ok
10:45:22.0163 4016 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:45:22.0190 4016 WudfPf - ok
10:45:22.0230 4016 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:45:22.0257 4016 WUDFRd - ok
10:45:22.0297 4016 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:45:22.0324 4016 wudfsvc - ok
10:45:22.0347 4016 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:45:22.0386 4016 WwanSvc - ok
10:45:22.0392 4016 ================ Scan global ===============================
10:45:22.0429 4016 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
10:45:22.0457 4016 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
10:45:22.0466 4016 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
10:45:22.0485 4016 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
10:45:22.0513 4016 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
10:45:22.0518 4016 [Global] - ok
10:45:22.0519 4016 ================ Scan MBR ==================================
10:45:22.0529 4016 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:45:22.0723 4016 \Device\Harddisk0\DR0 - ok
10:45:22.0723 4016 ================ Scan VBR ==================================
10:45:22.0726 4016 [ F774C09EC1A3C0B9EC9135F70ECC99AA ] \Device\Harddisk0\DR0\Partition1
10:45:22.0728 4016 \Device\Harddisk0\DR0\Partition1 - ok
10:45:22.0753 4016 [ 16423BCDAB2198201F5043333384F722 ] \Device\Harddisk0\DR0\Partition2
10:45:22.0755 4016 \Device\Harddisk0\DR0\Partition2 - ok
10:45:22.0755 4016 ============================================================
10:45:22.0756 4016 Scan finished
10:45:22.0756 4016 ============================================================
10:45:22.0768 4436 Detected object count: 3
10:45:22.0768 4436 Actual detected object count: 3
10:45:41.0353 4436 C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe - copied to quarantine
10:45:41.0353 4436 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:45:41.0379 4436 C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe - copied to quarantine
10:45:41.0380 4436 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:45:41.0421 4436 C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe - copied to quarantine
10:45:41.0422 4436 QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:45:59.0782 0544 ============================================================
10:45:59.0782 0544 Scan started
10:45:59.0782 0544 Mode: Manual; SigCheck; TDLFS;
10:45:59.0782 0544 ============================================================
10:46:00.0207 0544 ================ Scan system memory ========================
10:46:00.0207 0544 System memory - ok
10:46:00.0208 0544 ================ Scan services =============================
10:46:00.0356 0544 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:46:00.0390 0544 1394ohci - ok
10:46:00.0423 0544 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:46:00.0435 0544 ACPI - ok
10:46:00.0478 0544 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:46:00.0503 0544 AcpiPmi - ok
10:46:00.0576 0544 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:46:00.0594 0544 AdobeARMservice - ok
10:46:00.0630 0544 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:46:00.0640 0544 AdobeFlashPlayerUpdateSvc - ok
10:46:00.0669 0544 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:46:00.0684 0544 adp94xx - ok
10:46:00.0697 0544 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:46:00.0711 0544 adpahci - ok
10:46:00.0729 0544 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:46:00.0740 0544 adpu320 - ok
10:46:00.0768 0544 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:46:00.0779 0544 AeLookupSvc - ok
10:46:00.0809 0544 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
10:46:00.0822 0544 AFD - ok
10:46:00.0868 0544 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
10:46:00.0877 0544 agp440 - ok
10:46:00.0906 0544 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
10:46:00.0916 0544 aic78xx - ok
10:46:00.0943 0544 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
10:46:00.0954 0544 ALG - ok
10:46:00.0995 0544 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
10:46:01.0017 0544 aliide - ok
10:46:01.0029 0544 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:46:01.0039 0544 amdagp - ok
10:46:01.0051 0544 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
10:46:01.0061 0544 amdide - ok
10:46:01.0086 0544 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:46:01.0096 0544 AmdK8 - ok
10:46:01.0102 0544 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:46:01.0112 0544 AmdPPM - ok
10:46:01.0132 0544 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:46:01.0142 0544 amdsata - ok
10:46:01.0156 0544 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:46:01.0167 0544 amdsbs - ok
10:46:01.0183 0544 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:46:01.0193 0544 amdxata - ok
10:46:01.0226 0544 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
10:46:01.0262 0544 AppID - ok
10:46:01.0281 0544 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:46:01.0302 0544 AppIDSvc - ok
10:46:01.0337 0544 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
10:46:01.0358 0544 Appinfo - ok
10:46:01.0379 0544 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
10:46:01.0389 0544 AppMgmt - ok
10:46:01.0408 0544 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:46:01.0418 0544 arc - ok
10:46:01.0433 0544 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:46:01.0443 0544 arcsas - ok
10:46:01.0458 0544 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:46:01.0480 0544 AsyncMac - ok
10:46:01.0501 0544 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
10:46:01.0510 0544 atapi - ok
10:46:01.0547 0544 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:46:01.0571 0544 AudioEndpointBuilder - ok
10:46:01.0581 0544 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:46:01.0605 0544 Audiosrv - ok
10:46:01.0637 0544 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:46:01.0651 0544 AxInstSV - ok
10:46:01.0677 0544 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
10:46:01.0690 0544 b06bdrv - ok
10:46:01.0711 0544 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
10:46:01.0722 0544 b57nd60x - ok
10:46:01.0746 0544 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
10:46:01.0756 0544 BDESVC - ok
10:46:01.0763 0544 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
10:46:01.0785 0544 Beep - ok
10:46:01.0822 0544 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
10:46:01.0847 0544 BFE - ok
10:46:01.0881 0544 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
10:46:01.0909 0544 BITS - ok
10:46:01.0923 0544 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:46:01.0933 0544 blbdrive - ok
10:46:01.0965 0544 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:46:01.0975 0544 bowser - ok
10:46:02.0001 0544 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:46:02.0014 0544 BrFiltLo - ok
10:46:02.0034 0544 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:46:02.0046 0544 BrFiltUp - ok
10:46:02.0062 0544 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:46:02.0084 0544 BridgeMP - ok
10:46:02.0109 0544 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
10:46:02.0120 0544 Browser - ok
10:46:02.0141 0544 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:46:02.0154 0544 Brserid - ok
10:46:02.0171 0544 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:46:02.0182 0544 BrSerWdm - ok
10:46:02.0199 0544 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:46:02.0210 0544 BrUsbMdm - ok
10:46:02.0216 0544 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:46:02.0226 0544 BrUsbSer - ok
10:46:02.0234 0544 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:46:02.0247 0544 BTHMODEM - ok
10:46:02.0269 0544 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
10:46:02.0293 0544 bthserv - ok
10:46:02.0367 0544 catchme - ok
10:46:02.0383 0544 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:46:02.0412 0544 cdfs - ok
10:46:02.0457 0544 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:46:02.0479 0544 cdrom - ok
10:46:02.0519 0544 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
10:46:02.0554 0544 CertPropSvc - ok
10:46:02.0577 0544 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:46:02.0588 0544 circlass - ok
10:46:02.0614 0544 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
10:46:02.0627 0544 CLFS - ok
10:46:02.0692 0544 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:46:02.0712 0544 clr_optimization_v2.0.50727_32 - ok
10:46:02.0772 0544 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:46:02.0793 0544 clr_optimization_v4.0.30319_32 - ok
10:46:02.0811 0544 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:46:02.0823 0544 CmBatt - ok
10:46:02.0871 0544 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:46:02.0881 0544 cmdide - ok
10:46:02.0910 0544 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
10:46:02.0928 0544 CNG - ok
10:46:02.0946 0544 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:46:02.0955 0544 Compbatt - ok
10:46:02.0970 0544 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:46:02.0982 0544 CompositeBus - ok
10:46:02.0987 0544 COMSysApp - ok
10:46:03.0002 0544 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:46:03.0012 0544 crcdisk - ok
10:46:03.0051 0544 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:46:03.0063 0544 CryptSvc - ok
10:46:03.0095 0544 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
10:46:03.0108 0544 CSC - ok
10:46:03.0126 0544 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
10:46:03.0142 0544 CscService - ok
10:46:03.0161 0544 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
10:46:03.0186 0544 DcomLaunch - ok
10:46:03.0214 0544 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
10:46:03.0239 0544 defragsvc - ok
10:46:03.0264 0544 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:46:03.0285 0544 DfsC - ok
10:46:03.0321 0544 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:46:03.0344 0544 Dhcp - ok
10:46:03.0367 0544 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
10:46:03.0390 0544 discache - ok
10:46:03.0402 0544 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:46:03.0412 0544 Disk - ok
10:46:03.0450 0544 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:46:03.0472 0544 Dnscache - ok
10:46:03.0505 0544 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
10:46:03.0527 0544 dot3svc - ok
10:46:03.0562 0544 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
10:46:03.0584 0544 DPS - ok
10:46:03.0604 0544 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:46:03.0615 0544 drmkaud - ok
10:46:03.0658 0544 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:46:03.0691 0544 DXGKrnl - ok
10:46:03.0716 0544 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
10:46:03.0738 0544 EapHost - ok
10:46:03.0798 0544 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
10:46:03.0838 0544 ebdrv - ok
10:46:03.0869 0544 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
10:46:03.0889 0544 EFS - ok
10:46:03.0942 0544 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:46:03.0964 0544 ehRecvr - ok
10:46:03.0988 0544 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
10:46:03.0999 0544 ehSched - ok
10:46:04.0034 0544 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:46:04.0049 0544 elxstor - ok
10:46:04.0096 0544 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:46:04.0106 0544 ErrDev - ok
10:46:04.0139 0544 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
10:46:04.0164 0544 EventSystem - ok
10:46:04.0178 0544 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
10:46:04.0201 0544 exfat - ok
10:46:04.0227 0544 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:46:04.0251 0544 fastfat - ok
10:46:04.0291 0544 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
10:46:04.0319 0544 Fax - ok
10:46:04.0338 0544 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:46:04.0348 0544 fdc - ok
10:46:04.0371 0544 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
10:46:04.0394 0544 fdPHost - ok
10:46:04.0406 0544 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
10:46:04.0429 0544 FDResPub - ok
10:46:04.0452 0544 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:46:04.0462 0544 FileInfo - ok
10:46:04.0473 0544 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:46:04.0495 0544 Filetrace - ok
10:46:04.0513 0544 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:46:04.0524 0544 flpydisk - ok
10:46:04.0537 0544 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:46:04.0549 0544 FltMgr - ok
10:46:04.0589 0544 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
10:46:04.0607 0544 FontCache - ok
10:46:04.0649 0544 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:46:04.0665 0544 FontCache3.0.0.0 - ok
10:46:04.0685 0544 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:46:04.0695 0544 FsDepends - ok
10:46:04.0722 0544 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:46:04.0731 0544 Fs_Rec - ok
10:46:04.0768 0544 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:46:04.0797 0544 fvevol - ok
10:46:04.0816 0544 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:46:04.0826 0544 gagp30kx - ok
10:46:04.0868 0544 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
10:46:04.0896 0544 gpsvc - ok
10:46:04.0950 0544 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:46:04.0969 0544 gupdate - ok
10:46:04.0976 0544 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:46:04.0984 0544 gupdatem - ok
10:46:05.0018 0544 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:46:05.0027 0544 gusvc - ok
10:46:05.0059 0544 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:46:05.0069 0544 hcw85cir - ok
10:46:05.0105 0544 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:46:05.0119 0544 HdAudAddService - ok
10:46:05.0151 0544 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:46:05.0163 0544 HDAudBus - ok
10:46:05.0178 0544 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:46:05.0188 0544 HidBatt - ok
10:46:05.0203 0544 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:46:05.0215 0544 HidBth - ok
10:46:05.0222 0544 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:46:05.0233 0544 HidIr - ok
10:46:05.0249 0544 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
10:46:05.0272 0544 hidserv - ok
10:46:05.0312 0544 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:46:05.0333 0544 HidUsb - ok
10:46:05.0365 0544 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:46:05.0387 0544 hkmsvc - ok
10:46:05.0418 0544 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:46:05.0430 0544 HomeGroupListener - ok
10:46:05.0464 0544 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:46:05.0476 0544 HomeGroupProvider - ok
10:46:05.0523 0544 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:46:05.0544 0544 HpSAMD - ok
10:46:05.0574 0544 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:46:05.0599 0544 HTTP - ok
10:46:05.0632 0544 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:46:05.0642 0544 hwpolicy - ok
10:46:05.0667 0544 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:46:05.0678 0544 i8042prt - ok
10:46:05.0708 0544 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:46:05.0722 0544 iaStorV - ok
10:46:05.0773 0544 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:46:05.0791 0544 idsvc - ok
10:46:05.0956 0544 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
10:46:06.0053 0544 igfx - ok
10:46:06.0085 0544 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:46:06.0096 0544 iirsp - ok
10:46:06.0144 0544 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
10:46:06.0171 0544 IKEEXT - ok
10:46:06.0243 0544 [ E23457C274E0C8106689DA76FAD789EF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:46:06.0292 0544 IntcAzAudAddService - ok
10:46:06.0342 0544 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
10:46:06.0352 0544 intelide - ok
10:46:06.0376 0544 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:46:06.0387 0544 intelppm - ok
10:46:06.0411 0544 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:46:06.0434 0544 IPBusEnum - ok
10:46:06.0447 0544 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:46:06.0469 0544 IpFilterDriver - ok
10:46:06.0501 0544 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:46:06.0527 0544 iphlpsvc - ok
10:46:06.0566 0544 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:46:06.0578 0544 IPMIDRV - ok
10:46:06.0605 0544 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:46:06.0628 0544 IPNAT - ok
10:46:06.0647 0544 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:46:06.0660 0544 IRENUM - ok
10:46:06.0705 0544 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:46:06.0715 0544 isapnp - ok
10:46:06.0735 0544 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:46:06.0747 0544 iScsiPrt - ok
10:46:06.0762 0544 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:46:06.0772 0544 kbdclass - ok
10:46:06.0783 0544 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:46:06.0794 0544 kbdhid - ok
10:46:06.0808 0544 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
10:46:06.0820 0544 KeyIso - ok
10:46:06.0850 0544 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:46:06.0860 0544 KSecDD - ok
10:46:06.0890 0544 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:46:06.0901 0544 KSecPkg - ok
10:46:06.0925 0544 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
10:46:06.0951 0544 KtmRm - ok
10:46:06.0968 0544 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
10:46:06.0991 0544 LanmanServer - ok
10:46:07.0002 0544 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:46:07.0024 0544 LanmanWorkstation - ok
10:46:07.0047 0544 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:46:07.0071 0544 lltdio - ok
10:46:07.0095 0544 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:46:07.0122 0544 lltdsvc - ok
10:46:07.0141 0544 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
10:46:07.0163 0544 lmhosts - ok
10:46:07.0179 0544 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:46:07.0189 0544 LSI_FC - ok
10:46:07.0205 0544 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:46:07.0215 0544 LSI_SAS - ok
10:46:07.0227 0544 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:46:07.0237 0544 LSI_SAS2 - ok
10:46:07.0251 0544 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:46:07.0261 0544 LSI_SCSI - ok
10:46:07.0274 0544 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
10:46:07.0296 0544 luafv - ok
10:46:07.0322 0544 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:46:07.0335 0544 Mcx2Svc - ok
10:46:07.0351 0544 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:46:07.0361 0544 megasas - ok
10:46:07.0379 0544 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:46:07.0392 0544 MegaSR - ok
10:46:07.0407 0544 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
10:46:07.0431 0544 MMCSS - ok
10:46:07.0443 0544 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
10:46:07.0465 0544 Modem - ok
10:46:07.0476 0544 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:46:07.0488 0544 monitor - ok
10:46:07.0532 0544 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:46:07.0552 0544 mouclass - ok
10:46:07.0569 0544 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:46:07.0579 0544 mouhid - ok
10:46:07.0605 0544 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:46:07.0616 0544 mountmgr - ok
10:46:07.0659 0544 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
10:46:07.0670 0544 mpio - ok
10:46:07.0689 0544 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:46:07.0710 0544 mpsdrv - ok
10:46:07.0745 0544 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:46:07.0771 0544 MpsSvc - ok
10:46:07.0798 0544 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:46:07.0812 0544 MRxDAV - ok
10:46:07.0841 0544 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:46:07.0852 0544 mrxsmb - ok
10:46:07.0880 0544 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:46:07.0892 0544 mrxsmb10 - ok
10:46:07.0903 0544 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:46:07.0913 0544 mrxsmb20 - ok
10:46:07.0943 0544 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
10:46:07.0953 0544 msahci - ok
10:46:07.0965 0544 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:46:07.0976 0544 msdsm - ok
10:46:07.0996 0544 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
10:46:08.0009 0544 MSDTC - ok
10:46:08.0039 0544 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:46:08.0061 0544 Msfs - ok
10:46:08.0069 0544 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:46:08.0092 0544 mshidkmdf - ok
10:46:08.0118 0544 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:46:08.0127 0544 msisadrv - ok
10:46:08.0157 0544 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:46:08.0179 0544 MSiSCSI - ok
10:46:08.0185 0544 msiserver - ok
10:46:08.0202 0544 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:46:08.0224 0544 MSKSSRV - ok
10:46:08.0234 0544 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:46:08.0258 0544 MSPCLOCK - ok
10:46:08.0273 0544 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:46:08.0296 0544 MSPQM - ok
10:46:08.0315 0544 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:46:08.0327 0544 MsRPC - ok
10:46:08.0380 0544 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:46:08.0400 0544 mssmbios - ok
10:46:08.0519 0544 MSSQL$ACT7 - ok
10:46:08.0569 0544 [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
10:46:08.0586 0544 MSSQLServerADHelper100 - ok
10:46:08.0618 0544 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:46:08.0649 0544 MSTEE - ok
10:46:08.0660 0544 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:46:08.0671 0544 MTConfig - ok
10:46:08.0681 0544 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
10:46:08.0691 0544 Mup - ok
10:46:08.0726 0544 [ D186D031B0832A5438EC1AC2C5D74E9D ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
10:46:08.0740 0544 mv2 - ok
10:46:08.0780 0544 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
10:46:08.0805 0544 napagent - ok
10:46:08.0834 0544 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:46:08.0849 0544 NativeWifiP - ok
10:46:08.0931 0544 [ 5836B9E91863A00EC1B8E785EFD86ECB ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
10:46:08.0951 0544 NBService - ok
10:46:08.0992 0544 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:46:09.0011 0544 NDIS - ok
10:46:09.0026 0544 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:46:09.0048 0544 NdisCap - ok
10:46:09.0061 0544 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:46:09.0083 0544 NdisTapi - ok
10:46:09.0111 0544 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:46:09.0132 0544 Ndisuio - ok
10:46:09.0146 0544 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:46:09.0171 0544 NdisWan - ok
10:46:09.0204 0544 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:46:09.0225 0544 NDProxy - ok
10:46:09.0245 0544 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:46:09.0267 0544 NetBIOS - ok
10:46:09.0299 0544 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:46:09.0320 0544 NetBT - ok
10:46:09.0330 0544 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
10:46:09.0341 0544 Netlogon - ok
10:46:09.0368 0544 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
10:46:09.0394 0544 Netman - ok
10:46:09.0406 0544 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
10:46:09.0433 0544 netprofm - ok
10:46:09.0448 0544 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:46:09.0457 0544 NetTcpPortSharing - ok
10:46:09.0480 0544 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:46:09.0490 0544 nfrd960 - ok
10:46:09.0517 0544 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:46:09.0541 0544 NlaSvc - ok
10:46:09.0616 0544 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
10:46:09.0637 0544 NMIndexingService - ok
10:46:09.0652 0544 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:46:09.0676 0544 Npfs - ok
10:46:09.0693 0544 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
10:46:09.0717 0544 nsi - ok
10:46:09.0724 0544 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:46:09.0746 0544 nsiproxy - ok
10:46:09.0805 0544 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:46:09.0830 0544 Ntfs - ok
10:46:09.0861 0544 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
10:46:09.0883 0544 Null - ok
10:46:09.0897 0544 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:46:09.0908 0544 nvraid - ok
10:46:09.0954 0544 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:46:09.0965 0544 nvstor - ok
10:46:09.0989 0544 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:46:10.0001 0544 nv_agp - ok
10:46:10.0029 0544 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:46:10.0039 0544 ohci1394 - ok
10:46:10.0097 0544 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:46:10.0114 0544 ose - ok
10:46:10.0206 0544 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:46:10.0278 0544 osppsvc - ok
10:46:10.0308 0544 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:46:10.0328 0544 p2pimsvc - ok
10:46:10.0347 0544 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
10:46:10.0361 0544 p2psvc - ok
10:46:10.0386 0544 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:46:10.0396 0544 Parport - ok
10:46:10.0427 0544 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:46:10.0437 0544 partmgr - ok
10:46:10.0450 0544 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
10:46:10.0461 0544 Parvdm - ok
10:46:10.0478 0544 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:46:10.0494 0544 PcaSvc - ok
10:46:10.0534 0544 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
10:46:10.0545 0544 pci - ok
10:46:10.0561 0544 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
10:46:10.0571 0544 pciide - ok
10:46:10.0598 0544 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:46:10.0609 0544 pcmcia - ok
10:46:10.0622 0544 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
10:46:10.0632 0544 pcw - ok
10:46:10.0653 0544 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:46:10.0681 0544 PEAUTH - ok
10:46:10.0718 0544 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:46:10.0740 0544 PeerDistSvc - ok
10:46:10.0809 0544 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
10:46:10.0854 0544 pla - ok
10:46:10.0896 0544 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:46:10.0910 0544 PlugPlay - ok
10:46:10.0928 0544 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:46:10.0939 0544 PNRPAutoReg - ok
10:46:10.0950 0544 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:46:10.0964 0544 PNRPsvc - ok
10:46:10.0999 0544 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:46:11.0023 0544 PolicyAgent - ok
10:46:11.0038 0544 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
10:46:11.0062 0544 Power - ok
10:46:11.0088 0544 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:46:11.0111 0544 PptpMiniport - ok
10:46:11.0125 0544 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:46:11.0136 0544 Processor - ok
10:46:11.0167 0544 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
10:46:11.0179 0544 ProfSvc - ok
10:46:11.0186 0544 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:46:11.0200 0544 ProtectedStorage - ok
10:46:11.0227 0544 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:46:11.0249 0544 Psched - ok
10:46:11.0287 0544 [ E0D0CB09AA07B22BE984E4F7EC0326F5 ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
10:46:11.0295 0544 PSI_SVC_2 - ok
10:46:11.0357 0544 [ 27E26A7DBC17860630CE5065019C348F ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
10:46:11.0364 0544 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
10:46:11.0364 0544 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
10:46:11.0403 0544 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
10:46:11.0410 0544 QBFCService ( UnsignedFile.Multi.Generic ) - warning
10:46:11.0410 0544 QBFCService - detected UnsignedFile.Multi.Generic (1)
10:46:11.0476 0544 [ 9E5E9AF398D1AE13B67B623D5C695BA9 ] QBVSS C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
10:46:11.0499 0544 QBVSS ( UnsignedFile.Multi.Generic ) - warning
10:46:11.0499 0544 QBVSS - detected UnsignedFile.Multi.Generic (1)
10:46:11.0545 0544 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:46:11.0573 0544 ql2300 - ok
10:46:11.0592 0544 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:46:11.0602 0544 ql40xx - ok
10:46:11.0653 0544 QuickBooksDB21 - ok
10:46:11.0689 0544 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
10:46:11.0708 0544 QWAVE - ok
10:46:11.0722 0544 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:46:11.0735 0544 QWAVEdrv - ok
10:46:11.0759 0544 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:46:11.0780 0544 RasAcd - ok
10:46:11.0791 0544 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:46:11.0812 0544 RasAgileVpn - ok
10:46:11.0840 0544 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
10:46:11.0864 0544 RasAuto - ok
10:46:11.0877 0544 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:46:11.0900 0544 Rasl2tp - ok
10:46:11.0929 0544 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
10:46:11.0953 0544 RasMan - ok
10:46:11.0970 0544 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:46:11.0993 0544 RasPppoe - ok
10:46:12.0018 0544 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:46:12.0039 0544 RasSstp - ok
10:46:12.0071 0544 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:46:12.0095 0544 rdbss - ok
10:46:12.0105 0544 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:46:12.0117 0544 rdpbus - ok
10:46:12.0147 0544 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:46:12.0167 0544 RDPCDD - ok
10:46:12.0184 0544 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:46:12.0195 0544 RDPDR - ok
10:46:12.0211 0544 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:46:12.0238 0544 RDPENCDD - ok
10:46:12.0251 0544 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:46:12.0272 0544 RDPREFMP - ok
10:46:12.0303 0544 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:46:12.0315 0544 RDPWD - ok
10:46:12.0341 0544 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:46:12.0353 0544 rdyboost - ok
10:46:12.0376 0544 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
10:46:12.0398 0544 RemoteAccess - ok
10:46:12.0460 0544 [ 78EB5E175DE3FC626F58CC942A13963C ] remotepc C:\Program Files\Remote Access Host\RemotePCM.exe
10:46:12.0475 0544 remotepc - ok
10:46:12.0503 0544 [ F7D538958C7EE6CC8DB6E637E23AB379 ] RemotePCmirror C:\Windows\system32\DRIVERS\RemotePCmirror.sys
10:46:12.0511 0544 RemotePCmirror - ok
10:46:12.0532 0544 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:46:12.0556 0544 RemoteRegistry - ok
10:46:12.0643 0544 [ 06A49B7BDC36CFBF97DD90804F833369 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
10:46:12.0665 0544 RichVideo - ok
10:46:12.0691 0544 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:46:12.0714 0544 RpcEptMapper - ok
10:46:12.0739 0544 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
10:46:12.0750 0544 RpcLocator - ok
10:46:12.0784 0544 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
10:46:12.0810 0544 RpcSs - ok
10:46:12.0848 0544 [ A95840A95A9FF74B0009E5D848CDDB39 ] RsFx0150 C:\Windows\system32\DRIVERS\RsFx0150.sys
10:46:12.0858 0544 RsFx0150 - ok
10:46:12.0895 0544 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:46:12.0933 0544 rspndr - ok
10:46:12.0955 0544 [ 3983CEA05BB855351D75F5482B6C42CE ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
10:46:12.0975 0544 RTL8167 - ok
10:46:13.0010 0544 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:46:13.0024 0544 s3cap - ok
10:46:13.0051 0544 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
10:46:13.0075 0544 SamSs - ok
10:46:13.0174 0544 [ 18530D2F605F1EC48CA20A7B184CCBCC ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
10:46:13.0229 0544 SBAMSvc - ok
10:46:13.0252 0544 [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
10:46:13.0261 0544 sbapifs - ok
10:46:13.0302 0544 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:46:13.0313 0544 sbp2port - ok
10:46:13.0325 0544 [ 2815772894855506E94008CC0E602738 ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
10:46:13.0334 0544 SBPIMSvc - ok
10:46:13.0371 0544 [ D03A8CCA8BFA82CBF12A87326EBFE258 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
10:46:13.0380 0544 SBRE - ok
10:46:13.0399 0544 [ BD148DAE125EF15D6451FEF514E8D15B ] sbwtis C:\Windows\system32\DRIVERS\sbwtis.sys
10:46:13.0408 0544 sbwtis - ok
10:46:13.0432 0544 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:46:13.0455 0544 SCardSvr - ok
10:46:13.0464 0544 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:46:13.0484 0544 scfilter - ok
10:46:13.0533 0544 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
10:46:13.0573 0544 Schedule - ok
10:46:13.0607 0544 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:46:13.0628 0544 SCPolicySvc - ok
10:46:13.0644 0544 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:46:13.0656 0544 SDRSVC - ok
10:46:13.0680 0544 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:46:13.0702 0544 secdrv - ok
10:46:13.0716 0544 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
10:46:13.0740 0544 seclogon - ok
10:46:13.0755 0544 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
10:46:13.0779 0544 SENS - ok
10:46:13.0807 0544 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:46:13.0818 0544 SensrSvc - ok
10:46:13.0827 0544 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:46:13.0837 0544 Serenum - ok
10:46:13.0850 0544 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:46:13.0861 0544 Serial - ok
10:46:13.0896 0544 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:46:13.0906 0544 sermouse - ok
10:46:13.0950 0544 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
10:46:13.0974 0544 SessionEnv - ok
10:46:14.0022 0544 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:46:14.0032 0544 sffdisk - ok
10:46:14.0042 0544 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:46:14.0052 0544 sffp_mmc - ok
10:46:14.0065 0544 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:46:14.0077 0544 sffp_sd - ok
10:46:14.0108 0544 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:46:14.0118 0544 sfloppy - ok
10:46:14.0149 0544 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:46:14.0174 0544 SharedAccess - ok
10:46:14.0187 0544 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:46:14.0212 0544 ShellHWDetection - ok
10:46:14.0253 0544 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:46:14.0265 0544 sisagp - ok
10:46:14.0292 0544 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:46:14.0303 0544 SiSRaid2 - ok
10:46:14.0312 0544 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:46:14.0322 0544 SiSRaid4 - ok
10:46:14.0336 0544 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:46:14.0359 0544 Smb - ok
10:46:14.0388 0544 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:46:14.0400 0544 SNMPTRAP - ok
10:46:14.0412 0544 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
10:46:14.0421 0544 spldr - ok
10:46:14.0455 0544 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
10:46:14.0470 0544 Spooler - ok
10:46:14.0543 0544 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
10:46:14.0596 0544 sppsvc - ok
10:46:14.0627 0544 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:46:14.0649 0544 sppuinotify - ok
10:46:14.0691 0544 [ 37761F6BE2EBAED72CC0D43BD4C8C2A6 ] SQLAgent$ACT7 C:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE
10:46:14.0703 0544 SQLAgent$ACT7 - ok
10:46:14.0772 0544 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:46:14.0790 0544 SQLBrowser - ok
10:46:14.0815 0544 [ 8E6E5CFA06769A417B03FD6FAA29E010 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:46:14.0823 0544 SQLWriter - ok
10:46:14.0856 0544 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:46:14.0868 0544 srv - ok
10:46:14.0884 0544 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:46:14.0896 0544 srv2 - ok
10:46:14.0912 0544 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:46:14.0923 0544 srvnet - ok
10:46:14.0945 0544 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:46:14.0970 0544 SSDPSRV - ok
10:46:14.0978 0544 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:46:15.0003 0544 SstpSvc - ok
10:46:15.0024 0544 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:46:15.0034 0544 stexstor - ok
10:46:15.0069 0544 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
10:46:15.0081 0544 StillCam - ok
10:46:15.0126 0544 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
10:46:15.0145 0544 StiSvc - ok
10:46:15.0158 0544 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:46:15.0168 0544 storflt - ok
10:46:15.0190 0544 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
10:46:15.0201 0544 StorSvc - ok
10:46:15.0240 0544 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:46:15.0261 0544 storvsc - ok
10:46:15.0320 0544 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
10:46:15.0329 0544 swenum - ok
10:46:15.0357 0544 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
10:46:15.0384 0544 swprv - ok
10:46:15.0425 0544 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
10:46:15.0450 0544 SysMain - ok
10:46:15.0486 0544 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:46:15.0501 0544 TabletInputService - ok
10:46:15.0516 0544 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
10:46:15.0541 0544 TapiSrv - ok
10:46:15.0561 0544 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
10:46:15.0585 0544 TBS - ok
10:46:15.0645 0544 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:46:15.0671 0544 Tcpip - ok
10:46:15.0704 0544 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:46:15.0730 0544 TCPIP6 - ok
10:46:15.0769 0544 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:46:15.0789 0544 tcpipreg - ok
10:46:15.0820 0544 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:46:15.0829 0544 TDPIPE - ok
10:46:15.0839 0544 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:46:15.0851 0544 TDTCP - ok
10:46:15.0882 0544 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:46:15.0903 0544 tdx - ok
10:46:15.0944 0544 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:46:15.0954 0544 TermDD - ok
10:46:15.0994 0544 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
10:46:16.0021 0544 TermService - ok
10:46:16.0042 0544 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
10:46:16.0056 0544 Themes - ok
10:46:16.0072 0544 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
10:46:16.0095 0544 THREADORDER - ok
10:46:16.0111 0544 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
10:46:16.0135 0544 TrkWks - ok
10:46:16.0181 0544 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:46:16.0203 0544 TrustedInstaller - ok
10:46:16.0220 0544 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:46:16.0241 0544 tssecsrv - ok
10:46:16.0284 0544 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:46:16.0306 0544 TsUsbFlt - ok
10:46:16.0338 0544 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:46:16.0360 0544 tunnel - ok
10:46:16.0382 0544 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:46:16.0392 0544 uagp35 - ok
10:46:16.0405 0544 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:46:16.0428 0544 udfs - ok
10:46:16.0454 0544 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:46:16.0467 0544 UI0Detect - ok
10:46:16.0510 0544 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:46:16.0520 0544 uliagpkx - ok
10:46:16.0535 0544 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
10:46:16.0545 0544 umbus - ok
10:46:16.0571 0544 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:46:16.0582 0544 UmPass - ok
10:46:16.0614 0544 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
10:46:16.0627 0544 UmRdpService - ok
10:46:16.0651 0544 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
10:46:16.0677 0544 upnphost - ok
10:46:16.0718 0544 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:46:16.0729 0544 usbccgp - ok
10:46:16.0761 0544 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:46:16.0782 0544 usbcir - ok
10:46:16.0804 0544 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:46:16.0814 0544 usbehci - ok
10:46:16.0832 0544 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:46:16.0844 0544 usbhub - ok
10:46:16.0864 0544 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:46:16.0874 0544 usbohci - ok
10:46:16.0892 0544 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:46:16.0904 0544 usbprint - ok
10:46:16.0919 0544 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:46:16.0930 0544 USBSTOR - ok
10:46:16.0978 0544 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:46:16.0998 0544 usbuhci - ok
10:46:17.0029 0544 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
10:46:17.0051 0544 UxSms - ok
10:46:17.0063 0544 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
10:46:17.0074 0544 VaultSvc - ok
10:46:17.0089 0544 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:46:17.0099 0544 vdrvroot - ok
10:46:17.0140 0544 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
10:46:17.0166 0544 vds - ok
10:46:17.0186 0544 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:46:17.0198 0544 vga - ok
10:46:17.0213 0544 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:46:17.0235 0544 VgaSave - ok
10:46:17.0264 0544 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:46:17.0275 0544 vhdmp - ok
10:46:17.0306 0544 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:46:17.0317 0544 viaagp - ok
10:46:17.0338 0544 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
10:46:17.0350 0544 ViaC7 - ok
10:46:17.0378 0544 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
10:46:17.0388 0544 viaide - ok
10:46:17.0412 0544 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:46:17.0424 0544 vmbus - ok
10:46:17.0446 0544 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:46:17.0455 0544 VMBusHID - ok
10:46:17.0470 0544 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:46:17.0480 0544 volmgr - ok
10:46:17.0508 0544 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:46:17.0522 0544 volmgrx - ok
10:46:17.0542 0544 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:46:17.0554 0544 volsnap - ok
10:46:17.0573 0544 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:46:17.0584 0544 vsmraid - ok
10:46:17.0620 0544 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
10:46:17.0653 0544 VSS - ok
10:46:17.0677 0544 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:46:17.0689 0544 vwifibus - ok
10:46:17.0720 0544 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
10:46:17.0747 0544 W32Time - ok
10:46:17.0776 0544 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:46:17.0786 0544 WacomPen - ok
10:46:17.0814 0544 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:46:17.0834 0544 WANARP - ok
10:46:17.0838 0544 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:46:17.0860 0544 Wanarpv6 - ok
10:46:17.0906 0544 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:46:17.0934 0544 WatAdminSvc - ok
10:46:17.0974 0544 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
10:46:17.0997 0544 wbengine - ok
10:46:18.0018 0544 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:46:18.0033 0544 WbioSrvc - ok
10:46:18.0065 0544 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:46:18.0081 0544 wcncsvc - ok
10:46:18.0090 0544 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:46:18.0103 0544 WcsPlugInService - ok
10:46:18.0126 0544 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:46:18.0137 0544 Wd - ok
10:46:18.0231 0544 [ D634CFE93E0CD001499D0D6D68890C9E ] WDBackup C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
10:46:18.0271 0544 WDBackup - ok
10:46:18.0295 0544 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
10:46:18.0302 0544 WDC_SAM - ok
10:46:18.0335 0544 [ 2277CD5B13B18B6DF5F80E8A84254EA7 ] WDDriveService C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
10:46:18.0347 0544 WDDriveService - ok
10:46:18.0367 0544 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:46:18.0384 0544 Wdf01000 - ok
10:46:18.0402 0544 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:46:18.0417 0544 WdiServiceHost - ok
10:46:18.0421 0544 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:46:18.0436 0544 WdiSystemHost - ok
10:46:18.0466 0544 [ A578AE45097ACAD346C86C96F1C0D5A7 ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
10:46:18.0489 0544 WDRulesService - ok
10:46:18.0524 0544 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
10:46:18.0540 0544 WebClient - ok
10:46:18.0558 0544 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:46:18.0583 0544 Wecsvc - ok
10:46:18.0599 0544 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:46:18.0622 0544 wercplsupport - ok
10:46:18.0638 0544 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
10:46:18.0662 0544 WerSvc - ok
10:46:18.0672 0544 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:46:18.0694 0544 WfpLwf - ok
10:46:18.0718 0544 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:46:18.0728 0544 WIMMount - ok
10:46:18.0773 0544 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:46:18.0791 0544 WinDefend - ok
10:46:18.0797 0544 WinHttpAutoProxySvc - ok
10:46:18.0843 0544 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:46:18.0876 0544 Winmgmt - ok
10:46:18.0923 0544 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
10:46:18.0958 0544 WinRM - ok
10:46:18.0995 0544 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:46:19.0007 0544 WinUsb - ok
10:46:19.0044 0544 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:46:19.0066 0544 Wlansvc - ok
10:46:19.0104 0544 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:46:19.0124 0544 WmiAcpi - ok
10:46:19.0155 0544 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:46:19.0166 0544 wmiApSrv - ok
10:46:19.0237 0544 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:46:19.0267 0544 WMPNetworkSvc - ok
10:46:19.0286 0544 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:46:19.0298 0544 WPCSvc - ok
10:46:19.0329 0544 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:46:19.0342 0544 WPDBusEnum - ok
10:46:19.0367 0544 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:46:19.0393 0544 ws2ifsl - ok
10:46:19.0402 0544 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
10:46:19.0419 0544 wscsvc - ok
10:46:19.0424 0544 WSearch - ok
10:46:19.0486 0544 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
10:46:19.0522 0544 wuauserv - ok
10:46:19.0560 0544 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:46:19.0580 0544 WudfPf - ok
10:46:19.0594 0544 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:46:19.0615 0544 WUDFRd - ok
10:46:19.0627 0544 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:46:19.0651 0544 wudfsvc - ok
10:46:19.0669 0544 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:46:19.0685 0544 WwanSvc - ok
10:46:19.0692 0544 ================ Scan global ===============================
10:46:19.0717 0544 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
10:46:19.0746 0544 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
10:46:19.0753 0544 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
10:46:19.0774 0544 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
10:46:19.0802 0544 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
10:46:19.0805 0544 [Global] - ok
10:46:19.0806 0544 ================ Scan MBR ==================================
10:46:19.0817 0544 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:46:20.0011 0544 \Device\Harddisk0\DR0 - ok
10:46:20.0012 0544 ================ Scan VBR ==================================
10:46:20.0015 0544 [ F774C09EC1A3C0B9EC9135F70ECC99AA ] \Device\Harddisk0\DR0\Partition1
10:46:20.0016 0544 \Device\Harddisk0\DR0\Partition1 - ok
10:46:20.0050 0544 [ 16423BCDAB2198201F5043333384F722 ] \Device\Harddisk0\DR0\Partition2
10:46:20.0051 0544 \Device\Harddisk0\DR0\Partition2 - ok
10:46:20.0052 0544 ============================================================
10:46:20.0052 0544 Scan finished
10:46:20.0052 0544 ============================================================
10:46:20.0062 4420 Detected object count: 3
10:46:20.0062 4420 Actual detected object count: 3
10:46:27.0430 4420 C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe - copied to quarantine
10:46:27.0431 4420 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:46:27.0458 4420 C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe - copied to quarantine
10:46:27.0459 4420 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:46:27.0529 4420 C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe - copied to quarantine
10:46:27.0531 4420 QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

#11 bradyd3

bradyd3
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:27 PM

Posted 30 October 2012 - 11:00 AM

So i just posted the tdsskiller logs for you. I re-scanned, then deleted the 3 issues. It asked for a re-boot, so i did. Then my computer comes back on, along with the pop-up of vipre. I run a tdsskiller scan again and it says that there are no issues. Is it possible that the virus is hidden in vipre and its not being picked up somehow? I know 100% that vipre is on auto-update, and when i clicked on the pop-up one time i got re-directed. I also cut vipre off and the pop-up still comes up?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 30 October 2012 - 02:19 PM

I have no idea why you ran TDSSkiller once again and deleted legitimate files.

I do not want you to disable VIPRE.Uninstall and reinstall VIPRE.Are you still getting the pop up?

#13 bradyd3

bradyd3
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:27 PM

Posted 30 October 2012 - 03:00 PM

I cannot un-install vipre without losing it completely. When i try going to control panel, programs, un-install, it says that it will no longer be available for use if i un-install it. Should i do it anyway and get a different anti-virus? And yes, i am still getting the pop-up.

Thanks

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 30 October 2012 - 03:42 PM

Uninstall it and go for microsoft security essentials

http://windows.microsoft.com/en-US/windows/security-essentials-download




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users