Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows host process (Rundll32.exe) has stopped working


  • This topic is locked This topic is locked
9 replies to this topic

#1 Jai Reh

Jai Reh

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 05 November 2012 - 08:23 AM

hi

this week ive got a weird error concerning about "rundll32.exe" and i have looked for solutions online but i cant find the correct one..
everytime i open google chrome or ie it keeps popping up "google chrome has stopped working" then after a few tries it will open, and some programs i cant open too like games etc, and some of those at the control panel (sound, security center).. i have Windows Vista SP1 and have it fully updated today but still have this problem... any help will be appreciated, thanks in advance guys!

Here are the logs:

DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 7.0.6001.18000
Run by user at 21:10:46 on 2012-11-05
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3066.1325 [GMT 8:00]
.
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Fingerprint Sensor\AtService.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\YouSendIt\Express\YouSendIt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Users\user\AppData\Local\Temp\kqpsuw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Users\user\Desktop\gmer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://search.gboxapp.com/
uProxyServer = 219.130.39.9:3128
uProxyOverride = local
mSearchAssistant = ${SEARCH_URL_IE7}
uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
uURLSearchHooks: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
mURLSearchHooks: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
BHO: HP Print Clips: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
TB: NCH EN Toolbar: {37483B40-C254-4A72-BDA4-22EE90182C1E} - c:\program files\nch_en\prxtbNCH_.dll
TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
uRun: [YouSendIt.exe] c:\program files\yousendit\express\YouSendIt.exe -ui none
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Optimizer Pro] c:\program files\optimizer pro\OptProLauncher.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\1.0"
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoca~1.lnk - c:\program files\common files\autodesk shared\acstart17.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
TCP: NameServer = 124.106.5.2 124.106.7.2
TCP: Interfaces\{A187CAF6-9BAA-4310-9FD2-0B1C1B39B43B} : DHCPNameServer = 124.106.5.2 124.106.7.2
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_f091b975\AEstSrv.exe [2010-10-22 73728]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-7-4 217088]
R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-5-6 1168632]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2012-7-4 10070016]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2012-7-4 290304]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2012-2-23 83984]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2008-5-6 475136]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-28 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 28624]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-10-22 29736]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2010-3-8 62496]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2008-1-30 203264]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2009-3-6 133632]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2009-3-8 280096]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-10 201712]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-10 201712]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"
.
=============== Created Last 30 ================
.
2012-11-05 12:00:27 -------- d-----w- c:\program files\AMD APP
2012-11-05 11:54:00 -------- d-----w- C:\AMD
2012-11-05 11:02:16 388096 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-11-05 11:02:14 -------- d-----w- c:\program files\Trend Micro
2012-11-05 10:10:18 -------- d-----w- c:\windows\pss
2012-11-05 09:52:56 -------- d-----w- c:\users\user\appdata\local\Deployment
2012-11-05 09:52:56 -------- d-----w- c:\users\user\appdata\local\Apps
2012-11-05 09:18:23 99044 ----a-w- C:\whiss.exe
2012-11-05 08:31:06 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-05 08:31:06 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-05 07:31:32 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE
2012-11-05 07:19:47 310784 ----a-w- c:\windows\system32\unregmp2.exe
2012-11-05 07:19:47 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2012-11-05 06:08:04 80896 ----a-w- c:\windows\system32\MSNP.ax
2012-11-05 06:08:04 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-11-05 06:08:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2012-11-05 06:08:00 217088 ----a-w- c:\windows\system32\psisrndr.ax
2012-11-05 05:59:37 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2012-11-05 05:54:56 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-11-05 05:54:56 49472 ----a-w- c:\windows\system32\netfxperf.dll
2012-11-05 05:54:56 297808 ----a-w- c:\windows\system32\mscoree.dll
2012-11-05 05:54:56 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2012-11-05 05:54:56 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-11-05 05:51:07 24064 ----a-w- c:\windows\system32\nshhttp.dll
2012-11-05 05:51:06 411136 ----a-w- c:\windows\system32\drivers\http.sys
2012-11-05 05:51:06 31232 ----a-w- c:\windows\system32\httpapi.dll
2012-11-05 05:45:31 160256 ----a-w- c:\windows\system32\wkssvc.dll
2012-11-05 05:45:28 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2012-11-05 05:45:28 94720 ----a-w- c:\windows\system32\logagent.exe
2012-11-05 05:45:18 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2012-11-05 05:45:17 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2012-11-05 05:44:56 104960 ----a-w- c:\windows\system32\netiohlp.dll
2012-11-05 05:44:55 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2012-11-05 05:44:55 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2012-11-05 05:44:55 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2012-11-05 05:44:55 19968 ----a-w- c:\windows\system32\ARP.EXE
2012-11-05 05:44:55 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2012-11-05 05:44:55 17920 ----a-w- c:\windows\system32\netevent.dll
2012-11-05 05:44:55 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2012-11-05 05:44:55 10240 ----a-w- c:\windows\system32\finger.exe
2012-11-05 05:42:31 2868224 ----a-w- c:\windows\system32\mf.dll
2012-11-05 05:42:29 954752 ----a-w- c:\windows\system32\mfc40.dll
2012-11-05 05:42:29 954288 ----a-w- c:\windows\system32\mfc40u.dll
2012-11-05 05:42:19 563200 ----a-w- c:\windows\system32\oleaut32.dll
2012-11-05 05:42:15 2042368 ----a-w- c:\windows\system32\win32k.sys
2012-11-05 05:42:10 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-11-05 05:42:10 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-11-05 05:42:07 376832 ----a-w- c:\windows\system32\winhttp.dll
2012-11-05 05:40:52 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2012-11-05 05:39:59 2927104 ----a-w- c:\windows\explorer.exe
2012-11-05 05:39:53 430080 ----a-w- c:\windows\system32\vbscript.dll
2012-11-05 05:39:44 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2012-11-05 05:39:44 38912 ----a-w- c:\windows\system32\xolehlp.dll
2012-11-05 05:39:36 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2012-11-05 05:39:18 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2012-11-05 05:39:10 171520 ----a-w- c:\windows\system32\wintrust.dll
2012-11-05 05:38:57 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-11-05 05:38:57 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2012-11-05 05:38:41 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2012-11-05 05:38:34 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2012-11-05 05:38:05 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2012-11-05 05:36:57 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2012-11-05 05:36:57 1136640 ----a-w- c:\windows\system32\mfc42.dll
2012-11-05 05:35:50 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2012-11-05 05:35:50 515584 ----a-w- c:\program files\windows mail\wab.exe
2012-11-05 05:35:50 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2012-11-05 05:34:40 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-11-05 05:34:28 513024 ----a-w- c:\windows\system32\wlansvc.dll
2012-11-05 05:34:28 302592 ----a-w- c:\windows\system32\wlansec.dll
2012-11-05 05:34:28 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2012-11-05 05:34:28 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2012-11-05 05:34:19 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-11-05 05:34:19 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-11-05 05:34:19 1205080 ----a-w- c:\windows\system32\ntdll.dll
2012-11-05 05:33:48 1257472 ----a-w- c:\windows\system32\msxml3.dll
2012-11-05 05:33:05 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-05 05:32:12 269312 ----a-w- c:\windows\system32\es.dll
2012-11-05 05:32:09 636928 ----a-w- c:\windows\system32\localspl.dll
2012-11-05 05:29:52 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2012-11-05 05:29:47 296960 ----a-w- c:\windows\system32\gdi32.dll
2012-11-05 05:29:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2012-11-05 05:29:38 7680 ----a-w- c:\windows\system32\spwmp.dll
2012-11-05 05:29:38 4096 ----a-w- c:\windows\system32\msdxm.ocx
2012-11-05 05:29:38 4096 ----a-w- c:\windows\system32\dxmasf.dll
2012-11-05 05:29:38 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2012-11-05 05:29:38 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2012-11-05 05:29:37 43520 ----a-w- c:\windows\system32\msdxm.tlb
2012-11-05 05:29:37 18432 ----a-w- c:\windows\system32\amcompat.tlb
2012-11-05 05:29:20 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2012-11-05 05:29:15 81920 ----a-w- c:\windows\system32\iccvid.dll
2012-11-05 05:28:31 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2012-11-05 05:28:30 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2012-11-05 05:26:56 36352 ----a-w- c:\windows\system32\rtutils.dll
2012-11-05 05:26:46 24064 ----a-w- c:\windows\system32\amxread.dll
2012-11-05 05:26:46 13824 ----a-w- c:\windows\system32\apilogen.dll
2012-11-05 05:26:32 29184 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2012-11-05 05:26:32 220160 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-11-05 05:26:32 181760 ----a-w- c:\windows\system32\fsquirt.exe
2012-11-05 05:24:19 276992 ----a-w- c:\windows\system32\schannel.dll
2012-11-05 05:23:45 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2012-11-05 05:23:44 511488 ----a-w- c:\windows\system32\RMActivate.exe
2012-11-05 05:23:43 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2012-11-05 05:23:43 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2012-11-05 05:23:42 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2012-11-05 05:23:42 472064 ----a-w- c:\windows\system32\secproc.dll
2012-11-05 05:23:41 329216 ----a-w- c:\windows\system32\msdrm.dll
2012-11-05 05:23:41 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2012-11-05 05:23:41 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2012-11-05 05:22:22 90112 ----a-w- c:\windows\system32\wshext.dll
2012-11-05 05:22:22 180224 ----a-w- c:\windows\system32\scrobj.dll
2012-11-05 05:22:22 172032 ----a-w- c:\windows\system32\scrrun.dll
2012-11-05 05:22:22 155648 ----a-w- c:\windows\system32\wscript.exe
2012-11-05 05:22:22 135168 ----a-w- c:\windows\system32\wshom.ocx
2012-11-05 05:22:22 135168 ----a-w- c:\windows\system32\cscript.exe
2012-11-05 05:22:14 49152 ----a-w- c:\windows\system32\csrsrv.dll
2012-11-05 05:22:14 375808 ----a-w- c:\windows\system32\winsrv.dll
2012-11-05 05:20:53 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2012-11-05 05:20:44 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2012-11-05 05:20:44 409600 ----a-w- c:\windows\system32\odbc32.dll
2012-11-05 05:20:43 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2012-11-05 05:20:43 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2012-11-05 05:20:43 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2012-11-05 05:20:43 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2012-11-05 05:19:11 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2012-11-05 05:19:11 15360 ----a-w- c:\windows\system32\pacerprf.dll
2012-11-05 05:19:04 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2012-11-05 05:18:56 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2012-11-05 05:18:56 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2012-11-05 05:18:56 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2012-11-05 05:18:36 67072 ----a-w- c:\windows\system32\asycfilt.dll
2012-11-05 05:18:31 71680 ----a-w- c:\windows\system32\atl.dll
2012-11-05 05:18:27 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2012-11-05 05:18:27 1315840 ----a-w- c:\windows\system32\ole32.dll
2012-11-05 05:18:23 126464 ----a-w- c:\windows\system32\spoolsv.exe
2012-11-05 05:18:06 157184 ----a-w- c:\windows\system32\t2embed.dll
2012-11-05 05:17:42 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2012-11-05 05:17:38 766464 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2012-11-05 05:15:59 866816 ----a-w- c:\windows\system32\wmpmde.dll
2012-11-05 05:15:56 62464 ----a-w- c:\windows\system32\l3codeca.acm
2012-11-05 05:14:54 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-11-05 05:14:37 603648 ----a-w- c:\windows\system32\schedsvc.dll
2012-11-05 05:14:37 357376 ----a-w- c:\windows\system32\taskschd.dll
2012-11-05 05:14:37 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2012-11-05 05:14:37 171520 ----a-w- c:\windows\system32\taskeng.exe
2012-11-05 05:14:36 270336 ----a-w- c:\windows\system32\taskcomp.dll
2012-11-05 05:13:50 443392 ----a-w- c:\windows\system32\win32spl.dll
2012-11-05 05:13:45 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-11-05 05:13:45 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2012-11-05 05:13:45 45056 ----a-w- c:\windows\system32\dataclen.dll
2012-11-05 05:13:45 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2012-11-05 05:13:44 36864 ----a-w- c:\windows\system32\cdd.dll
2012-11-05 05:13:41 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2012-11-05 04:39:42 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2012-11-05 04:00:24 -------- d-----w- c:\program files\CCleaner
2012-11-03 01:41:47 -------- d-----w- c:\program files\common files\Corel
2012-11-03 01:41:05 -------- d-----w- c:\program files\common files\Protexis
2012-11-03 01:35:26 -------- d-----w- c:\program files\Corel
2012-10-30 06:03:24 -------- d-----w- c:\programdata\PopCap Games
2012-10-25 02:38:46 -------- d-----w- c:\programdata\Protexis
2012-10-25 02:37:24 348256 ----a-w- c:\programdata\microsoft\vstahost\corelphotopaint\9.0\1033\ResourceCache.dll
2012-10-25 02:36:47 348256 ----a-w- c:\programdata\microsoft\vstahost\coreldraw\9.0\1033\ResourceCache.dll
2012-10-25 02:36:08 416 ----a-w- c:\programdata\microsoft\msdn\9.0\1033\ResourceCache.dll
2012-10-25 02:30:38 -------- d-----w- c:\programdata\Corel
2012-10-25 02:00:09 97800 ----a-w- c:\windows\system32\infocardapi.dll
2012-10-25 02:00:09 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2012-10-25 02:00:08 622080 ----a-w- c:\windows\system32\icardagt.exe
2012-10-25 02:00:08 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2012-10-25 02:00:08 11264 ----a-w- c:\windows\system32\icardres.dll
2012-10-25 02:00:06 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2012-10-25 01:54:20 158720 ----a-w- c:\windows\system32\mscorier.dll
2012-10-25 01:54:14 83968 ----a-w- c:\windows\system32\mscories.dll
2012-10-19 23:42:58 -------- d-----w- c:\program files\YTD Toolbar
.
==================== Find3M ====================
.
2012-09-29 11:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 21:11:12.47 ===============
2012-11-05 05:22:14 375808 ----a-w- c:\windows\system32\winsrv.dll
2012-11-05 05:20:53 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2012-11-05 05:20:44 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2012-11-05 05:20:44 409600 ----a-w- c:\windows\system32\odbc32.dll
2012-11-05 05:20:43 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2012-11-05 05:20:43 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2012-11-05 05:20:43 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2012-11-05 05:20:43 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2012-11-05 05:19:11 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2012-11-05 05:19:11 15360 ----a-w- c:\windows\system32\pacerprf.dll
2012-11-05 05:19:04 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2012-11-05 05:18:56 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2012-11-05 05:18:56 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2012-11-05 05:18:56 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2012-11-05 05:18:36 67072 ----a-w- c:\windows\system32\asycfilt.dll
2012-11-05 05:18:31 71680 ----a-w- c:\windows\system32\atl.dll
2012-11-05 05:18:27 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2012-11-05 05:18:27 1315840 ----a-w- c:\windows\system32\ole32.dll
2012-11-05 05:18:23 126464 ----a-w- c:\windows\system32\spoolsv.exe
2012-11-05 05:18:06 157184 ----a-w- c:\windows\system32\t2embed.dll
2012-11-05 05:17:42 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2012-11-05 05:17:38 766464 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2012-11-05 05:15:59 866816 ----a-w- c:\windows\system32\wmpmde.dll
2012-11-05 05:15:56 62464 ----a-w- c:\windows\system32\l3codeca.acm
2012-11-05 05:14:54 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-11-05 05:14:37 603648 ----a-w- c:\windows\system32\schedsvc.dll
2012-11-05 05:14:37 357376 ----a-w- c:\windows\system32\taskschd.dll
2012-11-05 05:14:37 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2012-11-05 05:14:37 171520 ----a-w- c:\windows\system32\taskeng.exe
2012-11-05 05:14:36 270336 ----a-w- c:\windows\system32\taskcomp.dll
2012-11-05 05:13:50 443392 ----a-w- c:\windows\system32\win32spl.dll
2012-11-05 05:13:45 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-11-05 05:13:45 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2012-11-05 05:13:45 45056 ----a-w- c:\windows\system32\dataclen.dll
2012-11-05 05:13:45 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2012-11-05 05:13:44 36864 ----a-w- c:\windows\system32\cdd.dll
2012-11-05 05:13:41 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2012-11-05 04:39:42 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2012-11-05 04:00:24 -------- d-----w- c:\program files\CCleaner
2012-11-03 01:41:47 -------- d-----w- c:\program files\common files\Corel
2012-11-03 01:41:05 -------- d-----w- c:\program files\common files\Protexis
2012-11-03 01:35:26 -------- d-----w- c:\program files\Corel
2012-10-30 06:03:24 -------- d-----w- c:\programdata\PopCap Games
2012-10-25 02:38:46 -------- d-----w- c:\programdata\Protexis
2012-10-25 02:37:24 348256 ----a-w- c:\programdata\microsoft\vstahost\corelphotopaint\9.0\1033\ResourceCache.dll
2012-10-25 02:36:47 348256 ----a-w- c:\programdata\microsoft\vstahost\coreldraw\9.0\1033\ResourceCache.dll
2012-10-25 02:36:08 416 ----a-w- c:\programdata\microsoft\msdn\9.0\1033\ResourceCache.dll
2012-10-25 02:30:38 -------- d-----w- c:\programdata\Corel
2012-10-25 02:00:09 97800 ----a-w- c:\windows\system32\infocardapi.dll
2012-10-25 02:00:09 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2012-10-25 02:00:08 622080 ----a-w- c:\windows\system32\icardagt.exe
2012-10-25 02:00:08 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2012-10-25 02:00:08 11264 ----a-w- c:\windows\system32\icardres.dll
2012-10-25 02:00:06 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2012-10-25 01:54:20 158720 ----a-w- c:\windows\system32\mscorier.dll
2012-10-25 01:54:14 83968 ----a-w- c:\windows\system32\mscories.dll
2012-10-19 23:42:58 -------- d-----w- c:\program files\YTD Toolbar
.
==================== Find3M ====================
.
2012-09-29 11:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 20:48:32.74 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:24 PM

Posted 06 November 2012 - 09:40 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please post the logs for my review.

#3 Jai Reh

Jai Reh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 09 November 2012 - 10:08 AM

hi nasdaq, thank you for replying! I really really appreciate your help!
and sorry for the late reply :D

This is the log from TDSSKILLER:
22:56:05.0994 3612 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:56:07.0096 3612 ============================================================
22:56:07.0096 3612 Current date / time: 2012/11/09 22:56:07.0096
22:56:07.0096 3612 SystemInfo:
22:56:07.0096 3612
22:56:07.0096 3612 OS Version: 6.0.6001 ServicePack: 1.0
22:56:07.0096 3612 Product type: Workstation
22:56:07.0097 3612 ComputerName: USER-PC
22:56:07.0097 3612 UserName: user
22:56:07.0097 3612 Windows directory: C:\Windows
22:56:07.0097 3612 System windows directory: C:\Windows
22:56:07.0097 3612 Processor architecture: Intel x86
22:56:07.0097 3612 Number of processors: 2
22:56:07.0097 3612 Page size: 0x1000
22:56:07.0097 3612 Boot type: Normal boot
22:56:07.0098 3612 ============================================================
22:56:08.0315 3612 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:56:08.0339 3612 ============================================================
22:56:08.0339 3612 \Device\Harddisk0\DR0:
22:56:08.0339 3612 MBR partitions:
22:56:08.0339 3612 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x47000, BlocksNum 0xAFC8000
22:56:08.0339 3612 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xB00F000, BlocksNum 0x1A41F000
22:56:08.0339 3612 ============================================================
22:56:08.0382 3612 C: <-> \Device\Harddisk0\DR0\Partition1
22:56:08.0533 3612 D: <-> \Device\Harddisk0\DR0\Partition2
22:56:08.0533 3612 ============================================================
22:56:08.0533 3612 Initialize success
22:56:08.0533 3612 ============================================================
22:56:13.0583 4572 ============================================================
22:56:13.0583 4572 Scan started
22:56:13.0583 4572 Mode: Manual;
22:56:13.0583 4572 ============================================================
22:56:14.0876 4572 ================ Scan system memory ========================
22:56:14.0876 4572 System memory - ok
22:56:14.0878 4572 ================ Scan services =============================
22:56:15.0292 4572 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
22:56:15.0295 4572 ACPI - ok
22:56:15.0350 4572 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:56:15.0358 4572 adp94xx - ok
22:56:15.0383 4572 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:56:15.0389 4572 adpahci - ok
22:56:15.0427 4572 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:56:15.0429 4572 adpu160m - ok
22:56:15.0455 4572 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:56:15.0458 4572 adpu320 - ok
22:56:15.0511 4572 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:56:15.0512 4572 AeLookupSvc - ok
22:56:16.0114 4572 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe
22:56:16.0116 4572 AESTFilters - ok
22:56:16.0292 4572 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
22:56:16.0294 4572 AFD - ok
22:56:16.0358 4572 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:56:16.0370 4572 agp440 - ok
22:56:16.0392 4572 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:56:16.0394 4572 aic78xx - ok
22:56:16.0424 4572 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:56:16.0425 4572 ALG - ok
22:56:16.0443 4572 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:56:16.0444 4572 aliide - ok
22:56:16.0500 4572 [ C4232FADFA9691B85DDA0A7B636C5F6D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:56:16.0503 4572 AMD External Events Utility - ok
22:56:16.0544 4572 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:56:16.0546 4572 amdagp - ok
22:56:16.0582 4572 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:56:16.0599 4572 amdide - ok
22:56:16.0622 4572 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:56:16.0623 4572 AmdK7 - ok
22:56:16.0638 4572 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:56:16.0653 4572 AmdK8 - ok
22:56:17.0222 4572 [ 10D681E635E81C253FC5DD1A5048B0E9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:56:17.0531 4572 amdkmdag - ok
22:56:17.0619 4572 [ 112A7F24C6535DBD2E90AEF34ECB57A4 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:56:17.0621 4572 amdkmdap - ok
22:56:17.0676 4572 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:56:17.0691 4572 Appinfo - ok
22:56:17.0721 4572 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:56:17.0725 4572 arc - ok
22:56:17.0781 4572 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:56:17.0800 4572 arcsas - ok
22:56:17.0821 4572 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:56:17.0842 4572 AsyncMac - ok
22:56:17.0865 4572 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
22:56:17.0866 4572 atapi - ok
22:56:17.0934 4572 [ 35290682DBDB9CEDE934B73369F3CEDE ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
22:56:17.0936 4572 AtiHDAudioService - ok
22:56:19.0257 4572 [ 10D681E635E81C253FC5DD1A5048B0E9 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:56:19.0308 4572 atikmdag - ok
22:56:19.0555 4572 [ C6C9834B33876C7F8B73BBE4674C41AF ] ATService C:\Program Files\Fingerprint Sensor\AtService.exe
22:56:19.0599 4572 ATService - ok
22:56:19.0651 4572 [ 30407FB218940AE61F1AA3821B69F567 ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
22:56:19.0656 4572 ATSwpWDF - ok
22:56:19.0729 4572 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:56:19.0735 4572 AudioEndpointBuilder - ok
22:56:19.0748 4572 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:56:19.0751 4572 Audiosrv - ok
22:56:19.0946 4572 [ 333CCC27BA5C7E7B8BBBADEC1AF18C6C ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
22:56:19.0963 4572 Autodesk Licensing Service - ok
22:56:20.0736 4572 [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
22:56:20.0989 4572 AVGIDSAgent - ok
22:56:21.0073 4572 [ 1C8D965BBCAA9EE5DEFDB54743437086 ] AVGIDSDriver C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
22:56:21.0074 4572 AVGIDSDriver - ok
22:56:21.0109 4572 [ C59C9BC3F0612BD207CCDC5D8CB9CE39 ] AVGIDSEH C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
22:56:21.0110 4572 AVGIDSEH - ok
22:56:21.0125 4572 [ C5559DE2EC66CEDE15A1664F6D183D8E ] AVGIDSFilter C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
22:56:21.0125 4572 AVGIDSFilter - ok
22:56:21.0140 4572 [ AE5E9667FA40206796D1BD5BD0427A8A ] AVGIDSShim C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
22:56:21.0140 4572 AVGIDSShim - ok
22:56:21.0176 4572 [ 4E796D3D2C3182B13B3E3B5A2AD4EF0A ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
22:56:21.0179 4572 Avgldx86 - ok
22:56:21.0224 4572 [ 5639DE66B37D02BD22DF4CF3155FBA60 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
22:56:21.0225 4572 Avgmfx86 - ok
22:56:21.0272 4572 [ D1BAF652EDA0AE70896276A1FB32C2D4 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
22:56:21.0273 4572 Avgrkx86 - ok
22:56:21.0285 4572 [ AAF0EBCAD95F2164CFFB544E00392498 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
22:56:21.0288 4572 Avgtdix - ok
22:56:21.0326 4572 [ 4244F9783D89A6E4697787CAA0F02550 ] avgwd C:\Program Files\AVG\AVG10\avgwdsvc.exe
22:56:21.0332 4572 avgwd - ok
22:56:21.0376 4572 [ 7BD70AEED0D975285A1B20BD012EBF4E ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
22:56:21.0377 4572 BCM42RLY - ok
22:56:21.0428 4572 [ FA6707A346CD122407F3B0BAD1C47639 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
22:56:21.0438 4572 BCM43XX - ok
22:56:21.0480 4572 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:56:21.0481 4572 Beep - ok
22:56:21.0536 4572 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
22:56:21.0544 4572 BFE - ok
22:56:21.0602 4572 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
22:56:21.0620 4572 BITS - ok
22:56:21.0649 4572 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:56:21.0657 4572 blbdrive - ok
22:56:21.0695 4572 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:56:21.0696 4572 bowser - ok
22:56:21.0759 4572 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:56:21.0776 4572 BrFiltLo - ok
22:56:21.0792 4572 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:56:21.0794 4572 BrFiltUp - ok
22:56:21.0824 4572 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:56:21.0826 4572 Browser - ok
22:56:21.0857 4572 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:56:21.0860 4572 Brserid - ok
22:56:21.0893 4572 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:56:21.0896 4572 BrSerWdm - ok
22:56:21.0929 4572 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:56:21.0930 4572 BrUsbMdm - ok
22:56:21.0951 4572 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:56:21.0953 4572 BrUsbSer - ok
22:56:22.0003 4572 [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
22:56:22.0004 4572 BthEnum - ok
22:56:22.0038 4572 [ 5FFA6988FF9597986FF2ADA736CC90C0 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:56:22.0039 4572 BTHMODEM - ok
22:56:22.0059 4572 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:56:22.0061 4572 BthPan - ok
22:56:22.0104 4572 [ 73D53F8E90550BA81E2CF44A0873B410 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
22:56:22.0108 4572 BTHPORT - ok
22:56:22.0136 4572 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
22:56:22.0137 4572 BthServ - ok
22:56:22.0152 4572 [ 32045A4BB143BBC5BAB1298C4E9E309A ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
22:56:22.0154 4572 BTHUSB - ok
22:56:22.0192 4572 [ 489727EA3DCEBA3BAC3215F94BFBCAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:56:22.0192 4572 btwaudio - ok
22:56:22.0214 4572 [ DEAD0E02E2EFDB03209C9237E93A619C ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
22:56:22.0215 4572 btwavdt - ok
22:56:22.0366 4572 [ F950152B6B0A0093B9A270D2FC89A78A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:56:22.0375 4572 btwdins - ok
22:56:22.0392 4572 [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:56:22.0392 4572 btwl2cap - ok
22:56:22.0414 4572 [ 280E088046DCAC249BB08505E296DB86 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:56:22.0415 4572 btwrchid - ok
22:56:22.0445 4572 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:56:22.0447 4572 cdfs - ok
22:56:22.0475 4572 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:56:22.0476 4572 cdrom - ok
22:56:22.0508 4572 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
22:56:22.0510 4572 CertPropSvc - ok
22:56:22.0531 4572 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:56:22.0532 4572 circlass - ok
22:56:22.0547 4572 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
22:56:22.0554 4572 CLFS - ok
22:56:22.0672 4572 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:56:22.0674 4572 clr_optimization_v2.0.50727_32 - ok
22:56:23.0256 4572 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:56:23.0263 4572 clr_optimization_v4.0.30319_32 - ok
22:56:23.0495 4572 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:56:23.0497 4572 CmBatt - ok
22:56:23.0552 4572 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:56:23.0557 4572 cmdide - ok
22:56:23.0621 4572 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:56:23.0622 4572 Compbatt - ok
22:56:23.0628 4572 COMSysApp - ok
22:56:23.0678 4572 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:56:23.0679 4572 crcdisk - ok
22:56:23.0705 4572 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:56:23.0706 4572 Crusoe - ok
22:56:23.0736 4572 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:56:23.0739 4572 CryptSvc - ok
22:56:23.0905 4572 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:56:23.0909 4572 DcomLaunch - ok
22:56:23.0974 4572 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:56:23.0975 4572 DfsC - ok
22:56:24.0099 4572 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
22:56:24.0154 4572 DFSR - ok
22:56:24.0274 4572 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:56:24.0278 4572 Dhcp - ok
22:56:24.0326 4572 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
22:56:24.0334 4572 disk - ok
22:56:24.0371 4572 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:56:24.0373 4572 Dnscache - ok
22:56:24.0389 4572 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
22:56:24.0394 4572 dot3svc - ok
22:56:24.0430 4572 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:56:24.0433 4572 DPS - ok
22:56:24.0466 4572 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:56:24.0466 4572 drmkaud - ok
22:56:24.0546 4572 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:56:24.0550 4572 DXGKrnl - ok
22:56:24.0609 4572 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:56:24.0611 4572 E1G60 - ok
22:56:24.0781 4572 EagleNT - ok
22:56:24.0817 4572 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:56:24.0819 4572 EapHost - ok
22:56:24.0865 4572 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:56:24.0868 4572 Ecache - ok
22:56:24.0933 4572 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:56:24.0940 4572 ehRecvr - ok
22:56:24.0975 4572 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
22:56:24.0979 4572 ehSched - ok
22:56:25.0016 4572 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
22:56:25.0027 4572 ehstart - ok
22:56:25.0115 4572 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:56:25.0122 4572 elxstor - ok
22:56:25.0182 4572 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:56:25.0185 4572 EMDMgmt - ok
22:56:25.0209 4572 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:56:25.0210 4572 ErrDev - ok
22:56:25.0265 4572 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
22:56:25.0267 4572 EventSystem - ok
22:56:25.0317 4572 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
22:56:25.0321 4572 exfat - ok
22:56:25.0352 4572 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:56:25.0356 4572 fastfat - ok
22:56:25.0396 4572 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:56:25.0397 4572 fdc - ok
22:56:25.0423 4572 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:56:25.0424 4572 fdPHost - ok
22:56:25.0446 4572 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:56:25.0448 4572 FDResPub - ok
22:56:25.0460 4572 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:56:25.0461 4572 FileInfo - ok
22:56:25.0475 4572 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:56:25.0476 4572 Filetrace - ok
22:56:25.0497 4572 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:56:25.0498 4572 flpydisk - ok
22:56:25.0520 4572 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:56:25.0524 4572 FltMgr - ok
22:56:25.0621 4572 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:56:25.0621 4572 FontCache3.0.0.0 - ok
22:56:25.0655 4572 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:56:25.0657 4572 Fs_Rec - ok
22:56:25.0684 4572 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:56:25.0686 4572 gagp30kx - ok
22:56:25.0770 4572 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
22:56:25.0771 4572 giveio - ok
22:56:25.0814 4572 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
22:56:25.0825 4572 gpsvc - ok
22:56:25.0910 4572 [ 10A28285FB7DF89149FF1302113BB3DB ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:56:25.0914 4572 gupdate - ok
22:56:25.0974 4572 [ 10A28285FB7DF89149FF1302113BB3DB ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:56:25.0975 4572 gupdatem - ok
22:56:26.0027 4572 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:56:26.0032 4572 HdAudAddService - ok
22:56:26.0081 4572 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:56:26.0082 4572 HDAudBus - ok
22:56:26.0101 4572 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:56:26.0103 4572 HidBth - ok
22:56:26.0129 4572 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:56:26.0130 4572 HidIr - ok
22:56:26.0157 4572 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
22:56:26.0159 4572 hidserv - ok
22:56:26.0176 4572 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:56:26.0177 4572 HidUsb - ok
22:56:26.0195 4572 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:56:26.0197 4572 hkmsvc - ok
22:56:26.0227 4572 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:56:26.0228 4572 HpCISSs - ok
22:56:26.0268 4572 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:56:26.0271 4572 HTTP - ok
22:56:26.0292 4572 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:56:26.0293 4572 i2omp - ok
22:56:26.0334 4572 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:56:26.0336 4572 i8042prt - ok
22:56:26.0358 4572 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:56:26.0363 4572 iaStorV - ok
22:56:26.0491 4572 [ F4220DFFBE2504694480C02EA0DFDE8B ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:56:26.0495 4572 IDriverT - ok
22:56:26.0587 4572 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:56:26.0597 4572 idsvc - ok
22:56:26.0644 4572 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:56:26.0646 4572 iirsp - ok
22:56:26.0738 4572 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
22:56:26.0748 4572 IKEEXT - ok
22:56:26.0970 4572 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:56:26.0972 4572 intelide - ok
22:56:27.0074 4572 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:56:27.0075 4572 intelppm - ok
22:56:27.0169 4572 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:56:27.0239 4572 IPBusEnum - ok
22:56:27.0287 4572 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:56:27.0288 4572 IpFilterDriver - ok
22:56:27.0463 4572 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:56:27.0466 4572 iphlpsvc - ok
22:56:27.0474 4572 IpInIp - ok
22:56:27.0535 4572 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:56:27.0537 4572 IPMIDRV - ok
22:56:27.0607 4572 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:56:27.0618 4572 IPNAT - ok
22:56:27.0669 4572 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:56:27.0670 4572 IRENUM - ok
22:56:27.0733 4572 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:56:27.0749 4572 isapnp - ok
22:56:27.0782 4572 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:56:27.0784 4572 iScsiPrt - ok
22:56:27.0819 4572 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:56:27.0820 4572 iteatapi - ok
22:56:27.0853 4572 [ 20425664E2E196D339CA877E0387C023 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
22:56:27.0854 4572 itecir - ok
22:56:27.0895 4572 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:56:27.0910 4572 iteraid - ok
22:56:27.0953 4572 [ A67E8CFCAD7D4F8B35643D6C79BA64C3 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
22:56:27.0958 4572 k57nd60x - ok
22:56:27.0993 4572 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:56:27.0994 4572 kbdclass - ok
22:56:28.0012 4572 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:56:28.0013 4572 kbdhid - ok
22:56:28.0039 4572 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
22:56:28.0042 4572 KeyIso - ok
22:56:28.0075 4572 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:56:28.0078 4572 KSecDD - ok
22:56:28.0114 4572 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:56:28.0124 4572 KtmRm - ok
22:56:28.0160 4572 [ 05CE901A4472B3FBF9407C94AD1DB693 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:56:28.0164 4572 LanmanServer - ok
22:56:28.0245 4572 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:56:28.0248 4572 LanmanWorkstation - ok
22:56:28.0285 4572 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:56:28.0287 4572 lltdio - ok
22:56:28.0328 4572 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:56:28.0332 4572 lltdsvc - ok
22:56:28.0361 4572 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:56:28.0374 4572 lmhosts - ok
22:56:28.0393 4572 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:56:28.0395 4572 LSI_FC - ok
22:56:28.0416 4572 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:56:28.0419 4572 LSI_SAS - ok
22:56:28.0468 4572 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:56:28.0471 4572 LSI_SCSI - ok
22:56:28.0512 4572 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:56:28.0514 4572 luafv - ok
22:56:28.0544 4572 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:56:28.0547 4572 Mcx2Svc - ok
22:56:28.0594 4572 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:56:28.0596 4572 megasas - ok
22:56:28.0648 4572 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:56:28.0657 4572 MegaSR - ok
22:56:28.0776 4572 [ 278766E020E199FF445081F9CCBD8193 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:56:28.0779 4572 Microsoft Office Groove Audit Service - ok
22:56:28.0805 4572 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:56:28.0818 4572 MMCSS - ok
22:56:28.0849 4572 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:56:28.0850 4572 Modem - ok
22:56:28.0894 4572 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:56:28.0895 4572 monitor - ok
22:56:28.0914 4572 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:56:28.0915 4572 mouclass - ok
22:56:28.0923 4572 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:56:28.0924 4572 mouhid - ok
22:56:28.0935 4572 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:56:28.0936 4572 MountMgr - ok
22:56:28.0999 4572 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:56:29.0004 4572 mpio - ok
22:56:29.0023 4572 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:56:29.0024 4572 mpsdrv - ok
22:56:29.0072 4572 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
22:56:29.0082 4572 MpsSvc - ok
22:56:29.0107 4572 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:56:29.0110 4572 Mraid35x - ok
22:56:29.0137 4572 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:56:29.0140 4572 MRxDAV - ok
22:56:29.0156 4572 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:56:29.0157 4572 mrxsmb - ok
22:56:29.0174 4572 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:56:29.0175 4572 mrxsmb10 - ok
22:56:29.0209 4572 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:56:29.0210 4572 mrxsmb20 - ok
22:56:29.0232 4572 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
22:56:29.0232 4572 msahci - ok
22:56:29.0263 4572 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:56:29.0284 4572 msdsm - ok
22:56:29.0313 4572 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:56:29.0316 4572 MSDTC - ok
22:56:29.0365 4572 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:56:29.0367 4572 Msfs - ok
22:56:29.0395 4572 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:56:29.0396 4572 msisadrv - ok
22:56:29.0437 4572 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:56:29.0439 4572 MSiSCSI - ok
22:56:29.0444 4572 msiserver - ok
22:56:29.0477 4572 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:56:29.0479 4572 MSKSSRV - ok
22:56:29.0509 4572 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:56:29.0510 4572 MSPCLOCK - ok
22:56:29.0525 4572 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:56:29.0526 4572 MSPQM - ok
22:56:29.0573 4572 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:56:29.0576 4572 MsRPC - ok
22:56:29.0591 4572 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:56:29.0592 4572 mssmbios - ok
22:56:29.0619 4572 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:56:29.0620 4572 MSTEE - ok
22:56:29.0644 4572 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
22:56:29.0646 4572 Mup - ok
22:56:29.0695 4572 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
22:56:29.0703 4572 napagent - ok
22:56:29.0734 4572 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:56:29.0735 4572 NativeWifiP - ok
22:56:29.0779 4572 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:56:29.0788 4572 NDIS - ok
22:56:29.0796 4572 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:56:29.0797 4572 NdisTapi - ok
22:56:29.0814 4572 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:56:29.0815 4572 Ndisuio - ok
22:56:29.0846 4572 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:56:29.0848 4572 NdisWan - ok
22:56:29.0868 4572 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:56:29.0870 4572 NDProxy - ok
22:56:29.0883 4572 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:56:29.0884 4572 NetBIOS - ok
22:56:29.0957 4572 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:56:29.0971 4572 netbt - ok
22:56:29.0991 4572 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
22:56:29.0993 4572 Netlogon - ok
22:56:30.0059 4572 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:56:30.0067 4572 Netman - ok
22:56:30.0091 4572 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:56:30.0108 4572 netprofm - ok
22:56:30.0169 4572 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:56:30.0170 4572 NetTcpPortSharing - ok
22:56:30.0236 4572 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:56:30.0255 4572 nfrd960 - ok
22:56:30.0289 4572 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:56:30.0295 4572 NlaSvc - ok
22:56:30.0306 4572 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:56:30.0308 4572 Npfs - ok
22:56:30.0324 4572 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:56:30.0326 4572 nsi - ok
22:56:30.0341 4572 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:56:30.0343 4572 nsiproxy - ok
22:56:30.0396 4572 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:56:30.0427 4572 Ntfs - ok
22:56:30.0458 4572 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:56:30.0461 4572 ntrigdigi - ok
22:56:30.0485 4572 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:56:30.0491 4572 Null - ok
22:56:30.0525 4572 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:56:30.0556 4572 nvraid - ok
22:56:30.0584 4572 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:56:30.0586 4572 nvstor - ok
22:56:30.0613 4572 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:56:30.0616 4572 nv_agp - ok
22:56:30.0625 4572 NwlnkFlt - ok
22:56:30.0634 4572 NwlnkFwd - ok
22:56:30.0714 4572 [ 2CF21D5F8F1B74BB1922135AC2B12DDB ] OA001Ufd C:\Windows\system32\DRIVERS\OA001Ufd.sys
22:56:30.0727 4572 OA001Ufd - ok
22:56:30.0767 4572 [ 4075063D25AF9DA64101769854B83787 ] OA001Vid C:\Windows\system32\DRIVERS\OA001Vid.sys
22:56:30.0773 4572 OA001Vid - ok
22:56:31.0035 4572 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:56:31.0044 4572 odserv - ok
22:56:31.0082 4572 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:56:31.0083 4572 ohci1394 - ok
22:56:31.0119 4572 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:56:31.0122 4572 ose - ok
22:56:31.0168 4572 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:56:31.0190 4572 p2pimsvc - ok
22:56:31.0201 4572 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
22:56:31.0205 4572 p2psvc - ok
22:56:31.0309 4572 [ 5FAE249A5635A52970652CA8EB216515 ] PAC7302 C:\Windows\system32\DRIVERS\PAC7302.SYS
22:56:31.0342 4572 PAC7302 - ok
22:56:31.0372 4572 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:56:31.0392 4572 Parport - ok
22:56:31.0423 4572 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:56:31.0436 4572 partmgr - ok
22:56:31.0460 4572 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:56:31.0461 4572 Parvdm - ok
22:56:31.0499 4572 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:56:31.0517 4572 PcaSvc - ok
22:56:31.0570 4572 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
22:56:31.0600 4572 pci - ok
22:56:31.0657 4572 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
22:56:31.0658 4572 pciide - ok
22:56:31.0704 4572 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:56:31.0708 4572 pcmcia - ok
22:56:31.0765 4572 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:56:31.0782 4572 PEAUTH - ok
22:56:32.0020 4572 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:56:32.0052 4572 pla - ok
22:56:32.0111 4572 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:56:32.0127 4572 PlugPlay - ok
22:56:32.0168 4572 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:56:32.0172 4572 PNRPAutoReg - ok
22:56:32.0281 4572 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:56:32.0288 4572 PNRPsvc - ok
22:56:32.0328 4572 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:56:32.0333 4572 PolicyAgent - ok
22:56:32.0372 4572 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:56:32.0385 4572 PptpMiniport - ok
22:56:32.0405 4572 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:56:32.0408 4572 Processor - ok
22:56:32.0458 4572 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
22:56:32.0462 4572 ProfSvc - ok
22:56:32.0479 4572 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:56:32.0482 4572 ProtectedStorage - ok
22:56:32.0524 4572 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:56:32.0526 4572 PSched - ok
22:56:32.0663 4572 [ 0B6DEA0A1662CAB8F2BF339DC0752EF4 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
22:56:32.0698 4572 PSI_SVC_2 - ok
22:56:32.0874 4572 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:56:32.0891 4572 ql2300 - ok
22:56:32.0911 4572 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:56:32.0914 4572 ql40xx - ok
22:56:32.0958 4572 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:56:32.0986 4572 QWAVE - ok
22:56:33.0024 4572 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:56:33.0025 4572 QWAVEdrv - ok
22:56:33.0045 4572 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:56:33.0046 4572 RasAcd - ok
22:56:33.0066 4572 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:56:33.0070 4572 RasAuto - ok
22:56:33.0083 4572 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:56:33.0085 4572 Rasl2tp - ok
22:56:33.0157 4572 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
22:56:33.0188 4572 RasMan - ok
22:56:33.0226 4572 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:56:33.0248 4572 RasPppoe - ok
22:56:33.0269 4572 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:56:33.0272 4572 RasSstp - ok
22:56:33.0292 4572 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:56:33.0298 4572 rdbss - ok
22:56:33.0309 4572 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:56:33.0310 4572 RDPCDD - ok
22:56:33.0342 4572 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:56:33.0349 4572 rdpdr - ok
22:56:33.0358 4572 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:56:33.0359 4572 RDPENCDD - ok
22:56:33.0375 4572 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:56:33.0379 4572 RDPWD - ok
22:56:33.0416 4572 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:56:33.0419 4572 RemoteAccess - ok
22:56:33.0451 4572 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:56:33.0455 4572 RemoteRegistry - ok
22:56:33.0493 4572 [ 34CC78C06587718C2AD6D3AA83B1F072 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:56:33.0502 4572 RFCOMM - ok
22:56:33.0549 4572 [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
22:56:33.0551 4572 rimmptsk - ok
22:56:33.0560 4572 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
22:56:33.0561 4572 rimsptsk - ok
22:56:33.0581 4572 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
22:56:33.0583 4572 rismxdp - ok
22:56:33.0611 4572 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:56:33.0614 4572 RpcLocator - ok
22:56:33.0698 4572 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
22:56:33.0702 4572 RpcSs - ok
22:56:33.0759 4572 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:56:33.0761 4572 rspndr - ok
22:56:33.0799 4572 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
22:56:33.0801 4572 SamSs - ok
22:56:33.0833 4572 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:56:33.0857 4572 sbp2port - ok
22:56:33.0894 4572 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:56:33.0899 4572 SCardSvr - ok
22:56:34.0092 4572 [ 20B2751CD4C8F3FD989739CA661B9F30 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
22:56:34.0094 4572 SCDEmu - ok
22:56:34.0252 4572 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
22:56:34.0289 4572 Schedule - ok
22:56:34.0310 4572 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
22:56:34.0311 4572 SCPolicySvc - ok
22:56:34.0347 4572 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:56:34.0350 4572 sdbus - ok
22:56:34.0379 4572 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:56:34.0385 4572 SDRSVC - ok
22:56:34.0407 4572 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:56:34.0408 4572 secdrv - ok
22:56:34.0425 4572 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:56:34.0428 4572 seclogon - ok
22:56:34.0439 4572 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
22:56:34.0442 4572 SENS - ok
22:56:34.0465 4572 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:56:34.0466 4572 Serenum - ok
22:56:34.0483 4572 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:56:34.0485 4572 Serial - ok
22:56:34.0501 4572 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:56:34.0502 4572 sermouse - ok
22:56:34.0538 4572 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:56:34.0559 4572 SessionEnv - ok
22:56:34.0617 4572 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
22:56:34.0619 4572 sffdisk - ok
22:56:34.0647 4572 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:56:34.0648 4572 sffp_mmc - ok
22:56:34.0683 4572 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
22:56:34.0684 4572 sffp_sd - ok
22:56:34.0716 4572 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:56:34.0728 4572 sfloppy - ok
22:56:34.0775 4572 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:56:34.0784 4572 SharedAccess - ok
22:56:34.0831 4572 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:56:34.0852 4572 ShellHWDetection - ok
22:56:34.0873 4572 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:56:34.0875 4572 sisagp - ok
22:56:34.0920 4572 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:56:34.0922 4572 SiSRaid2 - ok
22:56:34.0960 4572 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:56:34.0981 4572 SiSRaid4 - ok
22:56:35.0277 4572 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
22:56:35.0492 4572 slsvc - ok
22:56:35.0532 4572 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:56:35.0534 4572 SLUINotify - ok
22:56:35.0558 4572 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:56:35.0560 4572 Smb - ok
22:56:35.0591 4572 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:56:35.0594 4572 SNMPTRAP - ok
22:56:35.0680 4572 [ 9F70CD5EDCC4EFC48AE21E04FB03BE9D ] speedfan C:\Windows\system32\speedfan.sys
22:56:35.0682 4572 speedfan - ok
22:56:35.0708 4572 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:56:35.0709 4572 spldr - ok
22:56:35.0741 4572 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
22:56:35.0744 4572 Spooler - ok
22:56:35.0803 4572 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:56:35.0806 4572 srv - ok
22:56:35.0858 4572 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:56:35.0859 4572 srv2 - ok
22:56:35.0890 4572 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:56:35.0892 4572 srvnet - ok
22:56:35.0957 4572 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:56:35.0962 4572 SSDPSRV - ok
22:56:36.0002 4572 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:56:36.0009 4572 SstpSvc - ok
22:56:36.0177 4572 [ FFA85A9F3C3571AD29AC156BC6F116C5 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe
22:56:36.0181 4572 STacSV - ok
22:56:36.0231 4572 [ 5AF1FEEC6945F4FA5EFD00E0C6D8F9B9 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
22:56:36.0248 4572 STHDA - ok
22:56:36.0380 4572 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
22:56:36.0393 4572 stisvc - ok
22:56:36.0423 4572 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:56:36.0424 4572 swenum - ok
22:56:36.0511 4572 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
22:56:36.0543 4572 swprv - ok
22:56:36.0558 4572 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:56:36.0560 4572 Symc8xx - ok
22:56:36.0606 4572 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:56:36.0608 4572 Sym_hi - ok
22:56:36.0652 4572 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:56:36.0654 4572 Sym_u3 - ok
22:56:36.0691 4572 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
22:56:36.0705 4572 SysMain - ok
22:56:36.0726 4572 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:56:36.0729 4572 TabletInputService - ok
22:56:36.0773 4572 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
22:56:36.0775 4572 taphss - ok
22:56:36.0804 4572 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
22:56:36.0810 4572 TapiSrv - ok
22:56:36.0841 4572 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:56:36.0849 4572 TBS - ok
22:56:36.0968 4572 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:56:36.0975 4572 Tcpip - ok
22:56:37.0034 4572 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:56:37.0040 4572 Tcpip6 - ok
22:56:37.0082 4572 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:56:37.0083 4572 tcpipreg - ok
22:56:37.0103 4572 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:56:37.0104 4572 TDPIPE - ok
22:56:37.0124 4572 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:56:37.0126 4572 TDTCP - ok
22:56:37.0154 4572 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:56:37.0156 4572 tdx - ok
22:56:37.0193 4572 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:56:37.0194 4572 TermDD - ok
22:56:37.0255 4572 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
22:56:37.0266 4572 TermService - ok
22:56:37.0297 4572 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
22:56:37.0300 4572 Themes - ok
22:56:37.0331 4572 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:56:37.0334 4572 THREADORDER - ok
22:56:37.0373 4572 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:56:37.0380 4572 TrkWks - ok
22:56:37.0433 4572 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:56:37.0434 4572 TrustedInstaller - ok
22:56:37.0457 4572 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:56:37.0459 4572 tssecsrv - ok
22:56:37.0474 4572 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:56:37.0476 4572 tunmp - ok
22:56:37.0517 4572 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:56:37.0518 4572 tunnel - ok
22:56:37.0550 4572 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:56:37.0551 4572 uagp35 - ok
22:56:37.0567 4572 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:56:37.0573 4572 udfs - ok
22:56:37.0609 4572 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:56:37.0614 4572 UI0Detect - ok
22:56:37.0636 4572 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:56:37.0638 4572 uliagpkx - ok
22:56:37.0688 4572 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:56:37.0704 4572 uliahci - ok
22:56:37.0728 4572 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:56:37.0742 4572 UlSata - ok
22:56:37.0785 4572 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:56:37.0789 4572 ulsata2 - ok
22:56:37.0809 4572 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:56:37.0811 4572 umbus - ok
22:56:37.0862 4572 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:56:37.0942 4572 upnphost - ok
22:56:38.0142 4572 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:56:38.0205 4572 usbaudio - ok
22:56:38.0274 4572 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:56:38.0276 4572 usbccgp - ok
22:56:38.0314 4572 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:56:38.0316 4572 usbcir - ok
22:56:38.0338 4572 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:56:38.0340 4572 usbehci - ok
22:56:38.0353 4572 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:56:38.0358 4572 usbhub - ok
22:56:38.0378 4572 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:56:38.0379 4572 usbohci - ok
22:56:38.0416 4572 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:56:38.0430 4572 usbprint - ok
22:56:38.0461 4572 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:56:38.0463 4572 usbscan - ok
22:56:38.0499 4572 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:56:38.0511 4572 USBSTOR - ok
22:56:38.0543 4572 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:56:38.0544 4572 usbuhci - ok
22:56:38.0566 4572 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:56:38.0569 4572 usbvideo - ok
22:56:38.0608 4572 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
22:56:38.0625 4572 UxSms - ok
22:56:38.0696 4572 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
22:56:38.0717 4572 vds - ok
22:56:38.0753 4572 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:56:38.0754 4572 vga - ok
22:56:38.0778 4572 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:56:38.0779 4572 VgaSave - ok
22:56:38.0808 4572 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:56:38.0810 4572 viaagp - ok
22:56:38.0839 4572 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:56:38.0841 4572 ViaC7 - ok
22:56:38.0870 4572 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:56:38.0891 4572 viaide - ok
22:56:38.0924 4572 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:56:38.0926 4572 volmgr - ok
22:56:38.0944 4572 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:56:38.0950 4572 volmgrx - ok
22:56:38.0960 4572 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:56:38.0963 4572 volsnap - ok
22:56:38.0981 4572 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:56:38.0983 4572 vsmraid - ok
22:56:39.0063 4572 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
22:56:39.0084 4572 VSS - ok
22:56:39.0105 4572 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
22:56:39.0115 4572 W32Time - ok
22:56:39.0147 4572 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:56:39.0169 4572 WacomPen - ok
22:56:39.0229 4572 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:56:39.0237 4572 Wanarp - ok
22:56:39.0245 4572 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:56:39.0245 4572 Wanarpv6 - ok
22:56:39.0321 4572 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:56:39.0369 4572 wcncsvc - ok
22:56:39.0392 4572 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:56:39.0397 4572 WcsPlugInService - ok
22:56:39.0452 4572 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:56:39.0454 4572 Wd - ok
22:56:39.0529 4572 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
22:56:39.0541 4572 WDC_SAM - ok
22:56:39.0619 4572 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:56:39.0628 4572 Wdf01000 - ok
22:56:39.0658 4572 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:56:39.0661 4572 WdiServiceHost - ok
22:56:39.0667 4572 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:56:39.0669 4572 WdiSystemHost - ok
22:56:39.0688 4572 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
22:56:39.0693 4572 WebClient - ok
22:56:39.0741 4572 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:56:39.0763 4572 Wecsvc - ok
22:56:39.0807 4572 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:56:39.0812 4572 wercplsupport - ok
22:56:39.0871 4572 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
22:56:39.0873 4572 WerSvc - ok
22:56:39.0955 4572 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:56:39.0961 4572 WinDefend - ok
22:56:39.0969 4572 WinHttpAutoProxySvc - ok
22:56:40.0033 4572 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:56:40.0037 4572 Winmgmt - ok
22:56:40.0125 4572 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:56:40.0161 4572 WinRM - ok
22:56:40.0223 4572 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:56:40.0227 4572 Wlansvc - ok
22:56:40.0231 4572 wltrysvc - ok
22:56:40.0267 4572 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:56:40.0269 4572 WmiAcpi - ok
22:56:40.0329 4572 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:56:40.0333 4572 wmiApSrv - ok
22:56:40.0399 4572 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:56:40.0433 4572 WMPNetworkSvc - ok
22:56:40.0478 4572 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:56:40.0483 4572 WPCSvc - ok
22:56:40.0505 4572 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:56:40.0511 4572 WPDBusEnum - ok
22:56:40.0558 4572 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:56:40.0560 4572 WpdUsb - ok
22:56:41.0099 4572 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:56:41.0142 4572 WPFFontCache_v0400 - ok
22:56:41.0180 4572 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:56:41.0197 4572 ws2ifsl - ok
22:56:41.0229 4572 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
22:56:41.0254 4572 wscsvc - ok
22:56:41.0265 4572 WSearch - ok
22:56:41.0344 4572 [ D79538B67FA641E986855DEF651E78FE ] wuauserv C:\Windows\system32\wuaueng.dll
22:56:41.0389 4572 wuauserv - ok
22:56:41.0435 4572 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:56:41.0438 4572 WUDFRd - ok
22:56:41.0464 4572 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:56:41.0470 4572 wudfsvc - ok
22:56:41.0488 4572 ================ Scan global ===============================
22:56:41.0509 4572 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:56:41.0563 4572 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
22:56:41.0620 4572 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
22:56:41.0699 4572 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
22:56:41.0710 4572 [Global] - ok
22:56:41.0715 4572 ================ Scan MBR ==================================
22:56:41.0729 4572 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:56:43.0339 4572 \Device\Harddisk0\DR0 - ok
22:56:43.0342 4572 ================ Scan VBR ==================================
22:56:43.0368 4572 [ E89FD2D679C4C37DA77393A1E418C2CF ] \Device\Harddisk0\DR0\Partition1
22:56:43.0371 4572 \Device\Harddisk0\DR0\Partition1 - ok
22:56:43.0393 4572 [ D6A63806578FBED0FCF8576C0B31B876 ] \Device\Harddisk0\DR0\Partition2
22:56:43.0396 4572 \Device\Harddisk0\DR0\Partition2 - ok
22:56:43.0399 4572 ============================================================
22:56:43.0399 4572 Scan finished
22:56:43.0399 4572 ============================================================
22:56:43.0409 1752 Detected object count: 0
22:56:43.0409 1752 Actual detected object count: 0
22:56:46.0971 4104 ============================================================
22:56:46.0971 4104 Scan started
22:56:46.0971 4104 Mode: Manual;
22:56:46.0971 4104 ============================================================
22:56:47.0855 4104 ================ Scan system memory ========================
22:56:47.0855 4104 System memory - ok
22:56:47.0859 4104 ================ Scan services =============================
22:56:48.0143 4104 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
22:56:48.0144 4104 ACPI - ok
22:56:48.0173 4104 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:56:48.0175 4104 adp94xx - ok
22:56:48.0202 4104 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:56:48.0204 4104 adpahci - ok
22:56:48.0223 4104 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:56:48.0224 4104 adpu160m - ok
22:56:48.0251 4104 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:56:48.0252 4104 adpu320 - ok
22:56:48.0285 4104 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:56:48.0285 4104 AeLookupSvc - ok
22:56:48.0399 4104 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe
22:56:48.0400 4104 AESTFilters - ok
22:56:48.0443 4104 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
22:56:48.0444 4104 AFD - ok
22:56:48.0476 4104 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:56:48.0477 4104 agp440 - ok
22:56:48.0499 4104 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:56:48.0500 4104 aic78xx - ok
22:56:48.0542 4104 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:56:48.0543 4104 ALG - ok
22:56:48.0561 4104 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:56:48.0562 4104 aliide - ok
22:56:48.0593 4104 [ C4232FADFA9691B85DDA0A7B636C5F6D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:56:48.0596 4104 AMD External Events Utility - ok
22:56:48.0606 4104 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:56:48.0607 4104 amdagp - ok
22:56:48.0633 4104 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:56:48.0634 4104 amdide - ok
22:56:48.0651 4104 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:56:48.0652 4104 AmdK7 - ok
22:56:48.0678 4104 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:56:48.0679 4104 AmdK8 - ok
22:56:49.0192 4104 [ 10D681E635E81C253FC5DD1A5048B0E9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:56:49.0247 4104 amdkmdag - ok
22:56:49.0285 4104 [ 112A7F24C6535DBD2E90AEF34ECB57A4 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:56:49.0286 4104 amdkmdap - ok
22:56:49.0330 4104 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:56:49.0330 4104 Appinfo - ok
22:56:49.0353 4104 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:56:49.0354 4104 arc - ok
22:56:49.0390 4104 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:56:49.0391 4104 arcsas - ok
22:56:49.0408 4104 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:56:49.0409 4104 AsyncMac - ok
22:56:49.0430 4104 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
22:56:49.0430 4104 atapi - ok
22:56:49.0466 4104 [ 35290682DBDB9CEDE934B73369F3CEDE ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
22:56:49.0466 4104 AtiHDAudioService - ok
22:56:50.0328 4104 [ 10D681E635E81C253FC5DD1A5048B0E9 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:56:50.0466 4104 atikmdag - ok
22:56:50.0707 4104 [ C6C9834B33876C7F8B73BBE4674C41AF ] ATService C:\Program Files\Fingerprint Sensor\AtService.exe
22:56:50.0719 4104 ATService - ok
22:56:50.0824 4104 [ 30407FB218940AE61F1AA3821B69F567 ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
22:56:50.0829 4104 ATSwpWDF - ok
22:56:50.0917 4104 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:56:50.0920 4104 AudioEndpointBuilder - ok
22:56:50.0929 4104 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:56:50.0931 4104 Audiosrv - ok
22:56:51.0089 4104 [ 333CCC27BA5C7E7B8BBBADEC1AF18C6C ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
22:56:51.0091 4104 Autodesk Licensing Service - ok
22:56:51.0516 4104 [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
22:56:51.0554 4104 AVGIDSAgent - ok
22:56:51.0616 4104 [ 1C8D965BBCAA9EE5DEFDB54743437086 ] AVGIDSDriver C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
22:56:51.0618 4104 AVGIDSDriver - ok
22:56:51.0675 4104 [ C59C9BC3F0612BD207CCDC5D8CB9CE39 ] AVGIDSEH C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
22:56:51.0675 4104 AVGIDSEH - ok
22:56:51.0690 4104 [ C5559DE2EC66CEDE15A1664F6D183D8E ] AVGIDSFilter C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
22:56:51.0691 4104 AVGIDSFilter - ok
22:56:51.0705 4104 [ AE5E9667FA40206796D1BD5BD0427A8A ] AVGIDSShim C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
22:56:51.0706 4104 AVGIDSShim - ok
22:56:51.0722 4104 [ 4E796D3D2C3182B13B3E3B5A2AD4EF0A ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
22:56:51.0724 4104 Avgldx86 - ok
22:56:51.0728 4104 [ 5639DE66B37D02BD22DF4CF3155FBA60 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
22:56:51.0729 4104 Avgmfx86 - ok
22:56:51.0738 4104 [ D1BAF652EDA0AE70896276A1FB32C2D4 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
22:56:51.0738 4104 Avgrkx86 - ok
22:56:51.0757 4104 [ AAF0EBCAD95F2164CFFB544E00392498 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
22:56:51.0759 4104 Avgtdix - ok
22:56:51.0790 4104 [ 4244F9783D89A6E4697787CAA0F02550 ] avgwd C:\Program Files\AVG\AVG10\avgwdsvc.exe
22:56:51.0792 4104 avgwd - ok
22:56:51.0830 4104 [ 7BD70AEED0D975285A1B20BD012EBF4E ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
22:56:51.0830 4104 BCM42RLY - ok
22:56:51.0868 4104 [ FA6707A346CD122407F3B0BAD1C47639 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
22:56:51.0874 4104 BCM43XX - ok
22:56:51.0939 4104 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:56:51.0940 4104 Beep - ok
22:56:51.0970 4104 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
22:56:51.0972 4104 BFE - ok
22:56:52.0038 4104 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
22:56:52.0043 4104 BITS - ok
22:56:52.0162 4104 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:56:52.0163 4104 blbdrive - ok
22:56:52.0186 4104 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:56:52.0187 4104 bowser - ok
22:56:52.0228 4104 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:56:52.0228 4104 BrFiltLo - ok
22:56:52.0251 4104 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:56:52.0252 4104 BrFiltUp - ok
22:56:52.0282 4104 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:56:52.0282 4104 Browser - ok
22:56:52.0304 4104 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:56:52.0305 4104 Brserid - ok
22:56:52.0329 4104 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:56:52.0330 4104 BrSerWdm - ok
22:56:52.0365 4104 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:56:52.0366 4104 BrUsbMdm - ok
22:56:52.0398 4104 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:56:52.0399 4104 BrUsbSer - ok
22:56:52.0428 4104 [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
22:56:52.0428 4104 BthEnum - ok
22:56:52.0452 4104 [ 5FFA6988FF9597986FF2ADA736CC90C0 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:56:52.0452 4104 BTHMODEM - ok
22:56:52.0462 4104 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:56:52.0464 4104 BthPan - ok
22:56:52.0517 4104 [ 73D53F8E90550BA81E2CF44A0873B410 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
22:56:52.0518 4104 BTHPORT - ok
22:56:52.0550 4104 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
22:56:52.0551 4104 BthServ - ok
22:56:52.0566 4104 [ 32045A4BB143BBC5BAB1298C4E9E309A ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
22:56:52.0566 4104 BTHUSB - ok
22:56:52.0595 4104 [ 489727EA3DCEBA3BAC3215F94BFBCAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:56:52.0596 4104 btwaudio - ok
22:56:52.0627 4104 [ DEAD0E02E2EFDB03209C9237E93A619C ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
22:56:52.0628 4104 btwavdt - ok
22:56:52.0691 4104 [ F950152B6B0A0093B9A270D2FC89A78A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:56:52.0694 4104 btwdins - ok
22:56:52.0750 4104 [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:56:52.0751 4104 btwl2cap - ok
22:56:52.0795 4104 [ 280E088046DCAC249BB08505E296DB86 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:56:52.0796 4104 btwrchid - ok
22:56:52.0858 4104 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:56:52.0859 4104 cdfs - ok
22:56:52.0880 4104 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:56:52.0881 4104 cdrom - ok
22:56:52.0944 4104 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
22:56:52.0944 4104 CertPropSvc - ok
22:56:52.0978 4104 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:56:52.0978 4104 circlass - ok
22:56:53.0015 4104 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
22:56:53.0017 4104 CLFS - ok
22:56:53.0241 4104 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:56:53.0242 4104 clr_optimization_v2.0.50727_32 - ok
22:56:53.0568 4104 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:56:53.0569 4104 clr_optimization_v4.0.30319_32 - ok
22:56:53.0620 4104 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:56:53.0621 4104 CmBatt - ok
22:56:53.0688 4104 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:56:53.0689 4104 cmdide - ok
22:56:53.0725 4104 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:56:53.0725 4104 Compbatt - ok
22:56:53.0730 4104 COMSysApp - ok
22:56:53.0770 4104 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:56:53.0771 4104 crcdisk - ok
22:56:53.0816 4104 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:56:53.0817 4104 Crusoe - ok
22:56:53.0892 4104 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:56:53.0893 4104 CryptSvc - ok
22:56:53.0972 4104 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:56:53.0976 4104 DcomLaunch - ok
22:56:54.0063 4104 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:56:54.0065 4104 DfsC - ok
22:56:54.0374 4104 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
22:56:54.0385 4104 DFSR - ok
22:56:54.0451 4104 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:56:54.0453 4104 Dhcp - ok
22:56:54.0515 4104 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
22:56:54.0516 4104 disk - ok
22:56:54.0582 4104 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:56:54.0583 4104 Dnscache - ok
22:56:54.0692 4104 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
22:56:54.0693 4104 dot3svc - ok
22:56:54.0783 4104 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:56:54.0786 4104 DPS - ok
22:56:54.0843 4104 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:56:54.0844 4104 drmkaud - ok
22:56:54.0884 4104 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:56:54.0887 4104 DXGKrnl - ok
22:56:54.0942 4104 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:56:54.0944 4104 E1G60 - ok
22:56:55.0921 4104 EagleNT - ok
22:56:55.0951 4104 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:56:55.0952 4104 EapHost - ok
22:56:55.0998 4104 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:56:56.0000 4104 Ecache - ok
22:56:56.0100 4104 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:56:56.0101 4104 ehRecvr - ok
22:56:56.0143 4104 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
22:56:56.0144 4104 ehSched - ok
22:56:56.0194 4104 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
22:56:56.0195 4104 ehstart - ok
22:56:56.0259 4104 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:56:56.0263 4104 elxstor - ok
22:56:56.0332 4104 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:56:56.0335 4104 EMDMgmt - ok
22:56:56.0387 4104 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:56:56.0387 4104 ErrDev - ok
22:56:56.0486 4104 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
22:56:56.0488 4104 EventSystem - ok
22:56:56.0525 4104 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
22:56:56.0526 4104 exfat - ok
22:56:56.0608 4104 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:56:56.0610 4104 fastfat - ok
22:56:56.0675 4104 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:56:56.0676 4104 fdc - ok
22:56:56.0722 4104 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:56:56.0724 4104 fdPHost - ok
22:56:56.0752 4104 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:56:56.0753 4104 FDResPub - ok
22:56:56.0785 4104 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:56:56.0786 4104 FileInfo - ok
22:56:56.0801 4104 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:56:56.0802 4104 Filetrace - ok
22:56:56.0832 4104 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:56:56.0832 4104 flpydisk - ok
22:56:56.0867 4104 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:56:56.0869 4104 FltMgr - ok
22:56:56.0956 4104 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:56:56.0957 4104 FontCache3.0.0.0 - ok
22:56:57.0001 4104 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:56:57.0001 4104 Fs_Rec - ok
22:56:57.0062 4104 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:56:57.0063 4104 gagp30kx - ok
22:56:57.0205 4104 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
22:56:57.0207 4104 giveio - ok
22:56:57.0366 4104 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
22:56:57.0369 4104 gpsvc - ok
22:56:57.0468 4104 [ 10A28285FB7DF89149FF1302113BB3DB ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:56:57.0471 4104 gupdate - ok
22:56:57.0528 4104 [ 10A28285FB7DF89149FF1302113BB3DB ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:56:57.0529 4104 gupdatem - ok
22:56:57.0605 4104 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:56:57.0606 4104 HdAudAddService - ok
22:56:57.0649 4104 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:56:57.0649 4104 HDAudBus - ok
22:56:57.0681 4104 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:56:57.0681 4104 HidBth - ok
22:56:57.0753 4104 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:56:57.0753 4104 HidIr - ok
22:56:57.0798 4104 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
22:56:57.0800 4104 hidserv - ok
22:56:57.0821 4104 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:56:57.0821 4104 HidUsb - ok
22:56:57.0859 4104 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:56:57.0860 4104 hkmsvc - ok
22:56:57.0958 4104 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:56:57.0959 4104 HpCISSs - ok
22:56:57.0998 4104 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:56:58.0000 4104 HTTP - ok
22:56:58.0034 4104 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:56:58.0035 4104 i2omp - ok
22:56:58.0054 4104 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:56:58.0055 4104 i8042prt - ok
22:56:58.0122 4104 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:56:58.0123 4104 iaStorV - ok
22:56:58.0344 4104 [ F4220DFFBE2504694480C02EA0DFDE8B ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:56:58.0345 4104 IDriverT - ok
22:56:58.0500 4104 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:56:58.0504 4104 idsvc - ok
22:56:58.0541 4104 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:56:58.0542 4104 iirsp - ok
22:56:58.0631 4104 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
22:56:58.0637 4104 IKEEXT - ok
22:56:58.0668 4104 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:56:58.0668 4104 intelide - ok
22:56:58.0705 4104 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:56:58.0706 4104 intelppm - ok
22:56:58.0722 4104 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:56:58.0723 4104 IPBusEnum - ok
22:56:58.0739 4104 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:56:58.0740 4104 IpFilterDriver - ok
22:56:58.0770 4104 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:56:58.0772 4104 iphlpsvc - ok
22:56:58.0776 4104 IpInIp - ok
22:56:58.0810 4104 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:56:58.0811 4104 IPMIDRV - ok
22:56:58.0827 4104 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:56:58.0828 4104 IPNAT - ok
22:56:58.0855 4104 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:56:58.0856 4104 IRENUM - ok
22:56:58.0930 4104 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:56:58.0931 4104 isapnp - ok
22:56:58.0957 4104 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:56:58.0958 4104 iScsiPrt - ok
22:56:58.0983 4104 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:56:58.0983 4104 iteatapi - ok
22:56:59.0018 4104 [ 20425664E2E196D339CA877E0387C023 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
22:56:59.0019 4104 itecir - ok
22:56:59.0048 4104 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:56:59.0049 4104 iteraid - ok
22:56:59.0132 4104 [ A67E8CFCAD7D4F8B35643D6C79BA64C3 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
22:56:59.0133 4104 k57nd60x - ok
22:56:59.0177 4104 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:56:59.0177 4104 kbdclass - ok
22:56:59.0209 4104 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:56:59.0210 4104 kbdhid - ok
22:56:59.0259 4104 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
22:56:59.0260 4104 KeyIso - ok
22:56:59.0416 4104 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:56:59.0418 4104 KSecDD - ok
22:56:59.0500 4104 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:56:59.0502 4104 KtmRm - ok
22:56:59.0535 4104 [ 05CE901A4472B3FBF9407C94AD1DB693 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:56:59.0537 4104 LanmanServer - ok
22:56:59.0607 4104 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:56:59.0613 4104 LanmanWorkstation - ok
22:56:59.0683 4104 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:56:59.0684 4104 lltdio - ok
22:56:59.0759 4104 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:56:59.0761 4104 lltdsvc - ok
22:56:59.0792 4104 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:56:59.0793 4104 lmhosts - ok
22:56:59.0835 4104 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:56:59.0836 4104 LSI_FC - ok
22:56:59.0880 4104 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:56:59.0881 4104 LSI_SAS - ok
22:56:59.0899 4104 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:56:59.0899 4104 LSI_SCSI - ok
22:56:59.0953 4104 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:56:59.0954 4104 luafv - ok
22:57:00.0009 4104 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:57:00.0011 4104 Mcx2Svc - ok
22:57:00.0048 4104 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:57:00.0048 4104 megasas - ok
22:57:00.0079 4104 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:57:00.0082 4104 MegaSR - ok
22:57:00.0240 4104 [ 278766E020E199FF445081F9CCBD8193 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:57:00.0241 4104 Microsoft Office Groove Audit Service - ok
22:57:00.0269 4104 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:57:00.0271 4104 MMCSS - ok
22:57:00.0283 4104 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:57:00.0305 4104 Modem - ok
22:57:00.0345 4104 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:57:00.0346 4104 monitor - ok
22:57:00.0511 4104 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:57:00.0512 4104 mouclass - ok
22:57:00.0599 4104 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:57:00.0599 4104 mouhid - ok
22:57:00.0793 4104 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:57:00.0794 4104 MountMgr - ok
22:57:00.0829 4104 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:57:00.0830 4104 mpio - ok
22:57:00.0854 4104 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:57:00.0855 4104 mpsdrv - ok
22:57:00.0903 4104 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
22:57:00.0906 4104 MpsSvc - ok
22:57:00.0960 4104 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:57:00.0960 4104 Mraid35x - ok
22:57:00.0977 4104 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:57:00.0978 4104 MRxDAV - ok
22:57:01.0021 4104 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:57:01.0022 4104 mrxsmb - ok
22:57:01.0051 4104 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:57:01.0053 4104 mrxsmb10 - ok
22:57:01.0085 4104 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:57:01.0085 4104 mrxsmb20 - ok
22:57:01.0107 4104 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
22:57:01.0108 4104 msahci - ok
22:57:01.0127 4104 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:57:01.0128 4104 msdsm - ok
22:57:01.0143 4104 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:57:01.0145 4104 MSDTC - ok
22:57:01.0207 4104 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:57:01.0208 4104 Msfs - ok
22:57:01.0248 4104 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:57:01.0249 4104 msisadrv - ok
22:57:01.0290 4104 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:57:01.0292 4104 MSiSCSI - ok
22:57:01.0296 4104 msiserver - ok
22:57:01.0319 4104 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:57:01.0319 4104 MSKSSRV - ok
22:57:01.0361 4104 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:57:01.0362 4104 MSPCLOCK - ok
22:57:01.0371 4104 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:57:01.0372 4104 MSPQM - ok
22:57:01.0440 4104 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:57:01.0441 4104 MsRPC - ok
22:57:01.0482 4104 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:57:01.0483 4104 mssmbios - ok
22:57:01.0509 4104 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:57:01.0510 4104 MSTEE - ok
22:57:01.0535 4104 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
22:57:01.0535 4104 Mup - ok
22:57:01.0669 4104 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
22:57:01.0672 4104 napagent - ok
22:57:01.0771 4104 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:57:01.0772 4104 NativeWifiP - ok
22:57:01.0859 4104 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:57:01.0862 4104 NDIS - ok
22:57:01.0896 4104 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:57:01.0921 4104 NdisTapi - ok
22:57:01.0937 4104 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:57:01.0937 4104 Ndisuio - ok
22:57:01.0946 4104 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:57:01.0947 4104 NdisWan - ok
22:57:01.0958 4104 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:57:01.0959 4104 NDProxy - ok
22:57:01.0973 4104 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:57:01.0974 4104 NetBIOS - ok
22:57:02.0057 4104 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:57:02.0058 4104 netbt - ok
22:57:02.0080 4104 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
22:57:02.0081 4104 Netlogon - ok
22:57:02.0222 4104 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:57:02.0225 4104 Netman - ok
22:57:02.0313 4104 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:57:02.0316 4104 netprofm - ok
22:57:02.0356 4104 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:57:02.0357 4104 NetTcpPortSharing - ok
22:57:02.0392 4104 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:57:02.0393 4104 nfrd960 - ok
22:57:02.0456 4104 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:57:02.0458 4104 NlaSvc - ok
22:57:02.0473 4104 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:57:02.0474 4104 Npfs - ok
22:57:02.0502 4104 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:57:02.0505 4104 nsi - ok
22:57:02.0531 4104 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:57:02.0531 4104 nsiproxy - ok
22:57:02.0760 4104 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:57:02.0765 4104 Ntfs - ok
22:57:02.0836 4104 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:57:02.0837 4104 ntrigdigi - ok
22:57:02.0863 4104 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:57:02.0864 4104 Null - ok
22:57:02.0948 4104 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:57:02.0948 4104 nvraid - ok
22:57:02.0985 4104 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:57:02.0986 4104 nvstor - ok
22:57:03.0013 4104 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:57:03.0014 4104 nv_agp - ok
22:57:03.0019 4104 NwlnkFlt - ok
22:57:03.0023 4104 NwlnkFwd - ok
22:57:03.0072 4104 [ 2CF21D5F8F1B74BB1922135AC2B12DDB ] OA001Ufd C:\Windows\system32\DRIVERS\OA001Ufd.sys
22:57:03.0073 4104 OA001Ufd - ok
22:57:03.0225 4104 [ 4075063D25AF9DA64101769854B83787 ] OA001Vid C:\Windows\system32\DRIVERS\OA001Vid.sys
22:57:03.0227 4104 OA001Vid - ok
22:57:03.0593 4104 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:57:03.0597 4104 odserv - ok
22:57:03.0672 4104 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:57:03.0673 4104 ohci1394 - ok
22:57:03.0875 4104 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:57:03.0876 4104 ose - ok
22:57:03.0913 4104 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:57:03.0917 4104 p2pimsvc - ok
22:57:03.0938 4104 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
22:57:03.0943 4104 p2psvc - ok
22:57:03.0996 4104 [ 5FAE249A5635A52970652CA8EB216515 ] PAC7302 C:\Windows\system32\DRIVERS\PAC7302.SYS
22:57:03.0999 4104 PAC7302 - ok
22:57:04.0039 4104 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:57:04.0039 4104 Parport - ok
22:57:04.0079 4104 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:57:04.0080 4104 partmgr - ok
22:57:04.0116 4104 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:57:04.0117 4104 Parvdm - ok
22:57:04.0155 4104 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:57:04.0159 4104 PcaSvc - ok
22:57:04.0166 4104 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
22:57:04.0167 4104 pci - ok
22:57:04.0257 4104 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
22:57:04.0257 4104 pciide - ok
22:57:04.0294 4104 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:57:04.0295 4104 pcmcia - ok
22:57:04.0375 4104 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:57:04.0381 4104 PEAUTH - ok
22:57:04.0730 4104 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:57:04.0739 4104 pla - ok
22:57:04.0837 4104 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:57:04.0842 4104 PlugPlay - ok
22:57:05.0007 4104 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:57:05.0011 4104 PNRPAutoReg - ok
22:57:05.0028 4104 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:57:05.0032 4104 PNRPsvc - ok
22:57:05.0073 4104 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:57:05.0075 4104 PolicyAgent - ok
22:57:05.0139 4104 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:57:05.0141 4104 PptpMiniport - ok
22:57:05.0161 4104 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:57:05.0162 4104 Processor - ok
22:57:05.0205 4104 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
22:57:05.0207 4104 ProfSvc - ok
22:57:05.0224 4104 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:57:05.0226 4104 ProtectedStorage - ok
22:57:05.0258 4104 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:57:05.0262 4104 PSched - ok
22:57:05.0341 4104 [ 0B6DEA0A1662CAB8F2BF339DC0752EF4 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
22:57:05.0342 4104 PSI_SVC_2 - ok
22:57:05.0446 4104 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:57:05.0452 4104 ql2300 - ok
22:57:05.0479 4104 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:57:05.0479 4104 ql40xx - ok
22:57:05.0513 4104 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:57:05.0516 4104 QWAVE - ok
22:57:05.0547 4104 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:57:05.0548 4104 QWAVEdrv - ok
22:57:05.0578 4104 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:57:05.0580 4104 RasAcd - ok
22:57:05.0622 4104 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:57:05.0626 4104 RasAuto - ok
22:57:05.0650 4104 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:57:05.0651 4104 Rasl2tp - ok
22:57:05.0702 4104 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
22:57:05.0704 4104 RasMan - ok
22:57:05.0732 4104 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:57:05.0732 4104 RasPppoe - ok
22:57:05.0785 4104 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:57:05.0786 4104 RasSstp - ok
22:57:05.0846 4104 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:57:05.0849 4104 rdbss - ok
22:57:05.0897 4104 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:57:05.0898 4104 RDPCDD - ok
22:57:05.0940 4104 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:57:05.0941 4104 rdpdr - ok
22:57:05.0946 4104 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:57:05.0947 4104 RDPENCDD - ok
22:57:05.0985 4104 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:57:05.0986 4104 RDPWD - ok
22:57:06.0015 4104 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:57:06.0016 4104 RemoteAccess - ok
22:57:06.0061 4104 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:57:06.0065 4104 RemoteRegistry - ok
22:57:06.0102 4104 [ 34CC78C06587718C2AD6D3AA83B1F072 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:57:06.0103 4104 RFCOMM - ok
22:57:06.0137 4104 [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
22:57:06.0138 4104 rimmptsk - ok
22:57:06.0194 4104 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
22:57:06.0195 4104 rimsptsk - ok
22:57:06.0250 4104 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
22:57:06.0250 4104 rismxdp - ok
22:57:06.0290 4104 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:57:06.0291 4104 RpcLocator - ok
22:57:06.0342 4104 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
22:57:06.0346 4104 RpcSs - ok
22:57:06.0394 4104 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:57:06.0394 4104 rspndr - ok
22:57:06.0411 4104 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
22:57:06.0412 4104 SamSs - ok
22:57:06.0434 4104 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:57:06.0435 4104 sbp2port - ok
22:57:06.0473 4104 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:57:06.0476 4104 SCardSvr - ok
22:57:06.0528 4104 [ 20B2751CD4C8F3FD989739CA661B9F30 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
22:57:06.0528 4104 SCDEmu - ok
22:57:06.0574 4104 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
22:57:06.0578 4104 Schedule - ok
22:57:06.0600 4104 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
22:57:06.0600 4104 SCPolicySvc - ok
22:57:06.0627 4104 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:57:06.0628 4104 sdbus - ok
22:57:06.0658 4104 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:57:06.0660 4104 SDRSVC - ok
22:57:06.0697 4104 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:57:06.0698 4104 secdrv - ok
22:57:06.0705 4104 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:57:06.0706 4104 seclogon - ok
22:57:06.0719 4104 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
22:57:06.0720 4104 SENS - ok
22:57:06.0733 4104 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:57:06.0734 4104 Serenum - ok
22:57:06.0763 4104 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:57:06.0764 4104 Serial - ok
22:57:06.0791 4104 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:57:06.0792 4104 sermouse - ok
22:57:06.0827 4104 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:57:06.0829 4104 SessionEnv - ok
22:57:06.0852 4104 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
22:57:06.0853 4104 sffdisk - ok
22:57:06.0870 4104 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:57:06.0871 4104 sffp_mmc - ok
22:57:06.0896 4104 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
22:57:06.0898 4104 sffp_sd - ok
22:57:06.0917 4104 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:57:06.0918 4104 sfloppy - ok
22:57:06.0996 4104 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:57:06.0998 4104 SharedAccess - ok
22:57:07.0076 4104 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:57:07.0079 4104 ShellHWDetection - ok
22:57:07.0119 4104 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:57:07.0119 4104 sisagp - ok
22:57:07.0166 4104 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:57:07.0167 4104 SiSRaid2 - ok
22:57:07.0194 4104 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:57:07.0195 4104 SiSRaid4 - ok
22:57:07.0324 4104 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
22:57:07.0339 4104 slsvc - ok
22:57:07.0389 4104 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:57:07.0390 4104 SLUINotify - ok
22:57:07.0403 4104 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:57:07.0404 4104 Smb - ok
22:57:07.0426 4104 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:57:07.0430 4104 SNMPTRAP - ok
22:57:07.0482 4104 [ 9F70CD5EDCC4EFC48AE21E04FB03BE9D ] speedfan C:\Windows\system32\speedfan.sys
22:57:07.0485 4104 speedfan - ok
22:57:07.0521 4104 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:57:07.0522 4104 spldr - ok
22:57:07.0553 4104 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
22:57:07.0555 4104 Spooler - ok
22:57:07.0582 4104 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:57:07.0583 4104 srv - ok
22:57:07.0605 4104 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:57:07.0607 4104 srv2 - ok
22:57:07.0657 4104 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:57:07.0658 4104 srvnet - ok
22:57:07.0703 4104 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:57:07.0705 4104 SSDPSRV - ok
22:57:07.0724 4104 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:57:07.0727 4104 SstpSvc - ok
22:57:07.0908 4104 [ FFA85A9F3C3571AD29AC156BC6F116C5 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe
22:57:07.0909 4104 STacSV - ok
22:57:07.0990 4104 [ 5AF1FEEC6945F4FA5EFD00E0C6D8F9B9 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
22:57:07.0992 4104 STHDA - ok
22:57:08.0089 4104 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
22:57:08.0094 4104 stisvc - ok
22:57:08.0124 4104 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:57:08.0126 4104 swenum - ok
22:57:08.0155 4104 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
22:57:08.0158 4104 swprv - ok
22:57:08.0182 4104 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:57:08.0184 4104 Symc8xx - ok
22:57:08.0207 4104 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:57:08.0208 4104 Sym_hi - ok
22:57:08.0230 4104 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:57:08.0231 4104 Sym_u3 - ok
22:57:08.0301 4104 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
22:57:08.0308 4104 SysMain - ok
22:57:08.0350 4104 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:57:08.0353 4104 TabletInputService - ok
22:57:08.0386 4104 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
22:57:08.0387 4104 taphss - ok
22:57:08.0416 4104 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
22:57:08.0419 4104 TapiSrv - ok
22:57:08.0431 4104 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:57:08.0433 4104 TBS - ok
22:57:08.0502 4104 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:57:08.0506 4104 Tcpip - ok
22:57:08.0546 4104 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:57:08.0550 4104 Tcpip6 - ok
22:57:08.0583 4104 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:57:08.0584 4104 tcpipreg - ok
22:57:08.0604 4104 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:57:08.0605 4104 TDPIPE - ok
22:57:08.0614 4104 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:57:08.0615 4104 TDTCP - ok
22:57:08.0644 4104 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:57:08.0645 4104 tdx - ok
22:57:08.0695 4104 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:57:08.0695 4104 TermDD - ok
22:57:08.0826 4104 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
22:57:08.0830 4104 TermService - ok
22:57:08.0885 4104 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
22:57:08.0890 4104 Themes - ok
22:57:08.0933 4104 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:57:08.0936 4104 THREADORDER - ok
22:57:09.0030 4104 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:57:09.0035 4104 TrkWks - ok
22:57:09.0223 4104 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:57:09.0224 4104 TrustedInstaller - ok
22:57:09.0281 4104 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:57:09.0282 4104 tssecsrv - ok
22:57:09.0298 4104 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:57:09.0299 4104 tunmp - ok
22:57:09.0352 4104 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:57:09.0353 4104 tunnel - ok
22:57:09.0384 4104 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:57:09.0385 4104 uagp35 - ok
22:57:09.0426 4104 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:57:09.0429 4104 udfs - ok
22:57:09.0503 4104 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:57:09.0506 4104 UI0Detect - ok
22:57:09.0530 4104 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:57:09.0530 4104 uliagpkx - ok
22:57:09.0626 4104 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:57:09.0627 4104 uliahci - ok
22:57:09.0656 4104 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:57:09.0658 4104 UlSata - ok
22:57:09.0692 4104 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:57:09.0693 4104 ulsata2 - ok
22:57:09.0715 4104 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:57:09.0715 4104 umbus - ok
22:57:09.0781 4104 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:57:09.0785 4104 upnphost - ok
22:57:09.0836 4104 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:57:09.0837 4104 usbaudio - ok
22:57:09.0878 4104 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:57:09.0880 4104 usbccgp - ok
22:57:09.0918 4104 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:57:09.0919 4104 usbcir - ok
22:57:09.0932 4104 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:57:09.0932 4104 usbehci - ok
22:57:09.0946 4104 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:57:09.0948 4104 usbhub - ok
22:57:09.0968 4104 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:57:09.0968 4104 usbohci - ok
22:57:10.0006 4104 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:57:10.0007 4104 usbprint - ok
22:57:10.0018 4104 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:57:10.0019 4104 usbscan - ok
22:57:10.0045 4104 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:57:10.0045 4104 USBSTOR - ok
22:57:10.0100 4104 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:57:10.0101 4104 usbuhci - ok
22:57:10.0123 4104 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:57:10.0124 4104 usbvideo - ok
22:57:10.0154 4104 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
22:57:10.0156 4104 UxSms - ok
22:57:10.0217 4104 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
22:57:10.0221 4104 vds - ok
22:57:10.0243 4104 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:57:10.0244 4104 vga - ok
22:57:10.0268 4104 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:57:10.0269 4104 VgaSave - ok
22:57:10.0309 4104 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:57:10.0310 4104 viaagp - ok
22:57:10.0330 4104 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:57:10.0330 4104 ViaC7 - ok
22:57:10.0350 4104 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:57:10.0350 4104 viaide - ok
22:57:10.0370 4104 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:57:10.0371 4104 volmgr - ok
22:57:10.0378 4104 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:57:10.0379 4104 volmgrx - ok
22:57:10.0386 4104 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:57:10.0387 4104 volsnap - ok
22:57:10.0416 4104 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:57:10.0418 4104 vsmraid - ok
22:57:10.0486 4104 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
22:57:10.0493 4104 VSS - ok
22:57:10.0529 4104 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
22:57:10.0532 4104 W32Time - ok
22:57:10.0548 4104 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:57:10.0549 4104 WacomPen - ok
22:57:10.0576 4104 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:57:10.0576 4104 Wanarp - ok
22:57:10.0579 4104 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:57:10.0580 4104 Wanarpv6 - ok
22:57:10.0614 4104 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:57:10.0619 4104 wcncsvc - ok
22:57:10.0649 4104 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:57:10.0651 4104 WcsPlugInService - ok
22:57:10.0709 4104 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:57:10.0710 4104 Wd - ok
22:57:10.0741 4104 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
22:57:10.0742 4104 WDC_SAM - ok
22:57:10.0810 4104 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:57:10.0812 4104 Wdf01000 - ok
22:57:10.0849 4104 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:57:10.0852 4104 WdiServiceHost - ok
22:57:10.0858 4104 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:57:10.0860 4104 WdiSystemHost - ok
22:57:10.0879 4104 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
22:57:10.0882 4104 WebClient - ok
22:57:10.0935 4104 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:57:10.0938 4104 Wecsvc - ok
22:57:10.0964 4104 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:57:10.0966 4104 wercplsupport - ok
22:57:11.0017 4104 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
22:57:11.0019 4104 WerSvc - ok
22:57:11.0134 4104 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:57:11.0136 4104 WinDefend - ok
22:57:11.0144 4104 WinHttpAutoProxySvc - ok
22:57:11.0368 4104 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:57:11.0369 4104 Winmgmt - ok
22:57:11.0489 4104 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:57:11.0496 4104 WinRM - ok
22:57:11.0578 4104 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:57:11.0583 4104 Wlansvc - ok
22:57:11.0586 4104 wltrysvc - ok
22:57:11.0636 4104 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:57:11.0636 4104 WmiAcpi - ok
22:57:11.0703 4104 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:57:11.0704 4104 wmiApSrv - ok
22:57:11.0832 4104 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:57:11.0836 4104 WMPNetworkSvc - ok
22:57:11.0897 4104 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:57:11.0903 4104 WPCSvc - ok
22:57:11.0920 4104 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:57:11.0922 4104 WPDBusEnum - ok
22:57:11.0960 4104 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:57:11.0961 4104 WpdUsb - ok
22:57:12.0398 4104 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:57:12.0402 4104 WPFFontCache_v0400 - ok
22:57:12.0448 4104 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:57:12.0449 4104 ws2ifsl - ok
22:57:12.0475 4104 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
22:57:12.0478 4104 wscsvc - ok
22:57:12.0485 4104 WSearch - ok
22:57:12.0624 4104 [ D79538B67FA641E986855DEF651E78FE ] wuauserv C:\Windows\system32\wuaueng.dll
22:57:12.0634 4104 wuauserv - ok
22:57:12.0658 4104 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:57:12.0660 4104 WUDFRd - ok
22:57:12.0688 4104 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:57:12.0693 4104 wudfsvc - ok
22:57:12.0712 4104 ================ Scan global ===============================
22:57:12.0755 4104 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:57:12.0875 4104 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
22:57:12.0884 4104 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
22:57:12.0920 4104 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
22:57:12.0923 4104 [Global] - ok
22:57:12.0924 4104 ================ Scan MBR ==================================
22:57:12.0933 4104 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:57:13.0944 4104 \Device\Harddisk0\DR0 - ok
22:57:13.0947 4104 ================ Scan VBR ==================================
22:57:13.0962 4104 [ E89FD2D679C4C37DA77393A1E418C2CF ] \Device\Harddisk0\DR0\Partition1
22:57:13.0964 4104 \Device\Harddisk0\DR0\Partition1 - ok
22:57:13.0998 4104 [ D6A63806578FBED0FCF8576C0B31B876 ] \Device\Harddisk0\DR0\Partition2
22:57:14.0012 4104 \Device\Harddisk0\DR0\Partition2 - ok
22:57:14.0012 4104 ============================================================
22:57:14.0012 4104 Scan finished
22:57:14.0012 4104 ============================================================
22:57:14.0023 3924 Detected object count: 0
22:57:14.0023 3924 Actual detected object count: 0

Here is the log from aswMBR:
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-09 23:02:32
-----------------------------
23:02:32.015 OS Version: Windows 6.0.6001 Service Pack 1
23:02:32.015 Number of processors: 2 586 0x1706
23:02:32.015 ComputerName: USER-PC UserName: user
23:02:32.779 Initialize success
23:02:35.165 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:02:35.166 Disk 0 Vendor: Hitachi_HTS543232L9A300 FB4OC40C Size: 305245MB BusType: 3
23:02:35.192 Disk 0 MBR read successfully
23:02:35.207 Disk 0 MBR scan
23:02:35.210 Disk 0 Windows VISTA default MBR code
23:02:35.213 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 141 MB offset 63
23:02:35.220 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 90000 MB offset 290816
23:02:35.245 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 215102 MB offset 184610816
23:02:35.250 Disk 0 scanning sectors +625139712
23:02:35.315 Disk 0 scanning C:\Windows\system32\drivers
23:02:43.979 Service scanning
23:03:06.964 Modules scanning
23:03:15.504 Disk 0 trace - called modules:
23:03:15.538 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys afd.sys rdbss.sys
23:03:15.881 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85fce4a8]
23:03:15.885 3 CLASSPNP.SYS[8a7af745] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x857198e0]
23:03:15.890 Scan finished successfully
23:03:39.977 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
23:03:39.982 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"

Attached Files

  • Attached File  MBR.zip   567bytes   0 downloads


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:24 PM

Posted 09 November 2012 - 11:28 AM

Good, now we can proceed with these scans.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html


Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).

Please post the logs for my review.

#5 Jai Reh

Jai Reh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 10 November 2012 - 07:29 AM

hi nasdaq!

after almost 9 hours of waiting Combofix to respond, i have decided to hard reset my laptop because i think it just stopped. however after rebooting, i noticed that my problem ( windows host process rundll32.exe has stopped working ) is gone.. i can now open windows security, applications, games and those that i cannot when i have the problem.. but still i didnt finish COMBOFIX properly

do i still need to rerun Combofix and do the rest of what you have asked to do?
because i "think" my problem is gone now and im very very happy!

I greatly appreciate you taking the time to help me with my problem!

#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:24 PM

Posted 10 November 2012 - 08:48 AM

Just to check, Run ComboFix one more time. It should not take more than 15 to 20 min. to give you a log. Post it if you can.

Run the other tools also. Might as well clean this computer while at it.

#7 Jai Reh

Jai Reh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 10 November 2012 - 09:55 AM

hi nasdaq, i only did combofix and security check because adwcleaner is not showing up if i try to run, only at the task manager..

here are the logs:

ComboFix 12-11-09.02 - user 11/10/2012 22:23:08.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3066.2011 [GMT 8:00]
Running from: c:\users\user\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
D:\Autorun.inf
.
---- Previous Run -------
.
c:\windows\XSxS
D:\kwyuk.pif
.
.
((((((((((((((((((((((((( Files Created from 2012-10-10 to 2012-11-10 )))))))))))))))))))))))))))))))
.
.
2012-11-10 14:30 . 2012-11-10 14:32 -------- d-----w- c:\users\user\AppData\Local\temp
2012-11-09 15:11 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll
2012-11-09 15:10 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll
2012-11-09 15:10 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll
2012-11-09 15:09 . 2009-08-24 12:16 378368 ----a-w- c:\windows\system32\winhttp.dll
2012-11-05 12:00 . 2012-11-05 12:00 -------- d-----w- c:\programdata\ATI
2012-11-05 12:00 . 2012-11-05 12:00 -------- d-----w- c:\program files\AMD APP
2012-11-05 11:54 . 2012-11-05 11:54 -------- d-----w- C:\AMD
2012-11-05 11:02 . 2012-11-05 11:02 388096 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-11-05 11:02 . 2012-11-05 11:02 -------- d-----w- c:\program files\Trend Micro
2012-11-05 09:52 . 2012-11-05 09:53 -------- d-----w- c:\users\user\AppData\Local\Deployment
2012-11-05 09:52 . 2012-11-05 09:52 -------- d-----w- c:\users\user\AppData\Local\Apps
2012-11-05 09:18 . 2012-11-05 09:18 99044 ----a-w- C:\whiss.exe
2012-11-05 08:31 . 2012-11-05 08:31 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-05 08:31 . 2012-11-05 08:31 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-05 07:31 . 2012-11-05 07:31 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE
2012-11-05 07:19 . 2009-09-10 15:21 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2012-11-05 07:19 . 2009-09-10 15:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
2012-11-05 06:08 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax
2012-11-05 06:08 . 2008-04-23 04:41 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-11-05 06:08 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll
2012-11-05 06:08 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax
2012-11-05 05:59 . 2008-04-30 05:36 454656 ----a-w- c:\program files\Common Files\System\msadc\msadce.dll
2012-11-05 05:54 . 2009-11-08 02:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-11-05 05:54 . 2009-11-08 02:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2012-11-05 05:54 . 2009-11-08 02:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2012-11-05 05:54 . 2009-11-08 02:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2012-11-05 05:54 . 2009-11-08 02:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-11-05 05:51 . 2010-02-20 23:39 24064 ----a-w- c:\windows\system32\nshhttp.dll
2012-11-05 05:51 . 2010-02-20 23:37 31232 ----a-w- c:\windows\system32\httpapi.dll
2012-11-05 05:51 . 2010-02-20 21:18 411136 ----a-w- c:\windows\system32\drivers\http.sys
2012-11-05 05:45 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2012-11-05 05:45 . 2008-06-23 01:59 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2012-11-05 05:45 . 2008-06-23 01:58 94720 ----a-w- c:\windows\system32\logagent.exe
2012-11-05 05:45 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2012-11-05 05:45 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2012-11-05 05:44 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2012-11-05 05:44 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2012-11-05 05:44 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2012-11-05 05:44 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2012-11-05 05:44 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2012-11-05 05:44 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2012-11-05 05:44 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2012-11-05 05:44 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2012-11-05 05:42 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll
2012-11-05 05:42 . 2010-08-31 15:41 954752 ----a-w- c:\windows\system32\mfc40.dll
2012-11-05 05:42 . 2010-08-31 15:41 954288 ----a-w- c:\windows\system32\mfc40u.dll
2012-11-05 05:42 . 2010-12-20 15:39 563200 ----a-w- c:\windows\system32\oleaut32.dll
2012-11-05 05:42 . 2011-06-02 12:59 2042368 ----a-w- c:\windows\system32\win32k.sys
2012-11-05 05:42 . 2011-04-29 12:49 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-11-05 05:42 . 2011-04-29 12:49 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-11-05 05:40 . 2010-02-18 14:11 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-05 05:39 . 2008-10-29 06:29 2927104 ----a-w- c:\windows\explorer.exe
2012-11-05 05:39 . 2011-02-16 15:35 430080 ----a-w- c:\windows\system32\vbscript.dll
2012-11-05 05:39 . 2008-06-06 03:27 38912 ----a-w- c:\windows\system32\xolehlp.dll
2012-11-05 05:39 . 2008-06-06 03:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2012-11-05 05:39 . 2008-10-22 03:57 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2012-11-05 05:39 . 2011-04-14 14:24 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2012-11-05 05:39 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll
2012-11-05 05:38 . 2011-03-02 14:49 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-11-05 05:38 . 2009-05-04 10:11 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2012-11-05 05:38 . 2008-06-26 01:45 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2012-11-05 05:38 . 2008-06-26 01:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2012-11-05 05:38 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2012-11-05 05:36 . 2011-03-10 16:12 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2012-11-05 05:36 . 2011-03-10 16:12 1136640 ----a-w- c:\windows\system32\mfc42.dll
2012-11-05 05:35 . 2010-10-12 15:48 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2012-11-05 05:35 . 2010-10-12 13:52 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2012-11-05 05:35 . 2010-10-12 13:52 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2012-11-05 05:34 . 2011-02-22 12:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-11-05 05:34 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2012-11-05 05:34 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2012-11-05 05:34 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2012-11-05 05:34 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2012-11-05 05:34 . 2010-10-15 14:08 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-11-05 05:34 . 2010-10-15 14:08 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-11-05 05:34 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2012-11-05 05:33 . 2010-06-11 15:30 1257472 ----a-w- c:\windows\system32\msxml3.dll
2012-11-05 05:33 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-05 05:32 . 2008-04-18 05:48 269312 ----a-w- c:\windows\system32\es.dll
2012-11-05 05:32 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
2012-11-05 05:29 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2012-11-05 05:29 . 2008-10-21 05:25 296960 ----a-w- c:\windows\system32\gdi32.dll
2012-11-05 05:29 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2012-11-05 05:29 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\msdxm.ocx
2012-11-05 05:29 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2012-11-05 05:29 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2012-11-05 05:29 . 2009-07-14 10:59 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe
2012-11-05 05:29 . 2009-07-14 10:58 107520 ----a-w- c:\program files\Windows Media Player\wmpshare.exe
2012-11-05 05:29 . 2009-07-14 08:30 43520 ----a-w- c:\windows\system32\msdxm.tlb
2012-11-05 05:29 . 2009-07-14 08:30 18432 ----a-w- c:\windows\system32\amcompat.tlb
2012-11-05 05:29 . 2011-04-21 13:16 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2012-11-05 05:29 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll
2012-11-05 05:28 . 2010-06-17 17:15 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll
2012-11-05 05:28 . 2010-06-17 15:49 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe
2012-11-05 05:26 . 2010-06-18 16:43 36352 ----a-w- c:\windows\system32\rtutils.dll
2012-11-05 05:26 . 2009-03-17 03:38 13824 ----a-w- c:\windows\system32\apilogen.dll
2012-11-05 05:26 . 2009-03-17 03:38 24064 ----a-w- c:\windows\system32\amxread.dll
2012-11-05 05:26 . 2008-04-29 03:54 181760 ----a-w- c:\windows\system32\fsquirt.exe
2012-11-05 05:26 . 2008-04-29 01:42 220160 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-11-05 05:26 . 2008-04-29 01:42 29184 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2012-11-05 05:24 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll
2012-11-05 05:23 . 2010-01-25 08:35 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2012-11-05 05:23 . 2010-01-25 08:34 511488 ----a-w- c:\windows\system32\RMActivate.exe
2012-11-05 05:23 . 2010-01-25 08:35 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2012-11-05 05:23 . 2010-01-25 08:34 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2012-11-05 05:23 . 2010-01-25 12:48 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2012-11-05 05:23 . 2010-01-25 12:48 472064 ----a-w- c:\windows\system32\secproc.dll
2012-11-05 05:23 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2012-11-05 05:23 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2012-11-05 05:23 . 2010-01-25 12:45 329216 ----a-w- c:\windows\system32\msdrm.dll
2012-11-05 05:22 . 2008-05-08 21:59 90112 ----a-w- c:\windows\system32\wshext.dll
2012-11-05 05:22 . 2008-05-08 21:59 180224 ----a-w- c:\windows\system32\scrobj.dll
2012-11-05 05:22 . 2008-05-08 21:59 172032 ----a-w- c:\windows\system32\scrrun.dll
2012-11-05 05:22 . 2008-05-08 21:59 155648 ----a-w- c:\windows\system32\wscript.exe
2012-11-05 05:22 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\cscript.exe
2012-11-05 05:22 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\wshom.ocx
2012-11-05 05:22 . 2011-04-20 14:47 375808 ----a-w- c:\windows\system32\winsrv.dll
2012-11-05 05:22 . 2011-04-20 14:44 49152 ----a-w- c:\windows\system32\csrsrv.dll
2012-11-05 05:20 . 2008-06-19 03:31 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2012-11-05 05:20 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll
2012-11-05 05:20 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-11-05 05:20 . 2010-12-28 14:56 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2012-11-05 05:20 . 2010-12-28 14:56 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2012-11-05 05:20 . 2010-12-28 14:56 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-10 14:33 . 2012-11-10 14:32 99044 --sh--r- C:\rbjtn.exe
2012-09-29 11:54 . 2011-07-04 04:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files\NCH_EN\prxtbNCH_.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e}]
2011-05-09 08:49 176936 ----a-w- c:\program files\NCH_EN\prxtbNCH_.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files\NCH_EN\prxtbNCH_.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{37483B40-C254-4A72-BDA4-22EE90182C1E}"= "c:\program files\NCH_EN\prxtbNCH_.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-10-25 07:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-10-25 07:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-10-25 07:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-10-25 07:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"YouSendIt.exe"="c:\program files\YouSendIt\Express\YouSendIt.exe" [2012-04-10 271872]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Optimizer Pro"="c:\program files\Optimizer Pro\OptProLauncher.exe" [2012-01-02 147448]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 288040]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-05-06 520257]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 253952]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1308528]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-06-02 3563520]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-01-17 2339168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 104408]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-03 641704]
.
c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-27 98632]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-10-22 183296]
AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-11-18 780840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4018445117-2334652239-84329530-1000]
"EnableNotificationsRef"=dword:00000001
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd95f71cbecd88.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-10 06:01]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-10 06:01]
.
2011-12-26 c:\windows\Tasks\{40500775-5FB9-4245-8DB3-F38E37E63EF5}.job
- c:\program files\Skype\Phone\Skype.exe [2011-10-13 08:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://search.gboxapp.com/
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = 219.130.39.9:3128
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 124.106.4.2 124.106.5.2
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-10 22:34
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1108)
c:\windows\system32\btmmhook.dll
c:\program files\FileZilla FTP Client\fzshellext.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\BCMWLCPL.CPL
c:\progra~1\MICROS~2\Office12\GR326C~1.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\AVG\AVG10\avgchsvx.exe
c:\progra~1\AVG\AVG10\avgrsx.exe
c:\program files\Fingerprint Sensor\AtService.exe
c:\windows\system32\atiesrxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\system32\WLANExt.exe
c:\windows\System32\bcmwltry.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Optimizer Pro\OptProSmartScan.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Optimizer Pro\OptProReminder.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\users\user\AppData\Local\Temp\wingbuxk.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-11-10 22:38:58 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-10 14:38
.
Pre-Run: 19,190,632,448 bytes free
Post-Run: 19,015,561,216 bytes free
.
- - End Of File - - C103C6963DD0DD0A03CDADD37BA8F1FE

here is the Security Check log:

Results of screen317's Security Check version 0.99.54
Windows Vista Service Pack 1 x86 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
CCleaner
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Thunderbird (3.1.6) Thunderbird out of Date!
Google Chrome 22.0.1229.96
Google Chrome 23.0.1271.64
````````Process Check: objlist.exe by Laurent````````
AVG avgrsx.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 8 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:24 PM

Posted 11 November 2012 - 09:06 AM

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
===

http://support.microsoft.com/lifecycle/search/?sort=PN&alpha=WINDOWS+vista
Support for Windows Vista Service Pack 1 support ended on 12/07/2011

For continued security support from Microsoft get the Service Pack 2.
http://support.microsoft.com/kb/935791
===

You should also get Internet Explorer 8. You may not use it regularly but it has more protection then IE 7.

Please let me know what problem persists.

#9 Jai Reh

Jai Reh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 12 November 2012 - 03:21 AM

thanks nasdaq, i think all the problems are solved.

#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:24 PM

Posted 12 November 2012 - 11:11 AM

If all is well:

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

To remove AdwCleaner.

Please double click on AdwCleaner.exe to run the tool.
Click on Uninstall.
Confirm with Yes.

Delete the other tools we used.

Surf Safely, and Think Prevention!
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users