Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Persistent Trojan: svchost.exe, winrscmde filename.


  • This topic is locked This topic is locked
26 replies to this topic

#1 Timisticus

Timisticus

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 21 November 2012 - 12:54 AM

Couple days ago, I got nailed with what has become a persistent Trojan virus that is originating from a C:\windows\svchost.ext pathway. Malwarebytes has identified it as a Trojan virus, and while I would love to just delete the file, research suggests that I shouldn't. I would rather not spend the time wiping and reformatting the hardrive, but don't know what else to do. Saw that you guys help with this, so I thought I'd give this a shot before I do something rash. Help would be appreciated. Thanks!

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:45 AM

Posted 21 November 2012 - 02:21 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3


    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following

  • both reports from DDS
  • report from security check
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Timisticus

Timisticus
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 21 November 2012 - 09:15 PM

Notes: Lots of malicious URL's being blocked by Avast! doing Security Check. DeFogger Disable/Re-enable window was still up after the processed finished. I clicked OK, then closed the other window.

Here's the security check log:
Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
AVG Anti-Virus Free Edition 2012
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 29
Java™ 6 Update 3
Java version out of Date!
Adobe Flash Player 11.4.402.287
Adobe Reader X (10.1.4)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````

#4 Timisticus

Timisticus
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 21 November 2012 - 09:21 PM

DDS downloaded very quickly from Link 1 and went right into its scan as soon as I double clicked it. Prompt said it was running in silent mode.

DDS.txt log:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455
Run by Tim at 18:16:38 on 2012-11-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4087.1780 [GMT -8:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Windows\SysWOW64\java.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
\\.\globalroot\systemroot\svchost.exe -netsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Tim\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Users\Tim\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.gmail.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Google Update] "C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun: [Conime] C:\Windows\System32\conime.exe
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\Users\Tim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Tim\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Tim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{973B20BE-46BB-43A2-A2BF-742167873E5A} : DHCPNameServer = 192.168.1.1 209.18.47.61 209.18.47.62
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-11-20 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-11-20 370288]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-11-20 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-11-20 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-20 44808]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files (x86)\CrashPlan\CrashPlanService.exe [2012-11-12 152576]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
R2 LinksysUpdater;Linksys Updater;C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-11-13 204800]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-12-27 1327520]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" --> C:\Program Files (x86)\Malwarebytes' Anti-Malware

\mbamscheduler.exe [?]
S2 MBAMService;MBAMService;"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" --> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

[?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-21 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-24 1255736]
S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem --> C:\Windows\System32\xsherlock.xem [?]
.
=============== Created Last 30 ================
.
2012-11-22 02:11:18 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{56A51402-8F47-41ED-83CF-5748DE60DD27}\offreg.dll
2012-11-21 06:04:18 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-11-21 06:04:09 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-11-21 06:03:53 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-11-21 06:02:27 41224 ----a-w- C:\Windows\avastSS.scr
2012-11-21 06:02:04 -------- d-----w- C:\ProgramData\AVAST Software
2012-11-21 06:02:04 -------- d-----w- C:\Program Files\AVAST Software
2012-11-21 05:56:34 6851408 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-11-21 05:56:29 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{56A51402-8F47-41ED-83CF-5748DE60DD27}\mpengine.dll
2012-11-21 05:35:08 -------- d-----w- C:\Users\Tim\AppData\Roaming\AVG2012
2012-11-21 05:31:35 20480 ----a-w- C:\Windows\svchost.exe
2012-11-21 00:15:28 -------- d-----w- C:\Program Files\Common Files\McAfee
2012-11-20 04:18:53 -------- d-----w- C:\ProgramData\CrashPlan
2012-11-20 04:18:53 -------- d-----w- C:\Program Files (x86)\CrashPlan
2012-11-20 04:16:46 -------- d-----w- C:\Users\Tim\AppData\Roaming\CrashPlan
2012-11-19 05:44:08 -------- d-----w- C:\Users\Tim\AppData\Roaming\SUPERAntiSpyware.com
2012-11-19 05:43:59 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-11-19 05:43:59 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-11-19 03:31:20 -------- d-----w- C:\Users\Tim\AppData\Roaming\Malwarebytes
2012-11-19 03:31:04 -------- d-----w- C:\ProgramData\Malwarebytes
2012-11-16 11:08:23 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-16 11:08:23 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-16 11:08:23 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-16 11:08:23 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-16 11:01:24 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-16 11:01:24 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-16 11:01:22 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-16 11:01:22 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-16 11:01:21 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-16 11:01:21 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-16 11:01:21 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-15 23:15:08 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-11-15 23:15:08 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-10-30 15:00:26 -------- d-----w- C:\Users\Tim\AppData\Local\{8A22884A-719A-4F76-9A87-C085C3CE639B}
2012-10-27 06:14:54 -------- d-----w- C:\ProgramData\Visan
2012-10-27 06:14:54 -------- d-----w- C:\ProgramData\PrintProjects
2012-10-27 06:14:54 -------- d-----w- C:\Program Files (x86)\PrintProjects
2012-10-27 06:07:38 -------- d-----w- C:\Windows\SysWow64\kodak
.
==================== Find3M ====================
.
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-11 05:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll
2012-10-11 05:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll
2012-10-11 05:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll
2012-10-11 05:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2012-10-11 05:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll
2012-10-11 05:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2012-10-11 05:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2012-10-11 05:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-09 16:27:20 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 16:27:20 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-10-02 21:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-10-02 19:51:15 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-09-29 21:48:36 1793536 ----a-w- C:\Windows\System32\EKAiO2MON.dll
2012-09-29 21:48:24 183808 ----a-w- C:\Windows\System32\EKAiO2COI10.dll
2012-09-22 07:29:28 666720 ----a-w- C:\Windows\SysWow64\xsherlock.xem
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
.
============= FINISH: 18:17:26.27 ===============

#5 Timisticus

Timisticus
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 21 November 2012 - 09:23 PM

Attach.txt log
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/3/2011 5:45:00 PM
System Uptime: 11/21/2012 1:52:52 PM (5 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P7P55 LX
Processor: Intel® Core™ i5 CPU 760 @ 2.80GHz | LGA1156 | 1176/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 784.966 GiB free.
D: is CDROM (CDFS)
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP361: 11/10/2012 5:50:14 AM - Installed Evernote v. 4.5.10
RP362: 11/11/2012 6:50:41 AM - Windows Update
RP363: 11/14/2012 4:18:57 PM - Windows Update
RP364: 11/16/2012 3:00:27 AM - Windows Update
RP365: 11/17/2012 3:00:11 AM - Windows Update
RP366: 11/18/2012 3:00:11 AM - Windows Update
RP367: 11/19/2012 8:17:49 PM - Installed CrashPlan
RP368: 11/20/2012 4:54:51 PM - Removed AVG 2012
RP369: 11/20/2012 5:00:31 PM - Removed AVG 2012
RP370: 11/20/2012 9:24:47 PM - Removed AVG 2012
RP371: 11/20/2012 10:01:24 PM - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
aioscnnr
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
AVG 2012
Axis and Allies
Bing Bar
Bonjour
BookSmart® 3.2.5 3.2.5
C4USelfUpdater
CallAtlanta
center
Company of Heroes
Company of Heroes: Opposing Fronts
Company of Heroes: Tales of Valor
CrashPlan
D3DX10
DC Universe Online
Dropbox
EPU-4 Engine
essentials
Evernote v. 4.5.10
FileZilla Client 3.5.3
Global Agenda - Demo
Google Chrome
Google Talk Plugin
iSEEK AnswerWorks English Runtime
iTunes
Java Auto Updater
Java™ 6 Update 29
Java™ 6 Update 3
Junk Mail filter update
Kodak AIO Printer
KODAK AiO Software
Linksys EasyLink Advisor
Magic: The Gathering — Duels of the Planeswalkers 2012
Malwarebytes Anti-Malware version 1.65.1.1000
Market Samurai
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft PowerPoint Viewer
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mount & Blade
Mount & Blade: Warband
Mount & Blade: With Fire and Sword
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA 3D Vision Controller Driver 301.42
NVIDIA 3D Vision Driver 306.97
NVIDIA Control Panel 306.97
NVIDIA Graphics Driver 306.97
NVIDIA HD Audio Driver 1.3.16.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0213
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
ocr
OpenAL
Platform
PreReq
PrintProjects
Pure Networks Platform
Quicken 2012
QuickTime
Realtek Ethernet Controller Driver For Windows Vista and Later
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Sid Meier's Civilization V
Sniper Elite
Star Wars: Knights of the Old Republic
Steam
Stronghold
Stronghold 2
Stronghold Crusader + Extreme
Stronghold Legends
SUPERAntiSpyware
System Requirements Lab
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Vanguard: Saga of Heroes F2P
VIA Platform Device Manager
Visual Studio 2008 x64 Redistributables
WebEx Support Manager for Internet Explorer
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
11/21/2012 6:03:25 PM, Error: Microsoft-Windows-Bits-Client [16398] - A new BITS job could not be created. The current job count for the user Tim-PC\Tim (172) is equal to or greater than the job limit (60) specified through group policy. To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.
11/21/2012 3:36:37 PM, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.
11/21/2012 3:36:37 PM, Error: Service Control Manager [7000] - The MBAMScheduler service failed to start due to the following error: The system cannot find the file specified.
11/21/2012 3:36:06 PM, Error: Service Control Manager [7003] - The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
11/21/2012 3:35:46 PM, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.
11/21/2012 12:49:36 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
11/21/2012 12:49:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/21/2012 12:49:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/21/2012 12:49:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/21/2012 12:49:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
11/21/2012 12:49:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/21/2012 12:49:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/21/2012 12:49:19 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO aswRdr aswSnx aswSP aswTdi DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx Wanarpv6 WfpLwf
11/21/2012 12:49:17 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/21/2012 12:49:17 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/21/2012 12:49:17 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/21/2012 12:49:17 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/21/2012 12:49:17 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/21/2012 12:49:17 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
11/21/2012 12:49:16 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/21/2012 12:49:16 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/21/2012 12:49:16 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
11/21/2012 12:49:16 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/21/2012 12:49:16 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/21/2012 12:49:14 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000301ffd0, 0x0000000000000000, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112112-50793-01.
11/21/2012 1:49:47 PM, Error: Microsoft-Windows-Bits-Client [16398] - A new BITS job could not be created. The current job count for the user Tim-PC\Tim (176) is equal to or greater than the job limit (60) specified through group policy. To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.
11/20/2012 9:37:25 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO DfsC discache mfehidk NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx Wanarpv6 WfpLwf
11/20/2012 9:37:24 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
11/20/2012 4:30:56 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO Avgldx64 Avgmfx64 Avgtdia DfsC discache mfehidk MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx Wanarpv6 WfpLwf
11/20/2012 4:30:56 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x000000000007286b, 0x0000000000000002, 0x0000000000000001, 0xfffff800031140c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-33602-01.
11/20/2012 12:06:22 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO Avgldx64 Avgmfx64 Avgtdia DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx Wanarpv6 WfpLwf
11/20/2012 10:09:35 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800033cc63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-22495-01.
11/19/2012 8:10:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
11/19/2012 8:10:59 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/19/2012 6:27:54 PM, Error: Microsoft Antimalware [2001] -
11/19/2012 6:08:36 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
11/19/2012 5:01:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
11/19/2012 4:51:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx64 Avgmfx64 Avgtdia DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx Wanarpv6 WfpLwf
11/19/2012 4:51:04 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f7 (0x0000000000000068, 0x0000160bdf95e704, 0xffffe9f4206a18fb, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-24632-01.
11/19/2012 4:30:06 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024864.
11/19/2012 4:30:06 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070020.
11/18/2012 7:28:05 PM, Error: Schannel [36887] - The following fatal alert was received: 47.
11/18/2012 7:26:50 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff800031130c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-38469-01.
11/18/2012 4:12:45 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7.
11/18/2012 3:48:40 PM, Error: Microsoft-Windows-Bits-Client [16398] - A new BITS job could not be created. The current job count for the user Tim-PC\Tim (181) is equal to or greater than the job limit (60) specified through group policy. To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.
11/17/2012 3:20:50 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/17/2012 3:20:50 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
11/16/2012 3:17:18 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2221.0).
11/16/2012 3:13:46 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2763523).
11/16/2012 3:13:46 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2761226).
11/14/2012 4:19:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.2086.0).
.
==== End Of File ===========================

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:45 AM

Posted 21 November 2012 - 09:36 PM

Hello


These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Timisticus

Timisticus
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 22 November 2012 - 12:26 AM

When I opened Google Chrome to post this after the reboot, a box came up that said some preferences file was corrupted and could not be used by Chrome.

Here's the AdwCleaner log:

# AdwCleaner v2.008 - Logfile created 11/21/2012 at 21:19:49
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Tim - TIM-PC
# Boot Mode : Normal
# Running from : C:\Users\Tim\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\Software\Freeze.com

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Chromium v [Unable to get version]

File : C:\Users\Tim\AppData\Local\Chromium\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [829 octets] - [21/11/2012 21:19:49]

########## EOF - C:\AdwCleaner[S1].txt - [888 octets] ##########

#8 Timisticus

Timisticus
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 22 November 2012 - 12:32 AM

Here's the RogueKiller report.... it says certain processes were 'Killed," but Avast! was still blocking malicious URLs.

RogueKiller V8.3.1 [Nov 20 2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tim [Admin rights]
Mode : Remove -- Date : 11/21/2012 21:29:36

¤¤¤ Bad processes : 2 ¤¤¤
[SVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]
[RESIDUE] Dropbox.exe -- C:\Users\Tim\AppData\Roaming\Dropbox\bin\Dropbox.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe" /c) -> DELETED
[TASK][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-62808318-3050735972-2692025581-1000UA.job : C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler -> DELETED
[TASK][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-62808318-3050735972-2692025581-1000Core.job : C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe /c -> DELETED
[TASK][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-62808318-3050735972-2692025581-1000Core : C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe /c -> DELETED
[TASK][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-62808318-3050735972-2692025581-1000UA : C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler -> ERROR
[STARTUP][SUSP PATH] Dropbox.lnk @Tim : C:\Users\Tim\AppData\Roaming\Dropbox\bin\Dropbox.exe -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDS721010CLA332 ATA Device +++++
--- User ---
[MBR] 4efae2ac709ef1594780ea492d38ca73
[BSP] 514f960cefe577c98422ecfe7db6a7ff : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] be98207fe49e7dec378595ac1c83f35e
[BSP] 514f960cefe577c98422ecfe7db6a7ff : Windows 7/8 MBR Code
Partition table:
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo

Finished : << RKreport[2]_D_11212012_02d2129.txt >>
RKreport[1]_S_11212012_02d2128.txt ; RKreport[2]_D_11212012_02d2129.txt

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:45 AM

Posted 22 November 2012 - 12:47 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 Timisticus

Timisticus
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 22 November 2012 - 12:36 PM

Ran combo fix and it looks like it did delete the troublesome file, but after the reboot I can't navigate anywhere from my desktop! I cannot access the Internet to post the log, and I can't put the file into my Dropbox. Each time I try too open a program I get a box saying access has been denied because a file has been marked for removal or deletion. I'll put the log on a flash drive and post it via another computer I guess.

#11 Timisticus

Timisticus
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 22 November 2012 - 12:42 PM

On second thought, should I even try to use a flash drive for file transfer?

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:45 AM

Posted 22 November 2012 - 08:51 PM

restart the computer and let me know how things are (see note 2 above)


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Timisticus

Timisticus
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 23 November 2012 - 03:44 AM

Restart did the trick.... computer is running pretty smooth. Internet pages were loading faster than they have been, but Avast! is still blocking a lot of malicious URLs.

Here's the Combofix log:

ComboFix 12-11-22.03 - Tim 11/22/2012 9:06.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4087.2737 [GMT -8:00]
Running from: c:\users\Tim\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Default\AppData\Roaming\DPInst.exe
c:\users\Default\AppData\Roaming\gacutil.exe
c:\users\Default\AppData\Roaming\PnPutil.exe
c:\windows\svchost.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
c:\windows\TEMP\jna730759014612893561.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-10-22 to 2012-11-22 )))))))))))))))))))))))))))))))
.
.
2012-11-22 17:16 . 2012-11-22 17:16 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-11-22 17:16 . 2012-11-22 17:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-21 06:04 . 2012-10-30 23:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-11-21 06:04 . 2012-10-30 23:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-11-21 06:04 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-11-21 06:04 . 2012-10-30 23:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-11-21 06:04 . 2012-10-30 23:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-11-21 06:03 . 2012-10-30 23:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-11-21 06:03 . 2012-10-30 23:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-11-21 06:02 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2012-11-21 06:02 . 2012-10-30 23:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-11-21 06:02 . 2012-11-21 06:02 -------- d-----w- c:\programdata\AVAST Software
2012-11-21 06:02 . 2012-11-21 06:02 -------- d-----w- c:\program files\AVAST Software
2012-11-21 05:56 . 2012-11-19 09:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{56A51402-8F47-41ED-83CF-5748DE60DD27}\mpengine.dll
2012-11-21 05:35 . 2012-11-21 05:35 -------- d-----w- c:\users\Tim\AppData\Roaming\AVG2012
2012-11-21 00:15 . 2012-11-21 06:09 -------- d-----w- c:\program files\Common Files\McAfee
2012-11-20 04:18 . 2012-11-20 04:19 -------- d-----w- c:\programdata\CrashPlan
2012-11-20 04:18 . 2012-11-20 04:19 -------- d-----w- c:\program files (x86)\CrashPlan
2012-11-20 04:16 . 2012-11-20 04:24 -------- d-----w- c:\users\Tim\AppData\Roaming\CrashPlan
2012-11-19 05:44 . 2012-11-19 05:44 -------- d-----w- c:\users\Tim\AppData\Roaming\SUPERAntiSpyware.com
2012-11-19 05:43 . 2012-11-19 05:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-11-19 05:43 . 2012-11-19 05:43 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-11-19 03:31 . 2012-11-19 03:31 -------- d-----w- c:\users\Tim\AppData\Roaming\Malwarebytes
2012-11-19 03:31 . 2012-11-19 03:31 -------- d-----w- c:\programdata\Malwarebytes
2012-11-16 11:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 11:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 11:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-16 11:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 11:03 . 2012-10-08 11:31 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-16 11:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 11:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 11:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 11:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-16 11:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-16 11:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-16 11:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 23:15 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 23:15 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-10-27 06:14 . 2012-10-27 06:14 -------- d-----w- c:\program files (x86)\PrintProjects
2012-10-27 06:14 . 2012-10-27 06:14 -------- d-----w- c:\programdata\Visan
2012-10-27 06:14 . 2012-10-27 06:14 -------- d-----w- c:\programdata\PrintProjects
2012-10-27 06:14 . 2012-10-27 06:14 -------- d-----w- c:\users\Default\AppData\Local\Eastman_Kodak_Company
2012-10-27 06:07 . 2012-10-27 06:07 -------- d-----w- c:\windows\SysWow64\kodak
2012-10-27 06:03 . 2012-10-27 06:03 -------- d-----w- c:\users\Default\AppData\Roaming\KODAK AiO Home Center607334739
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 11:02 . 2010-05-24 21:32 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-11 05:23 . 2012-10-11 05:23 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-11 05:23 . 2012-10-11 05:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-11 05:23 . 2012-10-11 05:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-11 05:23 . 2012-10-11 05:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-11 05:23 . 2012-10-11 05:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-11 05:23 . 2012-10-11 05:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-11 05:23 . 2012-10-11 05:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-11 05:23 . 2012-10-11 05:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-11 05:23 . 2012-10-11 05:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-11 05:23 . 2012-10-11 05:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-11 05:23 . 2010-12-28 05:28 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-11 05:23 . 2012-05-23 13:44 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-11 05:23 . 2010-12-28 05:28 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-11 05:23 . 2012-10-11 05:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-11 05:23 . 2012-10-11 05:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-11 05:23 . 2012-10-11 05:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-11 05:23 . 2010-12-28 05:28 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-11 05:22 . 2012-10-11 05:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-11 05:22 . 2012-10-11 05:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-11 05:22 . 2011-10-31 22:26 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-11 05:22 . 2010-12-28 05:28 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-11 05:22 . 2012-10-11 05:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-11 05:22 . 2012-10-11 05:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-11 05:22 . 2012-10-11 05:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-11 05:22 . 2012-10-11 05:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-09 16:27 . 2012-08-14 20:48 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 16:27 . 2012-08-14 20:48 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-02 21:15 . 2012-10-02 21:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-10-02 19:51 . 2012-05-23 13:46 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2010-10-16 21:13 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2010-10-16 21:13 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2011-10-30 17:33 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2010-10-16 21:13 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2010-10-16 21:13 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2010-10-16 21:13 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-09-29 21:48 . 2012-09-29 21:48 1793536 ----a-w- c:\windows\system32\EKAiO2MON.dll
2012-09-29 21:48 . 2012-09-29 21:48 183808 ----a-w- c:\windows\system32\EKAiO2COI10.dll
2012-09-22 07:29 . 2012-09-22 07:29 666720 ----a-w- c:\windows\SysWow64\xsherlock.xem
2012-09-14 19:19 . 2012-10-10 05:46 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 05:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-08-31 18:19 . 2012-10-10 05:46 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 05:45 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 05:45 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 05:45 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-24 18:05 . 2012-10-11 00:42 220160 ----a-w- c:\windows\system32\wintrust.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 5629312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-13 642856]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2012-10-15 2844608]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2012-10-19 2235840]
.
c:\users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-10-26 1017184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CrashPlan Tray.lnk - c:\program files (x86)\CrashPlan\CrashPlanTray.exe [2012-11-12 217088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-24 1255736]
R3 X6va005;X6va005;c:\users\Tim\AppData\Local\Temp\0058D7D.tmp [x]
R3 X6va006;X6va006;c:\users\Tim\AppData\Local\Temp\006B085.tmp [x]
R3 X6va008;X6va008;c:\users\Tim\AppData\Local\Temp\008B1FC.tmp [x]
R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 CrashPlanService;CrashPlan Backup Service;c:\program files (x86)\CrashPlan\CrashPlanService.exe [2012-11-12 152576]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
S2 LinksysUpdater;Linksys Updater;c:\program files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-11-13 204800]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-05-15 1327520]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 16:27]
.
2012-11-19 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 41e46470-3927-449f-9af4-0d995ebfbfad.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2012-11-22 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 455044e3-c48a-4380-b950-725a914917d1.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.gmail.com/
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: primerica.com\pol1
Trusted Zone: primerica.com\pol2
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1 209.18.47.61 209.18.47.62
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre6\bin\jusched.exe
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
Toolbar-Locked - (no file)
HKLM-Run-MSC - c:\program files\Microsoft Security Client\msseces.exe
AddRemove-Malwarebytes' Anti-Malware_is1 - c:\program files (x86)\Malwarebytes' Anti-Malware\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Tim\AppData\Local\Temp\0058D7D.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\Tim\AppData\Local\Temp\006B085.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\users\Tim\AppData\Local\Temp\008B1FC.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xsherlock]
"ImagePath"="c:\windows\system32\xsherlock.xem"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-62808318-3050735972-2692025581-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-62808318-3050735972-2692025581-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
c:\windows\SysWOW64\java.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\\.\globalroot\systemroot\svchost.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2012-11-22 09:26:34 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-22 17:26
.
Pre-Run: 842,456,309,760 bytes free
Post-Run: 844,040,749,056 bytes free
.
- - End Of File - - 762B3705A1F4F6484ED1D03FCD50E7E3

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:45 AM

Posted 24 November 2012 - 12:35 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Timisticus

Timisticus
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 24 November 2012 - 10:32 PM

OK, here's the first log from TDSSKiller, after the reboot, the box was still open to scan so I ran a second scan, which came up clean. I'll post that log as well.
19:23:17.0092 6028 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:23:17.0763 6028 ============================================================
19:23:17.0763 6028 Current date / time: 2012/11/24 19:23:17.0763
19:23:17.0763 6028 SystemInfo:
19:23:17.0763 6028
19:23:17.0763 6028 OS Version: 6.1.7601 ServicePack: 1.0
19:23:17.0763 6028 Product type: Workstation
19:23:17.0763 6028 ComputerName: TIM-PC
19:23:17.0763 6028 UserName: Tim
19:23:17.0763 6028 Windows directory: C:\Windows
19:23:17.0763 6028 System windows directory: C:\Windows
19:23:17.0763 6028 Running under WOW64
19:23:17.0763 6028 Processor architecture: Intel x64
19:23:17.0763 6028 Number of processors: 4
19:23:17.0763 6028 Page size: 0x1000
19:23:17.0763 6028 Boot type: Normal boot
19:23:17.0763 6028 ============================================================
19:23:19.0557 6028 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:23:19.0619 6028 ============================================================
19:23:19.0619 6028 \Device\Harddisk0\DR0:
19:23:19.0619 6028 MBR partitions:
19:23:19.0619 6028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:23:19.0619 6028 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
19:23:19.0619 6028 ============================================================
19:23:19.0666 6028 C: <-> \Device\Harddisk0\DR0\Partition2
19:23:19.0666 6028 ============================================================
19:23:19.0666 6028 Initialize success
19:23:19.0666 6028 ============================================================
19:24:15.0249 6244 ============================================================
19:24:15.0249 6244 Scan started
19:24:15.0249 6244 Mode: Manual;
19:24:15.0249 6244 ============================================================
19:24:15.0499 6244 ================ Scan system memory ========================
19:24:15.0499 6244 System memory - ok
19:24:15.0499 6244 ================ Scan services =============================
19:24:15.0561 6244 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:24:15.0561 6244 !SASCORE - ok
19:24:15.0717 6244 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:24:15.0717 6244 1394ohci - ok
19:24:15.0733 6244 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:24:15.0733 6244 ACPI - ok
19:24:15.0748 6244 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:24:15.0748 6244 AcpiPmi - ok
19:24:15.0857 6244 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:24:15.0857 6244 AdobeARMservice - ok
19:24:15.0982 6244 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:24:15.0998 6244 AdobeFlashPlayerUpdateSvc - ok
19:24:16.0029 6244 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:24:16.0045 6244 adp94xx - ok
19:24:16.0076 6244 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:24:16.0076 6244 adpahci - ok
19:24:16.0091 6244 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:24:16.0091 6244 adpu320 - ok
19:24:16.0123 6244 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:24:16.0123 6244 AeLookupSvc - ok
19:24:16.0154 6244 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:24:16.0169 6244 AFD - ok
19:24:16.0185 6244 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:24:16.0185 6244 agp440 - ok
19:24:16.0201 6244 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:24:16.0201 6244 ALG - ok
19:24:16.0216 6244 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:24:16.0216 6244 aliide - ok
19:24:16.0232 6244 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:24:16.0232 6244 amdide - ok
19:24:16.0263 6244 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:24:16.0263 6244 AmdK8 - ok
19:24:16.0279 6244 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:24:16.0279 6244 AmdPPM - ok
19:24:16.0294 6244 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:24:16.0294 6244 amdsata - ok
19:24:16.0310 6244 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:24:16.0310 6244 amdsbs - ok
19:24:16.0325 6244 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:24:16.0325 6244 amdxata - ok
19:24:16.0357 6244 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:24:16.0357 6244 AppID - ok
19:24:16.0372 6244 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:24:16.0388 6244 AppIDSvc - ok
19:24:16.0419 6244 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:24:16.0419 6244 Appinfo - ok
19:24:16.0481 6244 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:24:16.0481 6244 Apple Mobile Device - ok
19:24:16.0513 6244 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:24:16.0513 6244 arc - ok
19:24:16.0528 6244 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:24:16.0528 6244 arcsas - ok
19:24:16.0575 6244 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:24:16.0575 6244 AsIO - ok
19:24:16.0622 6244 aspnet_state - ok
19:24:16.0669 6244 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:24:16.0669 6244 aswFsBlk - ok
19:24:16.0731 6244 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:24:16.0731 6244 aswMonFlt - ok
19:24:16.0762 6244 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:24:16.0762 6244 aswRdr - ok
19:24:16.0793 6244 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:24:16.0809 6244 aswSnx - ok
19:24:16.0825 6244 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:24:16.0840 6244 aswSP - ok
19:24:16.0856 6244 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:24:16.0856 6244 aswTdi - ok
19:24:16.0871 6244 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:24:16.0871 6244 AsyncMac - ok
19:24:16.0903 6244 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:24:16.0903 6244 atapi - ok
19:24:16.0981 6244 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:24:16.0981 6244 AudioEndpointBuilder - ok
19:24:16.0996 6244 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:24:16.0996 6244 AudioSrv - ok
19:24:17.0074 6244 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:24:17.0074 6244 avast! Antivirus - ok
19:24:17.0215 6244 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
19:24:17.0261 6244 AVGIDSAgent - ok
19:24:17.0277 6244 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:24:17.0277 6244 avgwd - ok
19:24:17.0324 6244 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:24:17.0324 6244 AxInstSV - ok
19:24:17.0355 6244 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:24:17.0371 6244 b06bdrv - ok
19:24:17.0386 6244 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:24:17.0386 6244 b57nd60a - ok
19:24:17.0449 6244 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:24:17.0449 6244 BBSvc - ok
19:24:17.0480 6244 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:24:17.0480 6244 BDESVC - ok
19:24:17.0495 6244 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:24:17.0495 6244 Beep - ok
19:24:17.0542 6244 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:24:17.0542 6244 BFE - ok
19:24:17.0573 6244 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:24:17.0589 6244 BITS - ok
19:24:17.0605 6244 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:24:17.0605 6244 blbdrive - ok
19:24:17.0651 6244 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:24:17.0651 6244 Bonjour Service - ok
19:24:17.0683 6244 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:24:17.0698 6244 bowser - ok
19:24:17.0729 6244 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:24:17.0729 6244 BrFiltLo - ok
19:24:17.0745 6244 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:24:17.0761 6244 BrFiltUp - ok
19:24:17.0761 6244 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:24:17.0761 6244 BridgeMP - ok
19:24:17.0792 6244 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:24:17.0792 6244 Browser - ok
19:24:17.0823 6244 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:24:17.0823 6244 Brserid - ok
19:24:17.0839 6244 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:24:17.0839 6244 BrSerWdm - ok
19:24:17.0870 6244 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:24:17.0870 6244 BrUsbMdm - ok
19:24:17.0870 6244 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:24:17.0870 6244 BrUsbSer - ok
19:24:17.0885 6244 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:24:17.0885 6244 BTHMODEM - ok
19:24:17.0917 6244 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:24:17.0917 6244 bthserv - ok
19:24:17.0917 6244 catchme - ok
19:24:17.0948 6244 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:24:17.0948 6244 cdfs - ok
19:24:17.0995 6244 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:24:17.0995 6244 cdrom - ok
19:24:18.0026 6244 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:24:18.0026 6244 CertPropSvc - ok
19:24:18.0041 6244 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:24:18.0041 6244 circlass - ok
19:24:18.0057 6244 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:24:18.0057 6244 CLFS - ok
19:24:18.0088 6244 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:24:18.0088 6244 clr_optimization_v2.0.50727_32 - ok
19:24:18.0135 6244 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:24:18.0135 6244 clr_optimization_v2.0.50727_64 - ok
19:24:18.0182 6244 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:24:18.0197 6244 clr_optimization_v4.0.30319_32 - ok
19:24:18.0229 6244 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:24:18.0229 6244 clr_optimization_v4.0.30319_64 - ok
19:24:18.0260 6244 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:24:18.0260 6244 CmBatt - ok
19:24:18.0291 6244 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:24:18.0291 6244 cmdide - ok
19:24:18.0322 6244 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:24:18.0338 6244 CNG - ok
19:24:18.0353 6244 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:24:18.0353 6244 Compbatt - ok
19:24:18.0385 6244 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:24:18.0385 6244 CompositeBus - ok
19:24:18.0400 6244 COMSysApp - ok
19:24:18.0463 6244 [ 1AA08AC25FF955DDB5F713E3411D5FFD ] CrashPlanService C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
19:24:18.0463 6244 CrashPlanService - ok
19:24:18.0478 6244 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:24:18.0478 6244 crcdisk - ok
19:24:18.0494 6244 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:24:18.0509 6244 CryptSvc - ok
19:24:18.0587 6244 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:24:18.0587 6244 cvhsvc - ok
19:24:18.0634 6244 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:24:18.0650 6244 DcomLaunch - ok
19:24:18.0665 6244 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:24:18.0681 6244 defragsvc - ok
19:24:18.0712 6244 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:24:18.0712 6244 DfsC - ok
19:24:18.0728 6244 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:24:18.0728 6244 Dhcp - ok
19:24:18.0759 6244 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:24:18.0759 6244 discache - ok
19:24:18.0775 6244 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:24:18.0775 6244 Disk - ok
19:24:18.0806 6244 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:24:18.0806 6244 Dnscache - ok
19:24:18.0837 6244 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:24:18.0837 6244 dot3svc - ok
19:24:18.0868 6244 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:24:18.0884 6244 DPS - ok
19:24:18.0899 6244 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:24:18.0899 6244 drmkaud - ok
19:24:18.0946 6244 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:24:18.0962 6244 DXGKrnl - ok
19:24:18.0977 6244 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:24:18.0977 6244 EapHost - ok
19:24:19.0055 6244 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:24:19.0102 6244 ebdrv - ok
19:24:19.0133 6244 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:24:19.0133 6244 EFS - ok
19:24:19.0196 6244 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:24:19.0211 6244 ehRecvr - ok
19:24:19.0227 6244 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:24:19.0227 6244 ehSched - ok
19:24:19.0258 6244 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:24:19.0274 6244 elxstor - ok
19:24:19.0289 6244 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:24:19.0289 6244 ErrDev - ok
19:24:19.0336 6244 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:24:19.0336 6244 EventSystem - ok
19:24:19.0352 6244 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:24:19.0352 6244 exfat - ok
19:24:19.0367 6244 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:24:19.0367 6244 fastfat - ok
19:24:19.0399 6244 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:24:19.0414 6244 Fax - ok
19:24:19.0430 6244 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:24:19.0430 6244 fdc - ok
19:24:19.0445 6244 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:24:19.0445 6244 fdPHost - ok
19:24:19.0461 6244 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:24:19.0461 6244 FDResPub - ok
19:24:19.0477 6244 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:24:19.0477 6244 FileInfo - ok
19:24:19.0492 6244 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:24:19.0492 6244 Filetrace - ok
19:24:19.0508 6244 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:24:19.0508 6244 flpydisk - ok
19:24:19.0523 6244 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:24:19.0523 6244 FltMgr - ok
19:24:19.0570 6244 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:24:19.0586 6244 FontCache - ok
19:24:19.0633 6244 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:24:19.0633 6244 FontCache3.0.0.0 - ok
19:24:19.0648 6244 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:24:19.0648 6244 FsDepends - ok
19:24:19.0679 6244 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:24:19.0679 6244 Fs_Rec - ok
19:24:19.0726 6244 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:24:19.0726 6244 fvevol - ok
19:24:19.0757 6244 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:24:19.0757 6244 gagp30kx - ok
19:24:19.0789 6244 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:24:19.0789 6244 GEARAspiWDM - ok
19:24:19.0820 6244 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:24:19.0835 6244 gpsvc - ok
19:24:19.0851 6244 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:24:19.0851 6244 hcw85cir - ok
19:24:19.0882 6244 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:24:19.0898 6244 HdAudAddService - ok
19:24:19.0929 6244 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:24:19.0929 6244 HDAudBus - ok
19:24:19.0945 6244 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:24:19.0945 6244 HidBatt - ok
19:24:19.0960 6244 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:24:19.0976 6244 HidBth - ok
19:24:19.0991 6244 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:24:19.0991 6244 HidIr - ok
19:24:20.0007 6244 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:24:20.0007 6244 hidserv - ok
19:24:20.0023 6244 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:24:20.0038 6244 HidUsb - ok
19:24:20.0054 6244 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:24:20.0054 6244 hkmsvc - ok
19:24:20.0101 6244 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:24:20.0101 6244 HomeGroupListener - ok
19:24:20.0132 6244 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:24:20.0132 6244 HomeGroupProvider - ok
19:24:20.0179 6244 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:24:20.0179 6244 HpSAMD - ok
19:24:20.0210 6244 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:24:20.0225 6244 HTTP - ok
19:24:20.0257 6244 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:24:20.0257 6244 hwpolicy - ok
19:24:20.0272 6244 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:24:20.0272 6244 i8042prt - ok
19:24:20.0288 6244 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:24:20.0303 6244 iaStorV - ok
19:24:20.0335 6244 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:24:20.0350 6244 idsvc - ok
19:24:20.0381 6244 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:24:20.0381 6244 iirsp - ok
19:24:20.0428 6244 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:24:20.0428 6244 IKEEXT - ok
19:24:20.0459 6244 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:24:20.0459 6244 intelide - ok
19:24:20.0491 6244 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:24:20.0491 6244 intelppm - ok
19:24:20.0506 6244 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:24:20.0522 6244 IPBusEnum - ok
19:24:20.0553 6244 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:24:20.0553 6244 IpFilterDriver - ok
19:24:20.0600 6244 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:24:20.0615 6244 iphlpsvc - ok
19:24:20.0631 6244 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:24:20.0631 6244 IPMIDRV - ok
19:24:20.0647 6244 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:24:20.0647 6244 IPNAT - ok
19:24:20.0709 6244 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:24:20.0725 6244 iPod Service - ok
19:24:20.0740 6244 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:24:20.0740 6244 IRENUM - ok
19:24:20.0787 6244 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:24:20.0787 6244 isapnp - ok
19:24:20.0803 6244 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:24:20.0818 6244 iScsiPrt - ok
19:24:20.0834 6244 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:24:20.0834 6244 kbdclass - ok
19:24:20.0849 6244 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:24:20.0865 6244 kbdhid - ok
19:24:20.0865 6244 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:24:20.0881 6244 KeyIso - ok
19:24:20.0959 6244 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
19:24:20.0959 6244 Kodak AiO Network Discovery Service - ok
19:24:21.0068 6244 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
19:24:21.0083 6244 Kodak AiO Status Monitor Service - ok
19:24:21.0115 6244 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:24:21.0115 6244 KSecDD - ok
19:24:21.0130 6244 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:24:21.0146 6244 KSecPkg - ok
19:24:21.0161 6244 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:24:21.0177 6244 ksthunk - ok
19:24:21.0193 6244 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:24:21.0208 6244 KtmRm - ok
19:24:21.0239 6244 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:24:21.0255 6244 LanmanServer - ok
19:24:21.0271 6244 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:24:21.0286 6244 LanmanWorkstation - ok
19:24:21.0349 6244 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
19:24:21.0349 6244 LinksysUpdater - ok
19:24:21.0364 6244 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:24:21.0364 6244 lltdio - ok
19:24:21.0380 6244 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:24:21.0395 6244 lltdsvc - ok
19:24:21.0411 6244 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:24:21.0411 6244 lmhosts - ok
19:24:21.0427 6244 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:24:21.0427 6244 LSI_FC - ok
19:24:21.0458 6244 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:24:21.0458 6244 LSI_SAS - ok
19:24:21.0473 6244 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:24:21.0473 6244 LSI_SAS2 - ok
19:24:21.0489 6244 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:24:21.0489 6244 LSI_SCSI - ok
19:24:21.0505 6244 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:24:21.0505 6244 luafv - ok
19:24:21.0536 6244 MBAMProtector - ok
19:24:21.0567 6244 MBAMScheduler - ok
19:24:21.0567 6244 MBAMService - ok
19:24:21.0598 6244 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:24:21.0598 6244 Mcx2Svc - ok
19:24:21.0614 6244 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:24:21.0614 6244 megasas - ok
19:24:21.0645 6244 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:24:21.0645 6244 MegaSR - ok
19:24:21.0707 6244 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:24:21.0707 6244 MMCSS - ok
19:24:21.0754 6244 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:24:21.0754 6244 Modem - ok
19:24:21.0817 6244 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:24:21.0817 6244 monitor - ok
19:24:21.0910 6244 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:24:21.0941 6244 mouclass - ok
19:24:21.0957 6244 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:24:21.0957 6244 mouhid - ok
19:24:21.0988 6244 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:24:21.0988 6244 mountmgr - ok
19:24:22.0004 6244 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:24:22.0019 6244 mpio - ok
19:24:22.0051 6244 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:24:22.0051 6244 mpsdrv - ok
19:24:22.0082 6244 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:24:22.0097 6244 MpsSvc - ok
19:24:22.0129 6244 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:24:22.0129 6244 MRxDAV - ok
19:24:22.0160 6244 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:24:22.0160 6244 mrxsmb - ok
19:24:22.0191 6244 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:24:22.0191 6244 mrxsmb10 - ok
19:24:22.0222 6244 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:24:22.0222 6244 mrxsmb20 - ok
19:24:22.0253 6244 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:24:22.0253 6244 msahci - ok
19:24:22.0269 6244 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:24:22.0269 6244 msdsm - ok
19:24:22.0285 6244 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:24:22.0285 6244 MSDTC - ok
19:24:22.0316 6244 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:24:22.0316 6244 Msfs - ok
19:24:22.0331 6244 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:24:22.0331 6244 mshidkmdf - ok
19:24:22.0331 6244 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:24:22.0331 6244 msisadrv - ok
19:24:22.0347 6244 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:24:22.0347 6244 MSiSCSI - ok
19:24:22.0363 6244 msiserver - ok
19:24:22.0363 6244 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:24:22.0378 6244 MSKSSRV - ok
19:24:22.0394 6244 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:24:22.0394 6244 MSPCLOCK - ok
19:24:22.0409 6244 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:24:22.0409 6244 MSPQM - ok
19:24:22.0456 6244 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:24:22.0456 6244 MsRPC - ok
19:24:22.0472 6244 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:24:22.0487 6244 mssmbios - ok
19:24:22.0487 6244 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:24:22.0487 6244 MSTEE - ok
19:24:22.0503 6244 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:24:22.0503 6244 MTConfig - ok
19:24:22.0534 6244 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:24:22.0534 6244 MTsensor - ok
19:24:22.0534 6244 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:24:22.0534 6244 Mup - ok
19:24:22.0581 6244 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:24:22.0581 6244 napagent - ok
19:24:22.0612 6244 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:24:22.0612 6244 NativeWifiP - ok
19:24:22.0659 6244 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:24:22.0675 6244 NDIS - ok
19:24:22.0706 6244 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:24:22.0706 6244 NdisCap - ok
19:24:22.0737 6244 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:24:22.0737 6244 NdisTapi - ok
19:24:22.0753 6244 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:24:22.0753 6244 Ndisuio - ok
19:24:22.0784 6244 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:24:22.0784 6244 NdisWan - ok
19:24:22.0815 6244 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:24:22.0815 6244 NDProxy - ok
19:24:22.0831 6244 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:24:22.0831 6244 NetBIOS - ok
19:24:22.0862 6244 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:24:22.0862 6244 NetBT - ok
19:24:22.0877 6244 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:24:22.0877 6244 Netlogon - ok
19:24:22.0893 6244 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:24:22.0909 6244 Netman - ok
19:24:22.0924 6244 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:24:22.0924 6244 netprofm - ok
19:24:22.0955 6244 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:24:22.0955 6244 NetTcpPortSharing - ok
19:24:22.0971 6244 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:24:22.0987 6244 nfrd960 - ok
19:24:23.0018 6244 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:24:23.0018 6244 NlaSvc - ok
19:24:23.0096 6244 [ CD2FE9C33CFD0FE0AF124E05907E5C3D ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
19:24:23.0096 6244 nmservice - ok
19:24:23.0111 6244 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:24:23.0111 6244 Npfs - ok
19:24:23.0127 6244 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:24:23.0127 6244 nsi - ok
19:24:23.0143 6244 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:24:23.0143 6244 nsiproxy - ok
19:24:23.0205 6244 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:24:23.0221 6244 Ntfs - ok
19:24:23.0236 6244 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:24:23.0236 6244 Null - ok
19:24:23.0252 6244 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
19:24:23.0267 6244 NVENETFD - ok
19:24:23.0314 6244 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:24:23.0314 6244 NVHDA - ok
19:24:23.0517 6244 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:24:23.0657 6244 nvlddmkm - ok
19:24:23.0704 6244 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:24:23.0704 6244 nvraid - ok
19:24:23.0735 6244 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:24:23.0735 6244 nvstor - ok
19:24:23.0798 6244 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
19:24:23.0798 6244 NVSvc - ok
19:24:23.0876 6244 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:24:23.0876 6244 nvUpdatusService - ok
19:24:23.0923 6244 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:24:23.0923 6244 nv_agp - ok
19:24:23.0938 6244 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:24:23.0938 6244 ohci1394 - ok
19:24:23.0985 6244 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:24:23.0985 6244 ose - ok
19:24:24.0125 6244 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:24:24.0157 6244 osppsvc - ok
19:24:24.0188 6244 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:24:24.0188 6244 p2pimsvc - ok
19:24:24.0188 6244 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:24:24.0203 6244 p2psvc - ok
19:24:24.0219 6244 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:24:24.0219 6244 Parport - ok
19:24:24.0250 6244 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:24:24.0250 6244 partmgr - ok
19:24:24.0266 6244 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:24:24.0266 6244 PcaSvc - ok
19:24:24.0281 6244 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:24:24.0281 6244 pci - ok
19:24:24.0313 6244 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:24:24.0313 6244 pciide - ok
19:24:24.0328 6244 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:24:24.0344 6244 pcmcia - ok
19:24:24.0359 6244 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:24:24.0359 6244 pcw - ok
19:24:24.0375 6244 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:24:24.0375 6244 PEAUTH - ok
19:24:24.0469 6244 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:24:24.0484 6244 PerfHost - ok
19:24:24.0547 6244 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:24:24.0562 6244 pla - ok
19:24:24.0609 6244 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:24:24.0609 6244 PlugPlay - ok
19:24:24.0640 6244 [ 4FF73A83A25D0EEAD4F5E6C841BB6704 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
19:24:24.0640 6244 pnarp - ok
19:24:24.0671 6244 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:24:24.0671 6244 PNRPAutoReg - ok
19:24:24.0687 6244 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:24:24.0703 6244 PNRPsvc - ok
19:24:24.0718 6244 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:24:24.0718 6244 PolicyAgent - ok
19:24:24.0749 6244 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:24:24.0749 6244 Power - ok
19:24:24.0781 6244 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:24:24.0781 6244 PptpMiniport - ok
19:24:24.0812 6244 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:24:24.0812 6244 Processor - ok
19:24:24.0843 6244 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:24:24.0843 6244 ProfSvc - ok
19:24:24.0859 6244 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:24:24.0859 6244 ProtectedStorage - ok
19:24:24.0890 6244 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:24:24.0890 6244 Psched - ok
19:24:24.0921 6244 [ 9A68A89F10F283A23AFEE2A1BFE4BFFB ] purendis C:\Windows\system32\DRIVERS\purendis.sys
19:24:24.0937 6244 purendis - ok
19:24:24.0983 6244 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:24:24.0999 6244 ql2300 - ok
19:24:25.0015 6244 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:24:25.0015 6244 ql40xx - ok
19:24:25.0030 6244 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:24:25.0046 6244 QWAVE - ok
19:24:25.0046 6244 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:24:25.0046 6244 QWAVEdrv - ok
19:24:25.0093 6244 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:24:25.0093 6244 RasAcd - ok
19:24:25.0124 6244 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:24:25.0124 6244 RasAgileVpn - ok
19:24:25.0139 6244 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:24:25.0139 6244 RasAuto - ok
19:24:25.0171 6244 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:24:25.0171 6244 Rasl2tp - ok
19:24:25.0186 6244 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:24:25.0186 6244 RasMan - ok
19:24:25.0202 6244 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:24:25.0202 6244 RasPppoe - ok
19:24:25.0217 6244 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:24:25.0217 6244 RasSstp - ok
19:24:25.0249 6244 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:24:25.0249 6244 rdbss - ok
19:24:25.0264 6244 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:24:25.0264 6244 rdpbus - ok
19:24:25.0280 6244 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:24:25.0280 6244 RDPCDD - ok
19:24:25.0295 6244 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:24:25.0295 6244 RDPENCDD - ok
19:24:25.0311 6244 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:24:25.0311 6244 RDPREFMP - ok
19:24:25.0342 6244 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:24:25.0342 6244 RDPWD - ok
19:24:25.0373 6244 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:24:25.0373 6244 rdyboost - ok
19:24:25.0389 6244 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:24:25.0405 6244 RemoteAccess - ok
19:24:25.0420 6244 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:24:25.0420 6244 RemoteRegistry - ok
19:24:25.0436 6244 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:24:25.0436 6244 RpcEptMapper - ok
19:24:25.0451 6244 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:24:25.0451 6244 RpcLocator - ok
19:24:25.0498 6244 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:24:25.0498 6244 RpcSs - ok
19:24:25.0529 6244 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:24:25.0529 6244 rspndr - ok
19:24:25.0561 6244 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:24:25.0576 6244 RTL8167 - ok
19:24:25.0592 6244 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:24:25.0592 6244 SamSs - ok
19:24:25.0654 6244 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:24:25.0654 6244 SASDIFSV - ok
19:24:25.0670 6244 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:24:25.0670 6244 SASKUTIL - ok
19:24:25.0701 6244 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:24:25.0701 6244 sbp2port - ok
19:24:25.0732 6244 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:24:25.0732 6244 SCardSvr - ok
19:24:25.0763 6244 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:24:25.0763 6244 scfilter - ok
19:24:25.0795 6244 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:24:25.0810 6244 Schedule - ok
19:24:25.0826 6244 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:24:25.0826 6244 SCPolicySvc - ok
19:24:25.0841 6244 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:24:25.0841 6244 SDRSVC - ok
19:24:25.0873 6244 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:24:25.0873 6244 SeaPort - ok
19:24:25.0904 6244 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:24:25.0904 6244 secdrv - ok
19:24:25.0904 6244 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:24:25.0919 6244 seclogon - ok
19:24:25.0935 6244 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:24:25.0935 6244 SENS - ok
19:24:25.0951 6244 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:24:25.0951 6244 SensrSvc - ok
19:24:25.0966 6244 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:24:25.0966 6244 Serenum - ok
19:24:25.0982 6244 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:24:25.0982 6244 Serial - ok
19:24:26.0013 6244 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:24:26.0013 6244 sermouse - ok
19:24:26.0029 6244 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:24:26.0029 6244 SessionEnv - ok
19:24:26.0060 6244 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:24:26.0060 6244 sffdisk - ok
19:24:26.0075 6244 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:24:26.0091 6244 sffp_mmc - ok
19:24:26.0091 6244 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:24:26.0091 6244 sffp_sd - ok
19:24:26.0122 6244 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:24:26.0122 6244 sfloppy - ok
19:24:26.0169 6244 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:24:26.0185 6244 Sftfs - ok
19:24:26.0216 6244 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:24:26.0231 6244 sftlist - ok
19:24:26.0231 6244 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:24:26.0231 6244 Sftplay - ok
19:24:26.0247 6244 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:24:26.0247 6244 Sftredir - ok
19:24:26.0263 6244 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:24:26.0263 6244 Sftvol - ok
19:24:26.0278 6244 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:24:26.0278 6244 sftvsa - ok
19:24:26.0294 6244 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:24:26.0309 6244 SharedAccess - ok
19:24:26.0341 6244 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:24:26.0356 6244 ShellHWDetection - ok
19:24:26.0372 6244 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:24:26.0387 6244 SiSRaid2 - ok
19:24:26.0403 6244 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:24:26.0403 6244 SiSRaid4 - ok
19:24:26.0419 6244 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:24:26.0419 6244 Smb - ok
19:24:26.0450 6244 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:24:26.0465 6244 SNMPTRAP - ok
19:24:26.0481 6244 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:24:26.0481 6244 spldr - ok
19:24:26.0512 6244 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:24:26.0512 6244 Spooler - ok
19:24:26.0590 6244 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:24:26.0621 6244 sppsvc - ok
19:24:26.0637 6244 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:24:26.0637 6244 sppuinotify - ok
19:24:26.0668 6244 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:24:26.0668 6244 srv - ok
19:24:26.0684 6244 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:24:26.0699 6244 srv2 - ok
19:24:26.0699 6244 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:24:26.0699 6244 srvnet - ok
19:24:26.0731 6244 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:24:26.0731 6244 SSDPSRV - ok
19:24:26.0746 6244 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:24:26.0746 6244 SstpSvc - ok
19:24:26.0777 6244 Steam Client Service - ok
19:24:26.0840 6244 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:24:26.0840 6244 Stereo Service - ok
19:24:26.0871 6244 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:24:26.0871 6244 stexstor - ok
19:24:26.0902 6244 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:24:26.0918 6244 stisvc - ok
19:24:26.0949 6244 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:24:26.0949 6244 swenum - ok
19:24:26.0980 6244 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:24:26.0996 6244 swprv - ok
19:24:27.0043 6244 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:24:27.0058 6244 SysMain - ok
19:24:27.0089 6244 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:24:27.0089 6244 TabletInputService - ok
19:24:27.0121 6244 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:24:27.0136 6244 TapiSrv - ok
19:24:27.0136 6244 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:24:27.0152 6244 TBS - ok
19:24:27.0214 6244 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:24:27.0230 6244 Tcpip - ok
19:24:27.0277 6244 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:24:27.0292 6244 TCPIP6 - ok
19:24:27.0308 6244 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:24:27.0308 6244 tcpipreg - ok
19:24:27.0339 6244 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:24:27.0339 6244 TDPIPE - ok
19:24:27.0355 6244 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:24:27.0355 6244 TDTCP - ok
19:24:27.0386 6244 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:24:27.0386 6244 tdx - ok
19:24:27.0417 6244 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:24:27.0417 6244 TermDD - ok
19:24:27.0448 6244 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:24:27.0464 6244 TermService - ok
19:24:27.0479 6244 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:24:27.0495 6244 Themes - ok
19:24:27.0511 6244 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:24:27.0511 6244 THREADORDER - ok
19:24:27.0526 6244 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:24:27.0526 6244 TrkWks - ok
19:24:27.0573 6244 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:24:27.0573 6244 TrustedInstaller - ok
19:24:27.0604 6244 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:24:27.0604 6244 tssecsrv - ok
19:24:27.0651 6244 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:24:27.0651 6244 TsUsbFlt - ok
19:24:27.0698 6244 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:24:27.0698 6244 tunnel - ok
19:24:27.0729 6244 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:24:27.0729 6244 uagp35 - ok
19:24:27.0760 6244 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:24:27.0776 6244 udfs - ok
19:24:27.0791 6244 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:24:27.0807 6244 UI0Detect - ok
19:24:27.0823 6244 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:24:27.0823 6244 uliagpkx - ok
19:24:27.0869 6244 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:24:27.0869 6244 umbus - ok
19:24:27.0885 6244 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:24:27.0885 6244 UmPass - ok
19:24:27.0901 6244 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:24:27.0916 6244 upnphost - ok
19:24:27.0947 6244 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:24:27.0947 6244 USBAAPL64 - ok
19:24:27.0963 6244 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:24:27.0963 6244 usbccgp - ok
19:24:27.0979 6244 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:24:27.0979 6244 usbcir - ok
19:24:27.0994 6244 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:24:27.0994 6244 usbehci - ok
19:24:28.0010 6244 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:24:28.0010 6244 usbhub - ok
19:24:28.0025 6244 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:24:28.0025 6244 usbohci - ok
19:24:28.0041 6244 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:24:28.0041 6244 usbprint - ok
19:24:28.0072 6244 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:24:28.0072 6244 usbscan - ok
19:24:28.0103 6244 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:24:28.0103 6244 USBSTOR - ok
19:24:28.0119 6244 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:24:28.0119 6244 usbuhci - ok
19:24:28.0150 6244 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:24:28.0150 6244 UxSms - ok
19:24:28.0166 6244 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:24:28.0166 6244 VaultSvc - ok
19:24:28.0181 6244 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:24:28.0181 6244 vdrvroot - ok
19:24:28.0213 6244 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:24:28.0228 6244 vds - ok
19:24:28.0244 6244 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:24:28.0244 6244 vga - ok
19:24:28.0275 6244 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:24:28.0275 6244 VgaSave - ok
19:24:28.0306 6244 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:24:28.0306 6244 vhdmp - ok
19:24:28.0384 6244 [ BA1DA5CD689E9473D99731A2E1FF2FB5 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
19:24:28.0400 6244 VIAHdAudAddService - ok
19:24:28.0415 6244 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:24:28.0415 6244 viaide - ok
19:24:28.0431 6244 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:24:28.0431 6244 volmgr - ok
19:24:28.0462 6244 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:24:28.0462 6244 volmgrx - ok
19:24:28.0478 6244 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:24:28.0478 6244 volsnap - ok
19:24:28.0509 6244 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:24:28.0509 6244 vsmraid - ok
19:24:28.0556 6244 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:24:28.0571 6244 VSS - ok
19:24:28.0587 6244 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:24:28.0587 6244 vwifibus - ok
19:24:28.0618 6244 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:24:28.0618 6244 W32Time - ok
19:24:28.0634 6244 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:24:28.0634 6244 WacomPen - ok
19:24:28.0681 6244 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:24:28.0681 6244 WANARP - ok
19:24:28.0681 6244 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:24:28.0681 6244 Wanarpv6 - ok
19:24:28.0727 6244 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:24:28.0743 6244 WatAdminSvc - ok
19:24:28.0805 6244 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:24:28.0821 6244 wbengine - ok
19:24:28.0837 6244 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:24:28.0837 6244 WbioSrvc - ok
19:24:28.0868 6244 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:24:28.0868 6244 wcncsvc - ok
19:24:28.0899 6244 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:24:28.0899 6244 WcsPlugInService - ok
19:24:28.0915 6244 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:24:28.0915 6244 Wd - ok
19:24:28.0946 6244 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:24:28.0946 6244 Wdf01000 - ok
19:24:28.0961 6244 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:24:28.0977 6244 WdiServiceHost - ok
19:24:28.0977 6244 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:24:28.0977 6244 WdiSystemHost - ok
19:24:29.0008 6244 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:24:29.0008 6244 WebClient - ok
19:24:29.0024 6244 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:24:29.0024 6244 Wecsvc - ok
19:24:29.0039 6244 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:24:29.0039 6244 wercplsupport - ok
19:24:29.0055 6244 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:24:29.0055 6244 WerSvc - ok
19:24:29.0086 6244 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:24:29.0086 6244 WfpLwf - ok
19:24:29.0086 6244 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:24:29.0086 6244 WIMMount - ok
19:24:29.0102 6244 WinDefend - ok
19:24:29.0117 6244 WinHttpAutoProxySvc - ok
19:24:29.0149 6244 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:24:29.0149 6244 Winmgmt - ok
19:24:29.0211 6244 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:24:29.0227 6244 WinRM - ok
19:24:29.0273 6244 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:24:29.0273 6244 WinUsb - ok
19:24:29.0305 6244 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:24:29.0320 6244 Wlansvc - ok
19:24:29.0414 6244 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:24:29.0429 6244 wlidsvc - ok
19:24:29.0445 6244 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:24:29.0445 6244 WmiAcpi - ok
19:24:29.0476 6244 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:24:29.0476 6244 wmiApSrv - ok
19:24:29.0507 6244 WMPNetworkSvc - ok
19:24:29.0507 6244 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:24:29.0523 6244 WPCSvc - ok
19:24:29.0554 6244 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:24:29.0554 6244 WPDBusEnum - ok
19:24:29.0570 6244 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:24:29.0570 6244 ws2ifsl - ok
19:24:29.0585 6244 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:24:29.0601 6244 wscsvc - ok
19:24:29.0601 6244 WSearch - ok
19:24:29.0663 6244 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:24:29.0679 6244 wuauserv - ok
19:24:29.0710 6244 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:24:29.0710 6244 WudfPf - ok
19:24:29.0726 6244 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:24:29.0726 6244 WUDFRd - ok
19:24:29.0741 6244 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:24:29.0741 6244 wudfsvc - ok
19:24:29.0773 6244 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:24:29.0773 6244 WwanSvc - ok
19:24:30.0287 6244 X6va005 - ok
19:24:30.0755 6244 X6va006 - ok
19:24:31.0223 6244 X6va008 - ok
19:24:31.0348 6244 xsherlock - ok
19:24:31.0395 6244 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:24:31.0395 6244 YahooAUService - ok
19:24:31.0426 6244 ================ Scan global ===============================
19:24:31.0442 6244 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:24:31.0473 6244 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:24:31.0473 6244 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:24:31.0504 6244 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:24:31.0520 6244 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:24:31.0520 6244 [Global] - ok
19:24:31.0520 6244 ================ Scan MBR ==================================
19:24:31.0535 6244 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:24:31.0551 6244 Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:24:31.0598 6244 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
19:24:31.0598 6244 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
19:24:31.0598 6244 ================ Scan VBR ==================================
19:24:31.0613 6244 [ B49C132B29793A006F2A457354A0944C ] \Device\Harddisk0\DR0\Partition1
19:24:31.0613 6244 \Device\Harddisk0\DR0\Partition1 - ok
19:24:31.0629 6244 [ 8D1AB618FDC82D1A03AB5389E4ACED9A ] \Device\Harddisk0\DR0\Partition2
19:24:31.0629 6244 \Device\Harddisk0\DR0\Partition2 - ok
19:24:31.0629 6244 ============================================================
19:24:31.0629 6244 Scan finished
19:24:31.0629 6244 ============================================================
19:24:31.0645 6304 Detected object count: 1
19:24:31.0645 6304 Actual detected object count: 1
19:24:58.0804 6304 \Device\Harddisk0\DR0\# - copied to quarantine
19:24:58.0820 6304 \Device\Harddisk0\DR0 - copied to quarantine
19:24:58.0898 6304 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
19:24:58.0913 6304 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
19:24:59.0257 6304 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
19:25:02.0012 6304 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
19:25:03.0794 6304 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
19:25:03.0825 6304 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
19:25:03.0841 6304 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
19:25:03.0857 6304 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
19:25:04.0113 6304 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
19:25:04.0289 6304 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
19:25:04.0289 6304 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
19:25:04.0289 6304 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
19:25:04.0353 6304 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
19:25:04.0383 6304 \Device\Harddisk0\DR0 - ok
19:25:04.0473 6304 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
19:25:16.0659 6928 Deinitialize success

Second TDSS log, after 2nd scan that came back clean.
19:27:20.0173 5072 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:27:20.0672 5072 ============================================================
19:27:20.0672 5072 Current date / time: 2012/11/24 19:27:20.0672
19:27:20.0672 5072 SystemInfo:
19:27:20.0672 5072
19:27:20.0672 5072 OS Version: 6.1.7601 ServicePack: 1.0
19:27:20.0672 5072 Product type: Workstation
19:27:20.0672 5072 ComputerName: TIM-PC
19:27:20.0672 5072 UserName: Tim
19:27:20.0672 5072 Windows directory: C:\Windows
19:27:20.0672 5072 System windows directory: C:\Windows
19:27:20.0672 5072 Running under WOW64
19:27:20.0672 5072 Processor architecture: Intel x64
19:27:20.0672 5072 Number of processors: 4
19:27:20.0672 5072 Page size: 0x1000
19:27:20.0672 5072 Boot type: Normal boot
19:27:20.0672 5072 ============================================================
19:27:22.0216 5072 BG loaded
19:27:22.0684 5072 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:27:22.0872 5072 ============================================================
19:27:22.0872 5072 \Device\Harddisk0\DR0:
19:27:22.0887 5072 MBR partitions:
19:27:22.0887 5072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:27:22.0887 5072 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
19:27:22.0887 5072 ============================================================
19:27:22.0965 5072 C: <-> \Device\Harddisk0\DR0\Partition2
19:27:22.0965 5072 ============================================================
19:27:22.0965 5072 Initialize success
19:27:22.0965 5072 ============================================================
19:27:31.0380 5792 ============================================================
19:27:31.0380 5792 Scan started
19:27:31.0380 5792 Mode: Manual;
19:27:31.0380 5792 ============================================================
19:27:44.0125 5792 ================ Scan system memory ========================
19:27:44.0125 5792 System memory - ok
19:27:44.0125 5792 ================ Scan services =============================
19:27:44.0516 5792 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:27:44.0516 5792 !SASCORE - ok
19:27:46.0326 5792 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:27:46.0341 5792 1394ohci - ok
19:27:46.0435 5792 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:27:46.0466 5792 ACPI - ok
19:27:46.0497 5792 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:27:46.0513 5792 AcpiPmi - ok
19:27:46.0919 5792 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:27:46.0919 5792 AdobeARMservice - ok
19:27:47.0059 5792 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:27:47.0059 5792 AdobeFlashPlayerUpdateSvc - ok
19:27:47.0106 5792 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:27:47.0106 5792 adp94xx - ok
19:27:47.0137 5792 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:27:47.0137 5792 adpahci - ok
19:27:47.0184 5792 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:27:47.0184 5792 adpu320 - ok
19:27:47.0246 5792 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:27:47.0246 5792 AeLookupSvc - ok
19:27:47.0324 5792 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:27:47.0324 5792 AFD - ok
19:27:47.0371 5792 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:27:47.0387 5792 agp440 - ok
19:27:47.0402 5792 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:27:47.0418 5792 ALG - ok
19:27:47.0418 5792 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:27:47.0418 5792 aliide - ok
19:27:47.0433 5792 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:27:47.0433 5792 amdide - ok
19:27:47.0465 5792 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:27:47.0465 5792 AmdK8 - ok
19:27:47.0480 5792 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:27:47.0480 5792 AmdPPM - ok
19:27:47.0496 5792 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:27:47.0496 5792 amdsata - ok
19:27:47.0511 5792 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:27:47.0511 5792 amdsbs - ok
19:27:47.0511 5792 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:27:47.0527 5792 amdxata - ok
19:27:47.0574 5792 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:27:47.0574 5792 AppID - ok
19:27:47.0605 5792 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:27:47.0605 5792 AppIDSvc - ok
19:27:47.0621 5792 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:27:47.0621 5792 Appinfo - ok
19:27:47.0699 5792 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:27:47.0699 5792 Apple Mobile Device - ok
19:27:47.0714 5792 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:27:47.0714 5792 arc - ok
19:27:47.0730 5792 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:27:47.0730 5792 arcsas - ok
19:27:47.0761 5792 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:27:47.0761 5792 AsIO - ok
19:27:47.0792 5792 aspnet_state - ok
19:27:47.0839 5792 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:27:47.0839 5792 aswFsBlk - ok
19:27:47.0901 5792 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:27:47.0901 5792 aswMonFlt - ok
19:27:47.0933 5792 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:27:47.0933 5792 aswRdr - ok
19:27:47.0964 5792 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:27:47.0964 5792 aswSnx - ok
19:27:47.0979 5792 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:27:47.0979 5792 aswSP - ok
19:27:48.0011 5792 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:27:48.0011 5792 aswTdi - ok
19:27:48.0011 5792 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:27:48.0011 5792 AsyncMac - ok
19:27:48.0042 5792 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:27:48.0042 5792 atapi - ok
19:27:48.0073 5792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:27:48.0073 5792 AudioEndpointBuilder - ok
19:27:48.0089 5792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:27:48.0089 5792 AudioSrv - ok
19:27:48.0135 5792 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:27:48.0135 5792 avast! Antivirus - ok
19:27:48.0354 5792 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
19:27:48.0432 5792 AVGIDSAgent - ok
19:27:48.0463 5792 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:27:48.0463 5792 avgwd - ok
19:27:48.0541 5792 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:27:48.0541 5792 AxInstSV - ok
19:27:48.0603 5792 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:27:48.0603 5792 b06bdrv - ok
19:27:48.0635 5792 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:27:48.0635 5792 b57nd60a - ok
19:27:48.0744 5792 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:27:48.0775 5792 BBSvc - ok
19:27:48.0853 5792 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:27:48.0853 5792 BDESVC - ok
19:27:48.0884 5792 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:27:48.0884 5792 Beep - ok
19:27:48.0947 5792 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:27:48.0962 5792 BFE - ok
19:27:48.0993 5792 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:27:49.0009 5792 BITS - ok
19:27:49.0025 5792 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:27:49.0025 5792 blbdrive - ok
19:27:49.0087 5792 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:27:49.0087 5792 Bonjour Service - ok
19:27:49.0118 5792 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:27:49.0118 5792 bowser - ok
19:27:49.0149 5792 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:27:49.0149 5792 BrFiltLo - ok
19:27:49.0165 5792 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:27:49.0181 5792 BrFiltUp - ok
19:27:49.0196 5792 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:27:49.0196 5792 BridgeMP - ok
19:27:49.0227 5792 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:27:49.0243 5792 Browser - ok
19:27:49.0243 5792 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:27:49.0274 5792 Brserid - ok
19:27:49.0290 5792 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:27:49.0305 5792 BrSerWdm - ok
19:27:49.0305 5792 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:27:49.0305 5792 BrUsbMdm - ok
19:27:49.0305 5792 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:27:49.0305 5792 BrUsbSer - ok
19:27:49.0321 5792 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:27:49.0337 5792 BTHMODEM - ok
19:27:49.0383 5792 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:27:49.0383 5792 bthserv - ok
19:27:49.0399 5792 catchme - ok
19:27:49.0415 5792 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:27:49.0415 5792 cdfs - ok
19:27:49.0477 5792 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:27:49.0477 5792 cdrom - ok
19:27:49.0524 5792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:27:49.0524 5792 CertPropSvc - ok
19:27:49.0555 5792 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:27:49.0555 5792 circlass - ok
19:27:49.0571 5792 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:27:49.0586 5792 CLFS - ok
19:27:49.0617 5792 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:27:49.0617 5792 clr_optimization_v2.0.50727_32 - ok
19:27:49.0649 5792 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:27:49.0664 5792 clr_optimization_v2.0.50727_64 - ok
19:27:49.0711 5792 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:27:49.0758 5792 clr_optimization_v4.0.30319_32 - ok
19:27:49.0773 5792 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:27:49.0789 5792 clr_optimization_v4.0.30319_64 - ok
19:27:49.0820 5792 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:27:49.0820 5792 CmBatt - ok
19:27:49.0851 5792 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:27:49.0851 5792 cmdide - ok
19:27:49.0883 5792 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:27:49.0898 5792 CNG - ok
19:27:49.0898 5792 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:27:49.0898 5792 Compbatt - ok
19:27:49.0914 5792 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:27:49.0914 5792 CompositeBus - ok
19:27:49.0929 5792 COMSysApp - ok
19:27:50.0007 5792 [ 1AA08AC25FF955DDB5F713E3411D5FFD ] CrashPlanService C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
19:27:50.0007 5792 CrashPlanService - ok
19:27:50.0023 5792 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:27:50.0023 5792 crcdisk - ok
19:27:50.0039 5792 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:27:50.0039 5792 CryptSvc - ok
19:27:50.0148 5792 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:27:50.0148 5792 cvhsvc - ok
19:27:50.0257 5792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:27:50.0257 5792 DcomLaunch - ok
19:27:50.0319 5792 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:27:50.0319 5792 defragsvc - ok
19:27:50.0366 5792 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:27:50.0366 5792 DfsC - ok
19:27:50.0397 5792 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:27:50.0397 5792 Dhcp - ok
19:27:50.0413 5792 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:27:50.0413 5792 discache - ok
19:27:50.0444 5792 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:27:50.0444 5792 Disk - ok
19:27:50.0475 5792 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:27:50.0475 5792 Dnscache - ok
19:27:50.0507 5792 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:27:50.0507 5792 dot3svc - ok
19:27:50.0538 5792 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:27:50.0538 5792 DPS - ok
19:27:50.0569 5792 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:27:50.0569 5792 drmkaud - ok
19:27:50.0616 5792 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:27:50.0616 5792 DXGKrnl - ok
19:27:50.0647 5792 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:27:50.0663 5792 EapHost - ok
19:27:50.0850 5792 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:27:50.0928 5792 ebdrv - ok
19:27:50.0975 5792 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:27:50.0975 5792 EFS - ok
19:27:51.0115 5792 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:27:51.0162 5792 ehRecvr - ok
19:27:51.0209 5792 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:27:51.0224 5792 ehSched - ok
19:27:51.0302 5792 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:27:51.0318 5792 elxstor - ok
19:27:51.0365 5792 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:27:51.0380 5792 ErrDev - ok
19:27:51.0443 5792 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:27:51.0458 5792 EventSystem - ok
19:27:51.0489 5792 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:27:51.0489 5792 exfat - ok
19:27:51.0521 5792 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:27:51.0536 5792 fastfat - ok
19:27:51.0583 5792 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:27:51.0583 5792 Fax - ok
19:27:51.0614 5792 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:27:51.0614 5792 fdc - ok
19:27:51.0645 5792 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:27:51.0645 5792 fdPHost - ok
19:27:51.0661 5792 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:27:51.0661 5792 FDResPub - ok
19:27:51.0692 5792 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:27:51.0708 5792 FileInfo - ok
19:27:51.0723 5792 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:27:51.0723 5792 Filetrace - ok
19:27:51.0739 5792 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:27:51.0739 5792 flpydisk - ok
19:27:51.0786 5792 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:27:51.0786 5792 FltMgr - ok
19:27:51.0833 5792 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:27:51.0848 5792 FontCache - ok
19:27:51.0895 5792 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:27:51.0895 5792 FontCache3.0.0.0 - ok
19:27:51.0911 5792 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:27:51.0911 5792 FsDepends - ok
19:27:51.0942 5792 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:27:51.0942 5792 Fs_Rec - ok
19:27:51.0957 5792 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:27:51.0957 5792 fvevol - ok
19:27:51.0973 5792 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:27:51.0989 5792 gagp30kx - ok
19:27:52.0004 5792 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:27:52.0004 5792 GEARAspiWDM - ok
19:27:52.0051 5792 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:27:52.0051 5792 gpsvc - ok
19:27:52.0067 5792 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:27:52.0067 5792 hcw85cir - ok
19:27:52.0113 5792 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:27:52.0113 5792 HdAudAddService - ok
19:27:52.0129 5792 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:27:52.0145 5792 HDAudBus - ok
19:27:52.0160 5792 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:27:52.0160 5792 HidBatt - ok
19:27:52.0191 5792 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:27:52.0191 5792 HidBth - ok
19:27:52.0207 5792 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:27:52.0207 5792 HidIr - ok
19:27:52.0238 5792 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:27:52.0238 5792 hidserv - ok
19:27:52.0254 5792 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:27:52.0254 5792 HidUsb - ok
19:27:52.0285 5792 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:27:52.0301 5792 hkmsvc - ok
19:27:52.0347 5792 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:27:52.0347 5792 HomeGroupListener - ok
19:27:52.0363 5792 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:27:52.0379 5792 HomeGroupProvider - ok
19:27:52.0410 5792 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:27:52.0425 5792 HpSAMD - ok
19:27:52.0457 5792 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:27:52.0457 5792 HTTP - ok
19:27:52.0503 5792 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:27:52.0503 5792 hwpolicy - ok
19:27:52.0519 5792 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:27:52.0535 5792 i8042prt - ok
19:27:52.0550 5792 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:27:52.0550 5792 iaStorV - ok
19:27:52.0597 5792 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:27:52.0613 5792 idsvc - ok
19:27:52.0644 5792 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:27:52.0644 5792 iirsp - ok
19:27:52.0659 5792 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:27:52.0675 5792 IKEEXT - ok
19:27:52.0706 5792 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:27:52.0722 5792 intelide - ok
19:27:52.0737 5792 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:27:52.0737 5792 intelppm - ok
19:27:52.0769 5792 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:27:52.0769 5792 IPBusEnum - ok
19:27:52.0800 5792 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:27:52.0800 5792 IpFilterDriver - ok
19:27:52.0847 5792 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:27:52.0862 5792 iphlpsvc - ok
19:27:52.0878 5792 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:27:52.0893 5792 IPMIDRV - ok
19:27:52.0909 5792 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:27:52.0909 5792 IPNAT - ok
19:27:52.0971 5792 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:27:52.0987 5792 iPod Service - ok
19:27:53.0003 5792 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:27:53.0003 5792 IRENUM - ok
19:27:53.0034 5792 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:27:53.0034 5792 isapnp - ok
19:27:53.0049 5792 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:27:53.0065 5792 iScsiPrt - ok
19:27:53.0065 5792 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:27:53.0065 5792 kbdclass - ok
19:27:53.0081 5792 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:27:53.0081 5792 kbdhid - ok
19:27:53.0096 5792 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:27:53.0096 5792 KeyIso - ok
19:27:53.0315 5792 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
19:27:53.0315 5792 Kodak AiO Network Discovery Service - ok
19:27:53.0361 5792 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
19:27:53.0377 5792 Kodak AiO Status Monitor Service - ok
19:27:53.0408 5792 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:27:53.0424 5792 KSecDD - ok
19:27:53.0455 5792 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:27:53.0455 5792 KSecPkg - ok
19:27:53.0471 5792 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:27:53.0471 5792 ksthunk - ok
19:27:53.0502 5792 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:27:53.0517 5792 KtmRm - ok
19:27:53.0549 5792 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:27:53.0564 5792 LanmanServer - ok
19:27:53.0595 5792 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:27:53.0595 5792 LanmanWorkstation - ok
19:27:53.0658 5792 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
19:27:53.0658 5792 LinksysUpdater - ok
19:27:53.0673 5792 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:27:53.0673 5792 lltdio - ok
19:27:53.0689 5792 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:27:53.0705 5792 lltdsvc - ok
19:27:53.0705 5792 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:27:53.0705 5792 lmhosts - ok
19:27:53.0736 5792 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:27:53.0736 5792 LSI_FC - ok
19:27:53.0751 5792 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:27:53.0751 5792 LSI_SAS - ok
19:27:53.0751 5792 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:27:53.0751 5792 LSI_SAS2 - ok
19:27:53.0767 5792 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:27:53.0767 5792 LSI_SCSI - ok
19:27:53.0783 5792 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:27:53.0783 5792 luafv - ok
19:27:53.0798 5792 MBAMProtector - ok
19:27:53.0829 5792 MBAMScheduler - ok
19:27:53.0845 5792 MBAMService - ok
19:27:53.0876 5792 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:27:53.0876 5792 Mcx2Svc - ok
19:27:53.0907 5792 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:27:53.0907 5792 megasas - ok
19:27:53.0907 5792 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:27:53.0923 5792 MegaSR - ok
19:27:53.0923 5792 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:27:53.0939 5792 MMCSS - ok
19:27:53.0939 5792 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:27:53.0939 5792 Modem - ok
19:27:53.0954 5792 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:27:53.0954 5792 monitor - ok
19:27:53.0985 5792 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:27:53.0985 5792 mouclass - ok
19:27:54.0032 5792 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:27:54.0032 5792 mouhid - ok
19:27:54.0063 5792 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:27:54.0063 5792 mountmgr - ok
19:27:54.0079 5792 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:27:54.0079 5792 mpio - ok
19:27:54.0095 5792 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:27:54.0095 5792 mpsdrv - ok
19:27:54.0157 5792 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:27:54.0173 5792 MpsSvc - ok
19:27:54.0188 5792 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:27:54.0204 5792 MRxDAV - ok
19:27:54.0235 5792 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:27:54.0235 5792 mrxsmb - ok
19:27:54.0282 5792 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:27:54.0282 5792 mrxsmb10 - ok
19:27:54.0313 5792 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:27:54.0313 5792 mrxsmb20 - ok
19:27:54.0329 5792 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:27:54.0329 5792 msahci - ok
19:27:54.0344 5792 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:27:54.0344 5792 msdsm - ok
19:27:54.0360 5792 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:27:54.0360 5792 MSDTC - ok
19:27:54.0375 5792 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:27:54.0375 5792 Msfs - ok
19:27:54.0391 5792 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:27:54.0391 5792 mshidkmdf - ok
19:27:54.0407 5792 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:27:54.0407 5792 msisadrv - ok
19:27:54.0438 5792 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:27:54.0438 5792 MSiSCSI - ok
19:27:54.0438 5792 msiserver - ok
19:27:54.0453 5792 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:27:54.0453 5792 MSKSSRV - ok
19:27:54.0469 5792 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:27:54.0469 5792 MSPCLOCK - ok
19:27:54.0485 5792 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:27:54.0485 5792 MSPQM - ok
19:27:54.0500 5792 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:27:54.0516 5792 MsRPC - ok
19:27:54.0531 5792 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:27:54.0531 5792 mssmbios - ok
19:27:54.0547 5792 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:27:54.0547 5792 MSTEE - ok
19:27:54.0563 5792 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:27:54.0563 5792 MTConfig - ok
19:27:54.0594 5792 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:27:54.0594 5792 MTsensor - ok
19:27:54.0625 5792 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:27:54.0625 5792 Mup - ok
19:27:54.0656 5792 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:27:54.0656 5792 napagent - ok
19:27:54.0687 5792 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:27:54.0687 5792 NativeWifiP - ok
19:27:54.0750 5792 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:27:54.0750 5792 NDIS - ok
19:27:54.0781 5792 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:27:54.0781 5792 NdisCap - ok
19:27:54.0797 5792 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:27:54.0797 5792 NdisTapi - ok
19:27:54.0828 5792 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:27:54.0828 5792 Ndisuio - ok
19:27:54.0859 5792 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:27:54.0859 5792 NdisWan - ok
19:27:54.0890 5792 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:27:54.0890 5792 NDProxy - ok
19:27:54.0906 5792 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:27:54.0906 5792 NetBIOS - ok
19:27:54.0921 5792 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:27:54.0921 5792 NetBT - ok
19:27:54.0937 5792 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:27:54.0937 5792 Netlogon - ok
19:27:54.0953 5792 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:27:54.0953 5792 Netman - ok
19:27:54.0984 5792 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:27:54.0999 5792 netprofm - ok
19:27:55.0015 5792 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:27:55.0015 5792 NetTcpPortSharing - ok
19:27:55.0046 5792 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:27:55.0046 5792 nfrd960 - ok
19:27:55.0077 5792 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:27:55.0093 5792 NlaSvc - ok
19:27:55.0155 5792 [ CD2FE9C33CFD0FE0AF124E05907E5C3D ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
19:27:55.0171 5792 nmservice - ok
19:27:55.0171 5792 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:27:55.0171 5792 Npfs - ok
19:27:55.0202 5792 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:27:55.0202 5792 nsi - ok
19:27:55.0233 5792 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:27:55.0233 5792 nsiproxy - ok
19:27:55.0358 5792 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:27:55.0389 5792 Ntfs - ok
19:27:55.0421 5792 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:27:55.0421 5792 Null - ok
19:27:55.0452 5792 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
19:27:55.0452 5792 NVENETFD - ok
19:27:55.0499 5792 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:27:55.0499 5792 NVHDA - ok
19:27:55.0826 5792 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:27:55.0889 5792 nvlddmkm - ok
19:27:55.0920 5792 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:27:55.0920 5792 nvraid - ok
19:27:55.0935 5792 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:27:55.0935 5792 nvstor - ok
19:27:55.0982 5792 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
19:27:55.0982 5792 NVSvc - ok
19:27:56.0060 5792 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:27:56.0076 5792 nvUpdatusService - ok
19:27:56.0091 5792 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:27:56.0091 5792 nv_agp - ok
19:27:56.0107 5792 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:27:56.0107 5792 ohci1394 - ok
19:27:56.0169 5792 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:27:56.0169 5792 ose - ok
19:27:56.0263 5792 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:27:56.0310 5792 osppsvc - ok
19:27:56.0341 5792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:27:56.0341 5792 p2pimsvc - ok
19:27:56.0403 5792 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:27:56.0403 5792 p2psvc - ok
19:27:56.0435 5792 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:27:56.0435 5792 Parport - ok
19:27:56.0450 5792 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:27:56.0450 5792 partmgr - ok
19:27:56.0466 5792 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:27:56.0466 5792 PcaSvc - ok
19:27:56.0481 5792 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:27:56.0481 5792 pci - ok
19:27:56.0513 5792 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:27:56.0513 5792 pciide - ok
19:27:56.0513 5792 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:27:56.0528 5792 pcmcia - ok
19:27:56.0528 5792 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:27:56.0528 5792 pcw - ok
19:27:56.0544 5792 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:27:56.0544 5792 PEAUTH - ok
19:27:56.0731 5792 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:27:56.0731 5792 PerfHost - ok
19:27:56.0793 5792 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:27:56.0809 5792 pla - ok
19:27:56.0856 5792 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:27:56.0856 5792 PlugPlay - ok
19:27:56.0903 5792 [ 4FF73A83A25D0EEAD4F5E6C841BB6704 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
19:27:56.0903 5792 pnarp - ok
19:27:56.0918 5792 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:27:56.0918 5792 PNRPAutoReg - ok
19:27:56.0934 5792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:27:56.0934 5792 PNRPsvc - ok
19:27:56.0965 5792 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:27:56.0981 5792 PolicyAgent - ok
19:27:56.0996 5792 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:27:57.0012 5792 Power - ok
19:27:57.0027 5792 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:27:57.0043 5792 PptpMiniport - ok
19:27:57.0059 5792 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:27:57.0059 5792 Processor - ok
19:27:57.0090 5792 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:27:57.0090 5792 ProfSvc - ok
19:27:57.0105 5792 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:27:57.0105 5792 ProtectedStorage - ok
19:27:57.0137 5792 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:27:57.0137 5792 Psched - ok
19:27:57.0183 5792 [ 9A68A89F10F283A23AFEE2A1BFE4BFFB ] purendis C:\Windows\system32\DRIVERS\purendis.sys
19:27:57.0183 5792 purendis - ok
19:27:57.0261 5792 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:27:57.0277 5792 ql2300 - ok
19:27:57.0293 5792 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:27:57.0308 5792 ql40xx - ok
19:27:57.0324 5792 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:27:57.0324 5792 QWAVE - ok
19:27:57.0339 5792 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:27:57.0339 5792 QWAVEdrv - ok
19:27:57.0355 5792 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:27:57.0355 5792 RasAcd - ok
19:27:57.0386 5792 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:27:57.0386 5792 RasAgileVpn - ok
19:27:57.0402 5792 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:27:57.0402 5792 RasAuto - ok
19:27:57.0433 5792 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:27:57.0433 5792 Rasl2tp - ok
19:27:57.0449 5792 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:27:57.0464 5792 RasMan - ok
19:27:57.0464 5792 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:27:57.0464 5792 RasPppoe - ok
19:27:57.0480 5792 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:27:57.0480 5792 RasSstp - ok
19:27:57.0542 5792 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:27:57.0558 5792 rdbss - ok
19:27:57.0573 5792 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:27:57.0589 5792 rdpbus - ok
19:27:57.0589 5792 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:27:57.0589 5792 RDPCDD - ok
19:27:57.0605 5792 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:27:57.0605 5792 RDPENCDD - ok
19:27:57.0620 5792 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:27:57.0620 5792 RDPREFMP - ok
19:27:57.0651 5792 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:27:57.0667 5792 RDPWD - ok
19:27:57.0698 5792 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:27:57.0698 5792 rdyboost - ok
19:27:57.0714 5792 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:27:57.0714 5792 RemoteAccess - ok
19:27:57.0745 5792 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:27:57.0745 5792 RemoteRegistry - ok
19:27:57.0745 5792 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:27:57.0745 5792 RpcEptMapper - ok
19:27:57.0761 5792 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:27:57.0776 5792 RpcLocator - ok
19:27:57.0807 5792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:27:57.0807 5792 RpcSs - ok
19:27:57.0823 5792 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:27:57.0823 5792 rspndr - ok
19:27:57.0854 5792 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:27:57.0854 5792 RTL8167 - ok
19:27:57.0870 5792 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:27:57.0870 5792 SamSs - ok
19:27:57.0932 5792 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:27:57.0932 5792 SASDIFSV - ok
19:27:57.0948 5792 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:27:57.0948 5792 SASKUTIL - ok
19:27:57.0963 5792 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:27:57.0963 5792 sbp2port - ok
19:27:57.0979 5792 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:27:57.0979 5792 SCardSvr - ok
19:27:58.0010 5792 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:27:58.0026 5792 scfilter - ok
19:27:58.0041 5792 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:27:58.0041 5792 Schedule - ok
19:27:58.0073 5792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:27:58.0073 5792 SCPolicySvc - ok
19:27:58.0088 5792 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:27:58.0088 5792 SDRSVC - ok
19:27:58.0135 5792 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:27:58.0135 5792 SeaPort - ok
19:27:58.0166 5792 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:27:58.0166 5792 secdrv - ok
19:27:58.0166 5792 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:27:58.0166 5792 seclogon - ok
19:27:58.0197 5792 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:27:58.0197 5792 SENS - ok
19:27:58.0213 5792 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:27:58.0213 5792 SensrSvc - ok
19:27:58.0213 5792 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:27:58.0213 5792 Serenum - ok
19:27:58.0244 5792 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:27:58.0244 5792 Serial - ok
19:27:58.0260 5792 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:27:58.0260 5792 sermouse - ok
19:27:58.0291 5792 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:27:58.0291 5792 SessionEnv - ok
19:27:58.0307 5792 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:27:58.0322 5792 sffdisk - ok
19:27:58.0322 5792 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:27:58.0322 5792 sffp_mmc - ok
19:27:58.0338 5792 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:27:58.0338 5792 sffp_sd - ok
19:27:58.0353 5792 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:27:58.0353 5792 sfloppy - ok
19:27:58.0385 5792 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:27:58.0385 5792 Sftfs - ok
19:27:58.0431 5792 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:27:58.0431 5792 sftlist - ok
19:27:58.0447 5792 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:27:58.0447 5792 Sftplay - ok
19:27:58.0463 5792 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:27:58.0463 5792 Sftredir - ok
19:27:58.0494 5792 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:27:58.0494 5792 Sftvol - ok
19:27:58.0525 5792 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:27:58.0525 5792 sftvsa - ok
19:27:58.0587 5792 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:27:58.0587 5792 SharedAccess - ok
19:27:58.0634 5792 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:27:58.0634 5792 ShellHWDetection - ok
19:27:58.0650 5792 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:27:58.0650 5792 SiSRaid2 - ok
19:27:58.0681 5792 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:27:58.0681 5792 SiSRaid4 - ok
19:27:58.0697 5792 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:27:58.0697 5792 Smb - ok
19:27:58.0728 5792 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:27:58.0728 5792 SNMPTRAP - ok
19:27:58.0743 5792 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:27:58.0743 5792 spldr - ok
19:27:58.0790 5792 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:27:58.0790 5792 Spooler - ok
19:27:58.0931 5792 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:27:58.0977 5792 sppsvc - ok
19:27:58.0993 5792 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:27:58.0993 5792 sppuinotify - ok
19:27:59.0024 5792 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:27:59.0024 5792 srv - ok
19:27:59.0040 5792 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:27:59.0040 5792 srv2 - ok
19:27:59.0055 5792 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:27:59.0055 5792 srvnet - ok
19:27:59.0087 5792 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:27:59.0087 5792 SSDPSRV - ok
19:27:59.0087 5792 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:27:59.0102 5792 SstpSvc - ok
19:27:59.0118 5792 Steam Client Service - ok
19:27:59.0196 5792 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:27:59.0196 5792 Stereo Service - ok
19:27:59.0211 5792 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:27:59.0211 5792 stexstor - ok
19:27:59.0305 5792 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:27:59.0305 5792 stisvc - ok
19:27:59.0367 5792 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:27:59.0367 5792 swenum - ok
19:27:59.0430 5792 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:27:59.0461 5792 swprv - ok
19:27:59.0523 5792 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:27:59.0539 5792 SysMain - ok
19:27:59.0555 5792 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:27:59.0570 5792 TabletInputService - ok
19:27:59.0586 5792 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:27:59.0586 5792 TapiSrv - ok
19:27:59.0601 5792 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:27:59.0601 5792 TBS - ok
19:27:59.0648 5792 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:27:59.0664 5792 Tcpip - ok
19:27:59.0679 5792 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:27:59.0695 5792 TCPIP6 - ok
19:27:59.0711 5792 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:27:59.0711 5792 tcpipreg - ok
19:27:59.0757 5792 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:27:59.0804 5792 TDPIPE - ok
19:27:59.0835 5792 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:27:59.0851 5792 TDTCP - ok
19:27:59.0913 5792 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:27:59.0913 5792 tdx - ok
19:28:00.0132 5792 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:28:00.0147 5792 TermDD - ok
19:28:00.0241 5792 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:28:00.0272 5792 TermService - ok
19:28:00.0319 5792 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:28:00.0319 5792 Themes - ok
19:28:00.0428 5792 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:28:00.0428 5792 THREADORDER - ok
19:28:00.0459 5792 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:28:00.0475 5792 TrkWks - ok
19:28:00.0569 5792 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:28:00.0584 5792 TrustedInstaller - ok
19:28:00.0615 5792 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:28:00.0631 5792 tssecsrv - ok
19:28:00.0756 5792 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:28:00.0756 5792 TsUsbFlt - ok
19:28:00.0850 5792 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:28:00.0850 5792 tunnel - ok
19:28:00.0865 5792 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:28:00.0865 5792 uagp35 - ok
19:28:00.0912 5792 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:28:00.0912 5792 udfs - ok
19:28:00.0943 5792 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:28:00.0943 5792 UI0Detect - ok
19:28:00.0974 5792 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:28:00.0974 5792 uliagpkx - ok
19:28:01.0006 5792 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:28:01.0006 5792 umbus - ok
19:28:01.0021 5792 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:28:01.0021 5792 UmPass - ok
19:28:01.0052 5792 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:28:01.0052 5792 upnphost - ok
19:28:01.0099 5792 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:28:01.0099 5792 USBAAPL64 - ok
19:28:01.0115 5792 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:28:01.0115 5792 usbccgp - ok
19:28:01.0130 5792 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:28:01.0146 5792 usbcir - ok
19:28:01.0146 5792 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:28:01.0146 5792 usbehci - ok
19:28:01.0162 5792 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:28:01.0177 5792 usbhub - ok
19:28:01.0177 5792 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:28:01.0177 5792 usbohci - ok
19:28:01.0193 5792 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:28:01.0193 5792 usbprint - ok
19:28:01.0224 5792 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:28:01.0224 5792 usbscan - ok
19:28:01.0240 5792 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:28:01.0240 5792 USBSTOR - ok
19:28:01.0255 5792 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:28:01.0255 5792 usbuhci - ok
19:28:01.0271 5792 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:28:01.0271 5792 UxSms - ok
19:28:01.0286 5792 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:28:01.0286 5792 VaultSvc - ok
19:28:01.0302 5792 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:28:01.0302 5792 vdrvroot - ok
19:28:01.0333 5792 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:28:01.0349 5792 vds - ok
19:28:01.0364 5792 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:28:01.0364 5792 vga - ok
19:28:01.0380 5792 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:28:01.0380 5792 VgaSave - ok
19:28:01.0427 5792 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:28:01.0427 5792 vhdmp - ok
19:28:01.0489 5792 [ BA1DA5CD689E9473D99731A2E1FF2FB5 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
19:28:01.0505 5792 VIAHdAudAddService - ok
19:28:01.0520 5792 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:28:01.0520 5792 viaide - ok
19:28:01.0536 5792 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:28:01.0536 5792 volmgr - ok
19:28:01.0567 5792 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:28:01.0567 5792 volmgrx - ok
19:28:01.0567 5792 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:28:01.0567 5792 volsnap - ok
19:28:01.0598 5792 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:28:01.0598 5792 vsmraid - ok
19:28:01.0645 5792 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:28:01.0661 5792 VSS - ok
19:28:01.0661 5792 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:28:01.0661 5792 vwifibus - ok
19:28:01.0676 5792 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:28:01.0692 5792 W32Time - ok
19:28:01.0692 5792 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:28:01.0708 5792 WacomPen - ok
19:28:01.0739 5792 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:28:01.0739 5792 WANARP - ok
19:28:01.0739 5792 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:28:01.0739 5792 Wanarpv6 - ok
19:28:01.0770 5792 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:28:01.0786 5792 WatAdminSvc - ok
19:28:01.0801 5792 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:28:01.0817 5792 wbengine - ok
19:28:01.0848 5792 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:28:01.0848 5792 WbioSrvc - ok
19:28:01.0879 5792 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:28:01.0879 5792 wcncsvc - ok
19:28:01.0895 5792 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:28:01.0910 5792 WcsPlugInService - ok
19:28:01.0910 5792 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:28:01.0910 5792 Wd - ok
19:28:01.0957 5792 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:28:01.0973 5792 Wdf01000 - ok
19:28:01.0988 5792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:28:01.0988 5792 WdiServiceHost - ok
19:28:02.0004 5792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:28:02.0020 5792 WdiSystemHost - ok
19:28:02.0051 5792 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:28:02.0051 5792 WebClient - ok
19:28:02.0066 5792 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:28:02.0082 5792 Wecsvc - ok
19:28:02.0082 5792 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:28:02.0098 5792 wercplsupport - ok
19:28:02.0113 5792 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:28:02.0113 5792 WerSvc - ok
19:28:02.0144 5792 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:28:02.0144 5792 WfpLwf - ok
19:28:02.0176 5792 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:28:02.0191 5792 WIMMount - ok
19:28:02.0222 5792 WinDefend - ok
19:28:02.0222 5792 WinHttpAutoProxySvc - ok
19:28:02.0378 5792 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:28:02.0378 5792 Winmgmt - ok
19:28:02.0425 5792 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:28:02.0456 5792 WinRM - ok
19:28:02.0488 5792 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:28:02.0488 5792 WinUsb - ok
19:28:02.0519 5792 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:28:02.0519 5792 Wlansvc - ok
19:28:02.0628 5792 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:28:02.0644 5792 wlidsvc - ok
19:28:02.0675 5792 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:28:02.0675 5792 WmiAcpi - ok
19:28:02.0706 5792 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:28:02.0706 5792 wmiApSrv - ok
19:28:02.0737 5792 WMPNetworkSvc - ok
19:28:02.0753 5792 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:28:02.0753 5792 WPCSvc - ok
19:28:02.0784 5792 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:28:02.0800 5792 WPDBusEnum - ok
19:28:02.0831 5792 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:28:02.0831 5792 ws2ifsl - ok
19:28:02.0846 5792 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:28:02.0862 5792 wscsvc - ok
19:28:02.0862 5792 WSearch - ok
19:28:02.0924 5792 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:28:02.0971 5792 wuauserv - ok
19:28:03.0002 5792 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:28:03.0002 5792 WudfPf - ok
19:28:03.0018 5792 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:28:03.0018 5792 WUDFRd - ok
19:28:03.0034 5792 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:28:03.0049 5792 wudfsvc - ok
19:28:03.0065 5792 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:28:03.0065 5792 WwanSvc - ok
19:28:05.0857 5792 X6va005 - ok
19:28:08.0462 5792 X6va006 - ok
19:28:10.0724 5792 X6va008 - ok
19:28:11.0052 5792 xsherlock - ok
19:28:11.0146 5792 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:28:11.0146 5792 YahooAUService - ok
19:28:11.0161 5792 ================ Scan global ===============================
19:28:11.0192 5792 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:28:11.0239 5792 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:28:11.0255 5792 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:28:11.0286 5792 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:28:11.0317 5792 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:28:11.0317 5792 [Global] - ok
19:28:11.0317 5792 ================ Scan MBR ==================================
19:28:11.0333 5792 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:28:12.0768 5792 \Device\Harddisk0\DR0 - ok
19:28:12.0768 5792 ================ Scan VBR ==================================
19:28:12.0784 5792 [ B49C132B29793A006F2A457354A0944C ] \Device\Harddisk0\DR0\Partition1
19:28:12.0784 5792 \Device\Harddisk0\DR0\Partition1 - ok
19:28:12.0784 5792 [ 8D1AB618FDC82D1A03AB5389E4ACED9A ] \Device\Harddisk0\DR0\Partition2
19:28:12.0799 5792 \Device\Harddisk0\DR0\Partition2 - ok
19:28:12.0799 5792 ============================================================
19:28:12.0799 5792 Scan finished
19:28:12.0799 5792 ============================================================
19:28:12.0799 5760 Detected object count: 0
19:28:12.0799 5760 Actual detected object count: 0
19:28:55.0418 3740 ============================================================
19:28:55.0418 3740 Scan started
19:28:55.0418 3740 Mode: Manual;
19:28:55.0418 3740 ============================================================
19:28:56.0932 3740 ================ Scan system memory ========================
19:28:56.0932 3740 System memory - ok
19:28:56.0932 3740 ================ Scan services =============================
19:28:56.0994 3740 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:28:56.0994 3740 !SASCORE - ok
19:28:57.0119 3740 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:28:57.0119 3740 1394ohci - ok
19:28:57.0150 3740 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:28:57.0150 3740 ACPI - ok
19:28:57.0166 3740 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:28:57.0166 3740 AcpiPmi - ok
19:28:57.0259 3740 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:28:57.0259 3740 AdobeARMservice - ok
19:28:57.0384 3740 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:28:57.0384 3740 AdobeFlashPlayerUpdateSvc - ok
19:28:57.0415 3740 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:28:57.0415 3740 adp94xx - ok
19:28:57.0431 3740 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:28:57.0446 3740 adpahci - ok
19:28:57.0462 3740 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:28:57.0462 3740 adpu320 - ok
19:28:57.0493 3740 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:28:57.0493 3740 AeLookupSvc - ok
19:28:57.0524 3740 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:28:57.0524 3740 AFD - ok
19:28:57.0556 3740 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:28:57.0556 3740 agp440 - ok
19:28:57.0571 3740 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:28:57.0571 3740 ALG - ok
19:28:57.0587 3740 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:28:57.0587 3740 aliide - ok
19:28:57.0602 3740 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:28:57.0602 3740 amdide - ok
19:28:57.0634 3740 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:28:57.0634 3740 AmdK8 - ok
19:28:57.0649 3740 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:28:57.0649 3740 AmdPPM - ok
19:28:57.0665 3740 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:28:57.0665 3740 amdsata - ok
19:28:57.0680 3740 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:28:57.0680 3740 amdsbs - ok
19:28:57.0696 3740 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:28:57.0696 3740 amdxata - ok
19:28:57.0727 3740 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:28:57.0727 3740 AppID - ok
19:28:57.0743 3740 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:28:57.0743 3740 AppIDSvc - ok
19:28:57.0774 3740 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:28:57.0774 3740 Appinfo - ok
19:28:57.0821 3740 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:28:57.0821 3740 Apple Mobile Device - ok
19:28:57.0836 3740 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:28:57.0836 3740 arc - ok
19:28:57.0852 3740 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:28:57.0852 3740 arcsas - ok
19:28:57.0899 3740 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:28:57.0899 3740 AsIO - ok
19:28:57.0946 3740 aspnet_state - ok
19:28:57.0992 3740 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:28:57.0992 3740 aswFsBlk - ok
19:28:58.0055 3740 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:28:58.0055 3740 aswMonFlt - ok
19:28:58.0086 3740 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:28:58.0086 3740 aswRdr - ok
19:28:58.0117 3740 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:28:58.0133 3740 aswSnx - ok
19:28:58.0148 3740 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:28:58.0148 3740 aswSP - ok
19:28:58.0180 3740 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:28:58.0180 3740 aswTdi - ok
19:28:58.0195 3740 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:28:58.0195 3740 AsyncMac - ok
19:28:58.0226 3740 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:28:58.0226 3740 atapi - ok
19:28:58.0258 3740 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:28:58.0273 3740 AudioEndpointBuilder - ok
19:28:58.0289 3740 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:28:58.0289 3740 AudioSrv - ok
19:28:58.0367 3740 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:28:58.0367 3740 avast! Antivirus - ok
19:28:58.0507 3740 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
19:28:58.0523 3740 AVGIDSAgent - ok
19:28:58.0538 3740 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:28:58.0538 3740 avgwd - ok
19:28:58.0570 3740 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:28:58.0570 3740 AxInstSV - ok
19:28:58.0601 3740 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:28:58.0601 3740 b06bdrv - ok
19:28:58.0632 3740 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:28:58.0632 3740 b57nd60a - ok
19:28:58.0679 3740 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:28:58.0679 3740 BBSvc - ok
19:28:58.0726 3740 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:28:58.0726 3740 BDESVC - ok
19:28:58.0741 3740 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:28:58.0741 3740 Beep - ok
19:28:58.0772 3740 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:28:58.0772 3740 BFE - ok
19:28:58.0804 3740 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:28:58.0804 3740 BITS - ok
19:28:58.0819 3740 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:28:58.0819 3740 blbdrive - ok
19:28:58.0866 3740 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:28:58.0866 3740 Bonjour Service - ok
19:28:58.0897 3740 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:28:58.0897 3740 bowser - ok
19:28:58.0897 3740 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:28:58.0897 3740 BrFiltLo - ok
19:28:58.0913 3740 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:28:58.0913 3740 BrFiltUp - ok
19:28:58.0928 3740 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:28:58.0928 3740 BridgeMP - ok
19:28:58.0975 3740 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:28:58.0975 3740 Browser - ok
19:28:58.0991 3740 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:28:58.0991 3740 Brserid - ok
19:28:59.0022 3740 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:28:59.0022 3740 BrSerWdm - ok
19:28:59.0038 3740 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:28:59.0038 3740 BrUsbMdm - ok
19:28:59.0038 3740 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:28:59.0038 3740 BrUsbSer - ok
19:28:59.0053 3740 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:28:59.0053 3740 BTHMODEM - ok
19:28:59.0084 3740 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:28:59.0084 3740 bthserv - ok
19:28:59.0084 3740 catchme - ok
19:28:59.0100 3740 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:28:59.0100 3740 cdfs - ok
19:28:59.0131 3740 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:28:59.0147 3740 cdrom - ok
19:28:59.0162 3740 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:28:59.0162 3740 CertPropSvc - ok
19:28:59.0178 3740 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:28:59.0178 3740 circlass - ok
19:28:59.0209 3740 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:28:59.0209 3740 CLFS - ok
19:28:59.0225 3740 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:28:59.0225 3740 clr_optimization_v2.0.50727_32 - ok
19:28:59.0272 3740 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:28:59.0272 3740 clr_optimization_v2.0.50727_64 - ok
19:28:59.0318 3740 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:28:59.0318 3740 clr_optimization_v4.0.30319_32 - ok
19:28:59.0334 3740 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:28:59.0334 3740 clr_optimization_v4.0.30319_64 - ok
19:28:59.0350 3740 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:28:59.0350 3740 CmBatt - ok
19:28:59.0381 3740 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:28:59.0381 3740 cmdide - ok
19:28:59.0412 3740 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:28:59.0428 3740 CNG - ok
19:28:59.0443 3740 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:28:59.0443 3740 Compbatt - ok
19:28:59.0459 3740 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:28:59.0459 3740 CompositeBus - ok
19:28:59.0459 3740 COMSysApp - ok
19:28:59.0506 3740 [ 1AA08AC25FF955DDB5F713E3411D5FFD ] CrashPlanService C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
19:28:59.0506 3740 CrashPlanService - ok
19:28:59.0521 3740 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:28:59.0521 3740 crcdisk - ok
19:28:59.0568 3740 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:28:59.0568 3740 CryptSvc - ok
19:28:59.0630 3740 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:28:59.0630 3740 cvhsvc - ok
19:28:59.0677 3740 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:28:59.0677 3740 DcomLaunch - ok
19:28:59.0708 3740 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:28:59.0708 3740 defragsvc - ok
19:28:59.0740 3740 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:28:59.0755 3740 DfsC - ok
19:28:59.0771 3740 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:28:59.0771 3740 Dhcp - ok
19:28:59.0802 3740 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:28:59.0802 3740 discache - ok
19:28:59.0802 3740 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:28:59.0802 3740 Disk - ok
19:28:59.0833 3740 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:28:59.0849 3740 Dnscache - ok
19:28:59.0864 3740 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:28:59.0880 3740 dot3svc - ok
19:28:59.0911 3740 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:28:59.0911 3740 DPS - ok
19:28:59.0927 3740 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:28:59.0927 3740 drmkaud - ok
19:28:59.0974 3740 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:28:59.0974 3740 DXGKrnl - ok
19:29:00.0005 3740 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:29:00.0005 3740 EapHost - ok
19:29:00.0067 3740 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:29:00.0098 3740 ebdrv - ok
19:29:00.0114 3740 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:29:00.0114 3740 EFS - ok
19:29:00.0208 3740 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:29:00.0208 3740 ehRecvr - ok
19:29:00.0239 3740 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:29:00.0239 3740 ehSched - ok
19:29:00.0254 3740 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:29:00.0254 3740 elxstor - ok
19:29:00.0286 3740 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:29:00.0286 3740 ErrDev - ok
19:29:00.0348 3740 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:29:00.0348 3740 EventSystem - ok
19:29:00.0364 3740 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:29:00.0364 3740 exfat - ok
19:29:00.0379 3740 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:29:00.0379 3740 fastfat - ok
19:29:00.0410 3740 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:29:00.0410 3740 Fax - ok
19:29:00.0426 3740 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:29:00.0426 3740 fdc - ok
19:29:00.0442 3740 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:29:00.0442 3740 fdPHost - ok
19:29:00.0457 3740 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:29:00.0457 3740 FDResPub - ok
19:29:00.0457 3740 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:29:00.0457 3740 FileInfo - ok
19:29:00.0457 3740 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:29:00.0457 3740 Filetrace - ok
19:29:00.0473 3740 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:29:00.0473 3740 flpydisk - ok
19:29:00.0488 3740 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:29:00.0488 3740 FltMgr - ok
19:29:00.0535 3740 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:29:00.0551 3740 FontCache - ok
19:29:00.0598 3740 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:29:00.0598 3740 FontCache3.0.0.0 - ok
19:29:00.0613 3740 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:29:00.0613 3740 FsDepends - ok
19:29:00.0644 3740 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:29:00.0644 3740 Fs_Rec - ok
19:29:00.0676 3740 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:29:00.0676 3740 fvevol - ok
19:29:00.0707 3740 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:29:00.0707 3740 gagp30kx - ok
19:29:00.0722 3740 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:29:00.0722 3740 GEARAspiWDM - ok
19:29:00.0769 3740 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:29:00.0769 3740 gpsvc - ok
19:29:00.0785 3740 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:29:00.0800 3740 hcw85cir - ok
19:29:00.0832 3740 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:29:00.0832 3740 HdAudAddService - ok
19:29:00.0863 3740 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:29:00.0863 3740 HDAudBus - ok
19:29:00.0878 3740 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:29:00.0878 3740 HidBatt - ok
19:29:00.0894 3740 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:29:00.0894 3740 HidBth - ok
19:29:00.0925 3740 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:29:00.0925 3740 HidIr - ok
19:29:00.0941 3740 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:29:00.0941 3740 hidserv - ok
19:29:00.0956 3740 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:29:00.0956 3740 HidUsb - ok
19:29:00.0988 3740 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:29:00.0988 3740 hkmsvc - ok
19:29:01.0019 3740 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:29:01.0019 3740 HomeGroupListener - ok
19:29:01.0050 3740 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:29:01.0050 3740 HomeGroupProvider - ok
19:29:01.0081 3740 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:29:01.0081 3740 HpSAMD - ok
19:29:01.0112 3740 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:29:01.0128 3740 HTTP - ok
19:29:01.0144 3740 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:29:01.0144 3740 hwpolicy - ok
19:29:01.0175 3740 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:29:01.0175 3740 i8042prt - ok
19:29:01.0190 3740 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:29:01.0206 3740 iaStorV - ok
19:29:01.0237 3740 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:29:01.0253 3740 idsvc - ok
19:29:01.0268 3740 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:29:01.0268 3740 iirsp - ok
19:29:01.0300 3740 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:29:01.0315 3740 IKEEXT - ok
19:29:01.0315 3740 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:29:01.0331 3740 intelide - ok
19:29:01.0346 3740 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:29:01.0346 3740 intelppm - ok
19:29:01.0362 3740 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:29:01.0378 3740 IPBusEnum - ok
19:29:01.0393 3740 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:29:01.0393 3740 IpFilterDriver - ok
19:29:01.0440 3740 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:29:01.0440 3740 iphlpsvc - ok
19:29:01.0471 3740 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:29:01.0471 3740 IPMIDRV - ok
19:29:01.0502 3740 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:29:01.0502 3740 IPNAT - ok
19:29:01.0565 3740 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:29:01.0565 3740 iPod Service - ok
19:29:01.0580 3740 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:29:01.0580 3740 IRENUM - ok
19:29:01.0596 3740 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:29:01.0596 3740 isapnp - ok
19:29:01.0627 3740 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:29:01.0627 3740 iScsiPrt - ok
19:29:01.0643 3740 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:29:01.0643 3740 kbdclass - ok
19:29:01.0643 3740 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:29:01.0643 3740 kbdhid - ok
19:29:01.0658 3740 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:29:01.0658 3740 KeyIso - ok
19:29:01.0736 3740 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
19:29:01.0752 3740 Kodak AiO Network Discovery Service - ok
19:29:01.0799 3740 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
19:29:01.0814 3740 Kodak AiO Status Monitor Service - ok
19:29:01.0846 3740 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:29:01.0846 3740 KSecDD - ok
19:29:01.0861 3740 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:29:01.0877 3740 KSecPkg - ok
19:29:01.0877 3740 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:29:01.0877 3740 ksthunk - ok
19:29:01.0908 3740 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:29:01.0924 3740 KtmRm - ok
19:29:01.0939 3740 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:29:01.0955 3740 LanmanServer - ok
19:29:01.0986 3740 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:29:02.0002 3740 LanmanWorkstation - ok
19:29:02.0064 3740 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
19:29:02.0064 3740 LinksysUpdater - ok
19:29:02.0080 3740 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:29:02.0080 3740 lltdio - ok
19:29:02.0095 3740 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:29:02.0095 3740 lltdsvc - ok
19:29:02.0111 3740 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:29:02.0111 3740 lmhosts - ok
19:29:02.0126 3740 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:29:02.0126 3740 LSI_FC - ok
19:29:02.0142 3740 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:29:02.0142 3740 LSI_SAS - ok
19:29:02.0158 3740 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:29:02.0173 3740 LSI_SAS2 - ok
19:29:02.0173 3740 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:29:02.0189 3740 LSI_SCSI - ok
19:29:02.0204 3740 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:29:02.0204 3740 luafv - ok
19:29:02.0220 3740 MBAMProtector - ok
19:29:02.0251 3740 MBAMScheduler - ok
19:29:02.0251 3740 MBAMService - ok
19:29:02.0298 3740 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:29:02.0298 3740 Mcx2Svc - ok
19:29:02.0314 3740 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:29:02.0314 3740 megasas - ok
19:29:02.0329 3740 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:29:02.0329 3740 MegaSR - ok
19:29:02.0345 3740 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:29:02.0360 3740 MMCSS - ok
19:29:02.0360 3740 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:29:02.0360 3740 Modem - ok
19:29:02.0392 3740 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:29:02.0392 3740 monitor - ok
19:29:02.0423 3740 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:29:02.0423 3740 mouclass - ok
19:29:02.0438 3740 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:29:02.0438 3740 mouhid - ok
19:29:02.0470 3740 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:29:02.0470 3740 mountmgr - ok
19:29:02.0485 3740 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:29:02.0485 3740 mpio - ok
19:29:02.0501 3740 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:29:02.0501 3740 mpsdrv - ok
19:29:02.0532 3740 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:29:02.0548 3740 MpsSvc - ok
19:29:02.0579 3740 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:29:02.0579 3740 MRxDAV - ok
19:29:02.0610 3740 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:29:02.0610 3740 mrxsmb - ok
19:29:02.0641 3740 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:29:02.0657 3740 mrxsmb10 - ok
19:29:02.0672 3740 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:29:02.0672 3740 mrxsmb20 - ok
19:29:02.0688 3740 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:29:02.0688 3740 msahci - ok
19:29:02.0704 3740 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:29:02.0704 3740 msdsm - ok
19:29:02.0719 3740 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:29:02.0719 3740 MSDTC - ok
19:29:02.0735 3740 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:29:02.0735 3740 Msfs - ok
19:29:02.0735 3740 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:29:02.0735 3740 mshidkmdf - ok
19:29:02.0766 3740 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:29:02.0766 3740 msisadrv - ok
19:29:02.0782 3740 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:29:02.0782 3740 MSiSCSI - ok
19:29:02.0782 3740 msiserver - ok
19:29:02.0797 3740 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:29:02.0797 3740 MSKSSRV - ok
19:29:02.0813 3740 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:29:02.0813 3740 MSPCLOCK - ok
19:29:02.0828 3740 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:29:02.0828 3740 MSPQM - ok
19:29:02.0860 3740 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:29:02.0860 3740 MsRPC - ok
19:29:02.0875 3740 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:29:02.0875 3740 mssmbios - ok
19:29:02.0891 3740 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:29:02.0891 3740 MSTEE - ok
19:29:02.0891 3740 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:29:02.0891 3740 MTConfig - ok
19:29:02.0922 3740 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:29:02.0922 3740 MTsensor - ok
19:29:02.0938 3740 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:29:02.0938 3740 Mup - ok
19:29:02.0969 3740 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:29:02.0984 3740 napagent - ok
19:29:03.0000 3740 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:29:03.0000 3740 NativeWifiP - ok
19:29:03.0047 3740 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:29:03.0047 3740 NDIS - ok
19:29:03.0062 3740 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:29:03.0062 3740 NdisCap - ok
19:29:03.0078 3740 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:29:03.0078 3740 NdisTapi - ok
19:29:03.0109 3740 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:29:03.0109 3740 Ndisuio - ok
19:29:03.0125 3740 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:29:03.0125 3740 NdisWan - ok
19:29:03.0156 3740 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:29:03.0156 3740 NDProxy - ok
19:29:03.0172 3740 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:29:03.0172 3740 NetBIOS - ok
19:29:03.0187 3740 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:29:03.0187 3740 NetBT - ok
19:29:03.0203 3740 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:29:03.0203 3740 Netlogon - ok
19:29:03.0218 3740 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:29:03.0234 3740 Netman - ok
19:29:03.0250 3740 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:29:03.0250 3740 netprofm - ok
19:29:03.0281 3740 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:29:03.0281 3740 NetTcpPortSharing - ok
19:29:03.0296 3740 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:29:03.0296 3740 nfrd960 - ok
19:29:03.0328 3740 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:29:03.0328 3740 NlaSvc - ok
19:29:03.0374 3740 [ CD2FE9C33CFD0FE0AF124E05907E5C3D ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
19:29:03.0374 3740 nmservice - ok
19:29:03.0374 3740 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:29:03.0374 3740 Npfs - ok
19:29:03.0406 3740 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:29:03.0406 3740 nsi - ok
19:29:03.0421 3740 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:29:03.0421 3740 nsiproxy - ok
19:29:03.0484 3740 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:29:03.0499 3740 Ntfs - ok
19:29:03.0515 3740 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:29:03.0515 3740 Null - ok
19:29:03.0530 3740 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
19:29:03.0530 3740 NVENETFD - ok
19:29:03.0562 3740 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:29:03.0562 3740 NVHDA - ok
19:29:03.0764 3740 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:29:03.0811 3740 nvlddmkm - ok
19:29:03.0827 3740 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:29:03.0842 3740 nvraid - ok
19:29:03.0858 3740 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:29:03.0858 3740 nvstor - ok
19:29:03.0905 3740 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
19:29:03.0920 3740 NVSvc - ok
19:29:03.0983 3740 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:29:03.0983 3740 nvUpdatusService - ok
19:29:03.0998 3740 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:29:04.0014 3740 nv_agp - ok
19:29:04.0030 3740 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:29:04.0030 3740 ohci1394 - ok
19:29:04.0076 3740 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:29:04.0076 3740 ose - ok
19:29:04.0154 3740 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:29:04.0186 3740 osppsvc - ok
19:29:04.0201 3740 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:29:04.0201 3740 p2pimsvc - ok
19:29:04.0217 3740 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:29:04.0217 3740 p2psvc - ok
19:29:04.0232 3740 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:29:04.0232 3740 Parport - ok
19:29:04.0264 3740 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:29:04.0264 3740 partmgr - ok
19:29:04.0264 3740 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:29:04.0264 3740 PcaSvc - ok
19:29:04.0279 3740 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:29:04.0279 3740 pci - ok
19:29:04.0310 3740 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:29:04.0310 3740 pciide - ok
19:29:04.0326 3740 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:29:04.0326 3740 pcmcia - ok
19:29:04.0342 3740 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:29:04.0342 3740 pcw - ok
19:29:04.0357 3740 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:29:04.0357 3740 PEAUTH - ok
19:29:04.0451 3740 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:29:04.0451 3740 PerfHost - ok
19:29:04.0513 3740 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:29:04.0529 3740 pla - ok
19:29:04.0560 3740 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:29:04.0560 3740 PlugPlay - ok
19:29:04.0607 3740 [ 4FF73A83A25D0EEAD4F5E6C841BB6704 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
19:29:04.0607 3740 pnarp - ok
19:29:04.0622 3740 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:29:04.0638 3740 PNRPAutoReg - ok
19:29:04.0638 3740 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:29:04.0654 3740 PNRPsvc - ok
19:29:04.0669 3740 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:29:04.0685 3740 PolicyAgent - ok
19:29:04.0700 3740 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:29:04.0716 3740 Power - ok
19:29:04.0732 3740 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:29:04.0747 3740 PptpMiniport - ok
19:29:04.0763 3740 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:29:04.0763 3740 Processor - ok
19:29:04.0794 3740 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:29:04.0794 3740 ProfSvc - ok
19:29:04.0810 3740 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:29:04.0810 3740 ProtectedStorage - ok
19:29:04.0841 3740 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:29:04.0841 3740 Psched - ok
19:29:04.0888 3740 [ 9A68A89F10F283A23AFEE2A1BFE4BFFB ] purendis C:\Windows\system32\DRIVERS\purendis.sys
19:29:04.0888 3740 purendis - ok
19:29:04.0919 3740 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:29:04.0934 3740 ql2300 - ok
19:29:04.0966 3740 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:29:04.0966 3740 ql40xx - ok
19:29:04.0981 3740 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:29:04.0997 3740 QWAVE - ok
19:29:04.0997 3740 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:29:04.0997 3740 QWAVEdrv - ok
19:29:05.0012 3740 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:29:05.0012 3740 RasAcd - ok
19:29:05.0028 3740 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:29:05.0028 3740 RasAgileVpn - ok
19:29:05.0044 3740 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:29:05.0044 3740 RasAuto - ok
19:29:05.0075 3740 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:29:05.0075 3740 Rasl2tp - ok
19:29:05.0090 3740 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:29:05.0106 3740 RasMan - ok
19:29:05.0106 3740 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:29:05.0106 3740 RasPppoe - ok
19:29:05.0122 3740 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:29:05.0122 3740 RasSstp - ok
19:29:05.0153 3740 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:29:05.0168 3740 rdbss - ok
19:29:05.0168 3740 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:29:05.0168 3740 rdpbus - ok
19:29:05.0168 3740 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:29:05.0184 3740 RDPCDD - ok
19:29:05.0184 3740 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:29:05.0184 3740 RDPENCDD - ok
19:29:05.0200 3740 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:29:05.0200 3740 RDPREFMP - ok
19:29:05.0231 3740 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:29:05.0231 3740 RDPWD - ok
19:29:05.0246 3740 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:29:05.0246 3740 rdyboost - ok
19:29:05.0278 3740 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:29:05.0278 3740 RemoteAccess - ok
19:29:05.0309 3740 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:29:05.0309 3740 RemoteRegistry - ok
19:29:05.0340 3740 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:29:05.0340 3740 RpcEptMapper - ok
19:29:05.0356 3740 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:29:05.0356 3740 RpcLocator - ok
19:29:05.0387 3740 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:29:05.0387 3740 RpcSs - ok
19:29:05.0418 3740 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:29:05.0418 3740 rspndr - ok
19:29:05.0449 3740 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:29:05.0465 3740 RTL8167 - ok
19:29:05.0465 3740 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:29:05.0465 3740 SamSs - ok
19:29:05.0527 3740 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:29:05.0527 3740 SASDIFSV - ok
19:29:05.0543 3740 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:29:05.0543 3740 SASKUTIL - ok
19:29:05.0574 3740 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:29:05.0574 3740 sbp2port - ok
19:29:05.0605 3740 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:29:05.0605 3740 SCardSvr - ok
19:29:05.0636 3740 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:29:05.0636 3740 scfilter - ok
19:29:05.0668 3740 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:29:05.0683 3740 Schedule - ok
19:29:05.0699 3740 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:29:05.0699 3740 SCPolicySvc - ok
19:29:05.0714 3740 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:29:05.0714 3740 SDRSVC - ok
19:29:05.0746 3740 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:29:05.0746 3740 SeaPort - ok
19:29:05.0777 3740 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:29:05.0777 3740 secdrv - ok
19:29:05.0808 3740 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:29:05.0808 3740 seclogon - ok
19:29:05.0824 3740 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:29:05.0824 3740 SENS - ok
19:29:05.0839 3740 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:29:05.0839 3740 SensrSvc - ok
19:29:05.0855 3740 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:29:05.0855 3740 Serenum - ok
19:29:05.0870 3740 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:29:05.0870 3740 Serial - ok
19:29:05.0886 3740 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:29:05.0886 3740 sermouse - ok
19:29:05.0917 3740 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:29:05.0917 3740 SessionEnv - ok
19:29:05.0948 3740 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:29:05.0948 3740 sffdisk - ok
19:29:05.0948 3740 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:29:05.0964 3740 sffp_mmc - ok
19:29:05.0964 3740 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:29:05.0964 3740 sffp_sd - ok
19:29:05.0980 3740 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:29:05.0980 3740 sfloppy - ok
19:29:06.0011 3740 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:29:06.0026 3740 Sftfs - ok
19:29:06.0058 3740 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:29:06.0058 3740 sftlist - ok
19:29:06.0073 3740 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:29:06.0073 3740 Sftplay - ok
19:29:06.0089 3740 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:29:06.0089 3740 Sftredir - ok
19:29:06.0104 3740 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:29:06.0104 3740 Sftvol - ok
19:29:06.0120 3740 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:29:06.0120 3740 sftvsa - ok
19:29:06.0136 3740 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:29:06.0151 3740 SharedAccess - ok
19:29:06.0167 3740 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:29:06.0167 3740 ShellHWDetection - ok
19:29:06.0182 3740 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:29:06.0182 3740 SiSRaid2 - ok
19:29:06.0198 3740 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:29:06.0198 3740 SiSRaid4 - ok
19:29:06.0214 3740 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:29:06.0214 3740 Smb - ok
19:29:06.0229 3740 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:29:06.0245 3740 SNMPTRAP - ok
19:29:06.0260 3740 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:29:06.0260 3740 spldr - ok
19:29:06.0292 3740 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:29:06.0292 3740 Spooler - ok
19:29:06.0385 3740 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:29:06.0401 3740 sppsvc - ok
19:29:06.0401 3740 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:29:06.0416 3740 sppuinotify - ok
19:29:06.0432 3740 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:29:06.0448 3740 srv - ok
19:29:06.0463 3740 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:29:06.0463 3740 srv2 - ok
19:29:06.0463 3740 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:29:06.0463 3740 srvnet - ok
19:29:06.0494 3740 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:29:06.0494 3740 SSDPSRV - ok
19:29:06.0510 3740 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:29:06.0510 3740 SstpSvc - ok
19:29:06.0526 3740 Steam Client Service - ok
19:29:06.0588 3740 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:29:06.0588 3740 Stereo Service - ok
19:29:06.0619 3740 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:29:06.0619 3740 stexstor - ok
19:29:06.0635 3740 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:29:06.0650 3740 stisvc - ok
19:29:06.0682 3740 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:29:06.0682 3740 swenum - ok
19:29:06.0697 3740 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:29:06.0713 3740 swprv - ok
19:29:06.0760 3740 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:29:06.0775 3740 SysMain - ok
19:29:06.0806 3740 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:29:06.0806 3740 TabletInputService - ok
19:29:06.0822 3740 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:29:06.0822 3740 TapiSrv - ok
19:29:06.0838 3740 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:29:06.0853 3740 TBS - ok
19:29:06.0916 3740 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:29:06.0931 3740 Tcpip - ok
19:29:06.0947 3740 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:29:06.0962 3740 TCPIP6 - ok
19:29:06.0978 3740 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:29:06.0978 3740 tcpipreg - ok
19:29:06.0994 3740 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:29:06.0994 3740 TDPIPE - ok
19:29:07.0009 3740 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:29:07.0009 3740 TDTCP - ok
19:29:07.0040 3740 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:29:07.0040 3740 tdx - ok
19:29:07.0056 3740 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:29:07.0056 3740 TermDD - ok
19:29:07.0087 3740 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:29:07.0103 3740 TermService - ok
19:29:07.0118 3740 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:29:07.0118 3740 Themes - ok
19:29:07.0134 3740 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:29:07.0134 3740 THREADORDER - ok
19:29:07.0150 3740 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:29:07.0150 3740 TrkWks - ok
19:29:07.0196 3740 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:29:07.0196 3740 TrustedInstaller - ok
19:29:07.0228 3740 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:29:07.0228 3740 tssecsrv - ok
19:29:07.0274 3740 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:29:07.0274 3740 TsUsbFlt - ok
19:29:07.0290 3740 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:29:07.0306 3740 tunnel - ok
19:29:07.0321 3740 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:29:07.0321 3740 uagp35 - ok
19:29:07.0352 3740 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:29:07.0352 3740 udfs - ok
19:29:07.0399 3740 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:29:07.0399 3740 UI0Detect - ok
19:29:07.0415 3740 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:29:07.0415 3740 uliagpkx - ok
19:29:07.0446 3740 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:29:07.0446 3740 umbus - ok
19:29:07.0462 3740 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:29:07.0462 3740 UmPass - ok
19:29:07.0477 3740 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:29:07.0493 3740 upnphost - ok
19:29:07.0524 3740 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:29:07.0524 3740 USBAAPL64 - ok
19:29:07.0540 3740 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:29:07.0540 3740 usbccgp - ok
19:29:07.0555 3740 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:29:07.0555 3740 usbcir - ok
19:29:07.0571 3740 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:29:07.0571 3740 usbehci - ok
19:29:07.0602 3740 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:29:07.0602 3740 usbhub - ok
19:29:07.0618 3740 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:29:07.0618 3740 usbohci - ok
19:29:07.0633 3740 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:29:07.0633 3740 usbprint - ok
19:29:07.0664 3740 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:29:07.0664 3740 usbscan - ok
19:29:07.0680 3740 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:29:07.0680 3740 USBSTOR - ok
19:29:07.0680 3740 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:29:07.0696 3740 usbuhci - ok
19:29:07.0711 3740 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:29:07.0711 3740 UxSms - ok
19:29:07.0711 3740 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:29:07.0727 3740 VaultSvc - ok
19:29:07.0727 3740 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:29:07.0727 3740 vdrvroot - ok
19:29:07.0758 3740 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:29:07.0774 3740 vds - ok
19:29:07.0774 3740 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:29:07.0774 3740 vga - ok
19:29:07.0789 3740 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:29:07.0789 3740 VgaSave - ok
19:29:07.0805 3740 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:29:07.0820 3740 vhdmp - ok
19:29:07.0852 3740 [ BA1DA5CD689E9473D99731A2E1FF2FB5 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
19:29:07.0852 3740 VIAHdAudAddService - ok
19:29:07.0867 3740 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:29:07.0867 3740 viaide - ok
19:29:07.0883 3740 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:29:07.0883 3740 volmgr - ok
19:29:07.0898 3740 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:29:07.0898 3740 volmgrx - ok
19:29:07.0914 3740 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:29:07.0914 3740 volsnap - ok
19:29:07.0945 3740 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:29:07.0945 3740 vsmraid - ok
19:29:07.0992 3740 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:29:08.0008 3740 VSS - ok
19:29:08.0023 3740 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:29:08.0023 3740 vwifibus - ok
19:29:08.0054 3740 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:29:08.0070 3740 W32Time - ok
19:29:08.0070 3740 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:29:08.0086 3740 WacomPen - ok
19:29:08.0086 3740 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:29:08.0086 3740 WANARP - ok
19:29:08.0086 3740 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:29:08.0086 3740 Wanarpv6 - ok
19:29:08.0132 3740 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:29:08.0132 3740 WatAdminSvc - ok
19:29:08.0164 3740 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:29:08.0179 3740 wbengine - ok
19:29:08.0195 3740 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:29:08.0195 3740 WbioSrvc - ok
19:29:08.0226 3740 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:29:08.0226 3740 wcncsvc - ok
19:29:08.0242 3740 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:29:08.0257 3740 WcsPlugInService - ok
19:29:08.0257 3740 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:29:08.0257 3740 Wd - ok
19:29:08.0288 3740 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:29:08.0288 3740 Wdf01000 - ok
19:29:08.0304 3740 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:29:08.0304 3740 WdiServiceHost - ok
19:29:08.0304 3740 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:29:08.0320 3740 WdiSystemHost - ok
19:29:08.0335 3740 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:29:08.0351 3740 WebClient - ok
19:29:08.0351 3740 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:29:08.0366 3740 Wecsvc - ok
19:29:08.0366 3740 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:29:08.0366 3740 wercplsupport - ok
19:29:08.0382 3740 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:29:08.0382 3740 WerSvc - ok
19:29:08.0398 3740 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:29:08.0398 3740 WfpLwf - ok
19:29:08.0413 3740 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:29:08.0413 3740 WIMMount - ok
19:29:08.0429 3740 WinDefend - ok
19:29:08.0429 3740 WinHttpAutoProxySvc - ok
19:29:08.0491 3740 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:29:08.0491 3740 Winmgmt - ok
19:29:08.0554 3740 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:29:08.0554 3740 WinRM - ok
19:29:08.0600 3740 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:29:08.0600 3740 WinUsb - ok
19:29:08.0632 3740 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:29:08.0663 3740 Wlansvc - ok
19:29:08.0803 3740 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:29:08.0803 3740 wlidsvc - ok
19:29:08.0834 3740 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:29:08.0834 3740 WmiAcpi - ok
19:29:08.0850 3740 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:29:08.0850 3740 wmiApSrv - ok
19:29:08.0866 3740 WMPNetworkSvc - ok
19:29:08.0881 3740 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:29:08.0881 3740 WPCSvc - ok
19:29:08.0897 3740 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:29:08.0912 3740 WPDBusEnum - ok
19:29:08.0928 3740 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:29:08.0928 3740 ws2ifsl - ok
19:29:08.0975 3740 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:29:08.0990 3740 wscsvc - ok
19:29:08.0990 3740 WSearch - ok
19:29:09.0053 3740 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:29:09.0068 3740 wuauserv - ok
19:29:09.0100 3740 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:29:09.0100 3740 WudfPf - ok
19:29:09.0131 3740 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:29:09.0131 3740 WUDFRd - ok
19:29:09.0146 3740 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:29:09.0146 3740 wudfsvc - ok
19:29:09.0193 3740 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:29:09.0193 3740 WwanSvc - ok
19:29:10.0285 3740 X6va005 - ok
19:29:11.0081 3740 X6va006 - ok
19:29:12.0048 3740 X6va008 - ok
19:29:12.0157 3740 xsherlock - ok
19:29:12.0204 3740 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:29:12.0204 3740 YahooAUService - ok
19:29:12.0220 3740 ================ Scan global ===============================
19:29:12.0235 3740 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:29:12.0266 3740 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:29:12.0266 3740 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:29:12.0282 3740 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:29:12.0298 3740 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:29:12.0298 3740 [Global] - ok
19:29:12.0298 3740 ================ Scan MBR ==================================
19:29:12.0313 3740 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:29:12.0516 3740 \Device\Harddisk0\DR0 - ok
19:29:12.0516 3740 ================ Scan VBR ==================================
19:29:12.0516 3740 [ B49C132B29793A006F2A457354A0944C ] \Device\Harddisk0\DR0\Partition1
19:29:12.0532 3740 \Device\Harddisk0\DR0\Partition1 - ok
19:29:12.0532 3740 [ 8D1AB618FDC82D1A03AB5389E4ACED9A ] \Device\Harddisk0\DR0\Partition2
19:29:12.0532 3740 \Device\Harddisk0\DR0\Partition2 - ok
19:29:12.0532 3740 ============================================================
19:29:12.0532 3740 Scan finished
19:29:12.0532 3740 ============================================================
19:29:12.0532 1612 Detected object count: 0
19:29:12.0532 1612 Actual detected object count: 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users