Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUM.UserWLoad & Trojan.Ransom Viruses


  • Please log in to reply
6 replies to this topic

#1 Goodbye45

Goodbye45

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:24 AM

Posted 28 November 2012 - 11:37 AM

I was working on my computer last night and suddenly my camera activated and the dreaded FBI virus presented itself. I ran Malwarebytes and it found and deleted them, but it appears they have attached themsleves to a start up registry value in this manner:

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Kelley\LOCALS~1\Temp\msrafp.cmd -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Kelley\LOCALS~1\Temp\msrafp.cmd -> No action taken.

Any help with these viruses would be much appreciated.

Thank You,

Kelley

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:24 AM

Posted 28 November 2012 - 12:26 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 Goodbye45

Goodbye45
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:24 AM

Posted 28 November 2012 - 01:05 PM

Thank you for your help!

Security Check Log:
Results of screen317's Security Check version 0.99.56
Windows Vista Service Pack 2 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Windows Firewall Disabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.0.1400
CCleaner
JavaFX 2.1.1
Java™ 6 Update 31
Java 7 Update 7
Java™ 6 Update 5
Java version out of Date!
Adobe Flash Player 11.4.402.265
Adobe Reader 8 Adobe Reader out of Date!
Mozilla Firefox 16.0.2 Firefox out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbam.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

Fanbar Log

Farbar Service Scanner Version: 09-11-2012
Ran by Kelley (administrator) on 28-11-2012 at 11:35:17
Running from "C:\Users\Kelley\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
IE proxy is enabled.



Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-12-04 04:46] - [2009-04-11 01:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2012-02-14 15:38] - [2012-01-03 08:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-10 07:32] - [2012-03-30 06:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E

C:\Windows\System32\dnsrslvr.dll
[2011-04-14 07:29] - [2011-03-02 10:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2009-12-04 04:46] - [2009-04-11 01:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-12-04 04:46] - [2009-04-11 01:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-12-04 04:46] - [2009-04-11 01:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-12-04 04:45] - [2009-04-11 01:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-12-04 04:46] - [2009-04-11 01:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll
[2009-12-04 04:46] - [2009-04-11 01:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-12-04 04:46] - [2009-04-11 01:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2012-10-10 07:41] - [2012-06-01 18:20] - 0174592 ____A (Microsoft Corporation) CA78B312C44E4D52E842C2C8BD48E452

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-12-04 04:46] - [2009-04-11 01:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****

Minitoolbox Log

MiniToolBox by Farbar Version: 25-11-2012
Ran by Kelley (administrator) on 28-11-2012 at 11:37:59
Running from "C:\Users\Kelley\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Network
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Kelley-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-16-44-E7-8C-93
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::75a9:8cfc:90c:3624%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 28, 2012 11:33:38 AM
Lease Expires . . . . . . . . . . : Thursday, November 29, 2012 11:33:38 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 201332292
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-1F-7B-3D-00-21-70-7B-C1-03
DNS Servers . . . . . . . . . . . : 68.105.28.11
68.105.29.11
68.105.28.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ok.cox.net
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-21-70-7B-C1-03
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.ok.cox.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{A9A5C391-D30E-4668-AD9E-F586EEF05F83}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{44FDC1CD-6C44-43DB-A994-7A3C6D758C0B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 68.105.28.11

Name: google.com
Addresses: 2607:f8b0:4007:801::100e
74.125.224.167
74.125.224.168
74.125.224.169
74.125.224.174
74.125.224.160
74.125.224.161
74.125.224.162
74.125.224.163
74.125.224.164
74.125.224.165
74.125.224.166



Pinging google.com [74.125.224.196] with 32 bytes of data:

Reply from 74.125.224.196: bytes=32 time=50ms TTL=52

Reply from 74.125.224.196: bytes=32 time=56ms TTL=52



Ping statistics for 74.125.224.196:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 50ms, Maximum = 56ms, Average = 53ms

Server: cdns1.cox.net
Address: 68.105.28.11

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=428ms TTL=52

Reply from 98.139.183.24: bytes=32 time=444ms TTL=52



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 428ms, Maximum = 444ms, Average = 436ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 16 44 e7 8c 93 ...... Dell Wireless 1397 WLAN Mini-Card
11 ...00 21 70 7b c1 03 ...... Broadcom NetLink ™ Gigabit Ethernet
1 ........................... Software Loopback Interface 1
18 ...00 00 00 00 00 00 00 e0 isatap.ok.cox.net
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
20 ...00 00 00 00 00 00 00 e0 isatap.{A9A5C391-D30E-4668-AD9E-F586EEF05F83}
17 ...00 00 00 00 00 00 00 e0 isatap.{44FDC1CD-6C44-43DB-A994-7A3C6D758C0B}
19 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::75a9:8cfc:90c:3624/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [44032] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/28/2012 11:34:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 11:33:48 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (11/28/2012 11:28:44 AM) (Source: Application Error) (User: )
Description: Faulting application aswMBR.exe, version 0.9.9.1707, time stamp 0x509be8bf, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000005, fault offset 0x0002ab6e,
process id 0xadc, application start time 0xaswMBR.exe0.

Error: (11/28/2012 10:18:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 10:17:50 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (11/28/2012 10:13:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 10:12:34 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (11/28/2012 09:52:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 09:51:38 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (11/28/2012 09:43:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2011-11-04 12:46:36.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\Backup\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c_tcpip.sys_3339bd51 because the set of per-page image hashes could not be found on the system.

Date: 2011-11-04 12:46:36.344
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\Backup\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c_tcpip.sys_3339bd51 because the set of per-page image hashes could not be found on the system.

Date: 2011-11-04 12:46:36.188
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\Backup\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c_tcpip.sys_3339bd51 because the set of per-page image hashes could not be found on the system.

Date: 2011-11-04 12:46:36.032
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\Backup\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c_tcpip.sys_3339bd51 because the set of per-page image hashes could not be found on the system.

Date: 2011-11-04 12:46:35.861
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\Backup\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c_tcpip.sys_3339bd51 because the set of per-page image hashes could not be found on the system.

Date: 2011-11-04 12:46:35.658
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\Backup\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c_tcpip.sys_3339bd51 because the set of per-page image hashes could not be found on the system.

Date: 2011-11-04 12:46:18.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-11-04 12:46:18.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-11-04 12:46:18.654
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-11-04 12:46:18.498
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Apple Mobile Device Support (Version: 6.0.0.59)
Bonjour (Version: 3.0.0.10)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Touchpad (Version: 7.102.101.104)
Fax Solutions
iCloud (Version: 1.1.0.40)
Integrated Webcam Driver (1.00.08.0216)
iPhone Tool Kits 2.8.0
iTunes (Version: 10.7.0.21)
Java 3D 1.5.1 (x64) (Version: 1.5.1)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
QuickSet (Version: 9.0.12)
Recuva (Version: 1.42)
SPBBC 64bit (Version: 107.0.0.134)
WIDCOMM Bluetooth Software 6.1.0.4401 (Version: 6.1.0.4401)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (Version: 11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Yontoo 1.10.02 (Version: 1.10.02)

========================= Devices: ================================

Name: isatap.fxo4203.dal.wayport.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Consumer IR Devices
Description: Consumer IR Devices
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: circlass
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 4085.05 MB
Available physical RAM: 3044.27 MB
Total Pagefile: 8345.39 MB
Available Pagefile: 7334.66 MB
Total Virtual: 4095.88 MB
Available Virtual: 3998.08 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:288.29 GB) (Free:137.61 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:9.77 GB) (Free:4.67 GB) NTFS

========================= Users: ========================================

User accounts for \\KELLEY-PC

Administrator Guest Kelley
Kyla


**** End of log ****

Malwarebytes Log:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.28.07

Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Kelley :: KELLEY-PC [administrator]

11/28/2012 11:40:37 AM
mbam-log-2012-11-28 (11-40-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236305
Time elapsed: 5 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Kelley\LOCALS~1\Temp\msrafp.cmd -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Kelley\LOCALS~1\Temp\msrafp.cmd -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Kelley\AppData\Local\Temp\Temporary Internet Files\Content.IE5\C7U81V4C\load_153[1].exe (Trojan.Winlock) -> Quarantined and deleted successfully.

(end)


aswMBR Log - It seemed like it froze but I am not sure?
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-28 11:48:20
-----------------------------
11:48:20.631 OS Version: Windows x64 6.0.6002 Service Pack 2
11:48:20.631 Number of processors: 2 586 0x1706
11:48:20.631 ComputerName: KELLEY-PC UserName: Kelley
11:48:22.838 Initialize success
11:48:38.280 AVAST engine defs: 12112800
11:49:11.806 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:49:11.808 Disk 0 Vendor: WDC_WD3200BEVT-75ZCT0 11.01A11 Size: 305245MB BusType: 3
11:49:11.825 Disk 0 MBR read successfully
11:49:11.827 Disk 0 MBR scan
11:49:11.834 Disk 0 Windows VISTA default MBR code
11:49:11.838 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
11:49:11.875 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 80325
11:49:11.892 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 295205 MB offset 20560325
11:49:11.916 Disk 0 scanning C:\Windows\system32\drivers
11:49:21.858 Service scanning
11:49:44.236 Modules scanning
11:49:44.244 Disk 0 trace - called modules:
11:49:44.275 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
11:49:44.282 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80047bc380]
11:49:44.287 3 CLASSPNP.SYS[fffffa6000dd1c33] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004566060]
11:49:47.574 AVAST engine scan C:\Windows
11:49:51.204 AVAST engine scan C:\Windows\system32
11:55:05.452 AVAST engine scan C:\Windows\system32\drivers
11:55:36.651 AVAST engine scan C:\Users\Kelley
11:55:52.486 File: C:\Users\Kelley\AppData\Local\c1392a4f\U\80000000.@ **INFECTED** Win32:Malware-gen
11:56:53.683 File: C:\Users\Kelley\AppData\Local\Temp\1A59A8145A3.tmp **INFECTED** Win32:Malware-gen
11:56:59.186 File: C:\Users\Kelley\AppData\Local\Temp\B6F8C0489A.tmp **INFECTED** Win32:Malware-gen
11:58:58.429 Disk 0 MBR has been saved successfully to "C:\Users\Kelley\Downloads\MBR.dat"
11:58:58.438 The log file has been saved successfully to "C:\Users\Kelley\Downloads\aswMBR.txt"

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:24 AM

Posted 28 November 2012 - 01:32 PM

Any particular reason you ran all scans from safe mode?

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 Goodbye45

Goodbye45
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:24 AM

Posted 28 November 2012 - 01:41 PM

I am working in safe mode because the viruses are freaking me out a little. Also I keep getting a DesKtop error saying unable to load. Computer seems to run but not sure why the desktop error is occurring. Cant remember the exact parameters but I can try and start the computer normally and get the exact error message for you.

TDSS Killer Log

12:34:56.0690 0288 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:34:57.0061 0288 ============================================================
12:34:57.0061 0288 Current date / time: 2012/11/28 12:34:57.0061
12:34:57.0061 0288 SystemInfo:
12:34:57.0061 0288
12:34:57.0061 0288 OS Version: 6.0.6002 ServicePack: 2.0
12:34:57.0061 0288 Product type: Workstation
12:34:57.0062 0288 ComputerName: KELLEY-PC
12:34:57.0062 0288 UserName: Kelley
12:34:57.0062 0288 Windows directory: C:\Windows
12:34:57.0062 0288 System windows directory: C:\Windows
12:34:57.0062 0288 Running under WOW64
12:34:57.0062 0288 Processor architecture: Intel x64
12:34:57.0062 0288 Number of processors: 2
12:34:57.0062 0288 Page size: 0x1000
12:34:57.0062 0288 Boot type: Safe boot with network
12:34:57.0062 0288 ============================================================
12:34:58.0412 0288 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:34:58.0417 0288 ============================================================
12:34:58.0417 0288 \Device\Harddisk0\DR0:
12:34:58.0417 0288 MBR partitions:
12:34:58.0417 0288 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1388000
12:34:58.0417 0288 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x139B9C5, BlocksNum 0x240928EB
12:34:58.0417 0288 ============================================================
12:34:58.0447 0288 C: <-> \Device\Harddisk0\DR0\Partition2
12:34:58.0486 0288 D: <-> \Device\Harddisk0\DR0\Partition1
12:34:58.0486 0288 ============================================================
12:34:58.0486 0288 Initialize success
12:34:58.0486 0288 ============================================================
12:35:20.0291 1276 ============================================================
12:35:20.0291 1276 Scan started
12:35:20.0291 1276 Mode: Manual;
12:35:20.0291 1276 ============================================================
12:35:20.0799 1276 ================ Scan system memory ========================
12:35:20.0799 1276 System memory - ok
12:35:20.0800 1276 ================ Scan services =============================
12:35:21.0014 1276 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:35:21.0020 1276 ACPI - ok
12:35:21.0120 1276 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:35:21.0130 1276 adp94xx - ok
12:35:21.0190 1276 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:35:21.0196 1276 adpahci - ok
12:35:21.0218 1276 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:35:21.0222 1276 adpu160m - ok
12:35:21.0238 1276 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:35:21.0242 1276 adpu320 - ok
12:35:21.0307 1276 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:35:21.0308 1276 AeLookupSvc - ok
12:35:21.0417 1276 [ 05F4262FDBDFAECA7EF9B3F0807508FC ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_d0e22e95\AESTSr64.exe
12:35:21.0422 1276 AESTFilters - ok
12:35:21.0502 1276 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
12:35:21.0510 1276 AFD - ok
12:35:21.0556 1276 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:35:21.0558 1276 agp440 - ok
12:35:21.0621 1276 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:35:21.0623 1276 aic78xx - ok
12:35:21.0646 1276 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
12:35:21.0648 1276 ALG - ok
12:35:21.0706 1276 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
12:35:21.0708 1276 aliide - ok
12:35:21.0741 1276 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
12:35:21.0742 1276 amdide - ok
12:35:21.0785 1276 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:35:21.0787 1276 AmdK8 - ok
12:35:21.0843 1276 [ 48F957A11AF8B8278C4A38EEEDDD49B9 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
12:35:21.0845 1276 ApfiltrService - ok
12:35:21.0922 1276 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
12:35:21.0924 1276 Appinfo - ok
12:35:22.0077 1276 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:35:22.0083 1276 Apple Mobile Device - ok
12:35:22.0109 1276 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
12:35:22.0112 1276 arc - ok
12:35:22.0164 1276 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:35:22.0166 1276 arcsas - ok
12:35:22.0251 1276 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:35:22.0306 1276 aspnet_state - ok
12:35:22.0354 1276 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:35:22.0355 1276 AsyncMac - ok
12:35:22.0390 1276 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
12:35:22.0391 1276 atapi - ok
12:35:22.0468 1276 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:35:22.0476 1276 AudioEndpointBuilder - ok
12:35:22.0501 1276 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:35:22.0504 1276 AudioSrv - ok
12:35:22.0585 1276 [ 5CF83243046CFE2F8DB7FE7D0F887AF1 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
12:35:22.0586 1276 BCM42RLY - ok
12:35:22.0688 1276 [ 45747BA04C8A5EA8B71BDD256E6537FF ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:35:22.0696 1276 BCM43XX - ok
12:35:22.0795 1276 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
12:35:22.0804 1276 BFE - ok
12:35:22.0889 1276 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
12:35:22.0945 1276 BITS - ok
12:35:22.0976 1276 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:35:22.0978 1276 blbdrive - ok
12:35:23.0109 1276 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:35:23.0119 1276 Bonjour Service - ok
12:35:23.0151 1276 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:35:23.0153 1276 bowser - ok
12:35:23.0208 1276 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:35:23.0210 1276 BrFiltLo - ok
12:35:23.0226 1276 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:35:23.0227 1276 BrFiltUp - ok
12:35:23.0273 1276 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
12:35:23.0276 1276 Browser - ok
12:35:23.0328 1276 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
12:35:23.0331 1276 Brserid - ok
12:35:23.0348 1276 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:35:23.0349 1276 BrSerWdm - ok
12:35:23.0375 1276 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:35:23.0377 1276 BrUsbMdm - ok
12:35:23.0390 1276 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:35:23.0392 1276 BrUsbSer - ok
12:35:23.0444 1276 [ 09F926A0D9C0BAFD8417A4307D2ED13C ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
12:35:23.0445 1276 BthEnum - ok
12:35:23.0490 1276 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:35:23.0492 1276 BTHMODEM - ok
12:35:23.0555 1276 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:35:23.0558 1276 BthPan - ok
12:35:23.0656 1276 [ E1466882252FF51EDDE48C3F7EDA2591 ] BthPort C:\Windows\system32\Drivers\BTHport.sys
12:35:23.0679 1276 BthPort - ok
12:35:23.0750 1276 [ 22E65FFD640F16968F855F5B3528D366 ] BthServ C:\Windows\System32\bthserv.dll
12:35:23.0751 1276 BthServ - ok
12:35:23.0784 1276 [ 970192CDED77A128E7E30722E5EE6B9C ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
12:35:23.0786 1276 BTHUSB - ok
12:35:23.0814 1276 [ 319C67F7D157EAAC519DCC5F29E929D0 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:35:23.0816 1276 btwaudio - ok
12:35:23.0873 1276 [ 0B79273C8C2846D28AAB936E7A2DBAAD ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
12:35:23.0876 1276 btwavdt - ok
12:35:23.0975 1276 [ A1B02A6120F0B6111B2360E191CAF69B ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
12:35:23.0998 1276 btwdins - ok
12:35:24.0058 1276 [ FDA1B5124E07003C3D0D279E5050485E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:35:24.0059 1276 btwl2cap - ok
12:35:24.0125 1276 [ 47216D8B5F4042E6D0736BFA2E57B5DF ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:35:24.0127 1276 btwrchid - ok
12:35:24.0136 1276 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:35:24.0138 1276 cdfs - ok
12:35:24.0205 1276 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:35:24.0208 1276 cdrom - ok
12:35:24.0277 1276 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
12:35:24.0278 1276 CertPropSvc - ok
12:35:24.0296 1276 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:35:24.0298 1276 circlass - ok
12:35:24.0326 1276 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
12:35:24.0334 1276 CLFS - ok
12:35:24.0429 1276 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:35:24.0433 1276 clr_optimization_v2.0.50727_32 - ok
12:35:24.0497 1276 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:35:24.0501 1276 clr_optimization_v2.0.50727_64 - ok
12:35:24.0623 1276 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:35:24.0774 1276 clr_optimization_v4.0.30319_32 - ok
12:35:24.0806 1276 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:35:24.0848 1276 clr_optimization_v4.0.30319_64 - ok
12:35:24.0914 1276 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:35:24.0916 1276 CmBatt - ok
12:35:24.0947 1276 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:35:24.0949 1276 cmdide - ok
12:35:24.0978 1276 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:35:24.0980 1276 Compbatt - ok
12:35:24.0985 1276 COMSysApp - ok
12:35:25.0004 1276 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:35:25.0005 1276 crcdisk - ok
12:35:25.0043 1276 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:35:25.0047 1276 CryptSvc - ok
12:35:25.0129 1276 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:35:25.0151 1276 DcomLaunch - ok
12:35:25.0226 1276 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:35:25.0229 1276 DfsC - ok
12:35:25.0318 1276 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
12:35:25.0417 1276 DFSR - ok
12:35:25.0516 1276 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:35:25.0522 1276 Dhcp - ok
12:35:25.0548 1276 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
12:35:25.0551 1276 disk - ok
12:35:25.0598 1276 dlcc_device - ok
12:35:25.0665 1276 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:35:25.0667 1276 Dnscache - ok
12:35:25.0701 1276 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
12:35:25.0706 1276 dot3svc - ok
12:35:25.0773 1276 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
12:35:25.0777 1276 DPS - ok
12:35:25.0852 1276 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:35:25.0853 1276 drmkaud - ok
12:35:25.0902 1276 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:35:25.0924 1276 DXGKrnl - ok
12:35:26.0006 1276 [ 17D40652EF3E55EEAE187A89DF40965A ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
12:35:26.0014 1276 e1express - ok
12:35:26.0035 1276 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
12:35:26.0039 1276 E1G60 - ok
12:35:26.0092 1276 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
12:35:26.0094 1276 EapHost - ok
12:35:26.0169 1276 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
12:35:26.0173 1276 Ecache - ok
12:35:26.0227 1276 [ CB1388BA239774F7082946A091845C8B ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:35:26.0237 1276 eeCtrl - ok
12:35:26.0336 1276 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:35:26.0344 1276 ehRecvr - ok
12:35:26.0360 1276 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
12:35:26.0364 1276 ehSched - ok
12:35:26.0418 1276 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
12:35:26.0419 1276 ehstart - ok
12:35:26.0447 1276 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:35:26.0455 1276 elxstor - ok
12:35:26.0511 1276 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:35:26.0519 1276 EMDMgmt - ok
12:35:26.0549 1276 [ C77629D2CD4F2E917C51314FA2674E30 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:35:26.0552 1276 EraserUtilRebootDrv - ok
12:35:26.0578 1276 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:35:26.0579 1276 ErrDev - ok
12:35:26.0657 1276 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
12:35:26.0664 1276 EventSystem - ok
12:35:26.0698 1276 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
12:35:26.0702 1276 exfat - ok
12:35:26.0742 1276 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:35:26.0746 1276 fastfat - ok
12:35:26.0817 1276 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:35:26.0819 1276 fdc - ok
12:35:26.0841 1276 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
12:35:26.0843 1276 fdPHost - ok
12:35:26.0857 1276 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
12:35:26.0859 1276 FDResPub - ok
12:35:26.0875 1276 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:35:26.0877 1276 FileInfo - ok
12:35:26.0899 1276 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:35:26.0901 1276 Filetrace - ok
12:35:26.0922 1276 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:35:26.0924 1276 flpydisk - ok
12:35:26.0957 1276 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:35:26.0963 1276 FltMgr - ok
12:35:27.0044 1276 [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb C:\Windows\system32\DRIVERS\FlyUsb.sys
12:35:27.0045 1276 FlyUsb - ok
12:35:27.0185 1276 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
12:35:27.0218 1276 FontCache - ok
12:35:27.0297 1276 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:35:27.0299 1276 FontCache3.0.0.0 - ok
12:35:27.0327 1276 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:35:27.0328 1276 Fs_Rec - ok
12:35:27.0360 1276 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:35:27.0363 1276 gagp30kx - ok
12:35:27.0433 1276 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:35:27.0434 1276 GEARAspiWDM - ok
12:35:27.0479 1276 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
12:35:27.0501 1276 gpsvc - ok
12:35:27.0636 1276 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:35:27.0639 1276 gupdate - ok
12:35:27.0667 1276 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:35:27.0668 1276 gupdatem - ok
12:35:27.0709 1276 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:35:27.0714 1276 gusvc - ok
12:35:27.0773 1276 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:35:27.0795 1276 HDAudBus - ok
12:35:27.0820 1276 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:35:27.0822 1276 HidBth - ok
12:35:27.0850 1276 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:35:27.0852 1276 HidIr - ok
12:35:27.0882 1276 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
12:35:27.0883 1276 hidserv - ok
12:35:27.0915 1276 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:35:27.0916 1276 HidUsb - ok
12:35:27.0943 1276 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
12:35:27.0946 1276 hkmsvc - ok
12:35:28.0008 1276 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:35:28.0010 1276 HpCISSs - ok
12:35:28.0049 1276 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:35:28.0071 1276 HTTP - ok
12:35:28.0093 1276 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:35:28.0095 1276 i2omp - ok
12:35:28.0140 1276 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:35:28.0141 1276 i8042prt - ok
12:35:28.0168 1276 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:35:28.0174 1276 iaStorV - ok
12:35:28.0246 1276 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:35:28.0279 1276 idsvc - ok
12:35:28.0535 1276 [ DF87170EC724080676C18D5A0AF87FC5 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:35:28.0689 1276 igfx - ok
12:35:28.0713 1276 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:35:28.0716 1276 iirsp - ok
12:35:28.0756 1276 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
12:35:28.0765 1276 IKEEXT - ok
12:35:28.0816 1276 [ 574DBB0A69845E90C8BA1A2AA8BEB527 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
12:35:28.0820 1276 IntcHdmiAddService - ok
12:35:28.0827 1276 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
12:35:28.0828 1276 intelide - ok
12:35:28.0840 1276 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:35:28.0842 1276 intelppm - ok
12:35:28.0867 1276 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:35:28.0870 1276 IPBusEnum - ok
12:35:28.0899 1276 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:35:28.0901 1276 IpFilterDriver - ok
12:35:28.0944 1276 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:35:28.0949 1276 iphlpsvc - ok
12:35:28.0954 1276 IpInIp - ok
12:35:28.0978 1276 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:35:28.0981 1276 IPMIDRV - ok
12:35:29.0003 1276 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:35:29.0005 1276 IPNAT - ok
12:35:29.0107 1276 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:35:29.0152 1276 iPod Service - ok
12:35:29.0158 1276 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:35:29.0160 1276 IRENUM - ok
12:35:29.0187 1276 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:35:29.0189 1276 isapnp - ok
12:35:29.0232 1276 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:35:29.0234 1276 iScsiPrt - ok
12:35:29.0239 1276 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:35:29.0240 1276 iteatapi - ok
12:35:29.0266 1276 [ 5FEF11C18EC25CDCB27E6C8680690B69 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
12:35:29.0268 1276 itecir - ok
12:35:29.0295 1276 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:35:29.0297 1276 iteraid - ok
12:35:29.0359 1276 [ 2798447996FEB5A58B584C8443ACAD02 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
12:35:29.0364 1276 k57nd60a - ok
12:35:29.0384 1276 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:35:29.0384 1276 kbdclass - ok
12:35:29.0427 1276 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:35:29.0428 1276 kbdhid - ok
12:35:29.0474 1276 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
12:35:29.0476 1276 KeyIso - ok
12:35:29.0525 1276 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:35:29.0545 1276 KSecDD - ok
12:35:29.0600 1276 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:35:29.0602 1276 ksthunk - ok
12:35:29.0680 1276 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
12:35:29.0689 1276 KtmRm - ok
12:35:29.0735 1276 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:35:29.0749 1276 LanmanServer - ok
12:35:29.0814 1276 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:35:29.0819 1276 LanmanWorkstation - ok
12:35:30.0075 1276 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
12:35:30.0216 1276 LeapFrog Connect Device Service - ok
12:35:30.0276 1276 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:35:30.0278 1276 lltdio - ok
12:35:30.0310 1276 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:35:30.0316 1276 lltdsvc - ok
12:35:30.0336 1276 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:35:30.0338 1276 lmhosts - ok
12:35:30.0368 1276 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:35:30.0371 1276 LSI_FC - ok
12:35:30.0388 1276 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:35:30.0391 1276 LSI_SAS - ok
12:35:30.0460 1276 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:35:30.0463 1276 LSI_SCSI - ok
12:35:30.0479 1276 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
12:35:30.0482 1276 luafv - ok
12:35:30.0509 1276 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:35:30.0512 1276 Mcx2Svc - ok
12:35:30.0553 1276 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
12:35:30.0555 1276 megasas - ok
12:35:30.0610 1276 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:35:30.0619 1276 MegaSR - ok
12:35:30.0747 1276 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:35:30.0749 1276 Microsoft Office Groove Audit Service - ok
12:35:30.0787 1276 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
12:35:30.0789 1276 MMCSS - ok
12:35:30.0805 1276 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
12:35:30.0807 1276 Modem - ok
12:35:30.0817 1276 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:35:30.0819 1276 monitor - ok
12:35:30.0835 1276 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:35:30.0835 1276 mouclass - ok
12:35:30.0881 1276 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:35:30.0882 1276 mouhid - ok
12:35:30.0897 1276 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:35:30.0900 1276 MountMgr - ok
12:35:30.0980 1276 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:35:30.0984 1276 MozillaMaintenance - ok
12:35:31.0048 1276 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
12:35:31.0051 1276 mpio - ok
12:35:31.0067 1276 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:35:31.0070 1276 mpsdrv - ok
12:35:31.0123 1276 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
12:35:31.0143 1276 MpsSvc - ok
12:35:31.0175 1276 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:35:31.0176 1276 Mraid35x - ok
12:35:31.0220 1276 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:35:31.0224 1276 MRxDAV - ok
12:35:31.0250 1276 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:35:31.0253 1276 mrxsmb - ok
12:35:31.0306 1276 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:35:31.0312 1276 mrxsmb10 - ok
12:35:31.0333 1276 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:35:31.0336 1276 mrxsmb20 - ok
12:35:31.0400 1276 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
12:35:31.0401 1276 msahci - ok
12:35:31.0415 1276 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:35:31.0418 1276 msdsm - ok
12:35:31.0464 1276 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
12:35:31.0467 1276 MSDTC - ok
12:35:31.0494 1276 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:35:31.0495 1276 Msfs - ok
12:35:31.0548 1276 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:35:31.0550 1276 msisadrv - ok
12:35:31.0593 1276 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:35:31.0597 1276 MSiSCSI - ok
12:35:31.0602 1276 msiserver - ok
12:35:31.0650 1276 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:35:31.0651 1276 MSKSSRV - ok
12:35:31.0695 1276 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:35:31.0697 1276 MSPCLOCK - ok
12:35:31.0751 1276 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:35:31.0752 1276 MSPQM - ok
12:35:31.0785 1276 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:35:31.0792 1276 MsRPC - ok
12:35:31.0806 1276 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:35:31.0807 1276 mssmbios - ok
12:35:31.0829 1276 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:35:31.0831 1276 MSTEE - ok
12:35:31.0837 1276 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
12:35:31.0839 1276 Mup - ok
12:35:31.0897 1276 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
12:35:31.0906 1276 napagent - ok
12:35:31.0977 1276 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:35:31.0981 1276 NativeWifiP - ok
12:35:32.0024 1276 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:35:32.0047 1276 NDIS - ok
12:35:32.0064 1276 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:35:32.0065 1276 NdisTapi - ok
12:35:32.0097 1276 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:35:32.0099 1276 Ndisuio - ok
12:35:32.0134 1276 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:35:32.0138 1276 NdisWan - ok
12:35:32.0149 1276 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:35:32.0151 1276 NDProxy - ok
12:35:32.0156 1276 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:35:32.0158 1276 NetBIOS - ok
12:35:32.0193 1276 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:35:32.0198 1276 netbt - ok
12:35:32.0205 1276 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
12:35:32.0206 1276 Netlogon - ok
12:35:32.0233 1276 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
12:35:32.0241 1276 Netman - ok
12:35:32.0284 1276 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:35:32.0390 1276 NetMsmqActivator - ok
12:35:32.0396 1276 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:35:32.0397 1276 NetPipeActivator - ok
12:35:32.0430 1276 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
12:35:32.0437 1276 netprofm - ok
12:35:32.0446 1276 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:35:32.0447 1276 NetTcpActivator - ok
12:35:32.0452 1276 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:35:32.0454 1276 NetTcpPortSharing - ok
12:35:32.0476 1276 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:35:32.0478 1276 nfrd960 - ok
12:35:32.0496 1276 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
12:35:32.0501 1276 NlaSvc - ok
12:35:32.0537 1276 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:35:32.0538 1276 Npfs - ok
12:35:32.0563 1276 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
12:35:32.0565 1276 nsi - ok
12:35:32.0584 1276 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:35:32.0585 1276 nsiproxy - ok
12:35:32.0652 1276 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:35:32.0686 1276 Ntfs - ok
12:35:32.0695 1276 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
12:35:32.0696 1276 Null - ok
12:35:32.0715 1276 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:35:32.0718 1276 nvraid - ok
12:35:32.0735 1276 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:35:32.0737 1276 nvstor - ok
12:35:32.0756 1276 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:35:32.0759 1276 nv_agp - ok
12:35:32.0764 1276 NwlnkFlt - ok
12:35:32.0769 1276 NwlnkFwd - ok
12:35:32.0845 1276 [ 4400F039CE0020D48E0D057A9E36139D ] OA001Ufd C:\Windows\system32\DRIVERS\OA001Ufd.sys
12:35:32.0849 1276 OA001Ufd - ok
12:35:32.0867 1276 [ 56C2826110865F4E2A715D6D179A3E0B ] OA001Vid C:\Windows\system32\DRIVERS\OA001Vid.sys
12:35:32.0873 1276 OA001Vid - ok
12:35:32.0935 1276 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:35:32.0944 1276 odserv - ok
12:35:32.0999 1276 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:35:33.0000 1276 ohci1394 - ok
12:35:33.0067 1276 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:35:33.0071 1276 ose - ok
12:35:33.0155 1276 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:35:33.0177 1276 p2pimsvc - ok
12:35:33.0194 1276 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
12:35:33.0200 1276 p2psvc - ok
12:35:33.0234 1276 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
12:35:33.0237 1276 Parport - ok
12:35:33.0275 1276 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:35:33.0277 1276 partmgr - ok
12:35:33.0306 1276 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
12:35:33.0309 1276 PcaSvc - ok
12:35:33.0331 1276 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
12:35:33.0335 1276 pci - ok
12:35:33.0358 1276 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
12:35:33.0359 1276 pciide - ok
12:35:33.0386 1276 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:35:33.0391 1276 pcmcia - ok
12:35:33.0434 1276 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:35:33.0457 1276 PEAUTH - ok
12:35:33.0550 1276 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:35:33.0573 1276 PerfHost - ok
12:35:33.0681 1276 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
12:35:33.0714 1276 pla - ok
12:35:33.0746 1276 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:35:33.0753 1276 PlugPlay - ok
12:35:33.0789 1276 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:35:33.0795 1276 PNRPAutoReg - ok
12:35:33.0823 1276 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:35:33.0828 1276 PNRPsvc - ok
12:35:33.0869 1276 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:35:33.0890 1276 PolicyAgent - ok
12:35:33.0921 1276 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:35:33.0923 1276 PptpMiniport - ok
12:35:33.0952 1276 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
12:35:33.0954 1276 Processor - ok
12:35:34.0004 1276 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
12:35:34.0009 1276 ProfSvc - ok
12:35:34.0018 1276 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
12:35:34.0019 1276 ProtectedStorage - ok
12:35:34.0048 1276 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:35:34.0050 1276 PSched - ok
12:35:34.0115 1276 [ 46851BC18322DA70F3F2299A1007C479 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:35:34.0117 1276 PxHlpa64 - ok
12:35:34.0161 1276 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:35:34.0194 1276 ql2300 - ok
12:35:34.0222 1276 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:35:34.0225 1276 ql40xx - ok
12:35:34.0250 1276 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
12:35:34.0256 1276 QWAVE - ok
12:35:34.0274 1276 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:35:34.0276 1276 QWAVEdrv - ok
12:35:34.0395 1276 [ 2A09A6B271D1F50ADF5E33B37D460DE6 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
12:35:34.0450 1276 R300 - ok
12:35:34.0472 1276 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:35:34.0473 1276 RasAcd - ok
12:35:34.0491 1276 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
12:35:34.0494 1276 RasAuto - ok
12:35:34.0528 1276 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:35:34.0531 1276 Rasl2tp - ok
12:35:34.0548 1276 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
12:35:34.0555 1276 RasMan - ok
12:35:34.0587 1276 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:35:34.0588 1276 RasPppoe - ok
12:35:34.0628 1276 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:35:34.0630 1276 RasSstp - ok
12:35:34.0668 1276 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:35:34.0674 1276 rdbss - ok
12:35:34.0698 1276 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:35:34.0699 1276 RDPCDD - ok
12:35:34.0723 1276 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:35:34.0729 1276 rdpdr - ok
12:35:34.0734 1276 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:35:34.0735 1276 RDPENCDD - ok
12:35:34.0777 1276 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:35:34.0782 1276 RDPWD - ok
12:35:34.0803 1276 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:35:34.0806 1276 RemoteAccess - ok
12:35:34.0843 1276 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:35:34.0848 1276 RemoteRegistry - ok
12:35:34.0878 1276 [ CD71E053D7260E4102D99A28F9196070 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:35:34.0882 1276 RFCOMM - ok
12:35:34.0943 1276 [ D13D70FAC45FC1DF69F88559B1F72F0A ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
12:35:34.0945 1276 rimmptsk - ok
12:35:35.0001 1276 [ BB9EDC55B0B8CB4FCD713428820E0776 ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
12:35:35.0003 1276 rimsptsk - ok
12:35:35.0073 1276 [ 71700B4C5797DA5412E9250E26894586 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:35:35.0076 1276 RimUsb - ok
12:35:35.0158 1276 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:35:35.0160 1276 RimVSerPort - ok
12:35:35.0167 1276 [ 481C3FDEACAAE04B74C58288DBC91DF9 ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
12:35:35.0169 1276 rismxdp - ok
12:35:35.0201 1276 [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:35:35.0203 1276 ROOTMODEM - ok
12:35:35.0232 1276 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
12:35:35.0233 1276 RpcLocator - ok
12:35:35.0283 1276 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
12:35:35.0288 1276 RpcSs - ok
12:35:35.0298 1276 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:35:35.0300 1276 rspndr - ok
12:35:35.0314 1276 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
12:35:35.0315 1276 SamSs - ok
12:35:35.0329 1276 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:35:35.0331 1276 sbp2port - ok
12:35:35.0363 1276 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:35:35.0367 1276 SCardSvr - ok
12:35:35.0453 1276 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
12:35:35.0477 1276 Schedule - ok
12:35:35.0515 1276 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:35:35.0516 1276 SCPolicySvc - ok
12:35:35.0544 1276 [ BE100BC2BE2513314C717BB2C4CFFF10 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:35:35.0547 1276 sdbus - ok
12:35:35.0568 1276 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:35:35.0572 1276 SDRSVC - ok
12:35:35.0650 1276 [ D193CC0B87D550ACBA3E17FFEC8D2D29 ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
12:35:35.0655 1276 Seagate Dashboard Services - ok
12:35:35.0672 1276 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:35:35.0673 1276 secdrv - ok
12:35:35.0687 1276 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
12:35:35.0689 1276 seclogon - ok
12:35:35.0706 1276 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
12:35:35.0709 1276 SENS - ok
12:35:35.0723 1276 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:35:35.0724 1276 Serenum - ok
12:35:35.0737 1276 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
12:35:35.0740 1276 Serial - ok
12:35:35.0751 1276 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:35:35.0753 1276 sermouse - ok
12:35:35.0778 1276 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
12:35:35.0781 1276 SessionEnv - ok
12:35:35.0786 1276 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:35:35.0788 1276 sffdisk - ok
12:35:35.0793 1276 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:35:35.0794 1276 sffp_mmc - ok
12:35:35.0799 1276 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:35:35.0801 1276 sffp_sd - ok
12:35:35.0815 1276 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:35:35.0817 1276 sfloppy - ok
12:35:35.0847 1276 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:35:35.0854 1276 SharedAccess - ok
12:35:35.0896 1276 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:35:35.0903 1276 ShellHWDetection - ok
12:35:35.0909 1276 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:35:35.0910 1276 SiSRaid2 - ok
12:35:35.0926 1276 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:35:35.0928 1276 SiSRaid4 - ok
12:35:36.0010 1276 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:35:36.0014 1276 SkypeUpdate - ok
12:35:36.0107 1276 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
12:35:36.0162 1276 slsvc - ok
12:35:36.0197 1276 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:35:36.0200 1276 SLUINotify - ok
12:35:36.0223 1276 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:35:36.0225 1276 Smb - ok
12:35:36.0254 1276 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:35:36.0256 1276 SNMPTRAP - ok
12:35:36.0286 1276 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
12:35:36.0287 1276 spldr - ok
12:35:36.0328 1276 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
12:35:36.0334 1276 Spooler - ok
12:35:36.0391 1276 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
12:35:36.0400 1276 srv - ok
12:35:36.0447 1276 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:35:36.0451 1276 srv2 - ok
12:35:36.0501 1276 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:35:36.0505 1276 srvnet - ok
12:35:36.0526 1276 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:35:36.0531 1276 SSDPSRV - ok
12:35:36.0548 1276 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:35:36.0553 1276 SstpSvc - ok
12:35:36.0663 1276 [ DC4A7A067508470838D2D2336BFEB1E1 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_d0e22e95\STacSV64.exe
12:35:36.0668 1276 STacSV - ok
12:35:36.0745 1276 [ 6299F206F17E34EAD0EF63DAD8CD4272 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:35:36.0754 1276 STHDA - ok
12:35:36.0795 1276 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
12:35:36.0817 1276 stisvc - ok
12:35:36.0910 1276 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:35:36.0913 1276 stllssvr - ok
12:35:36.0943 1276 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:35:36.0944 1276 swenum - ok
12:35:36.0976 1276 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
12:35:36.0997 1276 swprv - ok
12:35:37.0023 1276 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:35:37.0025 1276 Symc8xx - ok
12:35:37.0030 1276 SymIMMP - ok
12:35:37.0042 1276 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:35:37.0044 1276 Sym_hi - ok
12:35:37.0073 1276 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:35:37.0075 1276 Sym_u3 - ok
12:35:37.0121 1276 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
12:35:37.0143 1276 SysMain - ok
12:35:37.0184 1276 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:35:37.0187 1276 TabletInputService - ok
12:35:37.0227 1276 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:35:37.0234 1276 TapiSrv - ok
12:35:37.0247 1276 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
12:35:37.0250 1276 TBS - ok
12:35:37.0315 1276 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:35:37.0346 1276 Tcpip - ok
12:35:37.0399 1276 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:35:37.0408 1276 Tcpip6 - ok
12:35:37.0439 1276 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:35:37.0441 1276 tcpipreg - ok
12:35:37.0465 1276 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:35:37.0466 1276 TDPIPE - ok
12:35:37.0487 1276 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:35:37.0488 1276 TDTCP - ok
12:35:37.0520 1276 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:35:37.0523 1276 tdx - ok
12:35:37.0552 1276 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:35:37.0553 1276 TermDD - ok
12:35:37.0593 1276 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
12:35:37.0616 1276 TermService - ok
12:35:37.0642 1276 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
12:35:37.0645 1276 Themes - ok
12:35:37.0676 1276 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
12:35:37.0677 1276 THREADORDER - ok
12:35:37.0711 1276 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
12:35:37.0715 1276 TrkWks - ok
12:35:37.0758 1276 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:35:37.0759 1276 TrustedInstaller - ok
12:35:37.0794 1276 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:35:37.0796 1276 tssecsrv - ok
12:35:37.0844 1276 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:35:37.0845 1276 tunmp - ok
12:35:37.0866 1276 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:35:37.0867 1276 tunnel - ok
12:35:37.0888 1276 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:35:37.0890 1276 uagp35 - ok
12:35:37.0934 1276 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:35:37.0940 1276 udfs - ok
12:35:37.0969 1276 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:35:37.0971 1276 UI0Detect - ok
12:35:37.0989 1276 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:35:37.0993 1276 uliagpkx - ok
12:35:38.0015 1276 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:35:38.0022 1276 uliahci - ok
12:35:38.0029 1276 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:35:38.0033 1276 UlSata - ok
12:35:38.0054 1276 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:35:38.0058 1276 ulsata2 - ok
12:35:38.0082 1276 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:35:38.0083 1276 umbus - ok
12:35:38.0099 1276 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
12:35:38.0106 1276 upnphost - ok
12:35:38.0181 1276 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:35:38.0183 1276 USBAAPL64 - ok
12:35:38.0226 1276 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:35:38.0228 1276 usbccgp - ok
12:35:38.0242 1276 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:35:38.0245 1276 usbcir - ok
12:35:38.0279 1276 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:35:38.0281 1276 usbehci - ok
12:35:38.0320 1276 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:35:38.0326 1276 usbhub - ok
12:35:38.0345 1276 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:35:38.0347 1276 usbohci - ok
12:35:38.0369 1276 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:35:38.0371 1276 usbprint - ok
12:35:38.0433 1276 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:35:38.0435 1276 usbscan - ok
12:35:38.0455 1276 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:35:38.0458 1276 USBSTOR - ok
12:35:38.0479 1276 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:35:38.0480 1276 usbuhci - ok
12:35:38.0511 1276 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
12:35:38.0514 1276 UxSms - ok
12:35:38.0559 1276 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
12:35:38.0569 1276 vds - ok
12:35:38.0585 1276 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:35:38.0586 1276 vga - ok
12:35:38.0606 1276 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:35:38.0607 1276 VgaSave - ok
12:35:38.0612 1276 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
12:35:38.0614 1276 viaide - ok
12:35:38.0644 1276 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:35:38.0646 1276 volmgr - ok
12:35:38.0687 1276 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:35:38.0695 1276 volmgrx - ok
12:35:38.0734 1276 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:35:38.0740 1276 volsnap - ok
12:35:38.0772 1276 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:35:38.0776 1276 vsmraid - ok
12:35:38.0837 1276 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
12:35:38.0871 1276 VSS - ok
12:35:38.0900 1276 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
12:35:38.0909 1276 W32Time - ok
12:35:38.0917 1276 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:35:38.0919 1276 WacomPen - ok
12:35:38.0959 1276 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:35:38.0962 1276 Wanarp - ok
12:35:38.0966 1276 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:35:38.0967 1276 Wanarpv6 - ok
12:35:38.0998 1276 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:35:39.0020 1276 wcncsvc - ok
12:35:39.0041 1276 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:35:39.0043 1276 WcsPlugInService - ok
12:35:39.0048 1276 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
12:35:39.0050 1276 Wd - ok
12:35:39.0093 1276 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:35:39.0147 1276 Wdf01000 - ok
12:35:39.0163 1276 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:35:39.0166 1276 WdiServiceHost - ok
12:35:39.0171 1276 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:35:39.0173 1276 WdiSystemHost - ok
12:35:39.0191 1276 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
12:35:39.0196 1276 WebClient - ok
12:35:39.0230 1276 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:35:39.0235 1276 Wecsvc - ok
12:35:39.0249 1276 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:35:39.0252 1276 wercplsupport - ok
12:35:39.0264 1276 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
12:35:39.0267 1276 WerSvc - ok
12:35:39.0298 1276 WinDefend - ok
12:35:39.0309 1276 WinHttpAutoProxySvc - ok
12:35:39.0408 1276 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:35:39.0413 1276 Winmgmt - ok
12:35:39.0482 1276 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
12:35:39.0527 1276 WinRM - ok
12:35:39.0583 1276 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:35:39.0606 1276 Wlansvc - ok
12:35:39.0610 1276 wltrysvc - ok
12:35:39.0641 1276 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:35:39.0641 1276 WmiAcpi - ok
12:35:39.0655 1276 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:35:39.0659 1276 wmiApSrv - ok
12:35:39.0683 1276 WMPNetworkSvc - ok
12:35:39.0719 1276 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:35:39.0724 1276 WPCSvc - ok
12:35:39.0767 1276 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:35:39.0770 1276 WPDBusEnum - ok
12:35:39.0796 1276 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:35:39.0798 1276 WpdUsb - ok
12:35:39.0911 1276 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:35:39.0942 1276 WPFFontCache_v0400 - ok
12:35:39.0968 1276 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:35:39.0969 1276 ws2ifsl - ok
12:35:39.0996 1276 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
12:35:39.0999 1276 wscsvc - ok
12:35:40.0003 1276 WSearch - ok
12:35:40.0094 1276 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:35:40.0150 1276 wuauserv - ok
12:35:40.0206 1276 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:35:40.0209 1276 WUDFRd - ok
12:35:40.0235 1276 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:35:40.0238 1276 wudfsvc - ok
12:35:40.0346 1276 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:35:40.0369 1276 YahooAUService - ok
12:35:40.0403 1276 ================ Scan global ===============================
12:35:40.0438 1276 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
12:35:40.0478 1276 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
12:35:40.0514 1276 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
12:35:40.0560 1276 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
12:35:40.0568 1276 [Global] - ok
12:35:40.0569 1276 ================ Scan MBR ==================================
12:35:40.0578 1276 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
12:35:40.0919 1276 \Device\Harddisk0\DR0 - ok
12:35:40.0919 1276 ================ Scan VBR ==================================
12:35:40.0940 1276 [ A431838945CA4AEAD0B42711B8CA0E9B ] \Device\Harddisk0\DR0\Partition1
12:35:40.0942 1276 \Device\Harddisk0\DR0\Partition1 - ok
12:35:40.0945 1276 [ 1B8FDFEFAB58BCAE18C45037BD423CCE ] \Device\Harddisk0\DR0\Partition2
12:35:40.0947 1276 \Device\Harddisk0\DR0\Partition2 - ok
12:35:40.0947 1276 ============================================================
12:35:40.0947 1276 Scan finished
12:35:40.0947 1276 ============================================================
12:35:40.0956 1316 Detected object count: 0
12:35:40.0956 1316 Actual detected object count: 0
12:35:59.0592 1912 ============================================================
12:35:59.0592 1912 Scan started
12:35:59.0592 1912 Mode: Manual; TDLFS;
12:35:59.0592 1912 ============================================================
12:35:59.0714 1912 ================ Scan system memory ========================
12:35:59.0714 1912 System memory - ok
12:35:59.0714 1912 ================ Scan services =============================
12:35:59.0885 1912 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:35:59.0887 1912 ACPI - ok
12:35:59.0924 1912 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:35:59.0927 1912 adp94xx - ok
12:35:59.0950 1912 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:35:59.0952 1912 adpahci - ok
12:35:59.0978 1912 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:35:59.0979 1912 adpu160m - ok
12:35:59.0987 1912 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:35:59.0989 1912 adpu320 - ok
12:36:00.0012 1912 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:36:00.0012 1912 AeLookupSvc - ok
12:36:00.0077 1912 [ 05F4262FDBDFAECA7EF9B3F0807508FC ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_d0e22e95\AESTSr64.exe
12:36:00.0078 1912 AESTFilters - ok
12:36:00.0118 1912 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
12:36:00.0121 1912 AFD - ok
12:36:00.0138 1912 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:36:00.0139 1912 agp440 - ok
12:36:00.0164 1912 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:36:00.0165 1912 aic78xx - ok
12:36:00.0178 1912 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
12:36:00.0179 1912 ALG - ok
12:36:00.0195 1912 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
12:36:00.0195 1912 aliide - ok
12:36:00.0218 1912 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
12:36:00.0218 1912 amdide - ok
12:36:00.0240 1912 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:36:00.0241 1912 AmdK8 - ok
12:36:00.0265 1912 [ 48F957A11AF8B8278C4A38EEEDDD49B9 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
12:36:00.0266 1912 ApfiltrService - ok
12:36:00.0299 1912 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
12:36:00.0300 1912 Appinfo - ok
12:36:00.0410 1912 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:36:00.0411 1912 Apple Mobile Device - ok
12:36:00.0431 1912 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
12:36:00.0432 1912 arc - ok
12:36:00.0452 1912 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:36:00.0453 1912 arcsas - ok
12:36:00.0539 1912 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:36:00.0540 1912 aspnet_state - ok
12:36:00.0564 1912 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:36:00.0564 1912 AsyncMac - ok
12:36:00.0592 1912 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
12:36:00.0592 1912 atapi - ok
12:36:00.0633 1912 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:36:00.0636 1912 AudioEndpointBuilder - ok
12:36:00.0656 1912 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:36:00.0659 1912 AudioSrv - ok
12:36:00.0684 1912 [ 5CF83243046CFE2F8DB7FE7D0F887AF1 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
12:36:00.0684 1912 BCM42RLY - ok
12:36:00.0731 1912 [ 45747BA04C8A5EA8B71BDD256E6537FF ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:36:00.0739 1912 BCM43XX - ok
12:36:00.0783 1912 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
12:36:00.0785 1912 BFE - ok
12:36:00.0821 1912 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
12:36:00.0829 1912 BITS - ok
12:36:00.0853 1912 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:36:00.0853 1912 blbdrive - ok
12:36:00.0941 1912 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:36:00.0944 1912 Bonjour Service - ok
12:36:00.0972 1912 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:36:00.0973 1912 bowser - ok
12:36:00.0985 1912 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:36:00.0986 1912 BrFiltLo - ok
12:36:01.0002 1912 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:36:01.0003 1912 BrFiltUp - ok
12:36:01.0038 1912 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
12:36:01.0039 1912 Browser - ok
12:36:01.0060 1912 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
12:36:01.0061 1912 Brserid - ok
12:36:01.0080 1912 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:36:01.0081 1912 BrSerWdm - ok
12:36:01.0107 1912 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:36:01.0108 1912 BrUsbMdm - ok
12:36:01.0122 1912 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:36:01.0123 1912 BrUsbSer - ok
12:36:01.0154 1912 [ 09F926A0D9C0BAFD8417A4307D2ED13C ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
12:36:01.0154 1912 BthEnum - ok
12:36:01.0167 1912 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:36:01.0167 1912 BTHMODEM - ok
12:36:01.0198 1912 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:36:01.0199 1912 BthPan - ok
12:36:01.0244 1912 [ E1466882252FF51EDDE48C3F7EDA2591 ] BthPort C:\Windows\system32\Drivers\BTHport.sys
12:36:01.0248 1912 BthPort - ok
12:36:01.0282 1912 [ 22E65FFD640F16968F855F5B3528D366 ] BthServ C:\Windows\System32\bthserv.dll
12:36:01.0282 1912 BthServ - ok
12:36:01.0316 1912 [ 970192CDED77A128E7E30722E5EE6B9C ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
12:36:01.0316 1912 BTHUSB - ok
12:36:01.0346 1912 [ 319C67F7D157EAAC519DCC5F29E929D0 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:36:01.0347 1912 btwaudio - ok
12:36:01.0360 1912 [ 0B79273C8C2846D28AAB936E7A2DBAAD ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
12:36:01.0361 1912 btwavdt - ok
12:36:01.0407 1912 [ A1B02A6120F0B6111B2360E191CAF69B ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
12:36:01.0412 1912 btwdins - ok
12:36:01.0434 1912 [ FDA1B5124E07003C3D0D279E5050485E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:36:01.0435 1912 btwl2cap - ok
12:36:01.0446 1912 [ 47216D8B5F4042E6D0736BFA2E57B5DF ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:36:01.0447 1912 btwrchid - ok
12:36:01.0456 1912 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:36:01.0457 1912 cdfs - ok
12:36:01.0493 1912 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:36:01.0494 1912 cdrom - ok
12:36:01.0531 1912 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
12:36:01.0532 1912 CertPropSvc - ok
12:36:01.0550 1912 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:36:01.0551 1912 circlass - ok
12:36:01.0581 1912 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
12:36:01.0583 1912 CLFS - ok
12:36:01.0638 1912 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:36:01.0639 1912 clr_optimization_v2.0.50727_32 - ok
12:36:01.0706 1912 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:36:01.0707 1912 clr_optimization_v2.0.50727_64 - ok
12:36:01.0788 1912 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:36:01.0789 1912 clr_optimization_v4.0.30319_32 - ok
12:36:01.0809 1912 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:36:01.0810 1912 clr_optimization_v4.0.30319_64 - ok
12:36:01.0840 1912 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:36:01.0840 1912 CmBatt - ok
12:36:01.0873 1912 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:36:01.0873 1912 cmdide - ok
12:36:01.0893 1912 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:36:01.0893 1912 Compbatt - ok
12:36:01.0898 1912 COMSysApp - ok
12:36:01.0907 1912 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:36:01.0908 1912 crcdisk - ok
12:36:01.0946 1912 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:36:01.0947 1912 CryptSvc - ok
12:36:01.0999 1912 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:36:02.0004 1912 DcomLaunch - ok
12:36:02.0052 1912 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:36:02.0053 1912 DfsC - ok
12:36:02.0144 1912 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
12:36:02.0163 1912 DFSR - ok
12:36:02.0208 1912 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:36:02.0210 1912 Dhcp - ok
12:36:02.0240 1912 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
12:36:02.0241 1912 disk - ok
12:36:02.0245 1912 dlcc_device - ok
12:36:02.0290 1912 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:36:02.0291 1912 Dnscache - ok
12:36:02.0327 1912 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
12:36:02.0328 1912 dot3svc - ok
12:36:02.0354 1912 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
12:36:02.0355 1912 DPS - ok
12:36:02.0388 1912 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:36:02.0388 1912 drmkaud - ok
12:36:02.0438 1912 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:36:02.0444 1912 DXGKrnl - ok
12:36:02.0476 1912 [ 17D40652EF3E55EEAE187A89DF40965A ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
12:36:02.0478 1912 e1express - ok
12:36:02.0505 1912 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
12:36:02.0506 1912 E1G60 - ok
12:36:02.0528 1912 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
12:36:02.0529 1912 EapHost - ok
12:36:02.0549 1912 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
12:36:02.0551 1912 Ecache - ok
12:36:02.0608 1912 [ CB1388BA239774F7082946A091845C8B ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:36:02.0611 1912 eeCtrl - ok
12:36:02.0673 1912 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:36:02.0675 1912 ehRecvr - ok
12:36:02.0685 1912 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
12:36:02.0687 1912 ehSched - ok
12:36:02.0699 1912 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
12:36:02.0699 1912 ehstart - ok
12:36:02.0739 1912 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:36:02.0741 1912 elxstor - ok
12:36:02.0781 1912 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:36:02.0783 1912 EMDMgmt - ok
12:36:02.0808 1912 [ C77629D2CD4F2E917C51314FA2674E30 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:36:02.0809 1912 EraserUtilRebootDrv - ok
12:36:02.0836 1912 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:36:02.0837 1912 ErrDev - ok
12:36:02.0894 1912 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
12:36:02.0896 1912 EventSystem - ok
12:36:02.0934 1912 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
12:36:02.0935 1912 exfat - ok
12:36:02.0978 1912 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:36:02.0979 1912 fastfat - ok
12:36:02.0998 1912 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:36:02.0998 1912 fdc - ok
12:36:03.0022 1912 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
12:36:03.0023 1912 fdPHost - ok
12:36:03.0038 1912 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
12:36:03.0039 1912 FDResPub - ok
12:36:03.0055 1912 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:36:03.0056 1912 FileInfo - ok
12:36:03.0080 1912 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:36:03.0080 1912 Filetrace - ok
12:36:03.0103 1912 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:36:03.0104 1912 flpydisk - ok
12:36:03.0128 1912 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:36:03.0130 1912 FltMgr - ok
12:36:03.0169 1912 [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb C:\Windows\system32\DRIVERS\FlyUsb.sys
12:36:03.0169 1912 FlyUsb - ok
12:36:03.0221 1912 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
12:36:03.0228 1912 FontCache - ok
12:36:03.0289 1912 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:36:03.0289 1912 FontCache3.0.0.0 - ok
12:36:03.0319 1912 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:36:03.0319 1912 Fs_Rec - ok
12:36:03.0341 1912 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:36:03.0342 1912 gagp30kx - ok
12:36:03.0380 1912 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:36:03.0381 1912 GEARAspiWDM - ok
12:36:03.0426 1912 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
12:36:03.0431 1912 gpsvc - ok
12:36:03.0499 1912 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:36:03.0500 1912 gupdate - ok
12:36:03.0505 1912 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:36:03.0506 1912 gupdatem - ok
12:36:03.0534 1912 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:36:03.0535 1912 gusvc - ok
12:36:03.0587 1912 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:36:03.0593 1912 HDAudBus - ok
12:36:03.0623 1912 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:36:03.0624 1912 HidBth - ok
12:36:03.0653 1912 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:36:03.0653 1912 HidIr - ok
12:36:03.0684 1912 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
12:36:03.0685 1912 hidserv - ok
12:36:03.0717 1912 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:36:03.0718 1912 HidUsb - ok
12:36:03.0746 1912 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
12:36:03.0747 1912 hkmsvc - ok
12:36:03.0767 1912 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:36:03.0767 1912 HpCISSs - ok
12:36:03.0807 1912 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:36:03.0811 1912 HTTP - ok
12:36:03.0840 1912 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:36:03.0841 1912 i2omp - ok
12:36:03.0864 1912 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:36:03.0865 1912 i8042prt - ok
12:36:03.0893 1912 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:36:03.0895 1912 iaStorV - ok
12:36:03.0960 1912 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:36:03.0965 1912 idsvc - ok
12:36:04.0173 1912 [ DF87170EC724080676C18D5A0AF87FC5 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:36:04.0216 1912 igfx - ok
12:36:04.0238 1912 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:36:04.0239 1912 iirsp - ok
12:36:04.0281 1912 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
12:36:04.0284 1912 IKEEXT - ok
12:36:04.0297 1912 [ 574DBB0A69845E90C8BA1A2AA8BEB527 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
12:36:04.0298 1912 IntcHdmiAddService - ok
12:36:04.0303 1912 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
12:36:04.0303 1912 intelide - ok
12:36:04.0320 1912 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:36:04.0321 1912 intelppm - ok
12:36:04.0348 1912 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:36:04.0349 1912 IPBusEnum - ok
12:36:04.0379 1912 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:36:04.0380 1912 IpFilterDriver - ok
12:36:04.0424 1912 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:36:04.0426 1912 iphlpsvc - ok
12:36:04.0431 1912 IpInIp - ok
12:36:04.0447 1912 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:36:04.0448 1912 IPMIDRV - ok
12:36:04.0472 1912 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:36:04.0473 1912 IPNAT - ok
12:36:04.0532 1912 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:36:04.0537 1912 iPod Service - ok
12:36:04.0543 1912 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:36:04.0544 1912 IRENUM - ok
12:36:04.0549 1912 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:36:04.0550 1912 isapnp - ok
12:36:04.0579 1912 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:36:04.0580 1912 iScsiPrt - ok
12:36:04.0586 1912 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:36:04.0586 1912 iteatapi - ok
12:36:04.0613 1912 [ 5FEF11C18EC25CDCB27E6C8680690B69 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
12:36:04.0614 1912 itecir - ok
12:36:04.0619 1912 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:36:04.0620 1912 iteraid - ok
12:36:04.0661 1912 [ 2798447996FEB5A58B584C8443ACAD02 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
12:36:04.0663 1912 k57nd60a - ok
12:36:04.0675 1912 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:36:04.0676 1912 kbdclass - ok
12:36:04.0718 1912 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:36:04.0719 1912 kbdhid - ok
12:36:04.0766 1912 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
12:36:04.0767 1912 KeyIso - ok
12:36:04.0816 1912 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:36:04.0819 1912 KSecDD - ok
12:36:04.0836 1912 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:36:04.0836 1912 ksthunk - ok
12:36:04.0883 1912 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
12:36:04.0886 1912 KtmRm - ok
12:36:04.0927 1912 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:36:04.0929 1912 LanmanServer - ok
12:36:04.0964 1912 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:36:04.0967 1912 LanmanWorkstation - ok
12:36:05.0169 1912 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
12:36:05.0203 1912 LeapFrog Connect Device Service - ok
12:36:05.0216 1912 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:36:05.0216 1912 lltdio - ok
12:36:05.0245 1912 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:36:05.0248 1912 lltdsvc - ok
12:36:05.0260 1912 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:36:05.0262 1912 lmhosts - ok
12:36:05.0292 1912 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:36:05.0293 1912 LSI_FC - ok
12:36:05.0313 1912 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:36:05.0314 1912 LSI_SAS - ok
12:36:05.0320 1912 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:36:05.0321 1912 LSI_SCSI - ok
12:36:05.0348 1912 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
12:36:05.0349 1912 luafv - ok
12:36:05.0377 1912 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:36:05.0379 1912 Mcx2Svc - ok
12:36:05.0400 1912 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
12:36:05.0400 1912 megasas - ok
12:36:05.0435 1912 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:36:05.0437 1912 MegaSR - ok
12:36:05.0526 1912 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:36:05.0527 1912 Microsoft Office Groove Audit Service - ok
12:36:05.0545 1912 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
12:36:05.0546 1912 MMCSS - ok
12:36:05.0563 1912 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
12:36:05.0563 1912 Modem - ok
12:36:05.0575 1912 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:36:05.0576 1912 monitor - ok
12:36:05.0592 1912 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:36:05.0593 1912 mouclass - ok
12:36:05.0605 1912 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:36:05.0605 1912 mouhid - ok
12:36:05.0621 1912 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:36:05.0622 1912 MountMgr - ok
12:36:05.0659 1912 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:36:05.0660 1912 MozillaMaintenance - ok
12:36:05.0684 1912 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
12:36:05.0685 1912 mpio - ok
12:36:05.0702 1912 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:36:05.0703 1912 mpsdrv - ok
12:36:05.0758 1912 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
12:36:05.0763 1912 MpsSvc - ok
12:36:05.0777 1912 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:36:05.0777 1912 Mraid35x - ok
12:36:05.0822 1912 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:36:05.0823 1912 MRxDAV - ok
12:36:05.0852 1912 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:36:05.0853 1912 mrxsmb - ok
12:36:05.0897 1912 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:36:05.0899 1912 mrxsmb10 - ok
12:36:05.0913 1912 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:36:05.0914 1912 mrxsmb20 - ok
12:36:05.0958 1912 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
12:36:05.0958 1912 msahci - ok
12:36:05.0972 1912 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:36:05.0973 1912 msdsm - ok
12:36:06.0010 1912 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
12:36:06.0012 1912 MSDTC - ok
12:36:06.0040 1912 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:36:06.0041 1912 Msfs - ok
12:36:06.0050 1912 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:36:06.0051 1912 msisadrv - ok
12:36:06.0095 1912 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:36:06.0097 1912 MSiSCSI - ok
12:36:06.0102 1912 msiserver - ok
12:36:06.0129 1912 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:36:06.0130 1912 MSKSSRV - ok
12:36:06.0153 1912 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:36:06.0153 1912 MSPCLOCK - ok
12:36:06.0164 1912 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:36:06.0164 1912 MSPQM - ok
12:36:06.0198 1912 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:36:06.0200 1912 MsRPC - ok
12:36:06.0219 1912 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:36:06.0220 1912 mssmbios - ok
12:36:06.0242 1912 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:36:06.0242 1912 MSTEE - ok
12:36:06.0248 1912 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
12:36:06.0249 1912 Mup - ok
12:36:06.0299 1912 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
12:36:06.0302 1912 napagent - ok
12:36:06.0345 1912 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:36:06.0347 1912 NativeWifiP - ok
12:36:06.0393 1912 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:36:06.0397 1912 NDIS - ok
12:36:06.0410 1912 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:36:06.0411 1912 NdisTapi - ok
12:36:06.0421 1912 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:36:06.0422 1912 Ndisuio - ok
12:36:06.0469 1912 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:36:06.0471 1912 NdisWan - ok
12:36:06.0507 1912 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:36:06.0507 1912 NDProxy - ok
12:36:06.0516 1912 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:36:06.0517 1912 NetBIOS - ok
12:36:06.0550 1912 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:36:06.0552 1912 netbt - ok
12:36:06.0563 1912 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
12:36:06.0564 1912 Netlogon - ok
12:36:06.0591 1912 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
12:36:06.0594 1912 Netman - ok
12:36:06.0641 1912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:36:06.0642 1912 NetMsmqActivator - ok
12:36:06.0648 1912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:36:06.0649 1912 NetPipeActivator - ok
12:36:06.0688 1912 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
12:36:06.0690 1912 netprofm - ok
12:36:06.0696 1912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:36:06.0697 1912 NetTcpActivator - ok
12:36:06.0705 1912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:36:06.0707 1912 NetTcpPortSharing - ok
12:36:06.0722 1912 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:36:06.0723 1912 nfrd960 - ok
12:36:06.0742 1912 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
12:36:06.0744 1912 NlaSvc - ok
12:36:06.0783 1912 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:36:06.0784 1912 Npfs - ok
12:36:06.0810 1912 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
12:36:06.0811 1912 nsi - ok
12:36:06.0819 1912 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:36:06.0819 1912 nsiproxy - ok
12:36:06.0889 1912 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:36:06.0897 1912 Ntfs - ok
12:36:06.0919 1912 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
12:36:06.0920 1912 Null - ok
12:36:06.0939 1912 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:36:06.0940 1912 nvraid - ok
12:36:06.0959 1912 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:36:06.0960 1912 nvstor - ok
12:36:06.0980 1912 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:36:06.0981 1912 nv_agp - ok
12:36:06.0985 1912 NwlnkFlt - ok
12:36:06.0991 1912 NwlnkFwd - ok
12:36:07.0025 1912 [ 4400F039CE0020D48E0D057A9E36139D ] OA001Ufd C:\Windows\system32\DRIVERS\OA001Ufd.sys
12:36:07.0026 1912 OA001Ufd - ok
12:36:07.0046 1912 [ 56C2826110865F4E2A715D6D179A3E0B ] OA001Vid C:\Windows\system32\DRIVERS\OA001Vid.sys
12:36:07.0049 1912 OA001Vid - ok
12:36:07.0104 1912 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:36:07.0106 1912 odserv - ok
12:36:07.0145 1912 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:36:07.0146 1912 ohci1394 - ok
12:36:07.0179 1912 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:36:07.0180 1912 ose - ok
12:36:07.0224 1912 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:36:07.0229 1912 p2pimsvc - ok
12:36:07.0257 1912 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
12:36:07.0263 1912 p2psvc - ok
12:36:07.0292 1912 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
12:36:07.0293 1912 Parport - ok
12:36:07.0332 1912 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:36:07.0333 1912 partmgr - ok
12:36:07.0363 1912 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
12:36:07.0365 1912 PcaSvc - ok
12:36:07.0377 1912 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
12:36:07.0379 1912 pci - ok
12:36:07.0404 1912 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
12:36:07.0404 1912 pciide - ok
12:36:07.0432 1912 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:36:07.0434 1912 pcmcia - ok
12:36:07.0469 1912 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:36:07.0473 1912 PEAUTH - ok
12:36:07.0574 1912 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:36:07.0575 1912 PerfHost - ok
12:36:07.0627 1912 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
12:36:07.0636 1912 pla - ok
12:36:07.0670 1912 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:36:07.0673 1912 PlugPlay - ok
12:36:07.0702 1912 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:36:07.0708 1912 PNRPAutoReg - ok
12:36:07.0735 1912 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:36:07.0741 1912 PNRPsvc - ok
12:36:07.0782 1912 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:36:07.0786 1912 PolicyAgent - ok
12:36:07.0822 1912 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:36:07.0823 1912 PptpMiniport - ok
12:36:07.0854 1912 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
12:36:07.0855 1912 Processor - ok
12:36:07.0906 1912 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
12:36:07.0908 1912 ProfSvc - ok
12:36:07.0919 1912 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
12:36:07.0920 1912 ProtectedStorage - ok
12:36:07.0949 1912 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:36:07.0950 1912 PSched - ok
12:36:07.0972 1912 [ 46851BC18322DA70F3F2299A1007C479 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:36:07.0973 1912 PxHlpa64 - ok
12:36:08.0018 1912 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:36:08.0026 1912 ql2300 - ok
12:36:08.0045 1912 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:36:08.0047 1912 ql40xx - ok
12:36:08.0073 1912 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
12:36:08.0076 1912 QWAVE - ok
12:36:08.0087 1912 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:36:08.0088 1912 QWAVEdrv - ok
12:36:08.0163 1912 [ 2A09A6B271D1F50ADF5E33B37D460DE6 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
12:36:08.0177 1912 R300 - ok
12:36:08.0196 1912 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:36:08.0196 1912 RasAcd - ok
12:36:08.0215 1912 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
12:36:08.0217 1912 RasAuto - ok
12:36:08.0252 1912 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:36:08.0253 1912 Rasl2tp - ok
12:36:08.0271 1912 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
12:36:08.0274 1912 RasMan - ok
12:36:08.0322 1912 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:36:08.0322 1912 RasPppoe - ok
12:36:08.0363 1912 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:36:08.0364 1912 RasSstp - ok
12:36:08.0403 1912 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:36:08.0405 1912 rdbss - ok
12:36:08.0422 1912 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:36:08.0422 1912 RDPCDD - ok
12:36:08.0446 1912 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:36:08.0448 1912 rdpdr - ok
12:36:08.0453 1912 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:36:08.0454 1912 RDPENCDD - ok
12:36:08.0500 1912 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:36:08.0502 1912 RDPWD - ok
12:36:08.0527 1912 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:36:08.0529 1912 RemoteAccess - ok
12:36:08.0571 1912 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:36:08.0573 1912 RemoteRegistry - ok
12:36:08.0605 1912 [ CD71E053D7260E4102D99A28F9196070 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:36:08.0607 1912 RFCOMM - ok
12:36:08.0638 1912 [ D13D70FAC45FC1DF69F88559B1F72F0A ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
12:36:08.0638 1912 rimmptsk - ok
12:36:08.0651 1912 [ BB9EDC55B0B8CB4FCD713428820E0776 ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
12:36:08.0652 1912 rimsptsk - ok
12:36:08.0678 1912 [ 71700B4C5797DA5412E9250E26894586 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:36:08.0679 1912 RimUsb - ok
12:36:08.0719 1912 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:36:08.0719 1912 RimVSerPort - ok
12:36:08.0728 1912 [ 481C3FDEACAAE04B74C58288DBC91DF9 ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
12:36:08.0729 1912 rismxdp - ok
12:36:08.0762 1912 [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:36:08.0763 1912 ROOTMODEM - ok
12:36:08.0782 1912 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
12:36:08.0783 1912 RpcLocator - ok
12:36:08.0832 1912 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
12:36:08.0838 1912 RpcSs - ok
12:36:08.0847 1912 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:36:08.0848 1912 rspndr - ok
12:36:08.0864 1912 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
12:36:08.0865 1912 SamSs - ok
12:36:08.0879 1912 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:36:08.0880 1912 sbp2port - ok
12:36:08.0913 1912 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:36:08.0915 1912 SCardSvr - ok
12:36:08.0970 1912 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
12:36:08.0976 1912 Schedule - ok
12:36:09.0009 1912 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:36:09.0010 1912 SCPolicySvc - ok
12:36:09.0050 1912 [ BE100BC2BE2513314C717BB2C4CFFF10 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:36:09.0051 1912 sdbus - ok
12:36:09.0073 1912 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:36:09.0075 1912 SDRSVC - ok
12:36:09.0155 1912 [ D193CC0B87D550ACBA3E17FFEC8D2D29 ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
12:36:09.0157 1912 Seagate Dashboard Services - ok
12:36:09.0177 1912 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:36:09.0178 1912 secdrv - ok
12:36:09.0192 1912 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
12:36:09.0194 1912 seclogon - ok
12:36:09.0212 1912 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
12:36:09.0213 1912 SENS - ok
12:36:09.0228 1912 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:36:09.0229 1912 Serenum - ok
12:36:09.0242 1912 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
12:36:09.0243 1912 Serial - ok
12:36:09.0257 1912 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:36:09.0257 1912 sermouse - ok
12:36:09.0283 1912 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
12:36:09.0285 1912 SessionEnv - ok
12:36:09.0290 1912 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:36:09.0291 1912 sffdisk - ok
12:36:09.0296 1912 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:36:09.0297 1912 sffp_mmc - ok
12:36:09.0302 1912 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:36:09.0303 1912 sffp_sd - ok
12:36:09.0321 1912 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:36:09.0321 1912 sfloppy - ok
12:36:09.0352 1912 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:36:09.0355 1912 SharedAccess - ok
12:36:09.0402 1912 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:36:09.0404 1912 ShellHWDetection - ok
12:36:09.0410 1912 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:36:09.0411 1912 SiSRaid2 - ok
12:36:09.0431 1912 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:36:09.0432 1912 SiSRaid4 - ok
12:36:09.0471 1912 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:36:09.0472 1912 SkypeUpdate - ok
12:36:09.0567 1912 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
12:36:09.0583 1912 slsvc - ok
12:36:09.0613 1912 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:36:09.0615 1912 SLUINotify - ok
12:36:09.0650 1912 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:36:09.0651 1912 Smb - ok
12:36:09.0671 1912 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:36:09.0672 1912 SNMPTRAP - ok
12:36:09.0702 1912 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
12:36:09.0703 1912 spldr - ok
12:36:09.0744 1912 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
12:36:09.0747 1912 Spooler - ok
12:36:09.0796 1912 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
12:36:09.0799 1912 srv - ok
12:36:09.0852 1912 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:36:09.0854 1912 srv2 - ok
12:36:09.0906 1912 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:36:09.0908 1912 srvnet - ok
12:36:09.0920 1912 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:36:09.0922 1912 SSDPSRV - ok
12:36:09.0943 1912 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:36:09.0945 1912 SstpSvc - ok
12:36:10.0034 1912 [ DC4A7A067508470838D2D2336BFEB1E1 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_d0e22e95\STacSV64.exe
12:36:10.0036 1912 STacSV - ok
12:36:10.0073 1912 [ 6299F206F17E34EAD0EF63DAD8CD4272 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:36:10.0076 1912 STHDA - ok
12:36:10.0111 1912 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
12:36:10.0116 1912 stisvc - ok
12:36:10.0171 1912 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:36:10.0172 1912 stllssvr - ok
12:36:10.0204 1912 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:36:10.0205 1912 swenum - ok
12:36:10.0237 1912 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
12:36:10.0241 1912 swprv - ok
12:36:10.0262 1912 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:36:10.0263 1912 Symc8xx - ok
12:36:10.0267 1912 SymIMMP - ok
12:36:10.0281 1912 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:36:10.0281 1912 Sym_hi - ok
12:36:10.0307 1912 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:36:10.0308 1912 Sym_u3 - ok
12:36:10.0355 1912 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
12:36:10.0361 1912 SysMain - ok
12:36:10.0385 1912 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:36:10.0387 1912 TabletInputService - ok
12:36:10.0428 1912 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:36:10.0431 1912 TapiSrv - ok
12:36:10.0448 1912 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
12:36:10.0450 1912 TBS - ok
12:36:10.0515 1912 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:36:10.0524 1912 Tcpip - ok
12:36:10.0572 1912 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:36:10.0580 1912 Tcpip6 - ok
12:36:10.0607 1912 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:36:10.0607 1912 tcpipreg - ok
12:36:10.0633 1912 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:36:10.0633 1912 TDPIPE - ok
12:36:10.0654 1912 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:36:10.0655 1912 TDTCP - ok
12:36:10.0688 1912 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:36:10.0689 1912 tdx - ok
12:36:10.0731 1912 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:36:10.0732 1912 TermDD - ok
12:36:10.0772 1912 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
12:36:10.0777 1912 TermService - ok
12:36:10.0799 1912 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
12:36:10.0801 1912 Themes - ok
12:36:10.0833 1912 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
12:36:10.0834 1912 THREADORDER - ok
12:36:10.0868 1912 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
12:36:10.0870 1912 TrkWks - ok
12:36:10.0914 1912 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:36:10.0915 1912 TrustedInstaller - ok
12:36:10.0951 1912 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:36:10.0951 1912 tssecsrv - ok
12:36:10.0967 1912 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:36:10.0968 1912 tunmp - ok
12:36:10.0989 1912 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:36:10.0990 1912 tunnel - ok
12:36:10.0996 1912 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:36:10.0996 1912 uagp35 - ok
12:36:11.0046 1912 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:36:11.0048 1912 udfs - ok
12:36:11.0081 1912 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:36:11.0083 1912 UI0Detect - ok
12:36:11.0102 1912 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:36:11.0102 1912 uliagpkx - ok
12:36:11.0116 1912 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:36:11.0118 1912 uliahci - ok
12:36:11.0136 1912 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:36:11.0138 1912 UlSata - ok
12:36:11.0166 1912 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:36:11.0168 1912 ulsata2 - ok
12:36:11.0183 1912 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:36:11.0184 1912 umbus - ok
12:36:11.0200 1912 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
12:36:11.0203 1912 upnphost - ok
12:36:11.0238 1912 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:36:11.0238 1912 USBAAPL64 - ok
12:36:11.0271 1912 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:36:11.0272 1912 usbccgp - ok
12:36:11.0288 1912 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:36:11.0289 1912 usbcir - ok
12:36:11.0324 1912 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:36:11.0325 1912 usbehci - ok
12:36:11.0366 1912 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:36:11.0368 1912 usbhub - ok
12:36:11.0391 1912 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:36:11.0391 1912 usbohci - ok
12:36:11.0415 1912 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:36:11.0415 1912 usbprint - ok
12:36:11.0445 1912 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:36:11.0446 1912 usbscan - ok
12:36:11.0467 1912 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:36:11.0468 1912 USBSTOR - ok
12:36:11.0491 1912 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:36:11.0491 1912 usbuhci - ok
12:36:11.0523 1912 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
12:36:11.0525 1912 UxSms - ok
12:36:11.0571 1912 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
12:36:11.0575 1912 vds - ok
12:36:11.0597 1912 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:36:11.0598 1912 vga - ok
12:36:11.0618 1912 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:36:11.0619 1912 VgaSave - ok
12:36:11.0624 1912 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
12:36:11.0624 1912 viaide - ok
12:36:11.0645 1912 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:36:11.0646 1912 volmgr - ok
12:36:11.0688 1912 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:36:11.0691 1912 volmgrx - ok
12:36:11.0735 1912 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:36:11.0737 1912 volsnap - ok
12:36:11.0762 1912 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:36:11.0763 1912 vsmraid - ok
12:36:11.0827 1912 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
12:36:11.0836 1912 VSS - ok
12:36:11.0868 1912 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
12:36:11.0871 1912 W32Time - ok
12:36:11.0882 1912 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:36:11.0882 1912 WacomPen - ok
12:36:11.0926 1912 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:36:11.0927 1912 Wanarp - ok
12:36:11.0932 1912 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:36:11.0933 1912 Wanarpv6 - ok
12:36:11.0966 1912 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:36:11.0970 1912 wcncsvc - ok
12:36:11.0997 1912 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:36:11.0999 1912 WcsPlugInService - ok
12:36:12.0012 1912 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
12:36:12.0013 1912 Wd - ok
12:36:12.0061 1912 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:36:12.0065 1912 Wdf01000 - ok
12:36:12.0071 1912 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:36:12.0073 1912 WdiServiceHost - ok
12:36:12.0077 1912 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:36:12.0079 1912 WdiSystemHost - ok
12:36:12.0091 1912 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
12:36:12.0094 1912 WebClient - ok
12:36:12.0131 1912 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:36:12.0133 1912 Wecsvc - ok
12:36:12.0150 1912 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:36:12.0151 1912 wercplsupport - ok
12:36:12.0165 1912 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
12:36:12.0167 1912 WerSvc - ok
12:36:12.0188 1912 WinDefend - ok
12:36:12.0196 1912 WinHttpAutoProxySvc - ok
12:36:12.0276 1912 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:36:12.0277 1912 Winmgmt - ok
12:36:12.0349 1912 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
12:36:12.0363 1912 WinRM - ok
12:36:12.0406 1912 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:36:12.0411 1912 Wlansvc - ok
12:36:12.0415 1912 wltrysvc - ok
12:36:12.0442 1912 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:36:12.0442 1912 WmiAcpi - ok
12:36:12.0456 1912 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:36:12.0457 1912 wmiApSrv - ok
12:36:12.0472 1912 WMPNetworkSvc - ok
12:36:12.0509 1912 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:36:12.0511 1912 WPCSvc - ok
12:36:12.0556 1912 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:36:12.0558 1912 WPDBusEnum - ok
12:36:12.0596 1912 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:36:12.0597 1912 WpdUsb - ok
12:36:12.0713 1912 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:36:12.0719 1912 WPFFontCache_v0400 - ok
12:36:12.0750 1912 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:36:12.0751 1912 ws2ifsl - ok
12:36:12.0778 1912 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
12:36:12.0780 1912 wscsvc - ok
12:36:12.0784 1912 WSearch - ok
12:36:12.0877 1912 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:36:12.0892 1912 wuauserv - ok
12:36:12.0911 1912 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:36:12.0912 1912 WUDFRd - ok
12:36:12.0940 1912 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:36:12.0942 1912 wudfsvc - ok
12:36:13.0006 1912 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:36:13.0010 1912 YahooAUService - ok
12:36:13.0017 1912 ================ Scan global ===============================
12:36:13.0042 1912 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
12:36:13.0083 1912 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
12:36:13.0105 1912 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
12:36:13.0153 1912 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
12:36:13.0156 1912 [Global] - ok
12:36:13.0157 1912 ================ Scan MBR ==================================
12:36:13.0172 1912 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
12:36:13.0623 1912 \Device\Harddisk0\DR0 - ok
12:36:13.0623 1912 ================ Scan VBR ==================================
12:36:13.0655 1912 [ A431838945CA4AEAD0B42711B8CA0E9B ] \Device\Harddisk0\DR0\Partition1
12:36:13.0658 1912 \Device\Harddisk0\DR0\Partition1 - ok
12:36:13.0661 1912 [ 1B8FDFEFAB58BCAE18C45037BD423CCE ] \Device\Harddisk0\DR0\Partition2
12:36:13.0663 1912 \Device\Harddisk0\DR0\Partition2 - ok
12:36:13.0663 1912 ============================================================
12:36:13.0663 1912 Scan finished
12:36:13.0663 1912 ============================================================
12:36:13.0671 1580 Detected object count: 0
12:36:13.0671 1580 Actual detected object count: 0

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:24 AM

Posted 28 November 2012 - 01:44 PM

You're definitely infected but some more advanced tools will be needed in your case.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 Goodbye45

Goodbye45
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:24 AM

Posted 28 November 2012 - 01:54 PM

Thank you. I will get started with the guide at step 6 and proceed from there.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users