Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with TROPIG trojan


  • Please log in to reply
5 replies to this topic

#1 testto

testto

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 31 January 2013 - 10:02 PM

Hi,

My internet provider has notified me that I have a major security threat on a computer on my network. Unfortunately I am unable to figure out which one it is.My isp has letting me know its the Tropig trojan.
i have 3 computers in my home network, 2 laptops and 1 pc. I do have cleaned out two of my computers and i'm sure there are no trojans on those two anymore after 2 days of scanning and using all other kind of tools. now the real problem is my laptop that has been giving me a lot of warnings that there might be trojans and viruses on the laptop.


i only have 1 more day before my isp will shutdown my internet.
so i hope this will be solved before the day is over.


Moved to Am I Infected as there are not the required logs for that foum ~~boopme

Edited by boopme, 31 January 2013 - 11:01 PM.


BC AdBot (Login to Remove)

 


#2 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:03:58 AM

Posted 31 January 2013 - 11:48 PM

Hi, testto! I'm going to try to help you out. :)

Sadly I highly doubt this infection will be solved within the day, however, you can try contacting your ISP and tell them you're getting help removing the infection.

TDSSKiller

I need you to run a scan using TDSSKiller.

  • Download TDSSKiller from here, and save it to your desktop.
  • Double click the file to launch the program. Once the program starts, click Start Scan. Don't change any default scan settings.
  • Once the scan is finished, you'll find a log in your root drive (usually C: ) that will start with TDSS in the file name, please copy and paste it into your reply.

Malwarebytes

I need you to run a scan with Malwarebytes Anti-Malware.

  • Download MBAM from here, and save it to your desktop.
  • Double-click the installer to run it. During the installation, simply follow the prompts and let the program install. However, if you do not want to start a trial of the full version, please decline, and if offered any external toolbars/programs, feel free to uncheck to install them, unless you want them.
  • Once the program is done installing and updating, select the Perform full scan option on the main interface. The click the Scan button, hit Scan, and let the scan run.
  • Once the scan is finished, a log will pop up. If any malware was found, click the Show Results button, and make sure everything present is checked and click Remove Selected. If MBAM asks you to reboot, do so immediately. Either way, please copy and paste the log into your reply. If your PC is rebooted, you can find the log by opening up MBAM and going to the Logs tab.

AdwCleaner

I need you to run AdwCleaner to see if it removes anything.

  • Download AdwCleaner from here, and save it to your desktop.
  • Close all open programs.
  • Open the file on your desktop, and click the Delete button. Confirm operations at every prompt. Your PC will be rebooted after the final prompt.
  • Once rebooted, a text file will open up. Please copy and paste it into your reply.

RogueKiller

I need you to run RogueKiller to see if it removes anything.

  • Download RogueKiller from here, and save it to your desktop.
  • Close all open programs.
  • Double click the file on your desktop. Once the automatic check completes, hit the Scan button.
  • Once the full scan has finished, click on the Delete button. Once it's done removing things, open the newest log on your desktop (should be called RKreport[2].txt) and copy and paste it into your reply.

Please tell me how the computer is running in your next reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#3 testto

testto
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 February 2013 - 01:29 PM

Hi gunto thanks for your fast reply,

Sorry for my late response i just didn't want to use the laptop by avoiding my isp still want it shutdown my internet.
And just now i noticed i misspelled the trojan name it has to be the torpig trojan, but i think you already figured that out.

here are all the logs.
i have to say after scanning with AdwCleaner a restart was needed so when my laptop did restart it showed a error windows with behind the error window was a cmd window. The error was something like: Windows cannot find C79107D1-74BB-42A7-A4FA-4F38FD1FC133.EXE
I have to say that my computer is running fine but that was also before the scanning and deleting of the files. My laptop wasn't ever slow or had any problems even if it was infected with al kinds of viruses and trojans.

Logs:

TDSSKiller

18:53:20.0898 5200 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:53:21.0038 5200 ============================================================
18:53:21.0038 5200 Current date / time: 2013/02/01 18:53:21.0038
18:53:21.0038 5200 SystemInfo:
18:53:21.0038 5200
18:53:21.0038 5200 OS Version: 6.1.7601 ServicePack: 1.0
18:53:21.0038 5200 Product type: Workstation
18:53:21.0038 5200 ComputerName: ARBAELO
18:53:21.0038 5200 UserName: ARBAELO
18:53:21.0038 5200 Windows directory: C:\Windows
18:53:21.0038 5200 System windows directory: C:\Windows
18:53:21.0038 5200 Running under WOW64
18:53:21.0038 5200 Processor architecture: Intel x64
18:53:21.0038 5200 Number of processors: 2
18:53:21.0038 5200 Page size: 0x1000
18:53:21.0038 5200 Boot type: Normal boot
18:53:21.0038 5200 ============================================================
18:53:22.0489 5200 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:53:22.0489 5200 ============================================================
18:53:22.0489 5200 \Device\Harddisk0\DR0:
18:53:22.0504 5200 MBR partitions:
18:53:22.0504 5200 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:53:22.0504 5200 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x16D45000
18:53:22.0520 5200 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x16D78000, BlocksNum 0x15A52000
18:53:22.0520 5200 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x2C7CA000, BlocksNum 0xDBBAFF0
18:53:22.0520 5200 ============================================================
18:53:22.0551 5200 C: <-> \Device\Harddisk0\DR0\Partition2
18:53:22.0707 5200 E: <-> \Device\Harddisk0\DR0\Partition4
18:53:22.0770 5200 T: <-> \Device\Harddisk0\DR0\Partition3
18:53:22.0770 5200 ============================================================
18:53:22.0770 5200 Initialize success
18:53:22.0770 5200 ============================================================
18:53:28.0869 5380 ============================================================
18:53:28.0869 5380 Scan started
18:53:28.0869 5380 Mode: Manual; SigCheck; TDLFS;
18:53:28.0869 5380 ============================================================
18:53:29.0041 5380 ================ Scan system memory ========================
18:53:29.0041 5380 System memory - ok
18:53:29.0041 5380 ================ Scan services =============================
18:53:29.0150 5380 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:53:29.0259 5380 !SASCORE - ok
18:53:29.0446 5380 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:53:29.0509 5380 1394ohci - ok
18:53:29.0540 5380 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:53:29.0556 5380 ACPI - ok
18:53:29.0587 5380 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:53:29.0680 5380 AcpiPmi - ok
18:53:29.0836 5380 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:53:29.0836 5380 AdobeARMservice - ok
18:53:29.0899 5380 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:53:29.0946 5380 adp94xx - ok
18:53:29.0992 5380 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:53:30.0039 5380 adpahci - ok
18:53:30.0039 5380 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:53:30.0070 5380 adpu320 - ok
18:53:30.0102 5380 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:53:30.0148 5380 AeLookupSvc - ok
18:53:30.0195 5380 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:53:30.0242 5380 AFD - ok
18:53:30.0273 5380 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:53:30.0320 5380 agp440 - ok
18:53:30.0382 5380 [ 0E4E66F50833896AF12A2B57330FFE42 ] ahcix64s C:\Windows\system32\DRIVERS\ahcix64s.sys
18:53:30.0429 5380 ahcix64s - ok
18:53:30.0476 5380 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:53:30.0507 5380 ALG - ok
18:53:30.0554 5380 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:53:30.0585 5380 aliide - ok
18:53:30.0648 5380 [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:53:30.0679 5380 AMD External Events Utility - ok
18:53:30.0741 5380 AMD FUEL Service - ok
18:53:30.0788 5380 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:53:30.0835 5380 amdide - ok
18:53:30.0913 5380 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
18:53:30.0944 5380 amdiox64 - ok
18:53:30.0991 5380 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:53:31.0038 5380 AmdK8 - ok
18:53:31.0334 5380 [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:53:31.0786 5380 amdkmdag - ok
18:53:31.0849 5380 [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:53:31.0864 5380 amdkmdap - ok
18:53:31.0911 5380 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:53:31.0927 5380 AmdPPM - ok
18:53:31.0974 5380 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:53:32.0020 5380 amdsata - ok
18:53:32.0052 5380 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:53:32.0083 5380 amdsbs - ok
18:53:32.0098 5380 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:53:32.0130 5380 amdxata - ok
18:53:32.0145 5380 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
18:53:32.0161 5380 amd_sata - ok
18:53:32.0161 5380 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
18:53:32.0192 5380 amd_xata - ok
18:53:32.0239 5380 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:53:32.0332 5380 AppID - ok
18:53:32.0348 5380 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:53:32.0395 5380 AppIDSvc - ok
18:53:32.0410 5380 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:53:32.0457 5380 Appinfo - ok
18:53:32.0520 5380 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:53:32.0535 5380 Apple Mobile Device - ok
18:53:32.0582 5380 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:53:32.0629 5380 AppMgmt - ok
18:53:32.0676 5380 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:53:32.0707 5380 arc - ok
18:53:32.0707 5380 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:53:32.0722 5380 arcsas - ok
18:53:32.0816 5380 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:53:32.0832 5380 aspnet_state - ok
18:53:32.0863 5380 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:53:32.0941 5380 AsyncMac - ok
18:53:32.0972 5380 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:53:33.0003 5380 atapi - ok
18:53:33.0066 5380 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:53:33.0081 5380 AtiHDAudioService - ok
18:53:33.0346 5380 [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:53:33.0518 5380 atikmdag - ok
18:53:33.0596 5380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:53:33.0658 5380 AudioEndpointBuilder - ok
18:53:33.0674 5380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:53:33.0721 5380 AudioSrv - ok
18:53:33.0768 5380 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:53:33.0799 5380 AxInstSV - ok
18:53:33.0846 5380 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:53:33.0892 5380 b06bdrv - ok
18:53:33.0924 5380 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:53:33.0970 5380 b57nd60a - ok
18:53:34.0017 5380 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:53:34.0048 5380 BDESVC - ok
18:53:34.0064 5380 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:53:34.0126 5380 Beep - ok
18:53:34.0173 5380 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:53:34.0236 5380 BFE - ok
18:53:34.0267 5380 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
18:53:34.0329 5380 BITS - ok
18:53:34.0360 5380 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:53:34.0407 5380 blbdrive - ok
18:53:34.0501 5380 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:53:34.0516 5380 Bonjour Service - ok
18:53:34.0563 5380 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:53:34.0626 5380 bowser - ok
18:53:34.0688 5380 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:53:34.0750 5380 BrFiltLo - ok
18:53:34.0766 5380 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:53:34.0797 5380 BrFiltUp - ok
18:53:34.0828 5380 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:53:34.0891 5380 BridgeMP - ok
18:53:34.0922 5380 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
18:53:34.0984 5380 Browser - ok
18:53:35.0000 5380 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:53:35.0078 5380 Brserid - ok
18:53:35.0094 5380 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:53:35.0140 5380 BrSerWdm - ok
18:53:35.0172 5380 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:53:35.0203 5380 BrUsbMdm - ok
18:53:35.0234 5380 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:53:35.0265 5380 BrUsbSer - ok
18:53:35.0281 5380 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:53:35.0328 5380 BTHMODEM - ok
18:53:35.0374 5380 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:53:35.0406 5380 bthserv - ok
18:53:35.0452 5380 catchme - ok
18:53:35.0468 5380 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:53:35.0530 5380 cdfs - ok
18:53:35.0577 5380 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:53:35.0624 5380 cdrom - ok
18:53:35.0671 5380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:53:35.0718 5380 CertPropSvc - ok
18:53:35.0858 5380 [ 8FA3860FA448CCF9EAE4DE6BEF190735 ] CGVPNCliSrvc C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe
18:53:35.0905 5380 CGVPNCliSrvc - ok
18:53:35.0952 5380 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:53:35.0983 5380 circlass - ok
18:53:36.0014 5380 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:53:36.0045 5380 CLFS - ok
18:53:36.0108 5380 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:53:36.0108 5380 clr_optimization_v2.0.50727_32 - ok
18:53:36.0154 5380 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:53:36.0170 5380 clr_optimization_v2.0.50727_64 - ok
18:53:36.0232 5380 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:53:36.0248 5380 clr_optimization_v4.0.30319_32 - ok
18:53:36.0264 5380 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:53:36.0279 5380 clr_optimization_v4.0.30319_64 - ok
18:53:36.0310 5380 [ E13A438F9E51DD034730678E33B73290 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
18:53:36.0342 5380 clwvd - ok
18:53:36.0388 5380 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:53:36.0420 5380 CmBatt - ok
18:53:36.0451 5380 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:53:36.0498 5380 cmdide - ok
18:53:36.0529 5380 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
18:53:36.0638 5380 CNG - ok
18:53:36.0685 5380 [ 040FF3B09F26926A3792E047DB0F47DD ] cnnctfy2 C:\Windows\system32\DRIVERS\cnnctfy2.sys
18:53:36.0716 5380 cnnctfy2 - ok
18:53:36.0763 5380 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:53:36.0810 5380 Compbatt - ok
18:53:36.0856 5380 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:53:36.0903 5380 CompositeBus - ok
18:53:36.0934 5380 COMSysApp - ok
18:53:36.0966 5380 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:53:36.0966 5380 crcdisk - ok
18:53:37.0044 5380 [ 63A7739AC9C1E38589B3EDB1DAEB9DF5 ] CronService C:\Prey\platform\windows\cronsvc.exe
18:53:37.0059 5380 CronService ( UnsignedFile.Multi.Generic ) - warning
18:53:37.0059 5380 CronService - detected UnsignedFile.Multi.Generic (1)
18:53:37.0106 5380 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:53:37.0153 5380 CryptSvc - ok
18:53:37.0200 5380 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:53:37.0231 5380 CSC - ok
18:53:37.0262 5380 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:53:37.0278 5380 CscService - ok
18:53:37.0293 5380 CV2K1 - ok
18:53:37.0356 5380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:53:37.0418 5380 DcomLaunch - ok
18:53:37.0434 5380 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:53:37.0480 5380 defragsvc - ok
18:53:37.0543 5380 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:53:37.0590 5380 DfsC - ok
18:53:37.0652 5380 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:53:37.0683 5380 dg_ssudbus - ok
18:53:37.0730 5380 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:53:37.0808 5380 Dhcp - ok
18:53:37.0839 5380 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:53:37.0886 5380 discache - ok
18:53:37.0948 5380 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:53:37.0980 5380 Disk - ok
18:53:38.0011 5380 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:53:38.0042 5380 Dnscache - ok
18:53:38.0073 5380 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:53:38.0195 5380 dot3svc - ok
18:53:38.0215 5380 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:53:38.0275 5380 DPS - ok
18:53:38.0295 5380 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:53:38.0357 5380 drmkaud - ok
18:53:38.0420 5380 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:53:38.0451 5380 DXGKrnl - ok
18:53:38.0498 5380 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
18:53:38.0529 5380 eamonm - ok
18:53:38.0576 5380 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:53:38.0638 5380 EapHost - ok
18:53:38.0716 5380 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:53:38.0841 5380 ebdrv - ok
18:53:38.0872 5380 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:53:38.0888 5380 EFS - ok
18:53:38.0950 5380 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
18:53:38.0981 5380 ehdrv - ok
18:53:39.0044 5380 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:53:39.0090 5380 ehRecvr - ok
18:53:39.0106 5380 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:53:39.0122 5380 ehSched - ok
18:53:39.0309 5380 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
18:53:39.0324 5380 ekrn - ok
18:53:39.0402 5380 [ 4778EEECB75C6FB419745BEED3530B9D ] ElRawDisk C:\Windows\system32\drivers\rsdrvx64.sys
18:53:39.0434 5380 ElRawDisk - ok
18:53:39.0496 5380 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:53:39.0512 5380 elxstor - ok
18:53:39.0543 5380 [ 587F0F4145A1536A6E37EFD769B7665F ] epfw C:\Windows\system32\DRIVERS\epfw.sys
18:53:39.0558 5380 epfw - ok
18:53:39.0621 5380 [ D2F812358EE8EE23CBB5C4DAFFB5B819 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
18:53:39.0683 5380 EpfwLWF - ok
18:53:39.0699 5380 [ 34BF55D69AB74D14C7E7A17259CB7DF8 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
18:53:39.0730 5380 epfwwfp - ok
18:53:39.0746 5380 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:53:39.0777 5380 ErrDev - ok
18:53:39.0855 5380 esgiguard - ok
18:53:39.0902 5380 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:53:39.0964 5380 EventSystem - ok
18:53:39.0980 5380 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:53:40.0058 5380 exfat - ok
18:53:40.0089 5380 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:53:40.0182 5380 fastfat - ok
18:53:40.0229 5380 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:53:40.0276 5380 Fax - ok
18:53:40.0323 5380 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:53:40.0385 5380 fdc - ok
18:53:40.0448 5380 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:53:40.0494 5380 fdPHost - ok
18:53:40.0510 5380 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:53:40.0557 5380 FDResPub - ok
18:53:40.0572 5380 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:53:40.0604 5380 FileInfo - ok
18:53:40.0635 5380 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:53:40.0713 5380 Filetrace - ok
18:53:40.0838 5380 [ C989E48F2EAD0CBD0AD5A9554528DE52 ] Firefox Service E:\Program Files 1.0\Program Filez\Firefox 4.0 (Portable)\Data\profile\extensions\startup.service@mozilla.com\svc.exe
18:53:40.0853 5380 Firefox Service ( UnsignedFile.Multi.Generic ) - warning
18:53:40.0853 5380 Firefox Service - detected UnsignedFile.Multi.Generic (1)
18:53:40.0884 5380 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:53:40.0900 5380 flpydisk - ok
18:53:40.0947 5380 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:53:40.0994 5380 FltMgr - ok
18:53:41.0040 5380 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:53:41.0072 5380 FontCache - ok
18:53:41.0118 5380 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:53:41.0134 5380 FontCache3.0.0.0 - ok
18:53:41.0150 5380 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:53:41.0181 5380 FsDepends - ok
18:53:41.0196 5380 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:53:41.0228 5380 Fs_Rec - ok
18:53:41.0274 5380 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:53:41.0290 5380 fvevol - ok
18:53:41.0321 5380 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:53:41.0369 5380 gagp30kx - ok
18:53:41.0416 5380 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:53:41.0416 5380 GEARAspiWDM - ok
18:53:41.0463 5380 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:53:41.0525 5380 gpsvc - ok
18:53:41.0572 5380 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:53:41.0587 5380 gupdate - ok
18:53:41.0634 5380 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:53:41.0650 5380 gupdatem - ok
18:53:41.0681 5380 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:53:41.0728 5380 hamachi - ok
18:53:41.0743 5380 [ D5FA01185A7D5A65724FD87B34E53F5B ] hcmon C:\Windows\system32\drivers\hcmon.sys
18:53:41.0759 5380 hcmon - ok
18:53:41.0806 5380 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:53:41.0837 5380 hcw85cir - ok
18:53:41.0899 5380 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:53:41.0946 5380 HdAudAddService - ok
18:53:41.0993 5380 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:53:42.0009 5380 HDAudBus - ok
18:53:42.0040 5380 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:53:42.0087 5380 HidBatt - ok
18:53:42.0102 5380 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:53:42.0149 5380 HidBth - ok
18:53:42.0165 5380 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:53:42.0227 5380 HidIr - ok
18:53:42.0243 5380 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
18:53:42.0289 5380 hidserv - ok
18:53:42.0352 5380 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:53:42.0384 5380 HidUsb - ok
18:53:42.0400 5380 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:53:42.0446 5380 hkmsvc - ok
18:53:42.0478 5380 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:53:42.0493 5380 HomeGroupListener - ok
18:53:42.0524 5380 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:53:42.0540 5380 HomeGroupProvider - ok
18:53:42.0556 5380 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:53:42.0571 5380 HpSAMD - ok
18:53:42.0634 5380 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:53:42.0680 5380 HTTP - ok
18:53:42.0712 5380 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:53:42.0727 5380 hwpolicy - ok
18:53:42.0774 5380 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:53:42.0805 5380 i8042prt - ok
18:53:42.0852 5380 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:53:42.0883 5380 iaStorV - ok
18:53:42.0930 5380 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:53:42.0961 5380 idsvc - ok
18:53:42.0992 5380 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:53:43.0024 5380 iirsp - ok
18:53:43.0055 5380 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:53:43.0117 5380 IKEEXT - ok
18:53:43.0258 5380 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:53:43.0398 5380 IntcAzAudAddService - ok
18:53:43.0460 5380 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:53:43.0476 5380 intelide - ok
18:53:43.0507 5380 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:53:43.0554 5380 intelppm - ok
18:53:43.0585 5380 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:53:43.0632 5380 IPBusEnum - ok
18:53:43.0679 5380 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:53:43.0710 5380 IpFilterDriver - ok
18:53:43.0741 5380 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:53:43.0804 5380 iphlpsvc - ok
18:53:43.0835 5380 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:53:43.0866 5380 IPMIDRV - ok
18:53:43.0882 5380 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:53:43.0975 5380 IPNAT - ok
18:53:44.0038 5380 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:53:44.0069 5380 iPod Service - ok
18:53:44.0100 5380 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:53:44.0131 5380 IRENUM - ok
18:53:44.0178 5380 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:53:44.0194 5380 isapnp - ok
18:53:44.0240 5380 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:53:44.0272 5380 iScsiPrt - ok
18:53:44.0318 5380 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:53:44.0334 5380 kbdclass - ok
18:53:44.0365 5380 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:53:44.0381 5380 kbdhid - ok
18:53:44.0396 5380 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:53:44.0412 5380 KeyIso - ok
18:53:44.0521 5380 [ C786C31E9645C1D6BF7B9FD047DC077F ] kinonivd C:\Windows\system32\DRIVERS\kinonivd.sys
18:53:44.0646 5380 kinonivd - ok
18:53:44.0693 5380 [ D4FAB548E17157959D21CE7EAA2692C8 ] KINONI_Wave C:\Windows\system32\drivers\kinonivad.sys
18:53:44.0740 5380 KINONI_Wave - ok
18:53:44.0771 5380 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:53:44.0786 5380 KSecDD - ok
18:53:44.0802 5380 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:53:44.0833 5380 KSecPkg - ok
18:53:44.0880 5380 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:53:44.0942 5380 ksthunk - ok
18:53:44.0989 5380 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:53:45.0052 5380 KtmRm - ok
18:53:45.0098 5380 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:53:45.0145 5380 LanmanServer - ok
18:53:45.0176 5380 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:53:45.0223 5380 LanmanWorkstation - ok
18:53:45.0254 5380 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:53:46.0019 5380 lltdio - ok
18:53:46.0066 5380 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:53:46.0144 5380 lltdsvc - ok
18:53:46.0159 5380 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:53:46.0206 5380 lmhosts - ok
18:53:46.0300 5380 [ E01FDED75312652DE448E5AA792AFA59 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
18:53:46.0315 5380 LMIGuardianSvc - ok
18:53:46.0362 5380 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
18:53:46.0393 5380 LMIInfo - ok
18:53:46.0440 5380 [ BE53CF6E8FFEF255988209A35F184F9F ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
18:53:46.0456 5380 LMIMaint - ok
18:53:46.0502 5380 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
18:53:46.0518 5380 lmimirr - ok
18:53:46.0549 5380 LMIRfsClientNP - ok
18:53:46.0580 5380 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
18:53:46.0643 5380 LMIRfsDriver - ok
18:53:46.0705 5380 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
18:53:46.0721 5380 LogMeIn - ok
18:53:46.0768 5380 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:53:46.0799 5380 LSI_FC - ok
18:53:46.0846 5380 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:53:46.0861 5380 LSI_SAS - ok
18:53:46.0877 5380 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:53:46.0908 5380 LSI_SAS2 - ok
18:53:46.0908 5380 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:53:46.0955 5380 LSI_SCSI - ok
18:53:47.0002 5380 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:53:47.0064 5380 luafv - ok
18:53:47.0126 5380 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
18:53:47.0173 5380 ManyCam - ok
18:53:47.0251 5380 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:53:47.0267 5380 MBAMProtector - ok
18:53:47.0329 5380 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:53:47.0360 5380 MBAMScheduler - ok
18:53:47.0407 5380 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:53:47.0438 5380 MBAMService - ok
18:53:47.0516 5380 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
18:53:47.0563 5380 mcaudrv_simple - ok
18:53:47.0610 5380 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:53:47.0657 5380 Mcx2Svc - ok
18:53:47.0688 5380 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:53:47.0735 5380 megasas - ok
18:53:47.0735 5380 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:53:47.0782 5380 MegaSR - ok
18:53:47.0860 5380 Microsoft SharePoint Workspace Audit Service - ok
18:53:47.0891 5380 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:53:47.0953 5380 MMCSS - ok
18:53:47.0969 5380 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:53:48.0016 5380 Modem - ok
18:53:48.0047 5380 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:53:48.0078 5380 monitor - ok
18:53:48.0125 5380 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:53:48.0140 5380 mouclass - ok
18:53:48.0187 5380 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:53:48.0218 5380 mouhid - ok
18:53:48.0265 5380 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:53:48.0281 5380 mountmgr - ok
18:53:48.0312 5380 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:53:48.0328 5380 mpio - ok
18:53:48.0359 5380 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:53:48.0421 5380 mpsdrv - ok
18:53:48.0468 5380 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:53:48.0515 5380 MpsSvc - ok
18:53:48.0546 5380 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:53:48.0593 5380 MRxDAV - ok
18:53:48.0608 5380 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:53:48.0655 5380 mrxsmb - ok
18:53:48.0702 5380 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:53:48.0749 5380 mrxsmb10 - ok
18:53:48.0749 5380 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:53:48.0780 5380 mrxsmb20 - ok
18:53:48.0811 5380 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:53:48.0827 5380 msahci - ok
18:53:48.0842 5380 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:53:48.0874 5380 msdsm - ok
18:53:48.0905 5380 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:53:48.0936 5380 MSDTC - ok
18:53:48.0952 5380 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:53:48.0998 5380 Msfs - ok
18:53:49.0014 5380 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:53:49.0061 5380 mshidkmdf - ok
18:53:49.0076 5380 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:53:49.0092 5380 msisadrv - ok
18:53:49.0139 5380 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:53:49.0186 5380 MSiSCSI - ok
18:53:49.0201 5380 msiserver - ok
18:53:49.0217 5380 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:53:49.0264 5380 MSKSSRV - ok
18:53:49.0264 5380 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:53:49.0326 5380 MSPCLOCK - ok
18:53:49.0342 5380 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:53:49.0404 5380 MSPQM - ok
18:53:49.0435 5380 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:53:49.0466 5380 MsRPC - ok
18:53:49.0498 5380 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:53:49.0513 5380 mssmbios - ok
18:53:49.0529 5380 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:53:49.0591 5380 MSTEE - ok
18:53:49.0607 5380 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:53:49.0622 5380 MTConfig - ok
18:53:49.0638 5380 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:53:49.0669 5380 Mup - ok
18:53:49.0716 5380 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:53:49.0778 5380 napagent - ok
18:53:49.0825 5380 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:53:49.0903 5380 NativeWifiP - ok
18:53:50.0012 5380 [ 13AA2130F2A104DD775EAD0F0EE5417B ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
18:53:50.0028 5380 NAUpdate - ok
18:53:50.0090 5380 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:53:50.0122 5380 NDIS - ok
18:53:50.0168 5380 [ 8C78AF30FC97256E43A31ADE1B03C607 ] ndisahMP C:\Windows\system32\DRIVERS\ndisah.sys
18:53:50.0215 5380 ndisahMP - ok
18:53:50.0246 5380 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:53:50.0324 5380 NdisCap - ok
18:53:50.0356 5380 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:53:50.0402 5380 NdisTapi - ok
18:53:50.0434 5380 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:53:50.0496 5380 Ndisuio - ok
18:53:50.0512 5380 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:53:50.0574 5380 NdisWan - ok
18:53:50.0605 5380 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:53:50.0683 5380 NDProxy - ok
18:53:50.0714 5380 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:53:50.0777 5380 NetBIOS - ok
18:53:50.0824 5380 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:53:50.0870 5380 NetBT - ok
18:53:50.0886 5380 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:53:50.0902 5380 Netlogon - ok
18:53:50.0933 5380 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:53:50.0995 5380 Netman - ok
18:53:51.0042 5380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:51.0058 5380 NetMsmqActivator - ok
18:53:51.0058 5380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:51.0073 5380 NetPipeActivator - ok
18:53:51.0089 5380 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:53:51.0151 5380 netprofm - ok
18:53:51.0214 5380 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
18:53:51.0292 5380 netr28ux - ok
18:53:51.0307 5380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:51.0323 5380 NetTcpActivator - ok
18:53:51.0323 5380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:51.0338 5380 NetTcpPortSharing - ok
18:53:51.0385 5380 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:53:51.0432 5380 nfrd960 - ok
18:53:51.0510 5380 [ 0734398D3D99986BB8006E9BB5EAB1E5 ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
18:53:51.0526 5380 NitroReaderDriverReadSpool2 - ok
18:53:51.0588 5380 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:53:51.0635 5380 NlaSvc - ok
18:53:51.0697 5380 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
18:53:51.0744 5380 NPF - ok
18:53:51.0760 5380 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:53:51.0822 5380 Npfs - ok
18:53:51.0838 5380 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:53:51.0884 5380 nsi - ok
18:53:51.0916 5380 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:53:51.0978 5380 nsiproxy - ok
18:53:52.0040 5380 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:53:52.0103 5380 Ntfs - ok
18:53:52.0118 5380 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:53:52.0165 5380 Null - ok
18:53:52.0212 5380 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:53:52.0243 5380 nvraid - ok
18:53:52.0274 5380 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:53:52.0321 5380 nvstor - ok
18:53:52.0352 5380 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:53:52.0384 5380 nv_agp - ok
18:53:52.0399 5380 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:53:52.0446 5380 ohci1394 - ok
18:53:52.0571 5380 [ CDBD86641CEB73402F436C9569E56C4E ] OODefragAgent C:\Program Files\OO Software\Defrag\oodag.exe
18:53:52.0633 5380 OODefragAgent - ok
18:53:52.0727 5380 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:53:52.0742 5380 ose - ok
18:53:52.0836 5380 [ 4ACD255587E8D05A56FCAAFDB0D4AD85 ] OSFMount C:\Program Files\OSFMount\OSFMount.sys
18:53:52.0852 5380 OSFMount - ok
18:53:52.0976 5380 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:53:53.0086 5380 osppsvc - ok
18:53:53.0179 5380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:53:53.0210 5380 p2pimsvc - ok
18:53:53.0226 5380 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:53:53.0257 5380 p2psvc - ok
18:53:53.0304 5380 [ 0950875BC5F7348B263B2A3FC56CBA34 ] PAC7302 C:\Windows\system32\DRIVERS\PAC7302.SYS
18:53:53.0382 5380 PAC7302 - ok
18:53:53.0413 5380 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:53:53.0444 5380 Parport - ok
18:53:53.0476 5380 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:53:53.0507 5380 partmgr - ok
18:53:53.0522 5380 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:53:53.0554 5380 PcaSvc - ok
18:53:53.0585 5380 pccsmcfd - ok
18:53:53.0585 5380 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:53:53.0600 5380 pci - ok
18:53:53.0632 5380 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:53:53.0663 5380 pciide - ok
18:53:53.0694 5380 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:53:53.0725 5380 pcmcia - ok
18:53:53.0725 5380 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:53:53.0756 5380 pcw - ok
18:53:53.0788 5380 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:53:53.0866 5380 PEAUTH - ok
18:53:53.0928 5380 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:53:53.0959 5380 PeerDistSvc - ok
18:53:54.0037 5380 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:53:54.0053 5380 PerfHost - ok
18:53:54.0115 5380 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:53:54.0209 5380 pla - ok
18:53:54.0240 5380 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:53:54.0256 5380 PlugPlay - ok
18:53:54.0287 5380 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:53:54.0318 5380 PNRPAutoReg - ok
18:53:54.0334 5380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:53:54.0365 5380 PNRPsvc - ok
18:53:54.0396 5380 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:53:54.0458 5380 PolicyAgent - ok
18:53:54.0490 5380 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:53:54.0552 5380 Power - ok
18:53:54.0599 5380 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:53:54.0692 5380 PptpMiniport - ok
18:53:54.0708 5380 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:53:54.0755 5380 Processor - ok
18:53:54.0802 5380 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
18:53:54.0864 5380 ProfSvc - ok
18:53:54.0864 5380 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:53:54.0880 5380 ProtectedStorage - ok
18:53:54.0926 5380 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:53:54.0973 5380 Psched - ok
18:53:55.0082 5380 [ DEFD557D9B8C0FA3CEA6CC576400114E ] pwdrvio C:\Windows\system32\pwdrvio.sys
18:53:55.0114 5380 pwdrvio - ok
18:53:55.0160 5380 [ A2EE3B70A9E05F651B888078726C2787 ] pwdspio C:\Windows\system32\pwdspio.sys
18:53:55.0176 5380 pwdspio - ok
18:53:55.0207 5380 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:53:55.0238 5380 PxHlpa64 - ok
18:53:55.0285 5380 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:53:55.0332 5380 ql2300 - ok
18:53:55.0348 5380 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:53:55.0363 5380 ql40xx - ok
18:53:55.0394 5380 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:53:55.0426 5380 QWAVE - ok
18:53:55.0441 5380 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:53:55.0472 5380 QWAVEdrv - ok
18:53:55.0582 5380 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
18:53:55.0597 5380 RapiMgr - ok
18:53:55.0628 5380 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:53:55.0706 5380 RasAcd - ok
18:53:55.0738 5380 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:53:55.0784 5380 RasAgileVpn - ok
18:53:55.0800 5380 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:53:55.0862 5380 RasAuto - ok
18:53:55.0894 5380 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:53:55.0972 5380 Rasl2tp - ok
18:53:56.0003 5380 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:53:56.0050 5380 RasMan - ok
18:53:56.0081 5380 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:53:56.0143 5380 RasPppoe - ok
18:53:56.0159 5380 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:53:56.0206 5380 RasSstp - ok
18:53:56.0237 5380 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:53:56.0284 5380 rdbss - ok
18:53:56.0299 5380 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:53:56.0362 5380 rdpbus - ok
18:53:56.0377 5380 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:53:56.0424 5380 RDPCDD - ok
18:53:56.0455 5380 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:53:56.0518 5380 RDPDR - ok
18:53:56.0518 5380 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:53:56.0564 5380 RDPENCDD - ok
18:53:56.0580 5380 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:53:56.0627 5380 RDPREFMP - ok
18:53:56.0689 5380 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:53:56.0720 5380 RdpVideoMiniport - ok
18:53:56.0767 5380 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:53:56.0845 5380 RDPWD - ok
18:53:56.0876 5380 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:53:56.0908 5380 rdyboost - ok
18:53:56.0923 5380 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:53:56.0986 5380 RemoteAccess - ok
18:53:57.0001 5380 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:53:57.0064 5380 RemoteRegistry - ok
18:53:57.0126 5380 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
18:53:57.0142 5380 rpcapd - ok
18:53:57.0188 5380 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:53:57.0235 5380 RpcEptMapper - ok
18:53:57.0266 5380 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:53:57.0282 5380 RpcLocator - ok
18:53:57.0329 5380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
18:53:57.0376 5380 RpcSs - ok
18:53:57.0407 5380 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:53:57.0469 5380 rspndr - ok
18:53:57.0532 5380 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
18:53:57.0563 5380 RSUSBSTOR - ok
18:53:57.0610 5380 [ C618475866F6A7129F64A55961C1BB8B ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
18:53:57.0625 5380 RTHDMIAzAudService - ok
18:53:57.0688 5380 [ 16D4E350420BAA7E63E16E3FC033E1F5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:53:57.0719 5380 RTL8167 - ok
18:53:57.0781 5380 [ 1D170A8538C6F14B3D7DCBE8723F054B ] RTL8187 C:\Windows\system32\DRIVERS\RTL8187.sys
18:53:57.0812 5380 RTL8187 - ok
18:53:57.0890 5380 [ 858360F77240605FB202777FAF70FF8A ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
18:53:57.0953 5380 rtl8192se - ok
18:53:57.0984 5380 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:53:58.0031 5380 s3cap - ok
18:53:58.0078 5380 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:53:58.0093 5380 SamSs - ok
18:53:58.0218 5380 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x64\Sandra.sys
18:53:58.0234 5380 SANDRA - ok
18:53:58.0280 5380 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:53:58.0296 5380 SASDIFSV - ok
18:53:58.0312 5380 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:53:58.0327 5380 SASKUTIL - ok
18:53:58.0343 5380 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:53:58.0374 5380 sbp2port - ok
18:53:58.0405 5380 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:53:58.0452 5380 SCardSvr - ok
18:53:58.0514 5380 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
18:53:58.0546 5380 SCDEmu - ok
18:53:58.0577 5380 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:53:58.0639 5380 scfilter - ok
18:53:58.0686 5380 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:53:58.0748 5380 Schedule - ok
18:53:58.0780 5380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:53:58.0826 5380 SCPolicySvc - ok
18:53:58.0858 5380 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:53:58.0889 5380 SDRSVC - ok
18:53:58.0936 5380 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:53:58.0982 5380 secdrv - ok
18:53:59.0014 5380 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:53:59.0060 5380 seclogon - ok
18:53:59.0076 5380 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
18:53:59.0138 5380 SENS - ok
18:53:59.0154 5380 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:53:59.0170 5380 SensrSvc - ok
18:53:59.0216 5380 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:53:59.0248 5380 Serenum - ok
18:53:59.0279 5380 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:53:59.0357 5380 Serial - ok
18:53:59.0388 5380 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:53:59.0419 5380 sermouse - ok
18:53:59.0450 5380 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:53:59.0513 5380 SessionEnv - ok
18:53:59.0528 5380 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:53:59.0591 5380 sffdisk - ok
18:53:59.0591 5380 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:53:59.0622 5380 sffp_mmc - ok
18:53:59.0638 5380 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:53:59.0684 5380 sffp_sd - ok
18:53:59.0716 5380 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:53:59.0762 5380 sfloppy - ok
18:53:59.0809 5380 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:53:59.0872 5380 SharedAccess - ok
18:53:59.0903 5380 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:53:59.0950 5380 ShellHWDetection - ok
18:53:59.0981 5380 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:54:00.0028 5380 SiSRaid2 - ok
18:54:00.0043 5380 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:54:00.0074 5380 SiSRaid4 - ok
18:54:00.0121 5380 SIWIO - ok
18:54:00.0168 5380 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:54:00.0184 5380 SkypeUpdate - ok
18:54:00.0215 5380 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:54:00.0277 5380 Smb - ok
18:54:00.0324 5380 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:54:00.0355 5380 SNMPTRAP - ok
18:54:00.0433 5380 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
18:54:00.0449 5380 speedfan - ok
18:54:00.0480 5380 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:54:00.0511 5380 spldr - ok
18:54:00.0542 5380 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
18:54:00.0589 5380 Spooler - ok
18:54:00.0714 5380 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:54:00.0823 5380 sppsvc - ok
18:54:00.0839 5380 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:54:00.0901 5380 sppuinotify - ok
18:54:00.0932 5380 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:54:01.0026 5380 srv - ok
18:54:01.0042 5380 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:54:01.0088 5380 srv2 - ok
18:54:01.0088 5380 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:54:01.0120 5380 srvnet - ok
18:54:01.0166 5380 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:54:01.0229 5380 SSDPSRV - ok
18:54:01.0244 5380 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:54:01.0291 5380 SstpSvc - ok
18:54:01.0338 5380 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:54:01.0369 5380 ssudmdm - ok
18:54:01.0400 5380 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:54:01.0416 5380 stexstor - ok
18:54:01.0463 5380 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:54:01.0494 5380 stisvc - ok
18:54:01.0556 5380 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:54:01.0556 5380 storflt - ok
18:54:01.0588 5380 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:54:01.0619 5380 storvsc - ok
18:54:01.0634 5380 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:54:01.0650 5380 swenum - ok
18:54:01.0697 5380 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:54:01.0744 5380 swprv - ok
18:54:01.0759 5380 Synth3dVsc - ok
18:54:01.0837 5380 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:54:01.0884 5380 SysMain - ok
18:54:01.0931 5380 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:54:01.0946 5380 TabletInputService - ok
18:54:01.0993 5380 [ 4EF44915E522F3ECD1A3FF540AA64126 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
18:54:02.0040 5380 tap0901 - ok
18:54:02.0087 5380 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
18:54:02.0102 5380 taphss - ok
18:54:02.0134 5380 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:54:02.0180 5380 TapiSrv - ok
18:54:02.0212 5380 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:54:02.0258 5380 TBS - ok
18:54:02.0321 5380 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:54:02.0368 5380 Tcpip - ok
18:54:02.0414 5380 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:54:02.0461 5380 TCPIP6 - ok
18:54:02.0492 5380 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:54:02.0539 5380 tcpipreg - ok
18:54:02.0570 5380 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:54:02.0602 5380 TDPIPE - ok
18:54:02.0633 5380 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:54:02.0680 5380 TDTCP - ok
18:54:02.0726 5380 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:54:02.0789 5380 tdx - ok
18:54:02.0820 5380 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:54:02.0851 5380 TermDD - ok
18:54:02.0882 5380 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:54:02.0929 5380 TermService - ok
18:54:02.0960 5380 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:54:02.0976 5380 Themes - ok
18:54:03.0007 5380 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:54:03.0054 5380 THREADORDER - ok
18:54:03.0163 5380 [ AB2D61A032A01BF9E84F03CAA9D22932 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
18:54:03.0179 5380 TOSHIBA Bluetooth Service - ok
18:54:03.0194 5380 [ 8021F63311797085949FA387F7C83583 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
18:54:03.0210 5380 tosporte - ok
18:54:03.0226 5380 [ 71BB669BFCADE1580FDCE010ABC76310 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
18:54:03.0241 5380 tosrfbd - ok
18:54:03.0257 5380 [ 62512B5277D88600F8BD4B7AEC43569D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
18:54:03.0288 5380 tosrfbnp - ok
18:54:03.0304 5380 [ C523A9186C39D65CC9ADEBB2E1B93CCD ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
18:54:03.0382 5380 Tosrfcom - ok
18:54:03.0413 5380 [ 11699D47B3491D86249C168496D55C92 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
18:54:03.0428 5380 tosrfec - ok
18:54:03.0428 5380 [ 451B8C1815C6CC39650AF916C2A382CD ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
18:54:03.0444 5380 Tosrfhid - ok
18:54:03.0460 5380 [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
18:54:03.0460 5380 tosrfnds - ok
18:54:03.0475 5380 [ E1E045240C1184FA6628F3C7E7FF85D8 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
18:54:03.0506 5380 TosRfSnd - ok
18:54:03.0506 5380 [ DA7AA562448E29CA895895920BFF8946 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
18:54:03.0522 5380 Tosrfusb - ok
18:54:03.0569 5380 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:54:03.0616 5380 TrkWks - ok
18:54:03.0662 5380 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:54:03.0725 5380 TrustedInstaller - ok
18:54:03.0756 5380 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:54:03.0803 5380 tssecsrv - ok
18:54:03.0834 5380 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:54:03.0881 5380 TsUsbFlt - ok
18:54:03.0912 5380 tsusbhub - ok
18:54:04.0021 5380 [ 8DD1F81749A966EA5A96CB2D89C9670C ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
18:54:04.0068 5380 TuneUp.UtilitiesSvc - ok
18:54:04.0115 5380 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
18:54:04.0130 5380 TuneUpUtilitiesDrv - ok
18:54:04.0162 5380 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:54:04.0224 5380 tunnel - ok
18:54:04.0271 5380 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
18:54:04.0302 5380 TVALZ - ok
18:54:04.0318 5380 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:54:04.0349 5380 uagp35 - ok
18:54:04.0380 5380 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:54:04.0442 5380 udfs - ok
18:54:04.0489 5380 [ 215462AE7E6A897D675E84DD1E3B3B56 ] ufad-ws60 C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
18:54:04.0505 5380 ufad-ws60 - ok
18:54:04.0552 5380 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:54:04.0567 5380 UI0Detect - ok
18:54:04.0598 5380 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:54:04.0630 5380 uliagpkx - ok
18:54:04.0661 5380 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:54:04.0708 5380 umbus - ok
18:54:04.0723 5380 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:54:04.0770 5380 UmPass - ok
18:54:04.0801 5380 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:54:04.0832 5380 UmRdpService - ok
18:54:04.0848 5380 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:54:04.0895 5380 upnphost - ok
18:54:04.0957 5380 [ D2F24F4043C40C12F1EFB362373E0F88 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
18:54:05.0020 5380 USB28xxBGA - ok
18:54:05.0035 5380 [ 8A118C691C4C09FCD09A6688A65AAB24 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
18:54:05.0098 5380 USB28xxOEM - ok
18:54:05.0113 5380 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:54:05.0176 5380 USBAAPL64 - ok
18:54:05.0222 5380 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:54:05.0269 5380 usbaudio - ok
18:54:05.0300 5380 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:54:05.0347 5380 usbccgp - ok
18:54:05.0425 5380 [ 8D6D44E01D50F3744BA3B3060925859C ] USBCCID C:\Windows\system32\DRIVERS\Rts5161ccid.sys
18:54:05.0456 5380 USBCCID - ok
18:54:05.0472 5380 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:54:05.0503 5380 usbcir - ok
18:54:05.0534 5380 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:54:05.0566 5380 usbehci - ok
18:54:05.0612 5380 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:54:05.0659 5380 usbhub - ok
18:54:05.0675 5380 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:54:05.0722 5380 usbohci - ok
18:54:05.0768 5380 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:54:05.0815 5380 usbprint - ok
18:54:05.0831 5380 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:54:05.0862 5380 usbscan - ok
18:54:05.0893 5380 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:54:05.0971 5380 USBSTOR - ok
18:54:06.0002 5380 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:54:06.0034 5380 usbuhci - ok
18:54:06.0096 5380 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:54:06.0127 5380 usbvideo - ok
18:54:06.0158 5380 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:54:06.0205 5380 UxSms - ok
18:54:06.0268 5380 [ 1CA2321789A7188A36F376905DAF9C0A ] UxTuneUp C:\Windows\System32\uxtuneup.dll
18:54:06.0283 5380 UxTuneUp - ok
18:54:06.0299 5380 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:54:06.0314 5380 VaultSvc - ok
18:54:06.0330 5380 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:54:06.0377 5380 vdrvroot - ok
18:54:06.0408 5380 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:54:06.0455 5380 vds - ok
18:54:06.0502 5380 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:54:06.0517 5380 vga - ok
18:54:06.0533 5380 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:54:06.0611 5380 VgaSave - ok
18:54:06.0626 5380 VGPU - ok
18:54:06.0673 5380 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:54:06.0704 5380 vhdmp - ok
18:54:06.0736 5380 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:54:06.0767 5380 viaide - ok
18:54:06.0814 5380 [ 7AC6239C65DADE55DEFD573B98616C3F ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
18:54:06.0829 5380 VMAuthdService - ok
18:54:06.0845 5380 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:54:06.0907 5380 vmbus - ok
18:54:06.0938 5380 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:54:06.0970 5380 VMBusHID - ok
18:54:07.0001 5380 [ 312AEC23A85424543AF898A59209B479 ] vmci C:\Windows\system32\drivers\vmci.sys
18:54:07.0063 5380 vmci - ok
18:54:07.0079 5380 [ FFC30CAEEB2FC5FEE8568CFF74EDEAED ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
18:54:07.0110 5380 vmkbd - ok
18:54:07.0126 5380 [ 9D54F1339E78C95BF3D9939EBCB66378 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
18:54:07.0141 5380 VMnetAdapter - ok
18:54:07.0157 5380 [ FB54EF3AA613D2832FD3812E7CB2FC75 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
18:54:07.0172 5380 VMnetBridge - ok
18:54:07.0172 5380 VMnetDHCP - ok
18:54:07.0188 5380 [ 56D547BFC3F1619FA82EC9EF5D24E802 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
18:54:07.0235 5380 VMnetuserif - ok
18:54:07.0282 5380 [ 415B167695C4B5960A13098622EF3D80 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
18:54:07.0297 5380 vmusb - ok
18:54:07.0328 5380 [ 19368F7C4DC6EF444B826249FC8A0E30 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
18:54:07.0360 5380 VMUSBArbService - ok
18:54:07.0360 5380 VMware NAT Service - ok
18:54:07.0406 5380 [ 62CD5A87FDE14701506D4E0DD8F13D2E ] vmx86 C:\Windows\system32\drivers\vmx86.sys
18:54:07.0422 5380 vmx86 - ok
18:54:07.0438 5380 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:54:07.0484 5380 volmgr - ok
18:54:07.0516 5380 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:54:07.0531 5380 volmgrx - ok
18:54:07.0547 5380 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:54:07.0594 5380 volsnap - ok
18:54:07.0640 5380 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:54:07.0672 5380 vsmraid - ok
18:54:07.0718 5380 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:54:07.0796 5380 VSS - ok
18:54:07.0812 5380 [ E61C910E2DDF4797C1B1F9239636E894 ] vstor2-ws60 C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
18:54:07.0843 5380 vstor2-ws60 - ok
18:54:07.0859 5380 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:54:07.0890 5380 vwifibus - ok
18:54:07.0937 5380 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:54:07.0968 5380 vwififlt - ok
18:54:08.0015 5380 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:54:08.0046 5380 vwifimp - ok
18:54:08.0124 5380 [ 1C9D80CC3849B3788048078C26486E1A ] w32time C:\Windows\system32\w32time.dll
18:54:08.0171 5380 w32time - ok
18:54:08.0202 5380 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:54:08.0218 5380 WacomPen - ok
18:54:08.0264 5380 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:54:08.0342 5380 WANARP - ok
18:54:08.0358 5380 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:54:08.0389 5380 Wanarpv6 - ok
18:54:08.0452 5380 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:54:08.0498 5380 WatAdminSvc - ok
18:54:08.0545 5380 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:54:08.0608 5380 wbengine - ok
18:54:08.0654 5380 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:54:08.0670 5380 WbioSrvc - ok
18:54:08.0779 5380 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
18:54:08.0795 5380 WcesComm - ok
18:54:08.0826 5380 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:54:08.0857 5380 wcncsvc - ok
18:54:08.0888 5380 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:54:08.0920 5380 WcsPlugInService - ok
18:54:08.0951 5380 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:54:08.0966 5380 Wd - ok
18:54:08.0998 5380 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:54:09.0029 5380 Wdf01000 - ok
18:54:09.0044 5380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:54:09.0107 5380 WdiServiceHost - ok
18:54:09.0122 5380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:54:09.0138 5380 WdiSystemHost - ok
18:54:09.0169 5380 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:54:09.0216 5380 WebClient - ok
18:54:09.0232 5380 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:54:09.0294 5380 Wecsvc - ok
18:54:09.0310 5380 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:54:09.0372 5380 wercplsupport - ok
18:54:09.0403 5380 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:54:09.0450 5380 WerSvc - ok
18:54:09.0466 5380 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:54:09.0528 5380 WfpLwf - ok
18:54:09.0544 5380 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:54:09.0575 5380 WIMMount - ok
18:54:09.0590 5380 WinDefend - ok
18:54:09.0606 5380 WinHttpAutoProxySvc - ok
18:54:09.0668 5380 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:54:09.0700 5380 Winmgmt - ok
18:54:09.0762 5380 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:54:09.0840 5380 WinRM - ok
18:54:09.0887 5380 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
18:54:09.0934 5380 WinUsb - ok
18:54:09.0965 5380 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:54:10.0012 5380 Wlansvc - ok
18:54:10.0152 5380 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:54:10.0199 5380 wlidsvc - ok
18:54:10.0230 5380 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:54:10.0277 5380 WmiAcpi - ok
18:54:10.0308 5380 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:54:10.0339 5380 wmiApSrv - ok
18:54:10.0386 5380 WMPNetworkSvc - ok
18:54:10.0433 5380 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:54:10.0464 5380 WPCSvc - ok
18:54:10.0480 5380 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:54:10.0511 5380 WPDBusEnum - ok
18:54:10.0526 5380 WPRO_41_2001 - ok
18:54:10.0558 5380 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:54:10.0604 5380 ws2ifsl - ok
18:54:10.0636 5380 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
18:54:10.0667 5380 wscsvc - ok
18:54:10.0682 5380 WSearch - ok
18:54:10.0745 5380 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
18:54:10.0823 5380 wuauserv - ok
18:54:10.0870 5380 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:54:10.0948 5380 WudfPf - ok
18:54:10.0963 5380 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:54:11.0026 5380 WUDFRd - ok
18:54:11.0057 5380 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:54:11.0088 5380 wudfsvc - ok
18:54:11.0119 5380 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:54:11.0150 5380 WwanSvc - ok
18:54:11.0306 5380 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:54:11.0322 5380 YahooAUService - ok
18:54:11.0400 5380 ================ Scan global ===============================
18:54:11.0416 5380 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:54:11.0447 5380 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:54:11.0447 5380 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:54:11.0478 5380 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:54:11.0509 5380 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:54:11.0509 5380 [Global] - ok
18:54:11.0509 5380 ================ Scan MBR ==================================
18:54:11.0525 5380 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:54:11.0712 5380 \Device\Harddisk0\DR0 - ok
18:54:11.0712 5380 ================ Scan VBR ==================================
18:54:11.0712 5380 [ FA5A7D812E6ACB16A866475CB3795ED5 ] \Device\Harddisk0\DR0\Partition1
18:54:11.0728 5380 \Device\Harddisk0\DR0\Partition1 - ok
18:54:11.0743 5380 [ 82A84B6E12FC11EDD88D9C1F2E539A28 ] \Device\Harddisk0\DR0\Partition2
18:54:11.0743 5380 \Device\Harddisk0\DR0\Partition2 - ok
18:54:11.0774 5380 [ F6544220F8866414F7BB1B446F51B9D1 ] \Device\Harddisk0\DR0\Partition3
18:54:11.0774 5380 \Device\Harddisk0\DR0\Partition3 - ok
18:54:11.0790 5380 [ 68DF4901DD6989396D6E852F48525934 ] \Device\Harddisk0\DR0\Partition4
18:54:11.0790 5380 \Device\Harddisk0\DR0\Partition4 - ok
18:54:11.0790 5380 ============================================================
18:54:11.0790 5380 Scan finished
18:54:11.0790 5380 ============================================================
18:54:11.0806 3756 Detected object count: 2
18:54:11.0806 3756 Actual detected object count: 2
18:54:30.0416 3756 CronService ( UnsignedFile.Multi.Generic ) - skipped by user
18:54:30.0416 3756 CronService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:54:30.0416 3756 Firefox Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:54:30.0416 3756 Firefox Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:54:33.0708 0956 Deinitialize success



Malwarebytes



Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.01.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ARBAELO :: ARBAELO [administrator]

Protection: Enabled

1-2-2013 18:55:34
mbam-log-2013-02-01 (18-55-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 292585
Time elapsed: 4 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\ARBAELO\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\ARBAELO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Quarantined and deleted successfully.

(end)


AdwCleaner


# AdwCleaner v2.109 - Logfile created 02/01/2013 at 19:04:54
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : ARBAELO - ARBAELO
# Boot Mode : Normal
# Running from : C:\Users\ARBAELO\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\FreeRIP
Folder Deleted : C:\ProgramData\Ticno
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\ARBAELO\AppData\Local\Conduit
Folder Deleted : C:\Users\ARBAELO\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\ARBAELO\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A89A7E3-6ADD-4EF9-8EE7-A3C3B7D83BB0}
Key Deleted : HKCU\Software\Ticno Multibar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Ticno Multibar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{3C490BF5-4244-4310-B4A7-3361F288DAC5}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Users\ARBAELO\AppData\Roaming\Mozilla\Firefox\Profiles\3ky7rhv1.default\prefs.js

Deleted : user_pref("extensions.funmoods.aflt", "tube");
Deleted : user_pref("extensions.funmoods.autoRvrt", false);
Deleted : user_pref("extensions.funmoods.dfltLng", "");
Deleted : user_pref("extensions.funmoods.dfltSrch", false);
Deleted : user_pref("extensions.funmoods.dnsErr", true);
Deleted : user_pref("extensions.funmoods.envrmnt", "production");
Deleted : user_pref("extensions.funmoods.excTlbr", false);
Deleted : user_pref("extensions.funmoods.hmpg", false);
Deleted : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=tube&chnl=tube&cd=2XzuyEt[...]
Deleted : user_pref("extensions.funmoods.id", "00225FDCD8722AD2");
Deleted : user_pref("extensions.funmoods.instlDay", "15580");
Deleted : user_pref("extensions.funmoods.instlRef", "tube");
Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true);
Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=tube&chnl=tube&cd=2Xzuy[...]
Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=tube&chnl=tube&cd=2Xz[...]
Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Deleted : user_pref("extensions.funmoods_i.newTab", false);
Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2218:10:35");
Deleted : user_pref("extensions.ntk.recentClosedPers", "hxxp://update.downloadhelper.net/index493.html::Update[...]

-\\ Google Chrome v5.0.375.99

File : C:\Users\ARBAELO\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [Unable to get version]

File : C:\Users\ARBAELO\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5608 octets] - [01/02/2013 19:04:40]
AdwCleaner[S1].txt - [5525 octets] - [01/02/2013 19:04:54]

########## EOF - C:\AdwCleaner[S1].txt - [5585 octets] ##########


RogueKiller


RogueKiller V8.4.4 [Feb 1 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : ARBAELO [Admin rights]
Mode : Remove -- Date : 02/01/2013 19:13:26
| ARK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp://172.26.20.1:8080) -> NOT REMOVED, USE PROXYFIX
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 SATA Disk Device +++++
--- User ---
[MBR] e2e448c93696b2006793fdd323d22609
[BSP] fad4089b904debd06574fb6de84c7040 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 187018 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 383219712 | Size: 177317 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 746364928 | Size: 112501 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_02012013_02d1913.txt >>
RKreport[1]_S_02012013_02d1912.txt ; RKreport[2]_D_02012013_02d1913.txt

Edited by testto, 01 February 2013 - 01:32 PM.


#4 testto

testto
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 February 2013 - 07:05 PM

i think my isp just disconnected me from the internet.
the strange thing is only my pc and all other devices that are wired connected to the modem don't have a internet connection, all my other devices like my laptops and mobile phones have no problem at all to connect with the internet. so what's wrong here do they really disconnected me or are they working on something and there are some maintenance on there side.

i also have run the scanners on my pc that is connected on the internet i will post the logs with the post.
I hope this thing all gets cleared out im having a headache since yesterday.


here are the logs of my Pc that is connected wired with the modem.



TDSSKiller


00:35:16.0413 2252 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
00:35:18.0417 2252 ============================================================
00:35:18.0417 2252 Current date / time: 2013/02/02 00:35:18.0417
00:35:18.0417 2252 SystemInfo:
00:35:18.0418 2252
00:35:18.0418 2252 OS Version: 6.1.7601 ServicePack: 1.0
00:35:18.0418 2252 Product type: Workstation
00:35:18.0418 2252 ComputerName: SIEMENS
00:35:18.0418 2252 UserName: siemens
00:35:18.0418 2252 Windows directory: C:\Windows
00:35:18.0418 2252 System windows directory: C:\Windows
00:35:18.0418 2252 Processor architecture: Intel x86
00:35:18.0418 2252 Number of processors: 2
00:35:18.0418 2252 Page size: 0x1000
00:35:18.0418 2252 Boot type: Normal boot
00:35:18.0418 2252 ============================================================
00:35:20.0959 2252 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x23DC4, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
00:35:20.0999 2252 ============================================================
00:35:20.0999 2252 \Device\Harddisk0\DR0:
00:35:20.0999 2252 MBR partitions:
00:35:20.0999 2252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:35:20.0999 2252 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1522B000
00:35:20.0999 2252 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1525E000, BlocksNum 0x101CF800
00:35:20.0999 2252 ============================================================
00:35:21.0029 2252 C: <-> \Device\Harddisk0\DR0\Partition2
00:35:21.0101 2252 M: <-> \Device\Harddisk0\DR0\Partition3
00:35:21.0101 2252 ============================================================
00:35:21.0101 2252 Initialize success
00:35:21.0101 2252 ============================================================
00:35:26.0880 2372 ============================================================
00:35:26.0880 2372 Scan started
00:35:26.0880 2372 Mode: Manual; SigCheck; TDLFS;
00:35:26.0880 2372 ============================================================
00:35:29.0999 2372 ================ Scan system memory ========================
00:35:29.0999 2372 System memory - ok
00:35:29.0999 2372 ================ Scan services =============================
00:35:30.0139 2372 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:35:30.0294 2372 1394ohci - ok
00:35:30.0393 2372 [ A15069EEC83EBC54150564B2585CFDBA ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
00:35:30.0433 2372 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
00:35:30.0453 2372 A0380VID - ok
00:35:30.0503 2372 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:35:30.0533 2372 ACPI - ok
00:35:30.0583 2372 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:35:30.0643 2372 AcpiPmi - ok
00:35:30.0743 2372 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:35:30.0783 2372 AdobeARMservice - ok
00:35:30.0883 2372 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:35:30.0923 2372 AdobeFlashPlayerUpdateSvc - ok
00:35:31.0035 2372 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:35:31.0075 2372 adp94xx - ok
00:35:31.0135 2372 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:35:31.0175 2372 adpahci - ok
00:35:31.0245 2372 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:35:31.0285 2372 adpu320 - ok
00:35:31.0345 2372 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:35:31.0435 2372 AeLookupSvc - ok
00:35:31.0545 2372 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
00:35:31.0715 2372 AFD - ok
00:35:31.0755 2372 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
00:35:31.0785 2372 agp440 - ok
00:35:31.0897 2372 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
00:35:31.0967 2372 aic78xx - ok
00:35:32.0167 2372 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
00:35:32.0417 2372 ALG - ok
00:35:32.0587 2372 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
00:35:32.0627 2372 aliide - ok
00:35:32.0687 2372 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
00:35:32.0757 2372 amdagp - ok
00:35:32.0777 2372 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
00:35:32.0817 2372 amdide - ok
00:35:32.0937 2372 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:35:33.0087 2372 AmdK8 - ok
00:35:33.0237 2372 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:35:33.0367 2372 AmdPPM - ok
00:35:33.0467 2372 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:35:33.0557 2372 amdsata - ok
00:35:33.0707 2372 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:35:33.0757 2372 amdsbs - ok
00:35:33.0807 2372 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:35:33.0827 2372 amdxata - ok
00:35:33.0907 2372 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
00:35:34.0833 2372 AppID - ok
00:35:34.0884 2372 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:35:35.0041 2372 AppIDSvc - ok
00:35:35.0088 2372 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
00:35:35.0193 2372 Appinfo - ok
00:35:35.0475 2372 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:35:35.0525 2372 Apple Mobile Device - ok
00:35:35.0685 2372 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
00:35:35.0785 2372 AppMgmt - ok
00:35:35.0835 2372 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:35:35.0885 2372 arc - ok
00:35:35.0895 2372 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:35:35.0915 2372 arcsas - ok
00:35:35.0955 2372 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:35:36.0065 2372 AsyncMac - ok
00:35:36.0105 2372 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
00:35:36.0125 2372 atapi - ok
00:35:36.0175 2372 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:35:36.0245 2372 AudioEndpointBuilder - ok
00:35:36.0285 2372 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:35:36.0325 2372 Audiosrv - ok
00:35:36.0375 2372 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:35:36.0445 2372 AxInstSV - ok
00:35:36.0505 2372 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
00:35:36.0555 2372 b06bdrv - ok
00:35:36.0595 2372 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
00:35:36.0635 2372 b57nd60x - ok
00:35:36.0685 2372 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
00:35:36.0735 2372 BDESVC - ok
00:35:36.0755 2372 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
00:35:36.0815 2372 Beep - ok
00:35:36.0865 2372 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
00:35:36.0925 2372 BFE - ok
00:35:36.0995 2372 BIOSCHK - ok
00:35:37.0075 2372 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
00:35:37.0145 2372 BITS - ok
00:35:37.0175 2372 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:35:37.0205 2372 blbdrive - ok
00:35:37.0285 2372 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:35:37.0325 2372 Bonjour Service - ok
00:35:37.0375 2372 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:35:37.0415 2372 bowser - ok
00:35:37.0435 2372 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:35:37.0485 2372 BrFiltLo - ok
00:35:37.0505 2372 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:35:37.0535 2372 BrFiltUp - ok
00:35:37.0595 2372 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
00:35:37.0645 2372 BridgeMP - ok
00:35:37.0685 2372 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
00:35:37.0755 2372 Browser - ok
00:35:37.0775 2372 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:35:37.0825 2372 Brserid - ok
00:35:37.0835 2372 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:35:37.0875 2372 BrSerWdm - ok
00:35:37.0885 2372 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:35:37.0925 2372 BrUsbMdm - ok
00:35:37.0935 2372 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:35:37.0975 2372 BrUsbSer - ok
00:35:37.0995 2372 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:35:38.0035 2372 BTHMODEM - ok
00:35:38.0085 2372 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
00:35:38.0155 2372 bthserv - ok
00:35:38.0235 2372 [ 0F5CA31BB3FDB5C1E63C170CFBECC93B ] CamDrL C:\Windows\system32\DRIVERS\Camdrl.sys
00:35:38.0305 2372 CamDrL - ok
00:35:38.0335 2372 catchme - ok
00:35:38.0365 2372 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:35:38.0415 2372 cdfs - ok
00:35:38.0475 2372 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:35:38.0525 2372 cdrom - ok
00:35:38.0575 2372 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
00:35:38.0635 2372 CertPropSvc - ok
00:35:38.0675 2372 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:35:38.0705 2372 circlass - ok
00:35:38.0755 2372 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
00:35:38.0775 2372 CLFS - ok
00:35:38.0845 2372 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:35:38.0885 2372 clr_optimization_v2.0.50727_32 - ok
00:35:38.0966 2372 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:35:39.0006 2372 clr_optimization_v4.0.30319_32 - ok
00:35:39.0046 2372 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:35:39.0076 2372 CmBatt - ok
00:35:39.0096 2372 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:35:39.0116 2372 cmdide - ok
00:35:39.0146 2372 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
00:35:39.0186 2372 CNG - ok
00:35:39.0206 2372 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:35:39.0236 2372 Compbatt - ok
00:35:39.0296 2372 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:35:39.0326 2372 CompositeBus - ok
00:35:39.0346 2372 COMSysApp - ok
00:35:39.0386 2372 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:35:39.0406 2372 crcdisk - ok
00:35:39.0446 2372 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:35:39.0506 2372 CryptSvc - ok
00:35:39.0546 2372 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
00:35:39.0596 2372 CSC - ok
00:35:39.0616 2372 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
00:35:39.0666 2372 CscService - ok
00:35:39.0726 2372 [ B6672F62F75FB952D7AE7CB4E80011A9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
00:35:39.0756 2372 dc3d - ok
00:35:39.0806 2372 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
00:35:39.0856 2372 DcomLaunch - ok
00:35:39.0916 2372 [ 5A6333DB6ED92F7A33CEDBA3C8E555D5 ] DeepFrz C:\Windows\system32\drivers\DeepFrz.sys
00:35:39.0946 2372 DeepFrz - ok
00:35:39.0966 2372 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
00:35:40.0057 2372 defragsvc - ok
00:35:40.0108 2372 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:35:40.0178 2372 DfsC - ok
00:35:40.0370 2372 [ 9BF3E49D2E3F3243565DFE897EDF5C47 ] DFServ C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
00:35:40.0410 2372 DFServ ( UnsignedFile.Multi.Generic ) - warning
00:35:40.0410 2372 DFServ - detected UnsignedFile.Multi.Generic (1)
00:35:40.0470 2372 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:35:40.0510 2372 Dhcp - ok
00:35:40.0530 2372 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
00:35:40.0580 2372 discache - ok
00:35:40.0620 2372 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:35:40.0640 2372 Disk - ok
00:35:40.0670 2372 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:35:40.0720 2372 Dnscache - ok
00:35:40.0750 2372 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
00:35:40.0810 2372 dot3svc - ok
00:35:40.0840 2372 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
00:35:40.0910 2372 DPS - ok
00:35:40.0970 2372 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:35:41.0000 2372 drmkaud - ok
00:35:41.0040 2372 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:35:41.0090 2372 DXGKrnl - ok
00:35:41.0160 2372 [ 393621E16927D21FFCB5BB2453BAF133 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
00:35:41.0180 2372 eamonm - ok
00:35:41.0240 2372 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
00:35:41.0290 2372 EapHost - ok
00:35:41.0450 2372 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
00:35:41.0590 2372 ebdrv - ok
00:35:41.0630 2372 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
00:35:41.0660 2372 EFS - ok
00:35:41.0750 2372 [ 366369746D1818FDD8589D1F2C8A6D03 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
00:35:41.0770 2372 ehdrv - ok
00:35:41.0810 2372 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:35:41.0870 2372 ehRecvr - ok
00:35:41.0900 2372 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
00:35:42.0020 2372 ehSched - ok
00:35:42.0400 2372 [ 501C1787CA4FAC7F6E9F585E96EB2FAC ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
00:35:42.0440 2372 ekrn - ok
00:35:42.0550 2372 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:35:42.0610 2372 elxstor - ok
00:35:42.0710 2372 [ 5F08103444A1B5B2A38EAB729DE0A1A3 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
00:35:42.0750 2372 epfw - ok
00:35:42.0860 2372 [ CCA5BF8C921CDCAE262924F406A1D93C ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
00:35:42.0900 2372 EpfwLWF - ok
00:35:42.0990 2372 [ D6A2896DDC5E526E10D3E8001D05B97D ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
00:35:43.0010 2372 epfwwfp - ok
00:35:43.0030 2372 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:35:43.0080 2372 ErrDev - ok
00:35:43.0160 2372 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
00:35:43.0230 2372 EventSystem - ok
00:35:43.0300 2372 EverestDriver - ok
00:35:43.0340 2372 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
00:35:43.0380 2372 exfat - ok
00:35:43.0420 2372 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:35:43.0480 2372 fastfat - ok
00:35:43.0580 2372 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
00:35:43.0670 2372 Fax - ok
00:35:43.0700 2372 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:35:43.0740 2372 fdc - ok
00:35:43.0760 2372 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
00:35:43.0820 2372 fdPHost - ok
00:35:43.0840 2372 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
00:35:43.0880 2372 FDResPub - ok
00:35:43.0900 2372 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:35:43.0920 2372 FileInfo - ok
00:35:43.0950 2372 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:35:43.0990 2372 Filetrace - ok
00:35:44.0010 2372 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:35:44.0050 2372 flpydisk - ok
00:35:44.0100 2372 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:35:44.0120 2372 FltMgr - ok
00:35:44.0170 2372 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
00:35:44.0240 2372 FontCache - ok
00:35:44.0300 2372 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:35:44.0340 2372 FontCache3.0.0.0 - ok
00:35:44.0370 2372 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:35:44.0390 2372 FsDepends - ok
00:35:44.0410 2372 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:35:44.0440 2372 Fs_Rec - ok
00:35:44.0480 2372 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:35:44.0510 2372 fvevol - ok
00:35:44.0560 2372 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:35:44.0580 2372 gagp30kx - ok
00:35:44.0630 2372 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:35:44.0640 2372 GEARAspiWDM - ok
00:35:44.0670 2372 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
00:35:44.0740 2372 gpsvc - ok
00:35:44.0830 2372 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:35:44.0860 2372 gupdate - ok
00:35:44.0860 2372 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:35:44.0880 2372 gupdatem - ok
00:35:44.0920 2372 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:35:44.0970 2372 hcw85cir - ok
00:35:45.0030 2372 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:35:45.0070 2372 HdAudAddService - ok
00:35:45.0100 2372 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:35:45.0150 2372 HDAudBus - ok
00:35:45.0180 2372 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:35:45.0220 2372 HidBatt - ok
00:35:45.0240 2372 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:35:45.0280 2372 HidBth - ok
00:35:45.0320 2372 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:35:45.0350 2372 HidIr - ok
00:35:45.0370 2372 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
00:35:45.0410 2372 hidserv - ok
00:35:45.0490 2372 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:35:45.0530 2372 HidUsb - ok
00:35:45.0550 2372 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:35:45.0590 2372 hkmsvc - ok
00:35:45.0620 2372 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:35:45.0680 2372 HomeGroupListener - ok
00:35:45.0690 2372 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:35:45.0750 2372 HomeGroupProvider - ok
00:35:45.0800 2372 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:35:45.0820 2372 HpSAMD - ok
00:35:45.0870 2372 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:35:45.0920 2372 HTTP - ok
00:35:45.0950 2372 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:35:45.0970 2372 hwpolicy - ok
00:35:46.0010 2372 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:35:46.0050 2372 i8042prt - ok
00:35:46.0110 2372 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:35:46.0140 2372 iaStorV - ok
00:35:46.0190 2372 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:35:46.0250 2372 idsvc - ok
00:35:46.0300 2372 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:35:46.0340 2372 iirsp - ok
00:35:46.0390 2372 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
00:35:46.0450 2372 IKEEXT - ok
00:35:46.0540 2372 [ 8B27C21412AE4404EB0ACFE1D98579EC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
00:35:46.0610 2372 IntcAzAudAddService - ok
00:35:46.0640 2372 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
00:35:46.0660 2372 intelide - ok
00:35:46.0700 2372 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:35:46.0730 2372 intelppm - ok
00:35:46.0750 2372 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:35:46.0800 2372 IPBusEnum - ok
00:35:46.0820 2372 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:35:46.0860 2372 IpFilterDriver - ok
00:35:46.0910 2372 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:35:46.0960 2372 iphlpsvc - ok
00:35:47.0000 2372 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:35:47.0040 2372 IPMIDRV - ok
00:35:47.0080 2372 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:35:47.0140 2372 IPNAT - ok
00:35:47.0200 2372 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:35:47.0260 2372 iPod Service - ok
00:35:47.0300 2372 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:35:47.0330 2372 IRENUM - ok
00:35:47.0370 2372 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:35:47.0390 2372 isapnp - ok
00:35:47.0440 2372 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:35:47.0480 2372 iScsiPrt - ok
00:35:47.0520 2372 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:35:47.0540 2372 kbdclass - ok
00:35:47.0580 2372 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:35:47.0620 2372 kbdhid - ok
00:35:47.0630 2372 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
00:35:47.0650 2372 KeyIso - ok
00:35:47.0680 2372 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:35:47.0700 2372 KSecDD - ok
00:35:47.0720 2372 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:35:47.0740 2372 KSecPkg - ok
00:35:47.0770 2372 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
00:35:47.0840 2372 KtmRm - ok
00:35:47.0880 2372 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
00:35:47.0930 2372 LanmanServer - ok
00:35:47.0950 2372 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:35:48.0001 2372 LanmanWorkstation - ok
00:35:48.0081 2372 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:35:48.0131 2372 lltdio - ok
00:35:48.0171 2372 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:35:48.0241 2372 lltdsvc - ok
00:35:48.0251 2372 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
00:35:48.0291 2372 lmhosts - ok
00:35:48.0381 2372 [ C6A4FA0BEED6E4198DDD8B8EE136CF80 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
00:35:48.0401 2372 LMIGuardianSvc - ok
00:35:48.0431 2372 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
00:35:48.0471 2372 LMIInfo - ok
00:35:48.0531 2372 [ 6295A19E8A6486FF8A13A1B2F4E461E0 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
00:35:48.0541 2372 LMIMaint - ok
00:35:48.0591 2372 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
00:35:48.0621 2372 lmimirr - ok
00:35:48.0661 2372 LMIRfsClientNP - ok
00:35:48.0701 2372 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
00:35:48.0721 2372 LMIRfsDriver - ok
00:35:48.0771 2372 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
00:35:48.0791 2372 LogMeIn - ok
00:35:48.0841 2372 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:35:48.0861 2372 LSI_FC - ok
00:35:48.0891 2372 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:35:48.0911 2372 LSI_SAS - ok
00:35:48.0931 2372 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:35:48.0951 2372 LSI_SAS2 - ok
00:35:48.0971 2372 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:35:49.0001 2372 LSI_SCSI - ok
00:35:49.0021 2372 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
00:35:49.0071 2372 luafv - ok
00:35:49.0121 2372 [ 64BC29C3A0388BFC580BB8B1346F7659 ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys
00:35:49.0141 2372 LVUSBSta - ok
00:35:49.0171 2372 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:35:49.0191 2372 Mcx2Svc - ok
00:35:49.0231 2372 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
00:35:49.0271 2372 MDM - ok
00:35:49.0301 2372 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:35:49.0341 2372 megasas - ok
00:35:49.0381 2372 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:35:49.0401 2372 MegaSR - ok
00:35:49.0431 2372 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
00:35:49.0471 2372 MMCSS - ok
00:35:49.0491 2372 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
00:35:49.0531 2372 Modem - ok
00:35:49.0571 2372 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:35:49.0601 2372 monitor - ok
00:35:49.0641 2372 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:35:49.0661 2372 mouclass - ok
00:35:49.0731 2372 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:35:49.0761 2372 mouhid - ok
00:35:49.0791 2372 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:35:49.0811 2372 mountmgr - ok
00:35:49.0851 2372 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
00:35:49.0871 2372 mpio - ok
00:35:49.0911 2372 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:35:49.0961 2372 mpsdrv - ok
00:35:49.0991 2372 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:35:50.0041 2372 MpsSvc - ok
00:35:50.0081 2372 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:35:50.0131 2372 MRxDAV - ok
00:35:50.0171 2372 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:35:50.0221 2372 mrxsmb - ok
00:35:50.0251 2372 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:35:50.0281 2372 mrxsmb10 - ok
00:35:50.0311 2372 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:35:50.0361 2372 mrxsmb20 - ok
00:35:50.0371 2372 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
00:35:50.0391 2372 msahci - ok
00:35:50.0411 2372 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:35:50.0431 2372 msdsm - ok
00:35:50.0441 2372 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
00:35:50.0491 2372 MSDTC - ok
00:35:50.0541 2372 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:35:50.0571 2372 Msfs - ok
00:35:50.0601 2372 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:35:50.0641 2372 mshidkmdf - ok
00:35:50.0671 2372 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:35:50.0691 2372 msisadrv - ok
00:35:50.0751 2372 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:35:50.0831 2372 MSiSCSI - ok
00:35:50.0841 2372 msiserver - ok
00:35:50.0881 2372 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:35:50.0931 2372 MSKSSRV - ok
00:35:50.0981 2372 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:35:51.0031 2372 MSPCLOCK - ok
00:35:51.0071 2372 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:35:51.0121 2372 MSPQM - ok
00:35:51.0141 2372 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:35:51.0161 2372 MsRPC - ok
00:35:51.0191 2372 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:35:51.0211 2372 mssmbios - ok
00:35:51.0251 2372 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:35:51.0291 2372 MSTEE - ok
00:35:51.0311 2372 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:35:51.0351 2372 MTConfig - ok
00:35:51.0401 2372 [ 0F24624106D8042E7F27882D9D6FF5C0 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
00:35:51.0441 2372 MTsensor - ok
00:35:51.0461 2372 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
00:35:51.0481 2372 Mup - ok
00:35:51.0511 2372 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
00:35:51.0571 2372 napagent - ok
00:35:51.0631 2372 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:35:51.0681 2372 NativeWifiP - ok
00:35:51.0711 2372 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:35:51.0751 2372 NDIS - ok
00:35:51.0791 2372 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:35:51.0831 2372 NdisCap - ok
00:35:51.0871 2372 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:35:51.0911 2372 NdisTapi - ok
00:35:51.0961 2372 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:35:52.0001 2372 Ndisuio - ok
00:35:52.0031 2372 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:35:52.0071 2372 NdisWan - ok
00:35:52.0101 2372 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:35:52.0141 2372 NDProxy - ok
00:35:52.0191 2372 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:35:52.0231 2372 NetBIOS - ok
00:35:52.0251 2372 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:35:52.0301 2372 NetBT - ok
00:35:52.0311 2372 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
00:35:52.0341 2372 Netlogon - ok
00:35:52.0381 2372 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
00:35:52.0431 2372 Netman - ok
00:35:52.0441 2372 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
00:35:52.0481 2372 netprofm - ok
00:35:52.0541 2372 [ 954E3565A7D6951AF3DA5B0F649E42FB ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
00:35:52.0621 2372 netr28u - ok
00:35:52.0651 2372 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:35:52.0691 2372 NetTcpPortSharing - ok
00:35:52.0741 2372 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:35:52.0761 2372 nfrd960 - ok
00:35:52.0781 2372 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
00:35:52.0811 2372 NlaSvc - ok
00:35:52.0831 2372 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:35:52.0871 2372 Npfs - ok
00:35:52.0911 2372 npggsvc - ok
00:35:52.0951 2372 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
00:35:53.0001 2372 nsi - ok
00:35:53.0031 2372 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:35:53.0071 2372 nsiproxy - ok
00:35:53.0131 2372 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:35:53.0181 2372 Ntfs - ok
00:35:53.0211 2372 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
00:35:53.0251 2372 Null - ok
00:35:53.0301 2372 [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
00:35:53.0321 2372 NVHDA - ok
00:35:53.0761 2372 [ C1E661888C719FC2E12C057F233FB238 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:35:53.0943 2372 nvlddmkm - ok
00:35:53.0999 2372 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:35:54.0025 2372 nvraid - ok
00:35:54.0065 2372 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:35:54.0085 2372 nvstor - ok
00:35:54.0145 2372 [ 31D7E63B62BC4680B5D1358F91DA104E ] NVSvc C:\Windows\system32\nvvsvc.exe
00:35:54.0175 2372 NVSvc - ok
00:35:54.0275 2372 [ 143B429F2D19A0F123ED8E4BCA8DB751 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:35:54.0345 2372 nvUpdatusService - ok
00:35:54.0385 2372 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:35:54.0415 2372 nv_agp - ok
00:35:54.0435 2372 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:35:54.0465 2372 ohci1394 - ok
00:35:54.0505 2372 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:35:54.0535 2372 ose - ok
00:35:54.0575 2372 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:35:54.0615 2372 p2pimsvc - ok
00:35:54.0645 2372 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
00:35:54.0685 2372 p2psvc - ok
00:35:54.0715 2372 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:35:54.0735 2372 Parport - ok
00:35:54.0775 2372 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:35:54.0795 2372 partmgr - ok
00:35:54.0815 2372 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
00:35:54.0855 2372 Parvdm - ok
00:35:54.0885 2372 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:35:54.0915 2372 PcaSvc - ok
00:35:54.0945 2372 pccsmcfd - ok
00:35:54.0985 2372 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
00:35:55.0015 2372 pci - ok
00:35:55.0035 2372 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
00:35:55.0055 2372 pciide - ok
00:35:55.0085 2372 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:35:55.0105 2372 pcmcia - ok
00:35:55.0125 2372 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
00:35:55.0145 2372 pcw - ok
00:35:55.0185 2372 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:35:55.0245 2372 PEAUTH - ok
00:35:55.0315 2372 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
00:35:55.0385 2372 PeerDistSvc - ok
00:35:55.0445 2372 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
00:35:55.0565 2372 pla - ok
00:35:55.0615 2372 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:35:55.0665 2372 PlugPlay - ok
00:35:55.0685 2372 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:35:55.0715 2372 PNRPAutoReg - ok
00:35:55.0725 2372 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:35:55.0755 2372 PNRPsvc - ok
00:35:55.0785 2372 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:35:55.0845 2372 PolicyAgent - ok
00:35:55.0875 2372 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
00:35:55.0915 2372 Power - ok
00:35:55.0965 2372 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:35:56.0015 2372 PptpMiniport - ok
00:35:56.0035 2372 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:35:56.0075 2372 Processor - ok
00:35:56.0115 2372 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
00:35:56.0175 2372 ProfSvc - ok
00:35:56.0185 2372 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:35:56.0215 2372 ProtectedStorage - ok
00:35:56.0245 2372 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:35:56.0285 2372 Psched - ok
00:35:56.0335 2372 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
00:35:56.0355 2372 PxHelp20 - ok
00:35:56.0415 2372 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:35:56.0495 2372 ql2300 - ok
00:35:56.0525 2372 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:35:56.0545 2372 ql40xx - ok
00:35:56.0605 2372 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
00:35:56.0665 2372 QWAVE - ok
00:35:56.0675 2372 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:35:56.0705 2372 QWAVEdrv - ok
00:35:56.0795 2372 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
00:35:56.0815 2372 RapiMgr - ok
00:35:56.0825 2372 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:35:56.0865 2372 RasAcd - ok
00:35:56.0905 2372 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:35:56.0945 2372 RasAgileVpn - ok
00:35:56.0975 2372 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
00:35:57.0036 2372 RasAuto - ok
00:35:57.0078 2372 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:35:57.0148 2372 Rasl2tp - ok
00:35:57.0198 2372 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
00:35:57.0238 2372 RasMan - ok
00:35:57.0288 2372 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:35:57.0318 2372 RasPppoe - ok
00:35:57.0348 2372 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:35:57.0398 2372 RasSstp - ok
00:35:57.0418 2372 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:35:57.0468 2372 rdbss - ok
00:35:57.0488 2372 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:35:57.0518 2372 rdpbus - ok
00:35:57.0548 2372 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:35:57.0588 2372 RDPCDD - ok
00:35:57.0618 2372 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:35:57.0658 2372 RDPDR - ok
00:35:57.0708 2372 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:35:57.0748 2372 RDPENCDD - ok
00:35:57.0758 2372 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:35:57.0808 2372 RDPREFMP - ok
00:35:57.0848 2372 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:35:57.0888 2372 RdpVideoMiniport - ok
00:35:57.0928 2372 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:35:57.0968 2372 RDPWD - ok
00:35:58.0018 2372 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:35:58.0038 2372 rdyboost - ok
00:35:58.0098 2372 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
00:35:58.0138 2372 RemoteAccess - ok
00:35:58.0178 2372 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:35:58.0248 2372 RemoteRegistry - ok
00:35:58.0378 2372 [ FF578453D3B3ADAAB22D7151D7F9E592 ] RoxMediaDB12 C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe
00:35:58.0448 2372 RoxMediaDB12 - ok
00:35:58.0488 2372 [ 71B38B8DF1A9B55FC0FB64958CC7B9DD ] RoxWatch12 C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe
00:35:58.0528 2372 RoxWatch12 - ok
00:35:58.0558 2372 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:35:58.0608 2372 RpcEptMapper - ok
00:35:58.0628 2372 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
00:35:58.0668 2372 RpcLocator - ok
00:35:58.0688 2372 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
00:35:58.0728 2372 RpcSs - ok
00:35:58.0768 2372 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:35:58.0828 2372 rspndr - ok
00:35:58.0878 2372 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
00:35:58.0908 2372 RTL8167 - ok
00:35:58.0988 2372 [ 811C4A6EA5C3B8C07352D4503409EF26 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
00:35:59.0008 2372 RTL8169 - ok
00:35:59.0048 2372 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
00:35:59.0098 2372 s3cap - ok
00:35:59.0148 2372 [ 0B2D5D2341437D7D7E1A6C7BBCE3786A ] SahdIa32 C:\Windows\system32\Drivers\SahdIa32.sys
00:35:59.0168 2372 SahdIa32 - ok
00:35:59.0168 2372 [ 7A5F65B16249AF2BC9D18D815F5D7172 ] SaibIa32 C:\Windows\system32\Drivers\SaibIa32.sys
00:35:59.0198 2372 SaibIa32 - ok
00:35:59.0218 2372 [ E333C9515822DE586A3FF759A0C9B7BF ] SaibVd32 C:\Windows\system32\Drivers\SaibVd32.sys
00:35:59.0238 2372 SaibVd32 - ok
00:35:59.0258 2372 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
00:35:59.0278 2372 SamSs - ok
00:35:59.0338 2372 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:35:59.0368 2372 sbp2port - ok
00:35:59.0398 2372 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:35:59.0448 2372 SCardSvr - ok
00:35:59.0468 2372 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:35:59.0518 2372 scfilter - ok
00:35:59.0558 2372 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
00:35:59.0628 2372 Schedule - ok
00:35:59.0658 2372 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:35:59.0688 2372 SCPolicySvc - ok
00:35:59.0708 2372 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:35:59.0768 2372 SDRSVC - ok
00:35:59.0808 2372 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:35:59.0848 2372 secdrv - ok
00:35:59.0888 2372 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
00:35:59.0938 2372 seclogon - ok
00:35:59.0988 2372 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
00:36:00.0038 2372 SENS - ok
00:36:00.0068 2372 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:36:00.0128 2372 SensrSvc - ok
00:36:00.0158 2372 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:36:00.0188 2372 Serenum - ok
00:36:00.0218 2372 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:36:00.0258 2372 Serial - ok
00:36:00.0288 2372 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:36:00.0328 2372 sermouse - ok
00:36:00.0358 2372 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
00:36:00.0408 2372 SessionEnv - ok
00:36:00.0438 2372 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:36:00.0498 2372 sffdisk - ok
00:36:00.0518 2372 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:36:00.0548 2372 sffp_mmc - ok
00:36:00.0558 2372 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:36:00.0598 2372 sffp_sd - ok
00:36:00.0618 2372 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:36:00.0638 2372 sfloppy - ok
00:36:00.0688 2372 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:36:00.0768 2372 SharedAccess - ok
00:36:00.0828 2372 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:36:00.0888 2372 ShellHWDetection - ok
00:36:00.0918 2372 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
00:36:00.0948 2372 sisagp - ok
00:36:01.0028 2372 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:36:01.0048 2372 SiSRaid2 - ok
00:36:01.0068 2372 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:36:01.0098 2372 SiSRaid4 - ok
00:36:01.0138 2372 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:36:01.0188 2372 Smb - ok
00:36:01.0528 2372 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:36:01.0568 2372 SNMPTRAP - ok
00:36:01.0598 2372 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
00:36:01.0618 2372 spldr - ok
00:36:01.0738 2372 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
00:36:01.0798 2372 Spooler - ok
00:36:02.0122 2372 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
00:36:02.0272 2372 sppsvc - ok
00:36:02.0302 2372 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:36:02.0342 2372 sppuinotify - ok
00:36:02.0375 2372 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:36:02.0414 2372 srv - ok
00:36:02.0454 2372 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:36:02.0494 2372 srv2 - ok
00:36:02.0504 2372 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:36:02.0544 2372 srvnet - ok
00:36:02.0588 2372 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:36:02.0636 2372 SSDPSRV - ok
00:36:02.0656 2372 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:36:02.0698 2372 SstpSvc - ok
00:36:02.0728 2372 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:36:02.0758 2372 stexstor - ok
00:36:02.0848 2372 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
00:36:02.0908 2372 StiSvc - ok
00:36:02.0938 2372 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
00:36:02.0968 2372 storflt - ok
00:36:03.0018 2372 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
00:36:03.0071 2372 storvsc - ok
00:36:03.0100 2372 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
00:36:03.0120 2372 swenum - ok
00:36:03.0212 2372 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
00:36:03.0304 2372 swprv - ok
00:36:03.0314 2372 Synth3dVsc - ok
00:36:03.0504 2372 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
00:36:03.0574 2372 SysMain - ok
00:36:03.0614 2372 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:36:03.0674 2372 TabletInputService - ok
00:36:03.0754 2372 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
00:36:03.0814 2372 TapiSrv - ok
00:36:03.0860 2372 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
00:36:03.0916 2372 TBS - ok
00:36:04.0136 2372 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:36:04.0196 2372 Tcpip - ok
00:36:04.0436 2372 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:36:04.0491 2372 TCPIP6 - ok
00:36:04.0608 2372 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:36:04.0658 2372 tcpipreg - ok
00:36:04.0688 2372 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:36:04.0748 2372 TDPIPE - ok
00:36:04.0768 2372 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:36:04.0798 2372 TDTCP - ok
00:36:04.0818 2372 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:36:04.0868 2372 tdx - ok
00:36:04.0888 2372 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:36:04.0908 2372 TermDD - ok
00:36:04.0948 2372 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
00:36:05.0018 2372 TermService - ok
00:36:05.0068 2372 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
00:36:05.0108 2372 Themes - ok
00:36:05.0138 2372 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
00:36:05.0178 2372 THREADORDER - ok
00:36:05.0208 2372 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
00:36:05.0298 2372 TrkWks - ok
00:36:05.0338 2372 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:36:05.0378 2372 TrustedInstaller - ok
00:36:05.0398 2372 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:36:05.0438 2372 tssecsrv - ok
00:36:05.0468 2372 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:36:05.0518 2372 TsUsbFlt - ok
00:36:05.0528 2372 tsusbhub - ok
00:36:05.0578 2372 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:36:05.0618 2372 tunnel - ok
00:36:05.0648 2372 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:36:05.0688 2372 uagp35 - ok
00:36:05.0708 2372 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:36:05.0768 2372 udfs - ok
00:36:05.0798 2372 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:36:05.0858 2372 UI0Detect - ok
00:36:05.0878 2372 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:36:05.0898 2372 uliagpkx - ok
00:36:05.0938 2372 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
00:36:05.0968 2372 umbus - ok
00:36:06.0018 2372 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:36:06.0058 2372 UmPass - ok
00:36:06.0088 2372 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
00:36:06.0128 2372 UmRdpService - ok
00:36:06.0158 2372 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
00:36:06.0208 2372 upnphost - ok
00:36:06.0268 2372 upperdev - ok
00:36:06.0308 2372 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
00:36:06.0378 2372 USBAAPL - ok
00:36:06.0428 2372 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:36:06.0458 2372 usbaudio - ok
00:36:06.0488 2372 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:36:06.0538 2372 usbccgp - ok
00:36:06.0598 2372 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:36:06.0618 2372 usbcir - ok
00:36:06.0658 2372 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:36:06.0698 2372 usbehci - ok
00:36:06.0748 2372 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:36:06.0788 2372 usbhub - ok
00:36:06.0818 2372 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:36:06.0848 2372 usbohci - ok
00:36:06.0898 2372 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:36:06.0928 2372 usbprint - ok
00:36:06.0958 2372 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:36:06.0978 2372 usbscan - ok
00:36:06.0998 2372 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:36:07.0068 2372 USBSTOR - ok
00:36:07.0099 2372 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
00:36:07.0119 2372 usbuhci - ok
00:36:07.0169 2372 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:36:07.0209 2372 usbvideo - ok
00:36:07.0249 2372 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
00:36:07.0279 2372 UxSms - ok
00:36:07.0319 2372 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
00:36:07.0339 2372 VaultSvc - ok
00:36:07.0359 2372 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:36:07.0389 2372 vdrvroot - ok
00:36:07.0419 2372 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
00:36:07.0479 2372 vds - ok
00:36:07.0529 2372 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:36:07.0569 2372 vga - ok
00:36:07.0609 2372 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:36:07.0649 2372 VgaSave - ok
00:36:07.0659 2372 VGPU - ok
00:36:07.0709 2372 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:36:07.0739 2372 vhdmp - ok
00:36:08.0101 2372 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
00:36:08.0131 2372 viaagp - ok
00:36:08.0291 2372 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
00:36:08.0571 2372 ViaC7 - ok
00:36:08.0606 2372 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
00:36:08.0623 2372 viaide - ok
00:36:08.0643 2372 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
00:36:08.0673 2372 vmbus - ok
00:36:08.0683 2372 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
00:36:08.0735 2372 VMBusHID - ok
00:36:08.0755 2372 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:36:08.0775 2372 volmgr - ok
00:36:08.0805 2372 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:36:08.0835 2372 volmgrx - ok
00:36:08.0845 2372 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:36:08.0870 2372 volsnap - ok
00:36:08.0937 2372 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:36:08.0957 2372 vsmraid - ok
00:36:09.0039 2372 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
00:36:09.0109 2372 VSS - ok
00:36:09.0147 2372 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:36:09.0181 2372 vwifibus - ok
00:36:09.0221 2372 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:36:09.0291 2372 vwififlt - ok
00:36:09.0351 2372 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
00:36:09.0431 2372 W32Time - ok
00:36:09.0461 2372 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:36:09.0491 2372 WacomPen - ok
00:36:09.0542 2372 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:36:09.0583 2372 WANARP - ok
00:36:09.0603 2372 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:36:09.0633 2372 Wanarpv6 - ok
00:36:09.0843 2372 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:36:09.0923 2372 WatAdminSvc - ok
00:36:09.0995 2372 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
00:36:10.0089 2372 wbengine - ok
00:36:10.0127 2372 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:36:10.0196 2372 WbioSrvc - ok
00:36:10.0282 2372 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
00:36:10.0342 2372 WcesComm - ok
00:36:10.0411 2372 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:36:10.0491 2372 wcncsvc - ok
00:36:10.0529 2372 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:36:10.0597 2372 WcsPlugInService - ok
00:36:10.0618 2372 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:36:10.0653 2372 Wd - ok
00:36:10.0788 2372 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:36:10.0850 2372 Wdf01000 - ok
00:36:10.0873 2372 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:36:11.0059 2372 WdiServiceHost - ok
00:36:11.0069 2372 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:36:11.0100 2372 WdiSystemHost - ok
00:36:11.0161 2372 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
00:36:11.0241 2372 WebClient - ok
00:36:11.0291 2372 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:36:11.0341 2372 Wecsvc - ok
00:36:11.0361 2372 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:36:11.0401 2372 wercplsupport - ok
00:36:11.0441 2372 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
00:36:11.0501 2372 WerSvc - ok
00:36:11.0541 2372 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:36:11.0581 2372 WfpLwf - ok
00:36:11.0591 2372 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:36:11.0621 2372 WIMMount - ok
00:36:11.0681 2372 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
00:36:11.0731 2372 WinDefend - ok
00:36:11.0741 2372 WinHttpAutoProxySvc - ok
00:36:11.0791 2372 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:36:11.0841 2372 Winmgmt - ok
00:36:11.0881 2372 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
00:36:11.0991 2372 WinRM - ok
00:36:12.0041 2372 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:36:12.0071 2372 WinUsb - ok
00:36:12.0181 2372 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:36:12.0241 2372 Wlansvc - ok
00:36:12.0441 2372 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:36:12.0481 2372 wlidsvc - ok
00:36:12.0526 2372 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:36:12.0583 2372 WmiAcpi - ok
00:36:12.0623 2372 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:36:12.0643 2372 wmiApSrv - ok
00:36:12.0753 2372 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
00:36:12.0793 2372 WMPNetworkSvc - ok
00:36:12.0813 2372 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:36:12.0863 2372 WPCSvc - ok
00:36:12.0883 2372 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:36:12.0923 2372 WPDBusEnum - ok
00:36:12.0933 2372 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:36:12.0973 2372 ws2ifsl - ok
00:36:13.0033 2372 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
00:36:13.0073 2372 wscsvc - ok
00:36:13.0073 2372 WSearch - ok
00:36:13.0293 2372 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
00:36:13.0393 2372 wuauserv - ok
00:36:13.0443 2372 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:36:13.0533 2372 WudfPf - ok
00:36:13.0583 2372 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:36:13.0623 2372 WUDFRd - ok
00:36:13.0653 2372 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:36:13.0683 2372 wudfsvc - ok
00:36:13.0713 2372 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
00:36:13.0743 2372 WwanSvc - ok
00:36:13.0773 2372 ================ Scan global ===============================
00:36:13.0803 2372 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
00:36:13.0843 2372 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
00:36:13.0873 2372 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
00:36:13.0893 2372 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
00:36:13.0933 2372 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
00:36:13.0943 2372 [Global] - ok
00:36:13.0953 2372 ================ Scan MBR ==================================
00:36:13.0963 2372 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:36:14.0297 2372 \Device\Harddisk0\DR0 - ok
00:36:14.0297 2372 ================ Scan VBR ==================================
00:36:14.0327 2372 [ DFB17A5E2AE9B7D6A96F77A7259CBE08 ] \Device\Harddisk0\DR0\Partition1
00:36:14.0337 2372 \Device\Harddisk0\DR0\Partition1 - ok
00:36:14.0357 2372 [ 8A09BB2B6467D120F07D2D337AF23CC9 ] \Device\Harddisk0\DR0\Partition2
00:36:14.0377 2372 \Device\Harddisk0\DR0\Partition2 - ok
00:36:14.0397 2372 [ D608CB33B0CE29AD877F1D874975281E ] \Device\Harddisk0\DR0\Partition3
00:36:14.0397 2372 \Device\Harddisk0\DR0\Partition3 - ok
00:36:14.0397 2372 ============================================================
00:36:14.0397 2372 Scan finished
00:36:14.0397 2372 ============================================================
00:36:14.0417 3096 Detected object count: 1
00:36:14.0417 3096 Actual detected object count: 1
00:36:21.0499 3096 DFServ ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:21.0499 3096 DFServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:24.0070 2264 Deinitialize success


AdwCleaner


# AdwCleaner v2.109 - Logfile created 02/02/2013 at 00:38:07
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : siemens - SIEMENS
# Boot Mode : Normal
# Running from : C:\Users\siemens\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2102399
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2117678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2720081
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\siemens\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2852 octets] - [02/02/2013 00:36:50]
AdwCleaner[S1].txt - [2841 octets] - [02/02/2013 00:38:07]

########## EOF - C:\AdwCleaner[S1].txt - [2901 octets] ##########


RogueKiller


RogueKiller V8.4.4 [Feb 1 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : siemens [Admin rights]
Mode : Scan -- Date : 02/02/2013 00:42:09
| ARK || MBR |

Bad processes : 0

Registry Entries : 4
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Particular Files / Folders:

Driver : [LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


MBR Check:

+++++ PhysicalDrive0: ST3320820AS ATA Device +++++
--- User ---
[MBR] be27e38860683c4737fca56e854f157e
[BSP] f392b95474279b71886ba0b8127063d5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 173142 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 354803712 | Size: 131999 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_02022013_02d0042.txt >>
RKreport[1]_S_02022013_02d0042.txt

#5 testto

testto
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 February 2013 - 07:58 PM

I hope its not to much to analyse all the logs but i also scanned my other laptop which i think is clean but i might be wrong so i will the logs of that laptop with this post.

here are the logs of my last laptop.


TDSSKiller


01:44:42.0430 2728 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
01:44:44.0443 2728 ============================================================
01:44:44.0443 2728 Current date / time: 2013/02/02 01:44:44.0443
01:44:44.0443 2728 SystemInfo:
01:44:44.0443 2728
01:44:44.0443 2728 OS Version: 6.1.7601 ServicePack: 1.0
01:44:44.0443 2728 Product type: Workstation
01:44:44.0443 2728 ComputerName: ASUS-PC
01:44:44.0443 2728 UserName: ASUS
01:44:44.0443 2728 Windows directory: C:\Windows
01:44:44.0443 2728 System windows directory: C:\Windows
01:44:44.0443 2728 Running under WOW64
01:44:44.0443 2728 Processor architecture: Intel x64
01:44:44.0443 2728 Number of processors: 4
01:44:44.0443 2728 Page size: 0x1000
01:44:44.0443 2728 Boot type: Normal boot
01:44:44.0443 2728 ============================================================
01:44:45.0816 2728 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:44:45.0831 2728 Drive \Device\Harddisk1\DR1 - Size: 0x3C91FFE00 (15.14 Gb), SectorSize: 0x200, Cylinders: 0x7B8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:44:45.0831 2728 ============================================================
01:44:45.0831 2728 \Device\Harddisk0\DR0:
01:44:45.0831 2728 MBR partitions:
01:44:45.0831 2728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:44:45.0831 2728 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x109E0800
01:44:45.0847 2728 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10A13756, BlocksNum 0x299714EB
01:44:45.0847 2728 \Device\Harddisk1\DR1:
01:44:45.0847 2728 MBR partitions:
01:44:45.0847 2728 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0x1E48FDF
01:44:45.0847 2728 ============================================================
01:44:45.0878 2728 C: <-> \Device\Harddisk0\DR0\Partition2
01:44:45.0909 2728 D: <-> \Device\Harddisk0\DR0\Partition3
01:44:45.0909 2728 ============================================================
01:44:45.0909 2728 Initialize success
01:44:45.0909 2728 ============================================================
01:45:01.0352 4844 ============================================================
01:45:01.0352 4844 Scan started
01:45:01.0352 4844 Mode: Manual; SigCheck; TDLFS;
01:45:01.0352 4844 ============================================================
01:45:02.0241 4844 ================ Scan system memory ========================
01:45:02.0241 4844 System memory - ok
01:45:02.0241 4844 ================ Scan services =============================
01:45:02.0366 4844 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:45:02.0444 4844 1394ohci - ok
01:45:02.0459 4844 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:45:02.0490 4844 ACPI - ok
01:45:02.0506 4844 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:45:02.0584 4844 AcpiPmi - ok
01:45:02.0678 4844 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:45:02.0678 4844 AdobeARMservice - ok
01:45:02.0771 4844 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:45:02.0787 4844 AdobeFlashPlayerUpdateSvc - ok
01:45:02.0834 4844 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:45:02.0865 4844 adp94xx - ok
01:45:02.0912 4844 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:45:02.0927 4844 adpahci - ok
01:45:02.0943 4844 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:45:02.0974 4844 adpu320 - ok
01:45:02.0990 4844 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:45:03.0068 4844 AeLookupSvc - ok
01:45:03.0130 4844 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:45:03.0192 4844 AFD - ok
01:45:03.0239 4844 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:45:03.0255 4844 agp440 - ok
01:45:03.0286 4844 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:45:03.0317 4844 ALG - ok
01:45:03.0348 4844 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:45:03.0364 4844 aliide - ok
01:45:03.0395 4844 [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
01:45:03.0442 4844 AMD External Events Utility - ok
01:45:03.0458 4844 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:45:03.0473 4844 amdide - ok
01:45:03.0504 4844 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
01:45:03.0551 4844 AmdK8 - ok
01:45:03.0801 4844 [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
01:45:04.0144 4844 amdkmdag - ok
01:45:04.0175 4844 [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
01:45:04.0222 4844 amdkmdap - ok
01:45:04.0222 4844 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
01:45:04.0253 4844 AmdPPM - ok
01:45:04.0300 4844 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:45:04.0316 4844 amdsata - ok
01:45:04.0347 4844 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
01:45:04.0362 4844 amdsbs - ok
01:45:04.0378 4844 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:45:04.0394 4844 amdxata - ok
01:45:04.0409 4844 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:45:04.0487 4844 AppID - ok
01:45:04.0518 4844 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:45:04.0581 4844 AppIDSvc - ok
01:45:04.0596 4844 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
01:45:04.0659 4844 Appinfo - ok
01:45:04.0706 4844 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:45:04.0721 4844 Apple Mobile Device - ok
01:45:04.0752 4844 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
01:45:04.0784 4844 AppMgmt - ok
01:45:04.0830 4844 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
01:45:04.0846 4844 arc - ok
01:45:04.0862 4844 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:45:04.0908 4844 arcsas - ok
01:45:05.0018 4844 [ D01D1B40EEF27F64B45165CE0ACDE6CD ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
01:45:05.0033 4844 ASLDRService - ok
01:45:05.0096 4844 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
01:45:05.0111 4844 ASMMAP64 - ok
01:45:05.0142 4844 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:45:05.0220 4844 AsyncMac - ok
01:45:05.0236 4844 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:45:05.0252 4844 atapi - ok
01:45:05.0330 4844 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
01:45:05.0454 4844 athr - ok
01:45:05.0501 4844 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
01:45:05.0517 4844 AtiHDAudioService - ok
01:45:05.0751 4844 [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
01:45:05.0938 4844 atikmdag - ok
01:45:05.0985 4844 [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
01:45:05.0985 4844 ATKGFNEXSrv - ok
01:45:06.0032 4844 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:45:06.0110 4844 AudioEndpointBuilder - ok
01:45:06.0125 4844 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:45:06.0188 4844 AudioSrv - ok
01:45:06.0219 4844 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:45:06.0266 4844 AxInstSV - ok
01:45:06.0312 4844 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
01:45:06.0359 4844 b06bdrv - ok
01:45:06.0390 4844 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:45:06.0422 4844 b57nd60a - ok
01:45:06.0468 4844 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:45:06.0484 4844 BDESVC - ok
01:45:06.0515 4844 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:45:06.0578 4844 Beep - ok
01:45:06.0624 4844 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
01:45:06.0702 4844 BFE - ok
01:45:06.0734 4844 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
01:45:06.0827 4844 BITS - ok
01:45:06.0858 4844 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:45:06.0890 4844 blbdrive - ok
01:45:06.0936 4844 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
01:45:06.0952 4844 Bonjour Service - ok
01:45:06.0983 4844 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:45:07.0014 4844 bowser - ok
01:45:07.0030 4844 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
01:45:07.0046 4844 BrFiltLo - ok
01:45:07.0077 4844 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
01:45:07.0092 4844 BrFiltUp - ok
01:45:07.0124 4844 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
01:45:07.0155 4844 Browser - ok
01:45:07.0170 4844 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:45:07.0217 4844 Brserid - ok
01:45:07.0233 4844 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:45:07.0264 4844 BrSerWdm - ok
01:45:07.0280 4844 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:45:07.0311 4844 BrUsbMdm - ok
01:45:07.0326 4844 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:45:07.0342 4844 BrUsbSer - ok
01:45:07.0358 4844 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
01:45:07.0389 4844 BTHMODEM - ok
01:45:07.0436 4844 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:45:07.0498 4844 bthserv - ok
01:45:07.0545 4844 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:45:07.0607 4844 cdfs - ok
01:45:07.0638 4844 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:45:07.0670 4844 cdrom - ok
01:45:07.0701 4844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:45:07.0779 4844 CertPropSvc - ok
01:45:07.0810 4844 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
01:45:07.0841 4844 circlass - ok
01:45:07.0857 4844 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:45:07.0888 4844 CLFS - ok
01:45:07.0935 4844 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:45:07.0950 4844 clr_optimization_v2.0.50727_32 - ok
01:45:07.0997 4844 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:45:08.0013 4844 clr_optimization_v2.0.50727_64 - ok
01:45:08.0060 4844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:45:08.0075 4844 clr_optimization_v4.0.30319_32 - ok
01:45:08.0091 4844 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:45:08.0091 4844 clr_optimization_v4.0.30319_64 - ok
01:45:08.0106 4844 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:45:08.0138 4844 CmBatt - ok
01:45:08.0153 4844 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:45:08.0169 4844 cmdide - ok
01:45:08.0200 4844 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
01:45:08.0247 4844 CNG - ok
01:45:08.0278 4844 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:45:08.0294 4844 Compbatt - ok
01:45:08.0294 4844 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
01:45:08.0325 4844 CompositeBus - ok
01:45:08.0340 4844 COMSysApp - ok
01:45:08.0372 4844 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:45:08.0387 4844 crcdisk - ok
01:45:08.0450 4844 [ 63A7739AC9C1E38589B3EDB1DAEB9DF5 ] CronService C:\Prey\platform\windows\cronsvc.exe
01:45:08.0465 4844 CronService ( UnsignedFile.Multi.Generic ) - warning
01:45:08.0465 4844 CronService - detected UnsignedFile.Multi.Generic (1)
01:45:08.0512 4844 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:45:08.0543 4844 CryptSvc - ok
01:45:08.0574 4844 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
01:45:08.0621 4844 CSC - ok
01:45:08.0684 4844 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
01:45:08.0699 4844 CscService - ok
01:45:08.0730 4844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:45:08.0808 4844 DcomLaunch - ok
01:45:08.0840 4844 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:45:08.0918 4844 defragsvc - ok
01:45:08.0949 4844 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:45:09.0011 4844 DfsC - ok
01:45:09.0042 4844 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
01:45:09.0058 4844 dg_ssudbus - ok
01:45:09.0089 4844 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:45:09.0120 4844 Dhcp - ok
01:45:09.0152 4844 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:45:09.0214 4844 discache - ok
01:45:09.0261 4844 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
01:45:09.0276 4844 Disk - ok
01:45:09.0323 4844 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
01:45:09.0354 4844 dmvsc - ok
01:45:09.0370 4844 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:45:09.0417 4844 Dnscache - ok
01:45:09.0448 4844 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:45:09.0510 4844 dot3svc - ok
01:45:09.0526 4844 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:45:09.0588 4844 DPS - ok
01:45:09.0620 4844 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:45:09.0635 4844 drmkaud - ok
01:45:09.0682 4844 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:45:09.0713 4844 DXGKrnl - ok
01:45:09.0776 4844 [ 78A3903702B7535154F56685CA1517D4 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
01:45:09.0791 4844 eamonm - ok
01:45:09.0822 4844 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:45:09.0885 4844 EapHost - ok
01:45:09.0978 4844 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
01:45:10.0088 4844 ebdrv - ok
01:45:10.0119 4844 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:45:10.0150 4844 EFS - ok
01:45:10.0181 4844 [ 9E39134330C18CBAC0F24C1283701D7E ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
01:45:10.0197 4844 ehdrv - ok
01:45:10.0244 4844 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:45:10.0306 4844 ehRecvr - ok
01:45:10.0306 4844 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:45:10.0337 4844 ehSched - ok
01:45:10.0509 4844 [ 501C1787CA4FAC7F6E9F585E96EB2FAC ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
01:45:10.0556 4844 ekrn - ok
01:45:10.0618 4844 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:45:10.0649 4844 elxstor - ok
01:45:10.0727 4844 [ 392EC4EA0C265F5BC50D057BEAA593CD ] epfw C:\Windows\system32\DRIVERS\epfw.sys
01:45:10.0743 4844 epfw - ok
01:45:10.0774 4844 [ 0C9EC63C5BAE9506161F14B8A5C10280 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
01:45:10.0774 4844 EpfwLWF - ok
01:45:10.0805 4844 [ 1EBAB3F7C53C13C7601D931ACDED544E ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
01:45:10.0821 4844 epfwwfp - ok
01:45:10.0821 4844 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:45:10.0852 4844 ErrDev - ok
01:45:10.0899 4844 [ 06C94BE9D9E1E6411429433A64A76936 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
01:45:10.0914 4844 ETD - ok
01:45:10.0946 4844 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:45:11.0008 4844 EventSystem - ok
01:45:11.0039 4844 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:45:11.0102 4844 exfat - ok
01:45:11.0117 4844 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:45:11.0195 4844 fastfat - ok
01:45:11.0242 4844 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:45:11.0273 4844 Fax - ok
01:45:11.0304 4844 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
01:45:11.0336 4844 fdc - ok
01:45:11.0351 4844 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:45:11.0398 4844 fdPHost - ok
01:45:11.0414 4844 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:45:11.0476 4844 FDResPub - ok
01:45:11.0507 4844 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:45:11.0507 4844 FileInfo - ok
01:45:11.0538 4844 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:45:11.0616 4844 Filetrace - ok
01:45:11.0679 4844 [ A4297244D4F817278A6AE45B1899CA9C ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
01:45:11.0726 4844 FLEXnet Licensing Service 64 - ok
01:45:11.0741 4844 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
01:45:11.0757 4844 flpydisk - ok
01:45:11.0788 4844 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:45:11.0804 4844 FltMgr - ok
01:45:11.0850 4844 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
01:45:11.0897 4844 FontCache - ok
01:45:11.0944 4844 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:45:11.0960 4844 FontCache3.0.0.0 - ok
01:45:11.0960 4844 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:45:11.0975 4844 FsDepends - ok
01:45:12.0006 4844 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:45:12.0022 4844 Fs_Rec - ok
01:45:12.0053 4844 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:45:12.0069 4844 fvevol - ok
01:45:12.0100 4844 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:45:12.0116 4844 gagp30kx - ok
01:45:12.0147 4844 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:45:12.0162 4844 GEARAspiWDM - ok
01:45:12.0194 4844 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:45:12.0256 4844 gpsvc - ok
01:45:12.0272 4844 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:45:12.0303 4844 hcw85cir - ok
01:45:12.0350 4844 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:45:12.0381 4844 HdAudAddService - ok
01:45:12.0428 4844 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:45:12.0459 4844 HDAudBus - ok
01:45:12.0474 4844 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
01:45:12.0490 4844 HidBatt - ok
01:45:12.0490 4844 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
01:45:12.0537 4844 HidBth - ok
01:45:12.0552 4844 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
01:45:12.0568 4844 HidIr - ok
01:45:12.0584 4844 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
01:45:12.0662 4844 hidserv - ok
01:45:12.0693 4844 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:45:12.0708 4844 HidUsb - ok
01:45:12.0724 4844 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:45:12.0802 4844 hkmsvc - ok
01:45:12.0818 4844 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:45:12.0849 4844 HomeGroupListener - ok
01:45:12.0880 4844 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:45:12.0911 4844 HomeGroupProvider - ok
01:45:12.0927 4844 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:45:12.0942 4844 HpSAMD - ok
01:45:12.0989 4844 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:45:13.0083 4844 HTTP - ok
01:45:13.0098 4844 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:45:13.0114 4844 hwpolicy - ok
01:45:13.0145 4844 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:45:13.0161 4844 i8042prt - ok
01:45:13.0192 4844 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:45:13.0223 4844 iaStorV - ok
01:45:13.0270 4844 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:45:13.0301 4844 idsvc - ok
01:45:13.0332 4844 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:45:13.0348 4844 iirsp - ok
01:45:13.0395 4844 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:45:13.0473 4844 IKEEXT - ok
01:45:13.0488 4844 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:45:13.0504 4844 intelide - ok
01:45:13.0520 4844 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:45:13.0551 4844 intelppm - ok
01:45:13.0582 4844 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:45:13.0644 4844 IPBusEnum - ok
01:45:13.0660 4844 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:45:13.0707 4844 IpFilterDriver - ok
01:45:13.0738 4844 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:45:13.0785 4844 iphlpsvc - ok
01:45:13.0800 4844 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:45:13.0816 4844 IPMIDRV - ok
01:45:13.0847 4844 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:45:13.0925 4844 IPNAT - ok
01:45:13.0956 4844 [ FDF57F795098AB29AF780824315C9859 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
01:45:14.0003 4844 iPod Service - ok
01:45:14.0034 4844 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:45:14.0066 4844 IRENUM - ok
01:45:14.0097 4844 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:45:14.0112 4844 isapnp - ok
01:45:14.0128 4844 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:45:14.0144 4844 iScsiPrt - ok
01:45:14.0175 4844 [ DB917B998CBC15A153C00DD6EFC34C13 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
01:45:14.0190 4844 JMCR - ok
01:45:14.0206 4844 [ DE4B2249D95C7815D06A39EA5FF4EE53 ] JME C:\Windows\system32\DRIVERS\JME.sys
01:45:14.0222 4844 JME - ok
01:45:14.0237 4844 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:45:14.0253 4844 kbdclass - ok
01:45:14.0268 4844 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:45:14.0300 4844 kbdhid - ok
01:45:14.0315 4844 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:45:14.0331 4844 KeyIso - ok
01:45:14.0362 4844 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:45:14.0378 4844 KSecDD - ok
01:45:14.0409 4844 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:45:14.0424 4844 KSecPkg - ok
01:45:14.0456 4844 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:45:14.0518 4844 ksthunk - ok
01:45:14.0549 4844 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:45:14.0627 4844 KtmRm - ok
01:45:14.0674 4844 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:45:14.0736 4844 LanmanServer - ok
01:45:14.0768 4844 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:45:14.0830 4844 LanmanWorkstation - ok
01:45:14.0861 4844 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:45:14.0924 4844 lltdio - ok
01:45:14.0955 4844 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:45:15.0033 4844 lltdsvc - ok
01:45:15.0048 4844 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:45:15.0095 4844 lmhosts - ok
01:45:15.0142 4844 [ DCC0C4BD277E7EE0CD171D7499A55035 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
01:45:15.0173 4844 LMIGuardianSvc - ok
01:45:15.0189 4844 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
01:45:15.0189 4844 LMIInfo - ok
01:45:15.0204 4844 [ 31CC13EFA3568BFA60F9302E643E3F94 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
01:45:15.0220 4844 LMIMaint - ok
01:45:15.0236 4844 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
01:45:15.0236 4844 lmimirr - ok
01:45:15.0267 4844 LMIRfsClientNP - ok
01:45:15.0298 4844 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
01:45:15.0314 4844 LMIRfsDriver - ok
01:45:15.0329 4844 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
01:45:15.0345 4844 LogMeIn - ok
01:45:15.0376 4844 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:45:15.0392 4844 LSI_FC - ok
01:45:15.0423 4844 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:45:15.0438 4844 LSI_SAS - ok
01:45:15.0454 4844 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
01:45:15.0470 4844 LSI_SAS2 - ok
01:45:15.0485 4844 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:45:15.0501 4844 LSI_SCSI - ok
01:45:15.0516 4844 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:45:15.0579 4844 luafv - ok
01:45:15.0626 4844 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
01:45:15.0657 4844 ManyCam - ok
01:45:15.0704 4844 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
01:45:15.0735 4844 mcaudrv_simple - ok
01:45:15.0766 4844 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:45:15.0797 4844 Mcx2Svc - ok
01:45:15.0813 4844 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
01:45:15.0828 4844 megasas - ok
01:45:15.0844 4844 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
01:45:15.0875 4844 MegaSR - ok
01:45:15.0907 4844 Microsoft SharePoint Workspace Audit Service - ok
01:45:15.0953 4844 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:45:16.0016 4844 MMCSS - ok
01:45:16.0031 4844 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:45:16.0094 4844 Modem - ok
01:45:16.0125 4844 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:45:16.0156 4844 monitor - ok
01:45:16.0172 4844 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:45:16.0187 4844 mouclass - ok
01:45:16.0219 4844 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:45:16.0234 4844 mouhid - ok
01:45:16.0250 4844 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:45:16.0265 4844 mountmgr - ok
01:45:16.0281 4844 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:45:16.0297 4844 mpio - ok
01:45:16.0312 4844 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:45:16.0375 4844 mpsdrv - ok
01:45:16.0406 4844 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:45:16.0484 4844 MpsSvc - ok
01:45:16.0499 4844 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:45:16.0546 4844 MRxDAV - ok
01:45:16.0577 4844 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:45:16.0624 4844 mrxsmb - ok
01:45:16.0640 4844 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:45:16.0655 4844 mrxsmb10 - ok
01:45:16.0671 4844 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:45:16.0687 4844 mrxsmb20 - ok
01:45:16.0702 4844 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:45:16.0702 4844 msahci - ok
01:45:16.0718 4844 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:45:16.0733 4844 msdsm - ok
01:45:16.0749 4844 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:45:16.0780 4844 MSDTC - ok
01:45:16.0796 4844 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:45:16.0858 4844 Msfs - ok
01:45:16.0858 4844 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:45:16.0921 4844 mshidkmdf - ok
01:45:16.0936 4844 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:45:16.0952 4844 msisadrv - ok
01:45:16.0983 4844 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:45:17.0061 4844 MSiSCSI - ok
01:45:17.0061 4844 msiserver - ok
01:45:17.0108 4844 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:45:17.0170 4844 MSKSSRV - ok
01:45:17.0186 4844 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:45:17.0264 4844 MSPCLOCK - ok
01:45:17.0279 4844 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:45:17.0342 4844 MSPQM - ok
01:45:17.0357 4844 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:45:17.0373 4844 MsRPC - ok
01:45:17.0389 4844 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:45:17.0404 4844 mssmbios - ok
01:45:17.0420 4844 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:45:17.0482 4844 MSTEE - ok
01:45:17.0498 4844 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
01:45:17.0513 4844 MTConfig - ok
01:45:17.0545 4844 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
01:45:17.0560 4844 MTsensor - ok
01:45:17.0576 4844 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:45:17.0591 4844 Mup - ok
01:45:17.0623 4844 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:45:17.0685 4844 napagent - ok
01:45:17.0732 4844 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:45:17.0763 4844 NativeWifiP - ok
01:45:17.0825 4844 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:45:17.0872 4844 NDIS - ok
01:45:17.0903 4844 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:45:17.0966 4844 NdisCap - ok
01:45:17.0981 4844 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:45:18.0044 4844 NdisTapi - ok
01:45:18.0059 4844 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:45:18.0122 4844 Ndisuio - ok
01:45:18.0137 4844 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:45:18.0215 4844 NdisWan - ok
01:45:18.0231 4844 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:45:18.0278 4844 NDProxy - ok
01:45:18.0309 4844 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:45:18.0371 4844 NetBIOS - ok
01:45:18.0387 4844 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:45:18.0449 4844 NetBT - ok
01:45:18.0465 4844 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:45:18.0481 4844 Netlogon - ok
01:45:18.0496 4844 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:45:18.0574 4844 Netman - ok
01:45:18.0590 4844 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:45:18.0668 4844 netprofm - ok
01:45:18.0699 4844 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:45:18.0699 4844 NetTcpPortSharing - ok
01:45:18.0730 4844 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:45:18.0746 4844 nfrd960 - ok
01:45:18.0777 4844 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:45:18.0808 4844 NlaSvc - ok
01:45:18.0824 4844 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:45:18.0871 4844 Npfs - ok
01:45:18.0917 4844 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:45:18.0980 4844 nsi - ok
01:45:18.0995 4844 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:45:19.0073 4844 nsiproxy - ok
01:45:19.0120 4844 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:45:19.0198 4844 Ntfs - ok
01:45:19.0214 4844 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:45:19.0276 4844 Null - ok
01:45:19.0323 4844 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:45:19.0339 4844 nvraid - ok
01:45:19.0354 4844 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:45:19.0370 4844 nvstor - ok
01:45:19.0385 4844 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:45:19.0401 4844 nv_agp - ok
01:45:19.0479 4844 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:45:19.0495 4844 odserv - ok
01:45:19.0526 4844 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:45:19.0541 4844 ohci1394 - ok
01:45:19.0573 4844 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:45:19.0588 4844 ose - ok
01:45:19.0729 4844 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:45:19.0853 4844 osppsvc - ok
01:45:19.0869 4844 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:45:19.0900 4844 p2pimsvc - ok
01:45:19.0931 4844 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:45:19.0963 4844 p2psvc - ok
01:45:19.0994 4844 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
01:45:20.0009 4844 Parport - ok
01:45:20.0041 4844 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:45:20.0056 4844 partmgr - ok
01:45:20.0056 4844 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:45:20.0103 4844 PcaSvc - ok
01:45:20.0134 4844 pccsmcfd - ok
01:45:20.0165 4844 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
01:45:20.0181 4844 pci - ok
01:45:20.0197 4844 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:45:20.0212 4844 pciide - ok
01:45:20.0228 4844 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:45:20.0243 4844 pcmcia - ok
01:45:20.0259 4844 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:45:20.0259 4844 pcw - ok
01:45:20.0290 4844 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:45:20.0368 4844 PEAUTH - ok
01:45:20.0415 4844 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
01:45:20.0493 4844 PeerDistSvc - ok
01:45:20.0555 4844 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:45:20.0571 4844 PerfHost - ok
01:45:20.0618 4844 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:45:20.0727 4844 pla - ok
01:45:20.0789 4844 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:45:20.0821 4844 PlugPlay - ok
01:45:20.0836 4844 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:45:20.0867 4844 PNRPAutoReg - ok
01:45:20.0883 4844 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:45:20.0899 4844 PNRPsvc - ok
01:45:20.0930 4844 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:45:20.0992 4844 PolicyAgent - ok
01:45:21.0039 4844 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
01:45:21.0101 4844 Power - ok
01:45:21.0133 4844 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:45:21.0195 4844 PptpMiniport - ok
01:45:21.0226 4844 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
01:45:21.0242 4844 Processor - ok
01:45:21.0273 4844 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:45:21.0304 4844 ProfSvc - ok
01:45:21.0320 4844 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:45:21.0335 4844 ProtectedStorage - ok
01:45:21.0367 4844 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:45:21.0429 4844 Psched - ok
01:45:21.0460 4844 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:45:21.0538 4844 ql2300 - ok
01:45:21.0554 4844 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:45:21.0569 4844 ql40xx - ok
01:45:21.0601 4844 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:45:21.0632 4844 QWAVE - ok
01:45:21.0647 4844 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:45:21.0679 4844 QWAVEdrv - ok
01:45:21.0694 4844 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:45:21.0757 4844 RasAcd - ok
01:45:21.0788 4844 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:45:21.0850 4844 RasAgileVpn - ok
01:45:21.0866 4844 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:45:21.0944 4844 RasAuto - ok
01:45:21.0975 4844 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:45:22.0037 4844 Rasl2tp - ok
01:45:22.0053 4844 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:45:22.0115 4844 RasMan - ok
01:45:22.0131 4844 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:45:22.0193 4844 RasPppoe - ok
01:45:22.0209 4844 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:45:22.0271 4844 RasSstp - ok
01:45:22.0287 4844 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:45:22.0349 4844 rdbss - ok
01:45:22.0349 4844 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:45:22.0365 4844 rdpbus - ok
01:45:22.0381 4844 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:45:22.0459 4844 RDPCDD - ok
01:45:22.0490 4844 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
01:45:22.0505 4844 RDPDR - ok
01:45:22.0599 4844 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:45:22.0693 4844 RDPENCDD - ok
01:45:22.0708 4844 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:45:22.0755 4844 RDPREFMP - ok
01:45:22.0786 4844 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
01:45:22.0802 4844 RdpVideoMiniport - ok
01:45:22.0833 4844 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:45:22.0864 4844 RDPWD - ok
01:45:22.0895 4844 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:45:22.0911 4844 rdyboost - ok
01:45:22.0927 4844 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:45:22.0989 4844 RemoteAccess - ok
01:45:23.0020 4844 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:45:23.0098 4844 RemoteRegistry - ok
01:45:23.0129 4844 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:45:23.0176 4844 RpcEptMapper - ok
01:45:23.0207 4844 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:45:23.0223 4844 RpcLocator - ok
01:45:23.0239 4844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
01:45:23.0301 4844 RpcSs - ok
01:45:23.0317 4844 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:45:23.0363 4844 rspndr - ok
01:45:23.0395 4844 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
01:45:23.0426 4844 s3cap - ok
01:45:23.0441 4844 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:45:23.0441 4844 SamSs - ok
01:45:23.0473 4844 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:45:23.0488 4844 sbp2port - ok
01:45:23.0504 4844 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:45:23.0566 4844 SCardSvr - ok
01:45:23.0597 4844 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
01:45:23.0597 4844 SCDEmu - ok
01:45:23.0629 4844 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:45:23.0691 4844 scfilter - ok
01:45:23.0722 4844 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:45:23.0800 4844 Schedule - ok
01:45:23.0831 4844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:45:23.0878 4844 SCPolicySvc - ok
01:45:23.0909 4844 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
01:45:23.0941 4844 sdbus - ok
01:45:23.0972 4844 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:45:24.0003 4844 SDRSVC - ok
01:45:24.0034 4844 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:45:24.0112 4844 secdrv - ok
01:45:24.0128 4844 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:45:24.0190 4844 seclogon - ok
01:45:24.0221 4844 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
01:45:24.0268 4844 SENS - ok
01:45:24.0299 4844 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:45:24.0315 4844 SensrSvc - ok
01:45:24.0331 4844 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
01:45:24.0362 4844 Serenum - ok
01:45:24.0393 4844 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
01:45:24.0424 4844 Serial - ok
01:45:24.0440 4844 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:45:24.0471 4844 sermouse - ok
01:45:24.0502 4844 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
01:45:24.0565 4844 SessionEnv - ok
01:45:24.0580 4844 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:45:24.0611 4844 sffdisk - ok
01:45:24.0627 4844 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:45:24.0658 4844 sffp_mmc - ok
01:45:24.0674 4844 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:45:24.0721 4844 sffp_sd - ok
01:45:24.0721 4844 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:45:24.0736 4844 sfloppy - ok
01:45:24.0767 4844 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:45:24.0830 4844 SharedAccess - ok
01:45:24.0861 4844 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:45:24.0923 4844 ShellHWDetection - ok
01:45:24.0970 4844 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
01:45:24.0986 4844 SiSRaid2 - ok
01:45:25.0001 4844 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:45:25.0017 4844 SiSRaid4 - ok
01:45:25.0048 4844 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:45:25.0111 4844 Smb - ok
01:45:25.0157 4844 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:45:25.0173 4844 SNMPTRAP - ok
01:45:25.0251 4844 [ 2114518E55B380A3ACC28B2C27FD499A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
01:45:25.0345 4844 SNP2UVC - ok
01:45:25.0376 4844 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:45:25.0391 4844 spldr - ok
01:45:25.0423 4844 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
01:45:25.0438 4844 Spooler - ok
01:45:25.0532 4844 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
01:45:25.0641 4844 sppsvc - ok
01:45:25.0657 4844 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:45:25.0735 4844 sppuinotify - ok
01:45:25.0766 4844 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:45:25.0813 4844 srv - ok
01:45:25.0844 4844 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:45:25.0891 4844 srv2 - ok
01:45:25.0922 4844 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:45:25.0937 4844 srvnet - ok
01:45:25.0969 4844 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:45:26.0047 4844 SSDPSRV - ok
01:45:26.0078 4844 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:45:26.0156 4844 SstpSvc - ok
01:45:26.0218 4844 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
01:45:26.0234 4844 ssudmdm - ok
01:45:26.0249 4844 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
01:45:26.0249 4844 stexstor - ok
01:45:26.0281 4844 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
01:45:26.0312 4844 stisvc - ok
01:45:26.0343 4844 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
01:45:26.0359 4844 storflt - ok
01:45:26.0390 4844 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
01:45:26.0405 4844 storvsc - ok
01:45:26.0421 4844 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:45:26.0437 4844 swenum - ok
01:45:26.0468 4844 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:45:26.0561 4844 swprv - ok
01:45:26.0577 4844 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
01:45:26.0593 4844 Synth3dVsc - ok
01:45:26.0639 4844 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
01:45:26.0702 4844 SysMain - ok
01:45:26.0717 4844 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:45:26.0749 4844 TabletInputService - ok
01:45:26.0780 4844 [ 4EF44915E522F3ECD1A3FF540AA64126 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
01:45:26.0811 4844 tap0901 - ok
01:45:26.0842 4844 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
01:45:26.0858 4844 taphss - ok
01:45:26.0889 4844 [ 8B9FD32C71F29DF235A27CE9FF4F19DC ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
01:45:26.0889 4844 taphss6 - ok
01:45:26.0920 4844 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:45:26.0998 4844 TapiSrv - ok
01:45:27.0014 4844 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:45:27.0061 4844 TBS - ok
01:45:27.0107 4844 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:45:27.0201 4844 Tcpip - ok
01:45:27.0248 4844 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:45:27.0310 4844 TCPIP6 - ok
01:45:27.0326 4844 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:45:27.0341 4844 tcpipreg - ok
01:45:27.0373 4844 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:45:27.0388 4844 TDPIPE - ok
01:45:27.0419 4844 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:45:27.0435 4844 TDTCP - ok
01:45:27.0466 4844 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:45:27.0529 4844 tdx - ok
01:45:27.0544 4844 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:45:27.0560 4844 TermDD - ok
01:45:27.0575 4844 [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt C:\Windows\system32\drivers\terminpt.sys
01:45:27.0607 4844 terminpt - ok
01:45:27.0638 4844 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
01:45:27.0716 4844 TermService - ok
01:45:27.0731 4844 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:45:27.0747 4844 Themes - ok
01:45:27.0763 4844 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:45:27.0825 4844 THREADORDER - ok
01:45:27.0856 4844 [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB C:\Windows\system32\DRIVERS\tiehdusb.sys
01:45:27.0887 4844 TIEHDUSB - ok
01:45:27.0919 4844 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:45:27.0997 4844 TrkWks - ok
01:45:28.0043 4844 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:45:28.0090 4844 TrustedInstaller - ok
01:45:28.0106 4844 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:45:28.0153 4844 tssecsrv - ok
01:45:28.0199 4844 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:45:28.0231 4844 TsUsbFlt - ok
01:45:28.0231 4844 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
01:45:28.0246 4844 TsUsbGD - ok
01:45:28.0262 4844 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
01:45:28.0277 4844 tsusbhub - ok
01:45:28.0340 4844 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:45:28.0402 4844 tunnel - ok
01:45:28.0418 4844 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:45:28.0433 4844 uagp35 - ok
01:45:28.0465 4844 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:45:28.0527 4844 udfs - ok
01:45:28.0558 4844 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:45:28.0574 4844 UI0Detect - ok
01:45:28.0605 4844 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:45:28.0621 4844 uliagpkx - ok
01:45:28.0652 4844 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:45:28.0683 4844 umbus - ok
01:45:28.0699 4844 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
01:45:28.0730 4844 UmPass - ok
01:45:28.0761 4844 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
01:45:28.0777 4844 UmRdpService - ok
01:45:28.0808 4844 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:45:28.0886 4844 upnphost - ok
01:45:28.0917 4844 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
01:45:28.0948 4844 USBAAPL64 - ok
01:45:28.0979 4844 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
01:45:29.0026 4844 usbaudio - ok
01:45:29.0042 4844 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:45:29.0057 4844 usbccgp - ok
01:45:29.0089 4844 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:45:29.0120 4844 usbcir - ok
01:45:29.0135 4844 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:45:29.0167 4844 usbehci - ok
01:45:29.0198 4844 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:45:29.0229 4844 usbhub - ok
01:45:29.0245 4844 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:45:29.0276 4844 usbohci - ok
01:45:29.0307 4844 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:45:29.0338 4844 usbprint - ok
01:45:29.0354 4844 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:45:29.0369 4844 usbscan - ok
01:45:29.0401 4844 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:45:29.0432 4844 USBSTOR - ok
01:45:29.0447 4844 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
01:45:29.0463 4844 usbuhci - ok
01:45:29.0494 4844 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
01:45:29.0525 4844 usbvideo - ok
01:45:29.0557 4844 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:45:29.0619 4844 UxSms - ok
01:45:29.0635 4844 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
01:45:29.0650 4844 VaultSvc - ok
01:45:29.0681 4844 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:45:29.0681 4844 vdrvroot - ok
01:45:29.0713 4844 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
01:45:29.0791 4844 vds - ok
01:45:29.0806 4844 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:45:29.0837 4844 vga - ok
01:45:29.0853 4844 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:45:29.0915 4844 VgaSave - ok
01:45:29.0915 4844 VGPU - ok
01:45:29.0931 4844 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:45:29.0947 4844 vhdmp - ok
01:45:29.0962 4844 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
01:45:29.0978 4844 viaide - ok
01:45:29.0993 4844 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
01:45:30.0009 4844 vmbus - ok
01:45:30.0040 4844 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
01:45:30.0071 4844 VMBusHID - ok
01:45:30.0087 4844 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:45:30.0103 4844 volmgr - ok
01:45:30.0103 4844 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:45:30.0134 4844 volmgrx - ok
01:45:30.0149 4844 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:45:30.0165 4844 volsnap - ok
01:45:30.0196 4844 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:45:30.0212 4844 vsmraid - ok
01:45:30.0259 4844 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
01:45:30.0383 4844 VSS - ok
01:45:30.0399 4844 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:45:30.0430 4844 vwifibus - ok
01:45:30.0446 4844 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:45:30.0477 4844 vwififlt - ok
01:45:30.0508 4844 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:45:30.0571 4844 W32Time - ok
01:45:30.0602 4844 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:45:30.0617 4844 WacomPen - ok
01:45:30.0633 4844 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:45:30.0711 4844 WANARP - ok
01:45:30.0727 4844 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:45:30.0773 4844 Wanarpv6 - ok
01:45:30.0820 4844 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:45:30.0883 4844 WatAdminSvc - ok
01:45:31.0085 4844 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
01:45:31.0163 4844 wbengine - ok
01:45:31.0179 4844 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:45:31.0210 4844 WbioSrvc - ok
01:45:31.0226 4844 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:45:31.0273 4844 wcncsvc - ok
01:45:31.0288 4844 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:45:31.0304 4844 WcsPlugInService - ok
01:45:31.0335 4844 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
01:45:31.0351 4844 Wd - ok
01:45:31.0382 4844 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:45:31.0429 4844 Wdf01000 - ok
01:45:31.0444 4844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:45:31.0491 4844 WdiServiceHost - ok
01:45:31.0491 4844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:45:31.0522 4844 WdiSystemHost - ok
01:45:31.0538 4844 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
01:45:31.0585 4844 WebClient - ok
01:45:31.0600 4844 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:45:31.0678 4844 Wecsvc - ok
01:45:31.0694 4844 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:45:31.0741 4844 wercplsupport - ok
01:45:31.0787 4844 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:45:31.0834 4844 WerSvc - ok
01:45:31.0865 4844 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:45:31.0912 4844 WfpLwf - ok
01:45:31.0928 4844 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:45:31.0943 4844 WIMMount - ok
01:45:31.0975 4844 WinDefend - ok
01:45:31.0975 4844 WinHttpAutoProxySvc - ok
01:45:32.0006 4844 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:45:32.0068 4844 Winmgmt - ok
01:45:32.0146 4844 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
01:45:32.0255 4844 WinRM - ok
01:45:32.0302 4844 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:45:32.0333 4844 WinUsb - ok
01:45:32.0365 4844 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:45:32.0411 4844 Wlansvc - ok
01:45:32.0505 4844 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:45:32.0567 4844 wlidsvc - ok
01:45:32.0599 4844 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:45:32.0630 4844 WmiAcpi - ok
01:45:32.0645 4844 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:45:32.0677 4844 wmiApSrv - ok
01:45:32.0708 4844 WMPNetworkSvc - ok
01:45:32.0723 4844 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:45:32.0739 4844 WPCSvc - ok
01:45:32.0755 4844 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:45:32.0770 4844 WPDBusEnum - ok
01:45:32.0801 4844 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:45:32.0848 4844 ws2ifsl - ok
01:45:32.0864 4844 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
01:45:32.0895 4844 wscsvc - ok
01:45:32.0895 4844 WSearch - ok
01:45:32.0957 4844 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
01:45:33.0035 4844 wuauserv - ok
01:45:33.0051 4844 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:45:33.0082 4844 WudfPf - ok
01:45:33.0113 4844 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:45:33.0145 4844 WUDFRd - ok
01:45:33.0160 4844 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:45:33.0176 4844 wudfsvc - ok
01:45:33.0207 4844 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
01:45:33.0238 4844 WwanSvc - ok
01:45:33.0238 4844 ================ Scan global ===============================
01:45:33.0269 4844 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:45:33.0301 4844 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
01:45:33.0316 4844 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
01:45:33.0347 4844 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:45:33.0363 4844 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:45:33.0379 4844 [Global] - ok
01:45:33.0379 4844 ================ Scan MBR ==================================
01:45:33.0394 4844 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:45:33.0815 4844 \Device\Harddisk0\DR0 - ok
01:45:33.0815 4844 ================ Scan VBR ==================================
01:45:33.0815 4844 [ E02F20D55136FA72741867947B0DAC8B ] \Device\Harddisk0\DR0\Partition1
01:45:33.0831 4844 \Device\Harddisk0\DR0\Partition1 - ok
01:45:33.0862 4844 [ 56F84C6BE768F72ABBC0432B27610712 ] \Device\Harddisk0\DR0\Partition2
01:45:33.0862 4844 \Device\Harddisk0\DR0\Partition2 - ok
01:45:33.0862 4844 [ 7D88DBE998C9F61F88879A4C4E0CC768 ] \Device\Harddisk0\DR0\Partition3
01:45:33.0862 4844 \Device\Harddisk0\DR0\Partition3 - ok
01:45:33.0878 4844 ============================================================
01:45:33.0878 4844 Scan finished
01:45:33.0878 4844 ============================================================
01:45:33.0878 4312 Detected object count: 1
01:45:33.0878 4312 Actual detected object count: 1
01:45:39.0712 4312 CronService ( UnsignedFile.Multi.Generic ) - skipped by user
01:45:39.0712 4312 CronService ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:45:41.0662 4492 Deinitialize success

AdwCleaner


# AdwCleaner v2.109 - Logfile created 02/02/2013 at 01:46:36
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : ASUS - ASUS-PC
# Boot Mode : Normal
# Running from : C:\Users\ASUS\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\ASUS\AppData\Local\APN
Folder Deleted : C:\Users\ASUS\AppData\Local\Conduit
Folder Deleted : C:\Users\ASUS\AppData\LocalLow\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitUninstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitUninstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\qxqksnhf.default\prefs.js

C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\qxqksnhf.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2443 octets] - [02/02/2013 01:45:49]
AdwCleaner[S1].txt - [2515 octets] - [02/02/2013 01:46:36]

########## EOF - C:\AdwCleaner[S1].txt - [2575 octets] ##########


RogueKiller


RogueKiller V8.4.4 [Feb 1 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : ASUS [Admin rights]
Mode : Remove -- Date : 02/02/2013 01:49:36
| ARK || MBR |

Bad processes : 0

Registry Entries : 4
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (172.26.20.1:8080) -> NOT REMOVED, USE PROXYFIX
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 license.superantispyware.com


MBR Check:

+++++ PhysicalDrive0: ST9500325AS ATA Device +++++
--- User ---
[MBR] 1356da008160bc3614f28d734427f91f
[BSP] e1cad57204df9c6d19132e0bdc98aa66 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 136129 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 279000855 | Size: 340706 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_02022013_02d0149.txt >>
RKreport[1]_S_02022013_02d0149.txt ; RKreport[2]_D_02022013_02d0149.txt

#6 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:03:58 AM

Posted 02 February 2013 - 02:46 AM

Hi,

Yes, I figured you were talking about Torpig/Sinowal. :)

I'm not quite sure why only things directly wired to your router are not connecting, it could be malware or maybe something else wrong inside the router, but I'll get to that later.

I'll try my absolute best to help you with all three PCs. First, can you run MBAM on your spare computers for me and post the logs? :)

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users