Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus cocktail- Java:Malware-gen [Trj], Java:Agent-AXI [Expl], Trojan.Fake.Alert


  • Please log in to reply
23 replies to this topic

#1 InertiaticESP

InertiaticESP

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 13 May 2013 - 08:55 PM

An Avast full scan detected a Trojan virus and ran a bootup scan. The bootup scan found five Java:Malware-gen [Trj] and one Jave:Agent-AXI [Expl] located in the Java temp files folder. I quarantined/removed.

 

Upon doing some research on this site, I ran rKill and then rescanned my computer with Avast and Malwarebytes. Avast looked virus free but said software update status was critical for Java, WinRAR, and a few others. I updated through Java's site but for some reason, it keeps saying the status is critical and recommends both Java and WinRAR. I should mention that as I updated software, I noticed Adware on my Firefox browser - MixiDJ - which I removed through "Uninstal a program". Also found and removed DefaultTab Search Results, LLC and getsav.in Adpeak, Inc. in "Uninstal a program". Malwarebytes found a Trojan.Fake.Alert virus which I quarantined/removed.

 

Not much slowing or suspicious behavior, but a symptom is a weird psychedelic smearing of letters in text heavy websites. It's crazy.

 

I ran ESET once and it looked clean after this. But my god, it looks like a can of freaking worms!! I'd appreciate a review of my computer's status and a recommendation. I've never seen anything this severe so I'd also like to know if I should be concerned about privacy/scammers.

 

Thank you.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:30 PM

Posted 13 May 2013 - 09:00 PM

Hello, I have moved this from XP to the Am I Infected forum.
 
Please run these and see how it is after.
Please download Rkill by Grinler and save it to your desktop.
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.



    Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
    • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
    • Double-click on the renamed file to install, then follow these instructions
    • for doing a Quick Scan in normal mode.
    • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
    • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
    Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
    • After completing the scan, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab .
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
    • Exit Malwarebytes when done.
    Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    -- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).



    Please Download[url="http://www.bleepingcomputer.com/download/tdsskiller/dl/4/"] TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 InertiaticESP

InertiaticESP
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 14 May 2013 - 09:08 PM

I ran RKill, then Malwarebytes which found seven files PUP.FunMoods which I removed. I ran the TDSSKiller which found one "Loaded file" which I quarantined. Let me know next steps. Thank you very much for your help. I'm running Windows 7.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.05.14.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
David :: DAVID-PC [administrator]

5/14/2013 6:42:59 PM
mbam-log-2013-05-14 (18-42-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236520
Time elapsed: 10 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 4
C:\Users\David\AppData\LocalLow\Funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
C:\Users\David\AppData\LocalLow\Funmoods\Funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
C:\Users\David\AppData\LocalLow\Funmoods\Funmoods\us (PUP.FunMoods) -> Quarantined and deleted successfully.
C:\Users\David\AppData\LocalLow\Funmoods\Funmoods\us\20101003 (PUP.FunMoods) -> Quarantined and deleted successfully.

Files Detected: 2
C:\Users\David\AppData\LocalLow\Funmoods\Funmoods\us\20101003\kywrds.tat (PUP.FunMoods) -> Quarantined and deleted successfully.
C:\Users\David\AppData\LocalLow\Funmoods\Funmoods\us\20101003\kywrds.ttr (PUP.FunMoods) -> Quarantined and deleted successfully.

(end)
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

18:58:33.0517 3404  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:58:34.0015 3404  ============================================================
18:58:34.0015 3404  Current date / time: 2013/05/14 18:58:34.0015
18:58:34.0015 3404  SystemInfo:
18:58:34.0015 3404  
18:58:34.0015 3404  OS Version: 6.1.7601 ServicePack: 1.0
18:58:34.0016 3404  Product type: Workstation
18:58:34.0016 3404  ComputerName: DAVID-PC
18:58:34.0018 3404  UserName: David
18:58:34.0018 3404  Windows directory: C:\Windows
18:58:34.0018 3404  System windows directory: C:\Windows
18:58:34.0018 3404  Running under WOW64
18:58:34.0018 3404  Processor architecture: Intel x64
18:58:34.0018 3404  Number of processors: 1
18:58:34.0018 3404  Page size: 0x1000
18:58:34.0018 3404  Boot type: Normal boot
18:58:34.0018 3404  ============================================================
18:58:35.0468 3404  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:58:35.0473 3404  ============================================================
18:58:35.0473 3404  \Device\Harddisk0\DR0:
18:58:35.0473 3404  MBR partitions:
18:58:35.0473 3404  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:58:35.0473 3404  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x10E26800
18:58:35.0473 3404  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10E8A800, BlocksNum 0x1B5B800
18:58:35.0473 3404  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x129E6000, BlocksNum 0x336B0
18:58:35.0473 3404  ============================================================
18:58:35.0489 3404  C: <-> \Device\Harddisk0\DR0\Partition2
18:58:35.0522 3404  D: <-> \Device\Harddisk0\DR0\Partition3
18:58:35.0537 3404  E: <-> \Device\Harddisk0\DR0\Partition4
18:58:35.0587 3404  ============================================================
18:58:35.0587 3404  Initialize success
18:58:35.0587 3404  ============================================================
18:59:13.0607 5056  ============================================================
18:59:13.0607 5056  Scan started
18:59:13.0607 5056  Mode: Manual; TDLFS;
18:59:13.0607 5056  ============================================================
18:59:14.0704 5056  ================ Scan system memory ========================
18:59:14.0704 5056  System memory - ok
18:59:14.0714 5056  ================ Scan services =============================
18:59:14.0894 5056  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:59:14.0904 5056  1394ohci - ok
18:59:14.0946 5056  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:59:14.0951 5056  ACPI - ok
18:59:14.0986 5056  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:59:14.0986 5056  AcpiPmi - ok
18:59:15.0086 5056  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:59:15.0086 5056  AdobeARMservice - ok
18:59:15.0248 5056  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:59:15.0268 5056  AdobeFlashPlayerUpdateSvc - ok
18:59:15.0318 5056  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:59:15.0318 5056  adp94xx - ok
18:59:15.0358 5056  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:59:15.0358 5056  adpahci - ok
18:59:15.0398 5056  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:59:15.0398 5056  adpu320 - ok
18:59:15.0438 5056  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:59:15.0438 5056  AeLookupSvc - ok
18:59:15.0508 5056  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
18:59:15.0518 5056  AERTFilters - ok
18:59:15.0578 5056  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:59:15.0578 5056  AFD - ok
18:59:15.0628 5056  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:59:15.0628 5056  agp440 - ok
18:59:15.0658 5056  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:59:15.0658 5056  ALG - ok
18:59:15.0698 5056  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:59:15.0698 5056  aliide - ok
18:59:15.0748 5056  [ DCEEE24E57E8176115207312F827C130 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:59:15.0748 5056  AMD External Events Utility - ok
18:59:15.0778 5056  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:59:15.0778 5056  amdide - ok
18:59:15.0808 5056  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:59:15.0808 5056  AmdK8 - ok
18:59:16.0013 5056  [ F6640D83AF0FD74C50E23E68548EA9A0 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:59:16.0191 5056  amdkmdag - ok
18:59:16.0216 5056  [ 20B63276A1920B41E1C56720B395049B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:59:16.0221 5056  amdkmdap - ok
18:59:16.0242 5056  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:59:16.0242 5056  AmdPPM - ok
18:59:16.0282 5056  [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
18:59:16.0282 5056  amdsata - ok
18:59:16.0312 5056  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:59:16.0322 5056  amdsbs - ok
18:59:16.0332 5056  [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
18:59:16.0332 5056  amdxata - ok
18:59:16.0372 5056  [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
18:59:16.0382 5056  androidusb - ok
18:59:16.0432 5056  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:59:16.0432 5056  AppID - ok
18:59:16.0472 5056  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:59:16.0472 5056  AppIDSvc - ok
18:59:16.0524 5056  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
18:59:16.0534 5056  Appinfo - ok
18:59:16.0574 5056  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:59:16.0574 5056  arc - ok
18:59:16.0604 5056  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:59:16.0614 5056  arcsas - ok
18:59:16.0664 5056  [ F3F5F2FDE0DEABA4F2CE336E9454FAE2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
18:59:16.0664 5056  aswFsBlk - ok
18:59:16.0694 5056  [ 90980D5291F8E725700272E4B64EDA10 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:59:16.0704 5056  aswMonFlt - ok
18:59:16.0754 5056  [ A4C94945B8A1FFE449A500C2CF0B5882 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
18:59:16.0754 5056  aswRdr - ok
18:59:16.0814 5056  [ A06E330475C1957C50C13B483D41F2BD ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:59:16.0814 5056  aswRvrt - ok
18:59:16.0894 5056  [ 9237BE2AB3C7D611F1F8FB7018691BAC ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:59:16.0944 5056  aswSnx - ok
18:59:16.0993 5056  [ D8FEC7F7BFE1BAD685DC8D1EF384693D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:59:16.0999 5056  aswSP - ok
18:59:17.0026 5056  [ 3D9BA0EF6C5847E4482FC01ABCD26683 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
18:59:17.0026 5056  aswTdi - ok
18:59:17.0056 5056  [ 3C7D772F6059C142991D00FE3AB61D40 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:59:17.0066 5056  aswVmm - ok
18:59:17.0096 5056  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:59:17.0116 5056  AsyncMac - ok
18:59:17.0166 5056  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:59:17.0166 5056  atapi - ok
18:59:17.0216 5056  [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
18:59:17.0216 5056  AtiPcie - ok
18:59:17.0296 5056  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:59:17.0316 5056  AudioEndpointBuilder - ok
18:59:17.0346 5056  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:59:17.0346 5056  AudioSrv - ok
18:59:17.0438 5056  [ 6F702A7EA2D5F2B55CC90C333FBE9978 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
18:59:17.0438 5056  avast! Antivirus - ok
18:59:17.0508 5056  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:59:17.0508 5056  AxInstSV - ok
18:59:17.0568 5056  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:59:17.0578 5056  b06bdrv - ok
18:59:17.0608 5056  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:59:17.0608 5056  b57nd60a - ok
18:59:17.0649 5056  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:59:17.0650 5056  BDESVC - ok
18:59:17.0670 5056  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:59:17.0670 5056  Beep - ok
18:59:17.0740 5056  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:59:17.0750 5056  BFE - ok
18:59:17.0830 5056  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:59:17.0890 5056  BITS - ok
18:59:17.0920 5056  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:59:17.0920 5056  blbdrive - ok
18:59:18.0002 5056  [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:59:18.0002 5056  Bonjour Service - ok
18:59:18.0052 5056  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:59:18.0072 5056  bowser - ok
18:59:18.0112 5056  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:59:18.0112 5056  BrFiltLo - ok
18:59:18.0132 5056  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:59:18.0132 5056  BrFiltUp - ok
18:59:18.0172 5056  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:59:18.0182 5056  Browser - ok
18:59:18.0212 5056  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:59:18.0212 5056  Brserid - ok
18:59:18.0232 5056  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:59:18.0232 5056  BrSerWdm - ok
18:59:18.0252 5056  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:59:18.0252 5056  BrUsbMdm - ok
18:59:18.0262 5056  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:59:18.0272 5056  BrUsbSer - ok
18:59:18.0282 5056  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:59:18.0282 5056  BTHMODEM - ok
18:59:18.0322 5056  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:59:18.0322 5056  bthserv - ok
18:59:18.0362 5056  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:59:18.0362 5056  cdfs - ok
18:59:18.0432 5056  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:59:18.0432 5056  cdrom - ok
18:59:18.0492 5056  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:59:18.0492 5056  CertPropSvc - ok
18:59:18.0522 5056  [ 2C24DB5F78F0ACA759803001E6B4F320 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
18:59:18.0522 5056  CinemaNow Service - ok
18:59:18.0552 5056  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:59:18.0552 5056  circlass - ok
18:59:18.0592 5056  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:59:18.0602 5056  CLFS - ok
18:59:18.0672 5056  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:59:18.0672 5056  clr_optimization_v2.0.50727_32 - ok
18:59:18.0752 5056  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:59:18.0762 5056  clr_optimization_v2.0.50727_64 - ok
18:59:18.0862 5056  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:59:18.0862 5056  clr_optimization_v4.0.30319_32 - ok
18:59:18.0902 5056  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:59:18.0912 5056  clr_optimization_v4.0.30319_64 - ok
18:59:18.0932 5056  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:59:18.0942 5056  CmBatt - ok
18:59:18.0992 5056  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:59:18.0992 5056  cmdide - ok
18:59:19.0052 5056  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:59:19.0072 5056  CNG - ok
18:59:19.0112 5056  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:59:19.0112 5056  Compbatt - ok
18:59:19.0172 5056  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:59:19.0172 5056  CompositeBus - ok
18:59:19.0192 5056  COMSysApp - ok
18:59:19.0222 5056  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:59:19.0222 5056  crcdisk - ok
18:59:19.0282 5056  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:59:19.0292 5056  CryptSvc - ok
18:59:19.0432 5056  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:59:19.0452 5056  cvhsvc - ok
18:59:19.0515 5056  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:59:19.0524 5056  DcomLaunch - ok
18:59:19.0564 5056  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:59:19.0564 5056  defragsvc - ok
18:59:19.0624 5056  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:59:19.0624 5056  DfsC - ok
18:59:19.0674 5056  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:59:19.0694 5056  Dhcp - ok
18:59:19.0794 5056  [ D6B0939B78C73E1396A9C58DCCBC1983 ] Disc Soft Bus Service C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
18:59:19.0814 5056  Disc Soft Bus Service - ok
18:59:19.0844 5056  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:59:19.0844 5056  discache - ok
18:59:19.0894 5056  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:59:19.0894 5056  Disk - ok
18:59:19.0944 5056  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:59:19.0964 5056  Dnscache - ok
18:59:20.0034 5056  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:59:20.0036 5056  dot3svc - ok
18:59:20.0096 5056  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:59:20.0106 5056  DPS - ok
18:59:20.0136 5056  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:59:20.0136 5056  drmkaud - ok
18:59:20.0186 5056  [ C9914A74045A6D23DB7252FA3985DE25 ] dtscsibus       C:\Windows\system32\DRIVERS\dtscsibus.sys
18:59:20.0196 5056  dtscsibus - ok
18:59:20.0256 5056  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:59:20.0286 5056  DXGKrnl - ok
18:59:20.0326 5056  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:59:20.0326 5056  EapHost - ok
18:59:20.0426 5056  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:59:20.0518 5056  ebdrv - ok
18:59:20.0560 5056  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:59:20.0560 5056  EFS - ok
18:59:20.0600 5056  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:59:20.0610 5056  elxstor - ok
18:59:20.0640 5056  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:59:20.0640 5056  ErrDev - ok
18:59:20.0690 5056  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:59:20.0700 5056  EventSystem - ok
18:59:20.0720 5056  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:59:20.0730 5056  exfat - ok
18:59:20.0750 5056  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:59:20.0760 5056  fastfat - ok
18:59:20.0830 5056  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:59:20.0840 5056  Fax - ok
18:59:20.0870 5056  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:59:20.0870 5056  fdc - ok
18:59:20.0900 5056  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:59:20.0910 5056  fdPHost - ok
18:59:20.0920 5056  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:59:20.0920 5056  FDResPub - ok
18:59:20.0940 5056  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:59:20.0940 5056  FileInfo - ok
18:59:20.0950 5056  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:59:20.0960 5056  Filetrace - ok
18:59:21.0010 5056  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:59:21.0020 5056  FLEXnet Licensing Service - ok
18:59:21.0040 5056  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:59:21.0050 5056  flpydisk - ok
18:59:21.0110 5056  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:59:21.0130 5056  FltMgr - ok
18:59:21.0220 5056  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:59:21.0260 5056  FontCache - ok
18:59:21.0342 5056  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:59:21.0342 5056  FontCache3.0.0.0 - ok
18:59:21.0352 5056  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:59:21.0352 5056  FsDepends - ok
18:59:21.0392 5056  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:59:21.0392 5056  Fs_Rec - ok
18:59:21.0452 5056  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:59:21.0462 5056  fvevol - ok
18:59:21.0492 5056  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:59:21.0492 5056  gagp30kx - ok
18:59:21.0542 5056  [ E53EE18A21C025DEABCFE0F72FC481BB ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
18:59:21.0542 5056  GameConsoleService - ok
18:59:21.0602 5056  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:59:21.0632 5056  gpsvc - ok
18:59:21.0732 5056  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:59:21.0742 5056  gupdate - ok
18:59:21.0792 5056  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:59:21.0792 5056  gupdatem - ok
18:59:21.0822 5056  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:59:21.0822 5056  hcw85cir - ok
18:59:21.0882 5056  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:59:21.0892 5056  HdAudAddService - ok
18:59:21.0932 5056  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:59:21.0932 5056  HDAudBus - ok
18:59:21.0952 5056  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:59:21.0952 5056  HidBatt - ok
18:59:21.0982 5056  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:59:21.0982 5056  HidBth - ok
18:59:22.0002 5056  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:59:22.0012 5056  HidIr - ok
18:59:22.0042 5056  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:59:22.0042 5056  hidserv - ok
18:59:22.0082 5056  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
18:59:22.0082 5056  HidUsb - ok
18:59:22.0112 5056  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:59:22.0112 5056  hkmsvc - ok
18:59:22.0152 5056  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:59:22.0152 5056  HomeGroupListener - ok
18:59:22.0202 5056  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:59:22.0202 5056  HomeGroupProvider - ok
18:59:22.0282 5056  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:59:22.0292 5056  HP Support Assistant Service - ok
18:59:22.0362 5056  [ 58CC11D14D88EF70EF7ABBC75B5EEBD8 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
18:59:22.0372 5056  HP Wireless Assistant Service - ok
18:59:22.0482 5056  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:59:22.0515 5056  hpqwmiex - ok
18:59:22.0544 5056  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:59:22.0544 5056  HpSAMD - ok
18:59:22.0614 5056  [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
18:59:22.0614 5056  HPWMISVC - ok
18:59:22.0694 5056  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:59:22.0704 5056  HTTP - ok
18:59:22.0754 5056  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:59:22.0754 5056  hwpolicy - ok
18:59:22.0814 5056  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:59:22.0814 5056  i8042prt - ok
18:59:22.0886 5056  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:59:22.0891 5056  iaStorV - ok
18:59:22.0966 5056  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:59:22.0996 5056  idsvc - ok
18:59:23.0176 5056  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:59:23.0328 5056  igfx - ok
18:59:23.0352 5056  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:59:23.0354 5056  iirsp - ok
18:59:23.0390 5056  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:59:23.0410 5056  IKEEXT - ok
18:59:23.0530 5056  [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:59:23.0612 5056  IntcAzAudAddService - ok
18:59:23.0645 5056  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:59:23.0648 5056  intelide - ok
18:59:23.0674 5056  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:59:23.0674 5056  intelppm - ok
18:59:23.0704 5056  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:59:23.0704 5056  IPBusEnum - ok
18:59:23.0754 5056  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:59:23.0754 5056  IpFilterDriver - ok
18:59:23.0814 5056  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:59:23.0844 5056  iphlpsvc - ok
18:59:23.0906 5056  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:59:23.0906 5056  IPMIDRV - ok
18:59:23.0926 5056  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:59:23.0936 5056  IPNAT - ok
18:59:23.0966 5056  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:59:23.0966 5056  IRENUM - ok
18:59:23.0986 5056  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:59:23.0986 5056  isapnp - ok
18:59:24.0036 5056  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:59:24.0046 5056  iScsiPrt - ok
18:59:24.0066 5056  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:59:24.0076 5056  kbdclass - ok
18:59:24.0116 5056  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:59:24.0116 5056  kbdhid - ok
18:59:24.0146 5056  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:59:24.0146 5056  KeyIso - ok
18:59:24.0186 5056  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:59:24.0186 5056  KSecDD - ok
18:59:24.0236 5056  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:59:24.0236 5056  KSecPkg - ok
18:59:24.0266 5056  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:59:24.0266 5056  ksthunk - ok
18:59:24.0296 5056  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:59:24.0316 5056  KtmRm - ok
18:59:24.0366 5056  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:59:24.0376 5056  LanmanServer - ok
18:59:24.0436 5056  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:59:24.0436 5056  LanmanWorkstation - ok
18:59:24.0506 5056  [ 020DFDB1927C996C990E70ED86CFDB06 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
18:59:24.0506 5056  libusb0 - ok
18:59:24.0526 5056  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:59:24.0526 5056  lltdio - ok
18:59:24.0556 5056  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:59:24.0576 5056  lltdsvc - ok
18:59:24.0596 5056  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:59:24.0596 5056  lmhosts - ok
18:59:24.0646 5056  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:59:24.0646 5056  LSI_FC - ok
18:59:24.0696 5056  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:59:24.0696 5056  LSI_SAS - ok
18:59:24.0726 5056  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:59:24.0736 5056  LSI_SAS2 - ok
18:59:24.0756 5056  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:59:24.0756 5056  LSI_SCSI - ok
18:59:24.0786 5056  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:59:24.0796 5056  luafv - ok
18:59:24.0816 5056  lxbc_device - ok
18:59:24.0856 5056  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:59:24.0856 5056  megasas - ok
18:59:24.0886 5056  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:59:24.0896 5056  MegaSR - ok
18:59:24.0926 5056  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:59:24.0926 5056  MMCSS - ok
18:59:24.0946 5056  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:59:24.0946 5056  Modem - ok
18:59:24.0966 5056  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:59:24.0966 5056  monitor - ok
18:59:25.0006 5056  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
18:59:25.0006 5056  mouclass - ok
18:59:25.0036 5056  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:59:25.0036 5056  mouhid - ok
18:59:25.0086 5056  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:59:25.0086 5056  mountmgr - ok
18:59:25.0186 5056  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:59:25.0186 5056  MozillaMaintenance - ok
18:59:25.0248 5056  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:59:25.0254 5056  mpio - ok
18:59:25.0288 5056  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:59:25.0288 5056  mpsdrv - ok
18:59:25.0348 5056  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:59:25.0368 5056  MpsSvc - ok
18:59:25.0418 5056  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:59:25.0428 5056  MRxDAV - ok
18:59:25.0468 5056  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:59:25.0478 5056  mrxsmb - ok
18:59:25.0538 5056  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:59:25.0548 5056  mrxsmb10 - ok
18:59:25.0568 5056  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:59:25.0568 5056  mrxsmb20 - ok
18:59:25.0597 5056  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:59:25.0599 5056  msahci - ok
18:59:25.0620 5056  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:59:25.0620 5056  msdsm - ok
18:59:25.0660 5056  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:59:25.0660 5056  MSDTC - ok
18:59:25.0710 5056  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:59:25.0710 5056  Msfs - ok
18:59:25.0740 5056  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:59:25.0740 5056  mshidkmdf - ok
18:59:25.0780 5056  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:59:25.0780 5056  msisadrv - ok
18:59:25.0820 5056  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:59:25.0820 5056  MSiSCSI - ok
18:59:25.0830 5056  msiserver - ok
18:59:25.0860 5056  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:59:25.0870 5056  MSKSSRV - ok
18:59:25.0890 5056  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:59:25.0900 5056  MSPCLOCK - ok
18:59:25.0910 5056  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:59:25.0910 5056  MSPQM - ok
18:59:25.0960 5056  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:59:25.0970 5056  MsRPC - ok
18:59:25.0990 5056  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:59:25.0990 5056  mssmbios - ok
18:59:26.0010 5056  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:59:26.0010 5056  MSTEE - ok
18:59:26.0030 5056  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:59:26.0030 5056  MTConfig - ok
18:59:26.0050 5056  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:59:26.0050 5056  Mup - ok
18:59:26.0100 5056  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:59:26.0120 5056  napagent - ok
18:59:26.0140 5056  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:59:26.0150 5056  NativeWifiP - ok
18:59:26.0220 5056  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:59:26.0250 5056  NDIS - ok
18:59:26.0270 5056  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:59:26.0270 5056  NdisCap - ok
18:59:26.0300 5056  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:59:26.0300 5056  NdisTapi - ok
18:59:26.0350 5056  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:59:26.0360 5056  Ndisuio - ok
18:59:26.0418 5056  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:59:26.0422 5056  NdisWan - ok
18:59:26.0472 5056  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:59:26.0472 5056  NDProxy - ok
18:59:26.0482 5056  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:59:26.0482 5056  NetBIOS - ok
18:59:26.0532 5056  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:59:26.0532 5056  NetBT - ok
18:59:26.0542 5056  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:59:26.0552 5056  Netlogon - ok
18:59:26.0592 5056  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:59:26.0602 5056  Netman - ok
18:59:26.0642 5056  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:59:26.0652 5056  netprofm - ok
18:59:26.0682 5056  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:59:26.0692 5056  NetTcpPortSharing - ok
18:59:26.0836 5056  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
18:59:26.0966 5056  netw5v64 - ok
18:59:27.0006 5056  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:59:27.0006 5056  nfrd960 - ok
18:59:27.0036 5056  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:59:27.0036 5056  NlaSvc - ok
18:59:27.0056 5056  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:59:27.0056 5056  Npfs - ok
18:59:27.0076 5056  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:59:27.0076 5056  nsi - ok
18:59:27.0086 5056  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:59:27.0096 5056  nsiproxy - ok
18:59:27.0156 5056  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:59:27.0196 5056  Ntfs - ok
18:59:27.0206 5056  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:59:27.0206 5056  Null - ok
18:59:27.0236 5056  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:59:27.0236 5056  nvraid - ok
18:59:27.0276 5056  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:59:27.0286 5056  nvstor - ok
18:59:27.0306 5056  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:59:27.0306 5056  nv_agp - ok
18:59:27.0346 5056  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:59:27.0356 5056  ohci1394 - ok
18:59:27.0426 5056  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:59:27.0436 5056  ose - ok
18:59:27.0634 5056  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:59:27.0750 5056  osppsvc - ok
18:59:27.0792 5056  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:59:27.0799 5056  p2pimsvc - ok
18:59:27.0822 5056  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:59:27.0832 5056  p2psvc - ok
18:59:27.0872 5056  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:59:27.0882 5056  Parport - ok
18:59:27.0922 5056  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:59:27.0932 5056  partmgr - ok
18:59:27.0952 5056  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:59:27.0962 5056  PcaSvc - ok
18:59:28.0014 5056  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:59:28.0014 5056  pci - ok
18:59:28.0075 5056  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:59:28.0077 5056  pciide - ok
18:59:28.0106 5056  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:59:28.0106 5056  pcmcia - ok
18:59:28.0136 5056  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:59:28.0136 5056  pcw - ok
18:59:28.0176 5056  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:59:28.0186 5056  PEAUTH - ok
18:59:28.0276 5056  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:59:28.0286 5056  PerfHost - ok
18:59:28.0398 5056  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:59:28.0440 5056  pla - ok
18:59:28.0480 5056  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:59:28.0500 5056  PlugPlay - ok
18:59:28.0520 5056  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:59:28.0520 5056  PNRPAutoReg - ok
18:59:28.0540 5056  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:59:28.0550 5056  PNRPsvc - ok
18:59:28.0622 5056  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:59:28.0632 5056  PolicyAgent - ok
18:59:28.0682 5056  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:59:28.0682 5056  Power - ok
18:59:28.0732 5056  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:59:28.0742 5056  PptpMiniport - ok
18:59:28.0762 5056  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:59:28.0762 5056  Processor - ok
18:59:28.0822 5056  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:59:28.0842 5056  ProfSvc - ok
18:59:28.0862 5056  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:59:28.0862 5056  ProtectedStorage - ok
18:59:28.0924 5056  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:59:28.0924 5056  Psched - ok
18:59:28.0984 5056  [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
18:59:28.0984 5056  PSI - ok
18:59:29.0034 5056  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:59:29.0064 5056  ql2300 - ok
18:59:29.0105 5056  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:59:29.0108 5056  ql40xx - ok
18:59:29.0126 5056  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:59:29.0136 5056  QWAVE - ok
18:59:29.0156 5056  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:59:29.0166 5056  QWAVEdrv - ok
18:59:29.0186 5056  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:59:29.0186 5056  RasAcd - ok
18:59:29.0216 5056  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:59:29.0216 5056  RasAgileVpn - ok
18:59:29.0236 5056  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:59:29.0236 5056  RasAuto - ok
18:59:29.0286 5056  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:59:29.0286 5056  Rasl2tp - ok
18:59:29.0336 5056  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:59:29.0366 5056  RasMan - ok
18:59:29.0386 5056  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:59:29.0386 5056  RasPppoe - ok
18:59:29.0406 5056  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:59:29.0416 5056  RasSstp - ok
18:59:29.0466 5056  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:59:29.0476 5056  rdbss - ok
18:59:29.0516 5056  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:59:29.0516 5056  rdpbus - ok
18:59:29.0541 5056  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:59:29.0542 5056  RDPCDD - ok
18:59:29.0568 5056  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:59:29.0578 5056  RDPENCDD - ok
18:59:29.0588 5056  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:59:29.0598 5056  RDPREFMP - ok
18:59:29.0640 5056  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:59:29.0640 5056  RDPWD - ok
18:59:29.0690 5056  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:59:29.0700 5056  rdyboost - ok
18:59:29.0730 5056  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:59:29.0730 5056  RemoteAccess - ok
18:59:29.0772 5056  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:59:29.0772 5056  RemoteRegistry - ok
18:59:29.0812 5056  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:59:29.0822 5056  RpcEptMapper - ok
18:59:29.0842 5056  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:59:29.0852 5056  RpcLocator - ok
18:59:29.0892 5056  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:59:29.0902 5056  RpcSs - ok
18:59:29.0922 5056  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:59:29.0922 5056  rspndr - ok
18:59:29.0962 5056  [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
18:59:29.0972 5056  RSUSBSTOR - ok
18:59:30.0022 5056  [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:59:30.0042 5056  RTL8167 - ok
18:59:30.0112 5056  [ 03E0627C26943916A7276AC5306206C7 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
18:59:30.0132 5056  rtl8192se - ok
18:59:30.0212 5056  [ 4EA7E5DF0CB237156176FA0349E6E87F ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
18:59:30.0232 5056  RtVOsdService - ok
18:59:30.0262 5056  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:59:30.0262 5056  SamSs - ok
18:59:30.0304 5056  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:59:30.0304 5056  sbp2port - ok
18:59:30.0354 5056  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:59:30.0374 5056  SCardSvr - ok
18:59:30.0424 5056  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:59:30.0425 5056  scfilter - ok
18:59:30.0486 5056  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:59:30.0516 5056  Schedule - ok
18:59:30.0556 5056  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:59:30.0556 5056  SCPolicySvc - ok
18:59:30.0606 5056  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
18:59:30.0616 5056  sdbus - ok
18:59:30.0686 5056  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:59:30.0696 5056  SDRSVC - ok
18:59:30.0756 5056  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:59:30.0756 5056  secdrv - ok
18:59:30.0806 5056  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:59:30.0816 5056  seclogon - ok
18:59:30.0906 5056  [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:59:30.0936 5056  Secunia PSI Agent - ok
18:59:30.0966 5056  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:59:30.0966 5056  SENS - ok
18:59:30.0996 5056  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:59:31.0006 5056  SensrSvc - ok
18:59:31.0026 5056  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:59:31.0026 5056  Serenum - ok
18:59:31.0056 5056  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:59:31.0056 5056  Serial - ok
18:59:31.0086 5056  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:59:31.0086 5056  sermouse - ok
18:59:31.0146 5056  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:59:31.0156 5056  SessionEnv - ok
18:59:31.0206 5056  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:59:31.0206 5056  sffdisk - ok
18:59:31.0246 5056  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:59:31.0259 5056  sffp_mmc - ok
18:59:31.0298 5056  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:59:31.0308 5056  sffp_sd - ok
18:59:31.0368 5056  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:59:31.0368 5056  sfloppy - ok
18:59:31.0562 5056  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
18:59:31.0572 5056  Sftfs - ok
18:59:31.0654 5056  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:59:31.0664 5056  sftlist - ok
18:59:31.0714 5056  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:59:31.0724 5056  Sftplay - ok
18:59:31.0744 5056  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:59:31.0754 5056  Sftredir - ok
18:59:31.0784 5056  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
18:59:31.0784 5056  Sftvol - ok
18:59:31.0834 5056  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:59:31.0844 5056  sftvsa - ok
18:59:31.0884 5056  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:59:31.0904 5056  SharedAccess - ok
18:59:31.0956 5056  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:59:31.0976 5056  ShellHWDetection - ok
18:59:32.0016 5056  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:59:32.0016 5056  SiSRaid2 - ok
18:59:32.0046 5056  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:59:32.0046 5056  SiSRaid4 - ok
18:59:32.0096 5056  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:59:32.0096 5056  Smb - ok
18:59:32.0146 5056  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:59:32.0156 5056  SNMPTRAP - ok
18:59:32.0166 5056  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:59:32.0166 5056  spldr - ok
18:59:32.0196 5056  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:59:32.0206 5056  Spooler - ok
18:59:32.0336 5056  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:59:32.0428 5056  sppsvc - ok
18:59:32.0458 5056  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:59:32.0463 5056  sppuinotify - ok
18:59:32.0520 5056  [ D519AD2DE7968CD2B47FEA807C5B29B2 ] sptd            C:\Windows\System32\Drivers\sptd.sys
18:59:32.0520 5056  Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: D519AD2DE7968CD2B47FEA807C5B29B2
18:59:32.0530 5056  sptd ( LockedFile.Multi.Generic ) - warning
18:59:32.0530 5056  sptd - detected LockedFile.Multi.Generic (1)
18:59:32.0570 5056  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:59:32.0590 5056  srv - ok
18:59:32.0640 5056  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:59:32.0642 5056  srv2 - ok
18:59:32.0682 5056  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:59:32.0682 5056  SrvHsfHDA - ok
18:59:32.0732 5056  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:59:32.0762 5056  SrvHsfV92 - ok
18:59:32.0792 5056  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:59:32.0802 5056  SrvHsfWinac - ok
18:59:32.0829 5056  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:59:32.0832 5056  srvnet - ok
18:59:32.0854 5056  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:59:32.0864 5056  SSDPSRV - ok
18:59:32.0894 5056  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:59:32.0904 5056  SstpSvc - ok
18:59:33.0004 5056  [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
18:59:33.0024 5056  StarWindServiceAE - ok
18:59:33.0066 5056  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:59:33.0068 5056  stexstor - ok
18:59:33.0176 5056  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:59:33.0206 5056  stisvc - ok
18:59:33.0255 5056  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:59:33.0257 5056  swenum - ok
18:59:33.0278 5056  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:59:33.0298 5056  swprv - ok
18:59:33.0408 5056  [ 961CFAC2A5318E212F459D651F28E0A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:59:33.0465 5056  SynTP - ok
18:59:33.0550 5056  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:59:33.0601 5056  SysMain - ok
18:59:33.0642 5056  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:59:33.0652 5056  TabletInputService - ok
18:59:33.0702 5056  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:59:33.0712 5056  TapiSrv - ok
18:59:33.0742 5056  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:59:33.0752 5056  TBS - ok
18:59:33.0832 5056  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:59:33.0872 5056  Tcpip - ok
18:59:33.0932 5056  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:59:33.0942 5056  TCPIP6 - ok
18:59:33.0994 5056  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:59:33.0994 5056  tcpipreg - ok
18:59:34.0034 5056  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:59:34.0034 5056  TDPIPE - ok
18:59:34.0064 5056  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:59:34.0064 5056  TDTCP - ok
18:59:34.0124 5056  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:59:34.0124 5056  tdx - ok
18:59:34.0174 5056  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:59:34.0174 5056  TermDD - ok
18:59:34.0234 5056  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:59:34.0264 5056  TermService - ok
18:59:34.0292 5056  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:59:34.0296 5056  Themes - ok
18:59:34.0326 5056  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:59:34.0326 5056  THREADORDER - ok
18:59:34.0346 5056  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:59:34.0356 5056  TrkWks - ok
18:59:34.0426 5056  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:59:34.0426 5056  TrustedInstaller - ok
18:59:34.0498 5056  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:59:34.0508 5056  tssecsrv - ok
18:59:34.0568 5056  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:59:34.0568 5056  TsUsbFlt - ok
18:59:34.0628 5056  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:59:34.0628 5056  tunnel - ok
18:59:34.0678 5056  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:59:34.0688 5056  uagp35 - ok
18:59:34.0748 5056  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:59:34.0768 5056  udfs - ok
18:59:34.0811 5056  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:59:34.0816 5056  UI0Detect - ok
18:59:34.0830 5056  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:59:34.0840 5056  uliagpkx - ok
18:59:34.0900 5056  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:59:34.0900 5056  umbus - ok
18:59:34.0930 5056  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:59:34.0930 5056  UmPass - ok
18:59:34.0970 5056  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:59:34.0980 5056  upnphost - ok
18:59:35.0020 5056  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:59:35.0020 5056  USBAAPL64 - ok
18:59:35.0060 5056  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:59:35.0060 5056  usbaudio - ok
18:59:35.0070 5056  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:59:35.0080 5056  usbccgp - ok
18:59:35.0120 5056  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:59:35.0130 5056  usbcir - ok
18:59:35.0160 5056  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:59:35.0160 5056  usbehci - ok
18:59:35.0190 5056  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:59:35.0192 5056  usbhub - ok
18:59:35.0202 5056  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
18:59:35.0202 5056  usbohci - ok
18:59:35.0232 5056  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:59:35.0232 5056  usbprint - ok
18:59:35.0262 5056  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:59:35.0262 5056  USBSTOR - ok
18:59:35.0282 5056  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:59:35.0282 5056  usbuhci - ok
18:59:35.0312 5056  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:59:35.0312 5056  usbvideo - ok
18:59:35.0382 5056  [ 92B3172E8C14C1444682F510843A9988 ] USB_RNDIS       C:\Windows\system32\DRIVERS\usb8023.sys
18:59:35.0382 5056  USB_RNDIS - ok
18:59:35.0402 5056  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:59:35.0402 5056  UxSms - ok
18:59:35.0422 5056  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:59:35.0432 5056  VaultSvc - ok
18:59:35.0442 5056  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:59:35.0452 5056  vdrvroot - ok
18:59:35.0502 5056  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:59:35.0522 5056  vds - ok
18:59:35.0542 5056  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:59:35.0542 5056  vga - ok
18:59:35.0592 5056  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:59:35.0592 5056  VgaSave - ok
18:59:35.0622 5056  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:59:35.0622 5056  vhdmp - ok
18:59:35.0662 5056  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:59:35.0662 5056  viaide - ok
18:59:35.0692 5056  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:59:35.0692 5056  volmgr - ok
18:59:35.0742 5056  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:59:35.0752 5056  volmgrx - ok
18:59:35.0792 5056  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:59:35.0792 5056  volsnap - ok
18:59:35.0840 5056  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:59:35.0843 5056  vsmraid - ok
18:59:35.0904 5056  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:59:35.0944 5056  VSS - ok
18:59:35.0954 5056  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:59:35.0954 5056  vwifibus - ok
18:59:35.0989 5056  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:59:35.0991 5056  vwififlt - ok
18:59:36.0026 5056  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:59:36.0046 5056  W32Time - ok
18:59:36.0076 5056  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:59:36.0076 5056  WacomPen - ok
18:59:36.0116 5056  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:59:36.0116 5056  WANARP - ok
18:59:36.0136 5056  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:59:36.0136 5056  Wanarpv6 - ok
18:59:36.0206 5056  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:59:36.0226 5056  WatAdminSvc - ok
18:59:36.0316 5056  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:59:36.0366 5056  wbengine - ok
18:59:36.0388 5056  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:59:36.0388 5056  WbioSrvc - ok
18:59:36.0438 5056  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:59:36.0458 5056  wcncsvc - ok
18:59:36.0468 5056  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:59:36.0478 5056  WcsPlugInService - ok
18:59:36.0508 5056  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:59:36.0508 5056  Wd - ok
18:59:36.0568 5056  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:59:36.0588 5056  Wdf01000 - ok
18:59:36.0628 5056  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:59:36.0634 5056  WdiServiceHost - ok
18:59:36.0644 5056  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:59:36.0649 5056  WdiSystemHost - ok
18:59:36.0700 5056  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:59:36.0700 5056  WebClient - ok
18:59:36.0720 5056  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:59:36.0730 5056  Wecsvc - ok
18:59:36.0750 5056  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:59:36.0760 5056  wercplsupport - ok
18:59:36.0790 5056  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:59:36.0800 5056  WerSvc - ok
18:59:36.0830 5056  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:59:36.0830 5056  WfpLwf - ok
18:59:36.0850 5056  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:59:36.0860 5056  WIMMount - ok
18:59:36.0890 5056  WinDefend - ok
18:59:36.0910 5056  WinHttpAutoProxySvc - ok
18:59:36.0950 5056  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:59:36.0950 5056  Winmgmt - ok
18:59:37.0040 5056  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:59:37.0090 5056  WinRM - ok
18:59:37.0162 5056  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:59:37.0172 5056  WinUsb - ok
18:59:37.0212 5056  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:59:37.0242 5056  Wlansvc - ok
18:59:37.0372 5056  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:59:37.0434 5056  wlidsvc - ok
18:59:37.0465 5056  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:59:37.0467 5056  WmiAcpi - ok
18:59:37.0503 5056  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:59:37.0506 5056  wmiApSrv - ok
18:59:37.0526 5056  WMPNetworkSvc - ok
18:59:37.0546 5056  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:59:37.0546 5056  WPCSvc - ok
18:59:37.0606 5056  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:59:37.0606 5056  WPDBusEnum - ok
18:59:37.0646 5056  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:59:37.0646 5056  ws2ifsl - ok
18:59:37.0666 5056  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:59:37.0676 5056  wscsvc - ok
18:59:37.0686 5056  WSearch - ok
18:59:37.0798 5056  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:59:37.0850 5056  wuauserv - ok
18:59:37.0898 5056  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:59:37.0901 5056  WudfPf - ok
18:59:37.0922 5056  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:59:37.0932 5056  WUDFRd - ok
18:59:37.0972 5056  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:59:37.0982 5056  wudfsvc - ok
18:59:38.0012 5056  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:59:38.0022 5056  WwanSvc - ok
18:59:38.0062 5056  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
18:59:38.0062 5056  yukonw7 - ok
18:59:38.0092 5056  ================ Scan global ===============================
18:59:38.0134 5056  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:59:38.0174 5056  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:59:38.0204 5056  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:59:38.0234 5056  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:59:38.0264 5056  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:59:38.0274 5056  [Global] - ok
18:59:38.0274 5056  ================ Scan MBR ==================================
18:59:38.0294 5056  [ 384D1A6EA19528D1DD3123DBB8DBDFDE ] \Device\Harddisk0\DR0
18:59:38.0634 5056  \Device\Harddisk0\DR0 - ok
18:59:38.0644 5056  ================ Scan VBR ==================================
18:59:38.0644 5056  [ 24D01DDEC8E389296CABAEACB34343A8 ] \Device\Harddisk0\DR0\Partition1
18:59:38.0644 5056  \Device\Harddisk0\DR0\Partition1 - ok
18:59:38.0674 5056  [ 05F0CB4C437C0BEB64B95EE6EC2FF75D ] \Device\Harddisk0\DR0\Partition2
18:59:38.0684 5056  \Device\Harddisk0\DR0\Partition2 - ok
18:59:38.0704 5056  [ 687F7C8FD729EC7E0AA47D92B2447B10 ] \Device\Harddisk0\DR0\Partition3
18:59:38.0714 5056  \Device\Harddisk0\DR0\Partition3 - ok
18:59:38.0724 5056  [ 7CD1A52C1411CAAA2476F5C719A8F381 ] \Device\Harddisk0\DR0\Partition4
18:59:38.0724 5056  \Device\Harddisk0\DR0\Partition4 - ok
18:59:38.0734 5056  ============================================================
18:59:38.0734 5056  Scan finished
18:59:38.0734 5056  ============================================================
18:59:38.0744 5088  Detected object count: 1
18:59:38.0744 5088  Actual detected object count: 1
19:01:29.0820 5088  C:\Windows\System32\Drivers\sptd.sys - copied to quarantine
19:01:30.0072 5088  sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
19:02:33.0342 2688  Deinitialize success
 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:30 PM

Posted 15 May 2013 - 09:36 AM

Did TDSS select quarantine or did you?

 

Next run these.

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 

How is it now?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 InertiaticESP

InertiaticESP
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 15 May 2013 - 10:16 PM

To answer your question - yesterday's TDSSKiller scan gave me the option and I chose to quarantine. Today I deleted.

 

Each one of these tools is finding something. I'm deleting them after scans are complete. Hopefully this is fixable. Thanks again for your help.

 

TDSSKiller

 

15:47:41.0372 5516  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:47:41.0871 5516  ============================================================
15:47:41.0871 5516  Current date / time: 2013/05/15 15:47:41.0871
15:47:41.0871 5516  SystemInfo:
15:47:41.0871 5516  
15:47:41.0871 5516  OS Version: 6.1.7601 ServicePack: 1.0
15:47:41.0871 5516  Product type: Workstation
15:47:41.0871 5516  ComputerName: DAVID-PC
15:47:41.0871 5516  UserName: David
15:47:41.0871 5516  Windows directory: C:\Windows
15:47:41.0871 5516  System windows directory: C:\Windows
15:47:41.0871 5516  Running under WOW64
15:47:41.0871 5516  Processor architecture: Intel x64
15:47:41.0871 5516  Number of processors: 1
15:47:41.0871 5516  Page size: 0x1000
15:47:41.0871 5516  Boot type: Normal boot
15:47:41.0871 5516  ============================================================
15:47:43.0182 5516  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:47:43.0197 5516  ============================================================
15:47:43.0197 5516  \Device\Harddisk0\DR0:
15:47:43.0197 5516  MBR partitions:
15:47:43.0197 5516  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
15:47:43.0197 5516  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x10E26800
15:47:43.0197 5516  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10E8A800, BlocksNum 0x1B5B800
15:47:43.0197 5516  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x129E6000, BlocksNum 0x336B0
15:47:43.0197 5516  ============================================================
15:47:43.0213 5516  C: <-> \Device\Harddisk0\DR0\Partition2
15:47:43.0244 5516  D: <-> \Device\Harddisk0\DR0\Partition3
15:47:43.0260 5516  E: <-> \Device\Harddisk0\DR0\Partition4
15:47:43.0260 5516  ============================================================
15:47:43.0260 5516  Initialize success
15:47:43.0260 5516  ============================================================
15:48:07.0253 5768  ============================================================
15:48:07.0253 5768  Scan started
15:48:07.0253 5768  Mode: Manual; TDLFS;
15:48:07.0253 5768  ============================================================
15:48:08.0251 5768  ================ Scan system memory ========================
15:48:08.0251 5768  System memory - ok
15:48:08.0251 5768  ================ Scan services =============================
15:48:08.0469 5768  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:48:08.0485 5768  1394ohci - ok
15:48:08.0532 5768  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:48:08.0547 5768  ACPI - ok
15:48:08.0579 5768  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:48:08.0579 5768  AcpiPmi - ok
15:48:08.0719 5768  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:48:08.0719 5768  AdobeARMservice - ok
15:48:08.0875 5768  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:48:08.0875 5768  AdobeFlashPlayerUpdateSvc - ok
15:48:08.0922 5768  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:48:08.0937 5768  adp94xx - ok
15:48:08.0984 5768  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:48:09.0000 5768  adpahci - ok
15:48:09.0031 5768  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:48:09.0031 5768  adpu320 - ok
15:48:09.0078 5768  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:48:09.0078 5768  AeLookupSvc - ok
15:48:09.0156 5768  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:48:09.0156 5768  AERTFilters - ok
15:48:09.0234 5768  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:48:09.0234 5768  AFD - ok
15:48:09.0281 5768  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:48:09.0281 5768  agp440 - ok
15:48:09.0312 5768  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:48:09.0312 5768  ALG - ok
15:48:09.0343 5768  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:48:09.0343 5768  aliide - ok
15:48:09.0390 5768  [ DCEEE24E57E8176115207312F827C130 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:48:09.0405 5768  AMD External Events Utility - ok
15:48:09.0421 5768  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:48:09.0421 5768  amdide - ok
15:48:09.0468 5768  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:48:09.0468 5768  AmdK8 - ok
15:48:09.0639 5768  [ F6640D83AF0FD74C50E23E68548EA9A0 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:48:09.0811 5768  amdkmdag - ok
15:48:09.0827 5768  [ 20B63276A1920B41E1C56720B395049B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:48:09.0842 5768  amdkmdap - ok
15:48:09.0858 5768  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:48:09.0858 5768  AmdPPM - ok
15:48:09.0905 5768  [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
15:48:09.0905 5768  amdsata - ok
15:48:09.0936 5768  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:48:09.0936 5768  amdsbs - ok
15:48:09.0951 5768  [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
15:48:09.0951 5768  amdxata - ok
15:48:09.0998 5768  [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
15:48:09.0998 5768  androidusb - ok
15:48:10.0045 5768  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:48:10.0045 5768  AppID - ok
15:48:10.0076 5768  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:48:10.0092 5768  AppIDSvc - ok
15:48:10.0139 5768  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:48:10.0139 5768  Appinfo - ok
15:48:10.0185 5768  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:48:10.0201 5768  arc - ok
15:48:10.0232 5768  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:48:10.0232 5768  arcsas - ok
15:48:10.0279 5768  [ F3F5F2FDE0DEABA4F2CE336E9454FAE2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
15:48:10.0279 5768  aswFsBlk - ok
15:48:10.0326 5768  [ 90980D5291F8E725700272E4B64EDA10 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:48:10.0326 5768  aswMonFlt - ok
15:48:10.0373 5768  [ A4C94945B8A1FFE449A500C2CF0B5882 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
15:48:10.0373 5768  aswRdr - ok
15:48:10.0435 5768  [ A06E330475C1957C50C13B483D41F2BD ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:48:10.0435 5768  aswRvrt - ok
15:48:10.0513 5768  [ 9237BE2AB3C7D611F1F8FB7018691BAC ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:48:10.0529 5768  aswSnx - ok
15:48:10.0560 5768  [ D8FEC7F7BFE1BAD685DC8D1EF384693D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:48:10.0560 5768  aswSP - ok
15:48:10.0575 5768  [ 3D9BA0EF6C5847E4482FC01ABCD26683 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
15:48:10.0575 5768  aswTdi - ok
15:48:10.0607 5768  [ 3C7D772F6059C142991D00FE3AB61D40 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:48:10.0622 5768  aswVmm - ok
15:48:10.0638 5768  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:48:10.0653 5768  AsyncMac - ok
15:48:10.0700 5768  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:48:10.0700 5768  atapi - ok
15:48:10.0747 5768  [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
15:48:10.0747 5768  AtiPcie - ok
15:48:10.0825 5768  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:48:10.0841 5768  AudioEndpointBuilder - ok
15:48:10.0856 5768  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:48:10.0856 5768  AudioSrv - ok
15:48:10.0934 5768  [ 6F702A7EA2D5F2B55CC90C333FBE9978 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:48:10.0934 5768  avast! Antivirus - ok
15:48:10.0997 5768  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:48:10.0997 5768  AxInstSV - ok
15:48:11.0059 5768  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:48:11.0075 5768  b06bdrv - ok
15:48:11.0106 5768  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:48:11.0106 5768  b57nd60a - ok
15:48:11.0153 5768  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:48:11.0153 5768  BDESVC - ok
15:48:11.0168 5768  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:48:11.0184 5768  Beep - ok
15:48:11.0246 5768  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:48:11.0262 5768  BFE - ok
15:48:11.0340 5768  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:48:11.0371 5768  BITS - ok
15:48:11.0402 5768  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:48:11.0402 5768  blbdrive - ok
15:48:11.0480 5768  [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
15:48:11.0496 5768  Bonjour Service - ok
15:48:11.0558 5768  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:48:11.0558 5768  bowser - ok
15:48:11.0574 5768  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:48:11.0574 5768  BrFiltLo - ok
15:48:11.0589 5768  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:48:11.0605 5768  BrFiltUp - ok
15:48:11.0667 5768  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:48:11.0683 5768  Browser - ok
15:48:11.0714 5768  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:48:11.0730 5768  Brserid - ok
15:48:11.0745 5768  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:48:11.0745 5768  BrSerWdm - ok
15:48:11.0761 5768  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:48:11.0761 5768  BrUsbMdm - ok
15:48:11.0777 5768  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:48:11.0777 5768  BrUsbSer - ok
15:48:11.0808 5768  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:48:11.0808 5768  BTHMODEM - ok
15:48:11.0839 5768  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:48:11.0839 5768  bthserv - ok
15:48:11.0855 5768  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:48:11.0855 5768  cdfs - ok
15:48:11.0901 5768  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:48:11.0901 5768  cdrom - ok
15:48:11.0964 5768  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:48:11.0964 5768  CertPropSvc - ok
15:48:11.0995 5768  [ 2C24DB5F78F0ACA759803001E6B4F320 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
15:48:11.0995 5768  CinemaNow Service - ok
15:48:12.0026 5768  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:48:12.0026 5768  circlass - ok
15:48:12.0073 5768  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:48:12.0073 5768  CLFS - ok
15:48:12.0151 5768  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:48:12.0151 5768  clr_optimization_v2.0.50727_32 - ok
15:48:12.0229 5768  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:48:12.0245 5768  clr_optimization_v2.0.50727_64 - ok
15:48:12.0354 5768  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:48:12.0354 5768  clr_optimization_v4.0.30319_32 - ok
15:48:12.0401 5768  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:48:12.0401 5768  clr_optimization_v4.0.30319_64 - ok
15:48:12.0432 5768  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:48:12.0432 5768  CmBatt - ok
15:48:12.0479 5768  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:48:12.0479 5768  cmdide - ok
15:48:12.0541 5768  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:48:12.0557 5768  CNG - ok
15:48:12.0588 5768  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:48:12.0588 5768  Compbatt - ok
15:48:12.0635 5768  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:48:12.0635 5768  CompositeBus - ok
15:48:12.0666 5768  COMSysApp - ok
15:48:12.0697 5768  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:48:12.0697 5768  crcdisk - ok
15:48:12.0759 5768  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:48:12.0775 5768  CryptSvc - ok
15:48:12.0915 5768  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:48:12.0947 5768  cvhsvc - ok
15:48:13.0009 5768  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:48:13.0025 5768  DcomLaunch - ok
15:48:13.0056 5768  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:48:13.0056 5768  defragsvc - ok
15:48:13.0103 5768  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:48:13.0103 5768  DfsC - ok
15:48:13.0181 5768  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:48:13.0196 5768  Dhcp - ok
15:48:13.0321 5768  [ D6B0939B78C73E1396A9C58DCCBC1983 ] Disc Soft Bus Service C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
15:48:13.0352 5768  Disc Soft Bus Service - ok
15:48:13.0383 5768  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:48:13.0383 5768  discache - ok
15:48:13.0415 5768  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:48:13.0415 5768  Disk - ok
15:48:13.0461 5768  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:48:13.0477 5768  Dnscache - ok
15:48:13.0524 5768  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:48:13.0539 5768  dot3svc - ok
15:48:13.0586 5768  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:48:13.0586 5768  DPS - ok
15:48:13.0617 5768  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:48:13.0617 5768  drmkaud - ok
15:48:13.0680 5768  [ C9914A74045A6D23DB7252FA3985DE25 ] dtscsibus       C:\Windows\system32\DRIVERS\dtscsibus.sys
15:48:13.0680 5768  dtscsibus - ok
15:48:13.0773 5768  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:48:13.0805 5768  DXGKrnl - ok
15:48:13.0836 5768  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:48:13.0836 5768  EapHost - ok
15:48:13.0945 5768  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:48:14.0023 5768  ebdrv - ok
15:48:14.0070 5768  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:48:14.0070 5768  EFS - ok
15:48:14.0117 5768  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:48:14.0132 5768  elxstor - ok
15:48:14.0148 5768  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:48:14.0148 5768  ErrDev - ok
15:48:14.0195 5768  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:48:14.0210 5768  EventSystem - ok
15:48:14.0241 5768  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:48:14.0241 5768  exfat - ok
15:48:14.0257 5768  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:48:14.0273 5768  fastfat - ok
15:48:14.0335 5768  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:48:14.0335 5768  Fax - ok
15:48:14.0382 5768  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:48:14.0382 5768  fdc - ok
15:48:14.0413 5768  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:48:14.0413 5768  fdPHost - ok
15:48:14.0429 5768  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:48:14.0429 5768  FDResPub - ok
15:48:14.0444 5768  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:48:14.0444 5768  FileInfo - ok
15:48:14.0460 5768  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:48:14.0460 5768  Filetrace - ok
15:48:14.0522 5768  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:48:14.0538 5768  FLEXnet Licensing Service - ok
15:48:14.0553 5768  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:48:14.0553 5768  flpydisk - ok
15:48:14.0616 5768  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:48:14.0631 5768  FltMgr - ok
15:48:14.0725 5768  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
15:48:14.0756 5768  FontCache - ok
15:48:14.0803 5768  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:48:14.0803 5768  FontCache3.0.0.0 - ok
15:48:14.0819 5768  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:48:14.0819 5768  FsDepends - ok
15:48:14.0865 5768  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:48:14.0865 5768  Fs_Rec - ok
15:48:14.0928 5768  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:48:14.0928 5768  fvevol - ok
15:48:14.0975 5768  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:48:14.0975 5768  gagp30kx - ok
15:48:15.0037 5768  [ E53EE18A21C025DEABCFE0F72FC481BB ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
15:48:15.0053 5768  GameConsoleService - ok
15:48:15.0115 5768  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:48:15.0146 5768  gpsvc - ok
15:48:15.0224 5768  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:48:15.0224 5768  gupdate - ok
15:48:15.0287 5768  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:48:15.0287 5768  gupdatem - ok
15:48:15.0318 5768  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:48:15.0318 5768  hcw85cir - ok
15:48:15.0380 5768  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:48:15.0380 5768  HdAudAddService - ok
15:48:15.0427 5768  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:48:15.0427 5768  HDAudBus - ok
15:48:15.0443 5768  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:48:15.0443 5768  HidBatt - ok
15:48:15.0474 5768  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:48:15.0474 5768  HidBth - ok
15:48:15.0505 5768  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:48:15.0505 5768  HidIr - ok
15:48:15.0536 5768  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:48:15.0536 5768  hidserv - ok
15:48:15.0567 5768  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:48:15.0567 5768  HidUsb - ok
15:48:15.0599 5768  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:48:15.0599 5768  hkmsvc - ok
15:48:15.0661 5768  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:48:15.0692 5768  HomeGroupListener - ok
15:48:15.0739 5768  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:48:15.0739 5768  HomeGroupProvider - ok
15:48:15.0833 5768  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
15:48:15.0848 5768  HP Support Assistant Service - ok
15:48:15.0926 5768  [ 58CC11D14D88EF70EF7ABBC75B5EEBD8 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
15:48:15.0926 5768  HP Wireless Assistant Service - ok
15:48:16.0035 5768  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
15:48:16.0067 5768  hpqwmiex - ok
15:48:16.0113 5768  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:48:16.0113 5768  HpSAMD - ok
15:48:16.0176 5768  [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
15:48:16.0191 5768  HPWMISVC - ok
15:48:16.0254 5768  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:48:16.0269 5768  HTTP - ok
15:48:16.0316 5768  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:48:16.0316 5768  hwpolicy - ok
15:48:16.0379 5768  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:48:16.0379 5768  i8042prt - ok
15:48:16.0441 5768  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:48:16.0441 5768  iaStorV - ok
15:48:16.0519 5768  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:48:16.0566 5768  idsvc - ok
15:48:16.0753 5768  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:48:16.0909 5768  igfx - ok
15:48:16.0940 5768  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:48:16.0940 5768  iirsp - ok
15:48:16.0971 5768  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:48:17.0003 5768  IKEEXT - ok
15:48:17.0127 5768  [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:48:17.0221 5768  IntcAzAudAddService - ok
15:48:17.0237 5768  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:48:17.0252 5768  intelide - ok
15:48:17.0268 5768  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:48:17.0283 5768  intelppm - ok
15:48:17.0299 5768  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:48:17.0315 5768  IPBusEnum - ok
15:48:17.0346 5768  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:48:17.0346 5768  IpFilterDriver - ok
15:48:17.0393 5768  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:48:17.0408 5768  iphlpsvc - ok
15:48:17.0455 5768  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:48:17.0455 5768  IPMIDRV - ok
15:48:17.0471 5768  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:48:17.0471 5768  IPNAT - ok
15:48:17.0502 5768  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:48:17.0502 5768  IRENUM - ok
15:48:17.0517 5768  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:48:17.0517 5768  isapnp - ok
15:48:17.0564 5768  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:48:17.0564 5768  iScsiPrt - ok
15:48:17.0595 5768  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
15:48:17.0595 5768  kbdclass - ok
15:48:17.0642 5768  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:48:17.0642 5768  kbdhid - ok
15:48:17.0673 5768  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:48:17.0673 5768  KeyIso - ok
15:48:17.0720 5768  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:48:17.0720 5768  KSecDD - ok
15:48:17.0751 5768  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:48:17.0767 5768  KSecPkg - ok
15:48:17.0814 5768  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:48:17.0814 5768  ksthunk - ok
15:48:17.0845 5768  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:48:17.0861 5768  KtmRm - ok
15:48:17.0907 5768  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:48:17.0923 5768  LanmanServer - ok
15:48:17.0985 5768  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:48:17.0985 5768  LanmanWorkstation - ok
15:48:18.0095 5768  [ 020DFDB1927C996C990E70ED86CFDB06 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
15:48:18.0095 5768  libusb0 - ok
15:48:18.0157 5768  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:48:18.0157 5768  lltdio - ok
15:48:18.0204 5768  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:48:18.0204 5768  lltdsvc - ok
15:48:18.0235 5768  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:48:18.0235 5768  lmhosts - ok
15:48:18.0266 5768  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:48:18.0266 5768  LSI_FC - ok
15:48:18.0313 5768  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:48:18.0329 5768  LSI_SAS - ok
15:48:18.0438 5768  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:48:18.0485 5768  LSI_SAS2 - ok
15:48:18.0563 5768  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:48:18.0563 5768  LSI_SCSI - ok
15:48:18.0609 5768  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:48:18.0609 5768  luafv - ok
15:48:18.0625 5768  lxbc_device - ok
15:48:18.0672 5768  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:48:18.0672 5768  megasas - ok
15:48:18.0719 5768  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:48:18.0719 5768  MegaSR - ok
15:48:18.0765 5768  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:48:18.0781 5768  MMCSS - ok
15:48:18.0797 5768  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:48:18.0797 5768  Modem - ok
15:48:18.0828 5768  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:48:18.0843 5768  monitor - ok
15:48:18.0875 5768  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
15:48:18.0890 5768  mouclass - ok
15:48:18.0906 5768  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:48:18.0906 5768  mouhid - ok
15:48:18.0953 5768  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:48:18.0953 5768  mountmgr - ok
15:48:19.0062 5768  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:48:19.0062 5768  MozillaMaintenance - ok
15:48:19.0109 5768  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:48:19.0109 5768  mpio - ok
15:48:19.0140 5768  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:48:19.0155 5768  mpsdrv - ok
15:48:19.0218 5768  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:48:19.0249 5768  MpsSvc - ok
15:48:19.0296 5768  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:48:19.0311 5768  MRxDAV - ok
15:48:19.0343 5768  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:48:19.0358 5768  mrxsmb - ok
15:48:19.0405 5768  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:48:19.0421 5768  mrxsmb10 - ok
15:48:19.0436 5768  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:48:19.0436 5768  mrxsmb20 - ok
15:48:19.0452 5768  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:48:19.0452 5768  msahci - ok
15:48:19.0483 5768  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:48:19.0483 5768  msdsm - ok
15:48:19.0514 5768  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:48:19.0530 5768  MSDTC - ok
15:48:19.0561 5768  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:48:19.0561 5768  Msfs - ok
15:48:19.0592 5768  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:48:19.0592 5768  mshidkmdf - ok
15:48:19.0655 5768  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:48:19.0655 5768  msisadrv - ok
15:48:19.0701 5768  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:48:19.0701 5768  MSiSCSI - ok
15:48:19.0717 5768  msiserver - ok
15:48:19.0748 5768  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:48:19.0748 5768  MSKSSRV - ok
15:48:19.0779 5768  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:48:19.0779 5768  MSPCLOCK - ok
15:48:19.0795 5768  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:48:19.0795 5768  MSPQM - ok
15:48:19.0842 5768  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:48:19.0857 5768  MsRPC - ok
15:48:19.0873 5768  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:48:19.0873 5768  mssmbios - ok
15:48:19.0889 5768  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:48:19.0904 5768  MSTEE - ok
15:48:19.0920 5768  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:48:19.0920 5768  MTConfig - ok
15:48:19.0935 5768  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:48:19.0935 5768  Mup - ok
15:48:19.0998 5768  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:48:20.0013 5768  napagent - ok
15:48:20.0045 5768  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:48:20.0045 5768  NativeWifiP - ok
15:48:20.0123 5768  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:48:20.0154 5768  NDIS - ok
15:48:20.0169 5768  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:48:20.0169 5768  NdisCap - ok
15:48:20.0201 5768  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:48:20.0201 5768  NdisTapi - ok
15:48:20.0263 5768  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:48:20.0263 5768  Ndisuio - ok
15:48:20.0325 5768  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:48:20.0325 5768  NdisWan - ok
15:48:20.0388 5768  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:48:20.0388 5768  NDProxy - ok
15:48:20.0403 5768  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:48:20.0419 5768  NetBIOS - ok
15:48:20.0481 5768  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:48:20.0481 5768  NetBT - ok
15:48:20.0513 5768  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:48:20.0528 5768  Netlogon - ok
15:48:20.0559 5768  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:48:20.0575 5768  Netman - ok
15:48:20.0591 5768  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:48:20.0606 5768  netprofm - ok
15:48:20.0637 5768  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:48:20.0637 5768  NetTcpPortSharing - ok
15:48:20.0793 5768  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
15:48:20.0934 5768  netw5v64 - ok
15:48:20.0965 5768  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:48:20.0965 5768  nfrd960 - ok
15:48:20.0996 5768  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:48:21.0012 5768  NlaSvc - ok
15:48:21.0027 5768  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:48:21.0027 5768  Npfs - ok
15:48:21.0043 5768  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:48:21.0043 5768  nsi - ok
15:48:21.0059 5768  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:48:21.0059 5768  nsiproxy - ok
15:48:21.0137 5768  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:48:21.0168 5768  Ntfs - ok
15:48:21.0183 5768  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:48:21.0183 5768  Null - ok
15:48:21.0215 5768  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:48:21.0215 5768  nvraid - ok
15:48:21.0246 5768  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:48:21.0246 5768  nvstor - ok
15:48:21.0277 5768  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:48:21.0277 5768  nv_agp - ok
15:48:21.0324 5768  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:48:21.0324 5768  ohci1394 - ok
15:48:21.0386 5768  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:48:21.0402 5768  ose - ok
15:48:21.0573 5768  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:48:21.0698 5768  osppsvc - ok
15:48:21.0729 5768  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:48:21.0729 5768  p2pimsvc - ok
15:48:21.0761 5768  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:48:21.0776 5768  p2psvc - ok
15:48:21.0807 5768  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:48:21.0807 5768  Parport - ok
15:48:21.0854 5768  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:48:21.0854 5768  partmgr - ok
15:48:21.0870 5768  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:48:21.0885 5768  PcaSvc - ok
15:48:21.0917 5768  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:48:21.0917 5768  pci - ok
15:48:21.0963 5768  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:48:21.0963 5768  pciide - ok
15:48:21.0995 5768  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:48:22.0010 5768  pcmcia - ok
15:48:22.0041 5768  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:48:22.0041 5768  pcw - ok
15:48:22.0073 5768  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:48:22.0088 5768  PEAUTH - ok
15:48:22.0182 5768  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:48:22.0182 5768  PerfHost - ok
15:48:22.0275 5768  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:48:22.0322 5768  pla - ok
15:48:22.0369 5768  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:48:22.0385 5768  PlugPlay - ok
15:48:22.0416 5768  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:48:22.0416 5768  PNRPAutoReg - ok
15:48:22.0431 5768  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:48:22.0431 5768  PNRPsvc - ok
15:48:22.0463 5768  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:48:22.0478 5768  PolicyAgent - ok
15:48:22.0509 5768  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:48:22.0525 5768  Power - ok
15:48:22.0572 5768  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:48:22.0572 5768  PptpMiniport - ok
15:48:22.0603 5768  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:48:22.0603 5768  Processor - ok
15:48:22.0665 5768  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:48:22.0681 5768  ProfSvc - ok
15:48:22.0697 5768  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:48:22.0697 5768  ProtectedStorage - ok
15:48:22.0759 5768  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:48:22.0759 5768  Psched - ok
15:48:22.0821 5768  [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
15:48:22.0821 5768  PSI - ok
15:48:22.0884 5768  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:48:22.0931 5768  ql2300 - ok
15:48:22.0946 5768  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:48:22.0962 5768  ql40xx - ok
15:48:22.0977 5768  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:48:22.0977 5768  QWAVE - ok
15:48:23.0009 5768  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:48:23.0009 5768  QWAVEdrv - ok
15:48:23.0040 5768  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:48:23.0040 5768  RasAcd - ok
15:48:23.0071 5768  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:48:23.0071 5768  RasAgileVpn - ok
15:48:23.0087 5768  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:48:23.0102 5768  RasAuto - ok
15:48:23.0149 5768  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:48:23.0149 5768  Rasl2tp - ok
15:48:23.0196 5768  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:48:23.0211 5768  RasMan - ok
15:48:23.0258 5768  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:48:23.0258 5768  RasPppoe - ok
15:48:23.0289 5768  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:48:23.0289 5768  RasSstp - ok
15:48:23.0336 5768  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:48:23.0336 5768  rdbss - ok
15:48:23.0352 5768  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:48:23.0352 5768  rdpbus - ok
15:48:23.0383 5768  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:48:23.0383 5768  RDPCDD - ok
15:48:23.0414 5768  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:48:23.0414 5768  RDPENCDD - ok
15:48:23.0430 5768  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:48:23.0430 5768  RDPREFMP - ok
15:48:23.0477 5768  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:48:23.0477 5768  RDPWD - ok
15:48:23.0523 5768  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:48:23.0523 5768  rdyboost - ok
15:48:23.0570 5768  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:48:23.0586 5768  RemoteAccess - ok
15:48:23.0617 5768  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:48:23.0633 5768  RemoteRegistry - ok
15:48:23.0664 5768  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:48:23.0664 5768  RpcEptMapper - ok
15:48:23.0711 5768  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:48:23.0711 5768  RpcLocator - ok
15:48:23.0773 5768  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:48:23.0789 5768  RpcSs - ok
15:48:23.0804 5768  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:48:23.0820 5768  rspndr - ok
15:48:23.0851 5768  [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
15:48:23.0867 5768  RSUSBSTOR - ok
15:48:23.0945 5768  [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:48:23.0960 5768  RTL8167 - ok
15:48:24.0023 5768  [ 03E0627C26943916A7276AC5306206C7 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
15:48:24.0054 5768  rtl8192se - ok
15:48:24.0147 5768  [ 4EA7E5DF0CB237156176FA0349E6E87F ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
15:48:24.0163 5768  RtVOsdService - ok
15:48:24.0179 5768  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:48:24.0194 5768  SamSs - ok
15:48:24.0225 5768  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:48:24.0225 5768  sbp2port - ok
15:48:24.0272 5768  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:48:24.0288 5768  SCardSvr - ok
15:48:24.0319 5768  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:48:24.0319 5768  scfilter - ok
15:48:24.0381 5768  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:48:24.0413 5768  Schedule - ok
15:48:24.0459 5768  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:48:24.0459 5768  SCPolicySvc - ok
15:48:24.0522 5768  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
15:48:24.0537 5768  sdbus - ok
15:48:24.0569 5768  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:48:24.0584 5768  SDRSVC - ok
15:48:24.0615 5768  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:48:24.0615 5768  secdrv - ok
15:48:24.0662 5768  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:48:24.0662 5768  seclogon - ok
15:48:24.0756 5768  [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
15:48:24.0803 5768  Secunia PSI Agent - ok
15:48:24.0834 5768  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:48:24.0834 5768  SENS - ok
15:48:24.0865 5768  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:48:24.0865 5768  SensrSvc - ok
15:48:24.0896 5768  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:48:24.0896 5768  Serenum - ok
15:48:24.0927 5768  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:48:24.0943 5768  Serial - ok
15:48:24.0974 5768  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:48:24.0974 5768  sermouse - ok
15:48:25.0037 5768  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:48:25.0037 5768  SessionEnv - ok
15:48:25.0083 5768  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:48:25.0083 5768  sffdisk - ok
15:48:25.0115 5768  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:48:25.0115 5768  sffp_mmc - ok
15:48:25.0130 5768  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:48:25.0146 5768  sffp_sd - ok
15:48:25.0161 5768  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:48:25.0161 5768  sfloppy - ok
15:48:25.0239 5768  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
15:48:25.0271 5768  Sftfs - ok
15:48:25.0364 5768  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:48:25.0380 5768  sftlist - ok
15:48:25.0427 5768  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:48:25.0427 5768  Sftplay - ok
15:48:25.0442 5768  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:48:25.0458 5768  Sftredir - ok
15:48:25.0505 5768  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
15:48:25.0505 5768  Sftvol - ok
15:48:25.0551 5768  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:48:25.0567 5768  sftvsa - ok
15:48:25.0598 5768  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:48:25.0598 5768  SharedAccess - ok
15:48:25.0661 5768  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:48:25.0692 5768  ShellHWDetection - ok
15:48:25.0739 5768  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:48:25.0739 5768  SiSRaid2 - ok
15:48:25.0785 5768  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:48:25.0785 5768  SiSRaid4 - ok
15:48:25.0832 5768  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:48:25.0832 5768  Smb - ok
15:48:25.0895 5768  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:48:25.0895 5768  SNMPTRAP - ok
15:48:25.0910 5768  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:48:25.0910 5768  spldr - ok
15:48:25.0957 5768  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:48:25.0973 5768  Spooler - ok
15:48:26.0097 5768  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:48:26.0175 5768  sppsvc - ok
15:48:26.0191 5768  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:48:26.0207 5768  sppuinotify - ok
15:48:26.0269 5768  [ D519AD2DE7968CD2B47FEA807C5B29B2 ] sptd            C:\Windows\System32\Drivers\sptd.sys
15:48:26.0269 5768  Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: D519AD2DE7968CD2B47FEA807C5B29B2
15:48:26.0269 5768  sptd ( LockedFile.Multi.Generic ) - warning
15:48:26.0269 5768  sptd - detected LockedFile.Multi.Generic (1)
15:48:26.0331 5768  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:48:26.0331 5768  srv - ok
15:48:26.0363 5768  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:48:26.0363 5768  srv2 - ok
15:48:26.0409 5768  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:48:26.0409 5768  SrvHsfHDA - ok
15:48:26.0456 5768  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:48:26.0487 5768  SrvHsfV92 - ok
15:48:26.0519 5768  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:48:26.0534 5768  SrvHsfWinac - ok
15:48:26.0565 5768  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:48:26.0565 5768  srvnet - ok
15:48:26.0597 5768  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:48:26.0597 5768  SSDPSRV - ok
15:48:26.0628 5768  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:48:26.0628 5768  SstpSvc - ok
15:48:26.0721 5768  [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
15:48:26.0737 5768  StarWindServiceAE - ok
15:48:26.0784 5768  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:48:26.0784 5768  stexstor - ok
15:48:26.0846 5768  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:48:26.0877 5768  stisvc - ok
15:48:26.0940 5768  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:48:26.0940 5768  swenum - ok
15:48:26.0987 5768  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:48:27.0002 5768  swprv - ok
15:48:27.0127 5768  [ 961CFAC2A5318E212F459D651F28E0A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:48:27.0174 5768  SynTP - ok
15:48:27.0252 5768  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:48:27.0283 5768  SysMain - ok
15:48:27.0345 5768  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:48:27.0345 5768  TabletInputService - ok
15:48:27.0408 5768  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:48:27.0423 5768  TapiSrv - ok
15:48:27.0455 5768  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:48:27.0455 5768  TBS - ok
15:48:27.0548 5768  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:48:27.0611 5768  Tcpip - ok
15:48:27.0657 5768  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:48:27.0673 5768  TCPIP6 - ok
15:48:27.0735 5768  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:48:27.0735 5768  tcpipreg - ok
15:48:27.0798 5768  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:48:27.0798 5768  TDPIPE - ok
15:48:27.0829 5768  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:48:27.0829 5768  TDTCP - ok
15:48:27.0891 5768  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:48:27.0891 5768  tdx - ok
15:48:27.0938 5768  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:48:27.0938 5768  TermDD - ok
15:48:28.0016 5768  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:48:28.0032 5768  TermService - ok
15:48:28.0047 5768  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:48:28.0047 5768  Themes - ok
15:48:28.0079 5768  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:48:28.0094 5768  THREADORDER - ok
15:48:28.0110 5768  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:48:28.0110 5768  TrkWks - ok
15:48:28.0172 5768  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:48:28.0188 5768  TrustedInstaller - ok
15:48:28.0250 5768  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:48:28.0250 5768  tssecsrv - ok
15:48:28.0313 5768  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:48:28.0313 5768  TsUsbFlt - ok
15:48:28.0375 5768  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:48:28.0375 5768  tunnel - ok
15:48:28.0422 5768  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:48:28.0422 5768  uagp35 - ok
15:48:28.0484 5768  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:48:28.0500 5768  udfs - ok
15:48:28.0547 5768  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:48:28.0562 5768  UI0Detect - ok
15:48:28.0578 5768  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:48:28.0578 5768  uliagpkx - ok
15:48:28.0640 5768  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
15:48:28.0640 5768  umbus - ok
15:48:28.0671 5768  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:48:28.0671 5768  UmPass - ok
15:48:28.0718 5768  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:48:28.0718 5768  upnphost - ok
15:48:28.0765 5768  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:48:28.0765 5768  USBAAPL64 - ok
15:48:28.0796 5768  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:48:28.0796 5768  usbaudio - ok
15:48:28.0812 5768  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:48:28.0827 5768  usbccgp - ok
15:48:28.0859 5768  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:48:28.0859 5768  usbcir - ok
15:48:28.0905 5768  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:48:28.0921 5768  usbehci - ok
15:48:28.0937 5768  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:48:28.0937 5768  usbhub - ok
15:48:28.0952 5768  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:48:28.0952 5768  usbohci - ok
15:48:28.0983 5768  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:48:28.0983 5768  usbprint - ok
15:48:29.0015 5768  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:48:29.0015 5768  USBSTOR - ok
15:48:29.0030 5768  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:48:29.0030 5768  usbuhci - ok
15:48:29.0061 5768  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:48:29.0061 5768  usbvideo - ok
15:48:29.0124 5768  [ 92B3172E8C14C1444682F510843A9988 ] USB_RNDIS       C:\Windows\system32\DRIVERS\usb8023.sys
15:48:29.0139 5768  USB_RNDIS - ok
15:48:29.0171 5768  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:48:29.0171 5768  UxSms - ok
15:48:29.0186 5768  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:48:29.0202 5768  VaultSvc - ok
15:48:29.0217 5768  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:48:29.0217 5768  vdrvroot - ok
15:48:29.0280 5768  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:48:29.0311 5768  vds - ok
15:48:29.0358 5768  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:48:29.0358 5768  vga - ok
15:48:29.0389 5768  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:48:29.0389 5768  VgaSave - ok
15:48:29.0420 5768  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:48:29.0420 5768  vhdmp - ok
15:48:29.0467 5768  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:48:29.0467 5768  viaide - ok
15:48:29.0498 5768  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:48:29.0498 5768  volmgr - ok
15:48:29.0561 5768  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:48:29.0576 5768  volmgrx - ok
15:48:29.0607 5768  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:48:29.0623 5768  volsnap - ok
15:48:29.0685 5768  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:48:29.0685 5768  vsmraid - ok
15:48:29.0779 5768  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:48:29.0841 5768  VSS - ok
15:48:29.0873 5768  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:48:29.0873 5768  vwifibus - ok
15:48:29.0904 5768  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:48:29.0919 5768  vwififlt - ok
15:48:29.0951 5768  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:48:29.0966 5768  W32Time - ok
15:48:30.0013 5768  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:48:30.0013 5768  WacomPen - ok
15:48:30.0044 5768  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:48:30.0044 5768  WANARP - ok
15:48:30.0060 5768  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:48:30.0075 5768  Wanarpv6 - ok
15:48:30.0138 5768  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:48:30.0169 5768  WatAdminSvc - ok
15:48:30.0247 5768  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:48:30.0294 5768  wbengine - ok
15:48:30.0325 5768  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:48:30.0341 5768  WbioSrvc - ok
15:48:30.0387 5768  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:48:30.0403 5768  wcncsvc - ok
15:48:30.0419 5768  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:48:30.0434 5768  WcsPlugInService - ok
15:48:30.0465 5768  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:48:30.0465 5768  Wd - ok
15:48:30.0528 5768  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:48:30.0559 5768  Wdf01000 - ok
15:48:30.0590 5768  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:48:30.0590 5768  WdiServiceHost - ok
15:48:30.0606 5768  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:48:30.0606 5768  WdiSystemHost - ok
15:48:30.0653 5768  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:48:30.0668 5768  WebClient - ok
15:48:30.0684 5768  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:48:30.0699 5768  Wecsvc - ok
15:48:30.0715 5768  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:48:30.0731 5768  wercplsupport - ok
15:48:30.0762 5768  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:48:30.0762 5768  WerSvc - ok
15:48:30.0793 5768  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:48:30.0809 5768  WfpLwf - ok
15:48:30.0824 5768  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:48:30.0824 5768  WIMMount - ok
15:48:30.0855 5768  WinDefend - ok
15:48:30.0871 5768  WinHttpAutoProxySvc - ok
15:48:30.0933 5768  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:48:30.0933 5768  Winmgmt - ok
15:48:31.0027 5768  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:48:31.0089 5768  WinRM - ok
15:48:31.0152 5768  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:48:31.0152 5768  WinUsb - ok
15:48:31.0199 5768  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:48:31.0214 5768  Wlansvc - ok
15:48:31.0355 5768  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:48:31.0417 5768  wlidsvc - ok
15:48:31.0479 5768  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:48:31.0479 5768  WmiAcpi - ok
15:48:31.0511 5768  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:48:31.0526 5768  wmiApSrv - ok
15:48:31.0542 5768  WMPNetworkSvc - ok
15:48:31.0557 5768  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:48:31.0573 5768  WPCSvc - ok
15:48:31.0620 5768  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:48:31.0620 5768  WPDBusEnum - ok
15:48:31.0667 5768  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:48:31.0667 5768  ws2ifsl - ok
15:48:31.0682 5768  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:48:31.0698 5768  wscsvc - ok
15:48:31.0698 5768  WSearch - ok
15:48:31.0823 5768  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:48:31.0901 5768  wuauserv - ok
15:48:31.0932 5768  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:48:31.0947 5768  WudfPf - ok
15:48:31.0963 5768  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:48:31.0979 5768  WUDFRd - ok
15:48:32.0025 5768  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:48:32.0025 5768  wudfsvc - ok
15:48:32.0057 5768  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:48:32.0072 5768  WwanSvc - ok
15:48:32.0103 5768  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
15:48:32.0119 5768  yukonw7 - ok
15:48:32.0150 5768  ================ Scan global ===============================
15:48:32.0181 5768  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:48:32.0228 5768  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:48:32.0259 5768  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:48:32.0291 5768  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:48:32.0322 5768  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:48:32.0337 5768  [Global] - ok
15:48:32.0353 5768  ================ Scan MBR ==================================
15:48:32.0353 5768  [ 384D1A6EA19528D1DD3123DBB8DBDFDE ] \Device\Harddisk0\DR0
15:48:32.0712 5768  \Device\Harddisk0\DR0 - ok
15:48:32.0712 5768  ================ Scan VBR ==================================
15:48:32.0712 5768  [ 24D01DDEC8E389296CABAEACB34343A8 ] \Device\Harddisk0\DR0\Partition1
15:48:32.0727 5768  \Device\Harddisk0\DR0\Partition1 - ok
15:48:32.0759 5768  [ 05F0CB4C437C0BEB64B95EE6EC2FF75D ] \Device\Harddisk0\DR0\Partition2
15:48:32.0759 5768  \Device\Harddisk0\DR0\Partition2 - ok
15:48:32.0790 5768  [ 687F7C8FD729EC7E0AA47D92B2447B10 ] \Device\Harddisk0\DR0\Partition3
15:48:32.0790 5768  \Device\Harddisk0\DR0\Partition3 - ok
15:48:32.0805 5768  [ 7CD1A52C1411CAAA2476F5C719A8F381 ] \Device\Harddisk0\DR0\Partition4
15:48:32.0805 5768  \Device\Harddisk0\DR0\Partition4 - ok
15:48:32.0821 5768  ============================================================
15:48:32.0821 5768  Scan finished
15:48:32.0821 5768  ============================================================
15:48:32.0837 3320  Detected object count: 1
15:48:32.0837 3320  Actual detected object count: 1
15:48:52.0009 3320  C:\Windows\System32\Drivers\sptd.sys - copied to quarantine
15:48:52.0056 3320  HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
15:48:52.0087 3320  HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
15:48:52.0274 3320  C:\Windows\System32\Drivers\sptd.sys - will be deleted on reboot
15:48:52.0274 3320  sptd ( LockedFile.Multi.Generic ) - User select action: Delete
15:48:57.0375 3404  Deinitialize success

 

Second scan after reboot

 

16:00:10.0409 2652  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:00:11.0345 2652  ============================================================
16:00:11.0345 2652  Current date / time: 2013/05/15 16:00:11.0345
16:00:11.0345 2652  SystemInfo:
16:00:11.0345 2652  
16:00:11.0345 2652  OS Version: 6.1.7601 ServicePack: 1.0
16:00:11.0345 2652  Product type: Workstation
16:00:11.0345 2652  ComputerName: DAVID-PC
16:00:11.0345 2652  UserName: David
16:00:11.0345 2652  Windows directory: C:\Windows
16:00:11.0345 2652  System windows directory: C:\Windows
16:00:11.0345 2652  Running under WOW64
16:00:11.0345 2652  Processor architecture: Intel x64
16:00:11.0345 2652  Number of processors: 1
16:00:11.0345 2652  Page size: 0x1000
16:00:11.0345 2652  Boot type: Normal boot
16:00:11.0345 2652  ============================================================
16:00:17.0305 2652  BG loaded
16:00:20.0159 2652  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:00:20.0206 2652  ============================================================
16:00:20.0206 2652  \Device\Harddisk0\DR0:
16:00:20.0206 2652  MBR partitions:
16:00:20.0206 2652  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:00:20.0206 2652  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x10E26800
16:00:20.0206 2652  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10E8A800, BlocksNum 0x1B5B800
16:00:20.0206 2652  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x129E6000, BlocksNum 0x336B0
16:00:20.0206 2652  ============================================================
16:00:20.0300 2652  C: <-> \Device\Harddisk0\DR0\Partition2
16:00:20.0456 2652  D: <-> \Device\Harddisk0\DR0\Partition3
16:00:20.0471 2652  E: <-> \Device\Harddisk0\DR0\Partition4
16:00:20.0471 2652  ============================================================
16:00:20.0471 2652  Initialize success
16:00:20.0471 2652  ============================================================
16:00:35.0962 2564  ============================================================
16:00:35.0962 2564  Scan started
16:00:35.0962 2564  Mode: Manual; TDLFS;
16:00:35.0962 2564  ============================================================
16:00:52.0841 2564  ================ Scan system memory ========================
16:00:52.0841 2564  System memory - ok
16:00:52.0841 2564  ================ Scan services =============================
16:00:54.0729 2564  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:00:54.0745 2564  1394ohci - ok
16:00:55.0041 2564  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:00:55.0072 2564  ACPI - ok
16:00:55.0213 2564  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:00:55.0369 2564  AcpiPmi - ok
16:00:56.0161 2564  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:00:56.0171 2564  AdobeARMservice - ok
16:00:59.0899 2564  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:00:59.0899 2564  AdobeFlashPlayerUpdateSvc - ok
16:01:00.0227 2564  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:01:00.0227 2564  adp94xx - ok
16:01:00.0492 2564  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:01:00.0507 2564  adpahci - ok
16:01:00.0648 2564  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:01:00.0648 2564  adpu320 - ok
16:01:00.0882 2564  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:01:00.0897 2564  AeLookupSvc - ok
16:01:01.0131 2564  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
16:01:01.0147 2564  AERTFilters - ok
16:01:01.0366 2564  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:01:01.0381 2564  AFD - ok
16:01:01.0475 2564  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:01:01.0475 2564  agp440 - ok
16:01:01.0568 2564  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:01:01.0584 2564  ALG - ok
16:01:01.0631 2564  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:01:01.0631 2564  aliide - ok
16:01:02.0255 2564  [ DCEEE24E57E8176115207312F827C130 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:01:02.0255 2564  AMD External Events Utility - ok
16:01:02.0411 2564  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:01:02.0411 2564  amdide - ok
16:01:02.0567 2564  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:01:02.0582 2564  AmdK8 - ok
16:01:04.0064 2564  [ F6640D83AF0FD74C50E23E68548EA9A0 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:01:04.0298 2564  amdkmdag - ok
16:01:04.0564 2564  [ 20B63276A1920B41E1C56720B395049B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:01:04.0579 2564  amdkmdap - ok
16:01:04.0657 2564  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:01:04.0657 2564  AmdPPM - ok
16:01:04.0766 2564  [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
16:01:04.0766 2564  amdsata - ok
16:01:05.0047 2564  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:01:05.0047 2564  amdsbs - ok
16:01:05.0188 2564  [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
16:01:05.0281 2564  amdxata - ok
16:01:09.0275 2564  [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
16:01:09.0946 2564  androidusb - ok
16:01:10.0148 2564  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:01:10.0148 2564  AppID - ok
16:01:10.0258 2564  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:01:10.0273 2564  AppIDSvc - ok
16:01:10.0476 2564  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
16:01:10.0476 2564  Appinfo - ok
16:01:10.0632 2564  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:01:10.0632 2564  arc - ok
16:01:10.0741 2564  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:01:10.0788 2564  arcsas - ok
16:01:10.0913 2564  [ F3F5F2FDE0DEABA4F2CE336E9454FAE2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
16:01:10.0913 2564  aswFsBlk - ok
16:01:11.0116 2564  [ 90980D5291F8E725700272E4B64EDA10 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:01:11.0116 2564  aswMonFlt - ok
16:01:11.0256 2564  [ A4C94945B8A1FFE449A500C2CF0B5882 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
16:01:11.0256 2564  aswRdr - ok
16:01:11.0459 2564  [ A06E330475C1957C50C13B483D41F2BD ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
16:01:11.0459 2564  aswRvrt - ok
16:01:11.0927 2564  [ 9237BE2AB3C7D611F1F8FB7018691BAC ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:01:11.0958 2564  aswSnx - ok
16:01:12.0052 2564  [ D8FEC7F7BFE1BAD685DC8D1EF384693D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:01:12.0067 2564  aswSP - ok
16:01:12.0130 2564  [ 3D9BA0EF6C5847E4482FC01ABCD26683 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
16:01:12.0130 2564  aswTdi - ok
16:01:12.0223 2564  [ 3C7D772F6059C142991D00FE3AB61D40 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
16:01:12.0223 2564  aswVmm - ok
16:01:12.0270 2564  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:01:12.0270 2564  AsyncMac - ok
16:01:12.0410 2564  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:01:12.0410 2564  atapi - ok
16:01:12.0535 2564  [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
16:01:12.0535 2564  AtiPcie - ok
16:01:12.0691 2564  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:01:12.0722 2564  AudioEndpointBuilder - ok
16:01:12.0738 2564  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:01:12.0754 2564  AudioSrv - ok
16:01:12.0988 2564  [ 6F702A7EA2D5F2B55CC90C333FBE9978 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:01:12.0988 2564  avast! Antivirus - ok
16:01:13.0144 2564  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:01:13.0144 2564  AxInstSV - ok
16:01:13.0346 2564  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:01:13.0362 2564  b06bdrv - ok
16:01:13.0487 2564  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:01:13.0487 2564  b57nd60a - ok
16:01:13.0534 2564  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:01:13.0534 2564  BDESVC - ok
16:01:13.0565 2564  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:01:13.0565 2564  Beep - ok
16:01:13.0768 2564  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:01:13.0814 2564  BFE - ok
16:01:14.0033 2564  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
16:01:14.0095 2564  BITS - ok
16:01:14.0173 2564  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:01:14.0173 2564  blbdrive - ok
16:01:14.0516 2564  [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
16:01:14.0516 2564  Bonjour Service - ok
16:01:14.0594 2564  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:01:14.0672 2564  bowser - ok
16:01:14.0719 2564  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:01:14.0719 2564  BrFiltLo - ok
16:01:14.0750 2564  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:01:14.0750 2564  BrFiltUp - ok
16:01:14.0860 2564  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:01:14.0969 2564  Browser - ok
16:01:15.0109 2564  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:01:15.0125 2564  Brserid - ok
16:01:15.0234 2564  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:01:15.0234 2564  BrSerWdm - ok
16:01:15.0296 2564  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:01:15.0296 2564  BrUsbMdm - ok
16:01:15.0328 2564  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:01:15.0359 2564  BrUsbSer - ok
16:01:15.0437 2564  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:01:15.0437 2564  BTHMODEM - ok
16:01:15.0530 2564  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:01:15.0530 2564  bthserv - ok
16:01:15.0640 2564  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:01:15.0640 2564  cdfs - ok
16:01:15.0796 2564  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:01:15.0796 2564  cdrom - ok
16:01:15.0920 2564  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:01:15.0920 2564  CertPropSvc - ok
16:01:16.0092 2564  [ 2C24DB5F78F0ACA759803001E6B4F320 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
16:01:16.0092 2564  CinemaNow Service - ok
16:01:16.0201 2564  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:01:16.0201 2564  circlass - ok
16:01:16.0310 2564  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:01:16.0310 2564  CLFS - ok
16:01:16.0529 2564  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:01:16.0529 2564  clr_optimization_v2.0.50727_32 - ok
16:01:16.0607 2564  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:01:16.0607 2564  clr_optimization_v2.0.50727_64 - ok
16:01:17.0356 2564  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:01:17.0356 2564  clr_optimization_v4.0.30319_32 - ok
16:01:17.0948 2564  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:01:17.0964 2564  clr_optimization_v4.0.30319_64 - ok
16:01:18.0104 2564  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:01:18.0120 2564  CmBatt - ok
16:01:18.0276 2564  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:01:18.0292 2564  cmdide - ok
16:01:18.0479 2564  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
16:01:18.0494 2564  CNG - ok
16:01:18.0682 2564  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:01:18.0697 2564  Compbatt - ok
16:01:18.0806 2564  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:01:18.0838 2564  CompositeBus - ok
16:01:18.0962 2564  COMSysApp - ok
16:01:19.0087 2564  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:01:19.0087 2564  crcdisk - ok
16:01:19.0228 2564  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:01:19.0243 2564  CryptSvc - ok
16:01:19.0742 2564  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:01:19.0774 2564  cvhsvc - ok
16:01:19.0883 2564  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:01:19.0883 2564  DcomLaunch - ok
16:01:19.0961 2564  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:01:19.0961 2564  defragsvc - ok
16:01:20.0070 2564  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:01:20.0086 2564  DfsC - ok
16:01:20.0242 2564  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:01:20.0257 2564  Dhcp - ok
16:01:21.0053 2564  [ D6B0939B78C73E1396A9C58DCCBC1983 ] Disc Soft Bus Service C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
16:01:21.0053 2564  Disc Soft Bus Service - ok
16:01:21.0115 2564  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:01:21.0115 2564  discache - ok
16:01:21.0302 2564  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:01:21.0334 2564  Disk - ok
16:01:21.0521 2564  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:01:21.0568 2564  Dnscache - ok
16:01:21.0786 2564  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:01:21.0786 2564  dot3svc - ok
16:01:21.0942 2564  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:01:21.0942 2564  DPS - ok
16:01:22.0129 2564  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:01:22.0145 2564  drmkaud - ok
16:01:22.0254 2564  [ C9914A74045A6D23DB7252FA3985DE25 ] dtscsibus       C:\Windows\system32\DRIVERS\dtscsibus.sys
16:01:22.0254 2564  dtscsibus - ok
16:01:22.0628 2564  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:01:22.0644 2564  DXGKrnl - ok
16:01:22.0831 2564  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:01:22.0847 2564  EapHost - ok
16:01:23.0861 2564  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:01:23.0908 2564  ebdrv - ok
16:01:24.0017 2564  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:01:24.0017 2564  EFS - ok
16:01:24.0266 2564  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:01:24.0266 2564  elxstor - ok
16:01:24.0329 2564  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:01:24.0485 2564  ErrDev - ok
16:01:24.0781 2564  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:01:24.0797 2564  EventSystem - ok
16:01:24.0906 2564  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:01:24.0922 2564  exfat - ok
16:01:25.0015 2564  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:01:25.0015 2564  fastfat - ok
16:01:25.0234 2564  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:01:25.0249 2564  Fax - ok
16:01:25.0343 2564  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:01:25.0343 2564  fdc - ok
16:01:25.0468 2564  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:01:25.0468 2564  fdPHost - ok
16:01:25.0546 2564  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:01:25.0546 2564  FDResPub - ok
16:01:25.0592 2564  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:01:25.0592 2564  FileInfo - ok
16:01:25.0639 2564  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:01:25.0639 2564  Filetrace - ok
16:01:25.0889 2564  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:01:25.0889 2564  FLEXnet Licensing Service - ok
16:01:25.0951 2564  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:01:25.0951 2564  flpydisk - ok
16:01:26.0216 2564  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:01:26.0232 2564  FltMgr - ok
16:01:26.0528 2564  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
16:01:26.0560 2564  FontCache - ok
16:01:26.0747 2564  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:01:26.0965 2564  FontCache3.0.0.0 - ok
16:01:27.0043 2564  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:01:27.0059 2564  FsDepends - ok
16:01:27.0137 2564  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:01:27.0152 2564  Fs_Rec - ok
16:01:27.0324 2564  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:01:27.0386 2564  fvevol - ok
16:01:27.0496 2564  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:01:27.0496 2564  gagp30kx - ok
16:01:27.0698 2564  [ E53EE18A21C025DEABCFE0F72FC481BB ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
16:01:27.0714 2564  GameConsoleService - ok
16:01:27.0917 2564  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:01:27.0948 2564  gpsvc - ok
16:01:28.0166 2564  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:01:28.0166 2564  gupdate - ok
16:01:28.0432 2564  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:01:28.0432 2564  gupdatem - ok
16:01:28.0510 2564  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:01:28.0510 2564  hcw85cir - ok
16:01:28.0822 2564  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:01:28.0837 2564  HdAudAddService - ok
16:01:28.0900 2564  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:01:28.0900 2564  HDAudBus - ok
16:01:28.0946 2564  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:01:28.0946 2564  HidBatt - ok
16:01:29.0009 2564  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:01:29.0009 2564  HidBth - ok
16:01:29.0149 2564  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:01:29.0149 2564  HidIr - ok
16:01:29.0227 2564  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
16:01:29.0227 2564  hidserv - ok
16:01:29.0414 2564  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:01:29.0430 2564  HidUsb - ok
16:01:29.0492 2564  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:01:29.0508 2564  hkmsvc - ok
16:01:29.0617 2564  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:01:29.0633 2564  HomeGroupListener - ok
16:01:29.0695 2564  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:01:29.0695 2564  HomeGroupProvider - ok
16:01:29.0898 2564  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:01:29.0898 2564  HP Support Assistant Service - ok
16:01:30.0210 2564  [ 58CC11D14D88EF70EF7ABBC75B5EEBD8 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
16:01:30.0210 2564  HP Wireless Assistant Service - ok
16:01:30.0756 2564  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:01:30.0772 2564  hpqwmiex - ok
16:01:30.0943 2564  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:01:30.0959 2564  HpSAMD - ok
16:01:31.0115 2564  [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:01:31.0115 2564  HPWMISVC - ok
16:01:31.0364 2564  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:01:31.0396 2564  HTTP - ok
16:01:31.0474 2564  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:01:31.0474 2564  hwpolicy - ok
16:01:31.0661 2564  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:01:31.0676 2564  i8042prt - ok
16:01:31.0895 2564  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:01:31.0895 2564  iaStorV - ok
16:01:32.0191 2564  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:01:32.0222 2564  idsvc - ok
16:01:33.0736 2564  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:01:33.0860 2564  igfx - ok
16:01:33.0923 2564  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:01:33.0923 2564  iirsp - ok
16:01:34.0094 2564  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:01:34.0110 2564  IKEEXT - ok
16:01:34.0531 2564  [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:01:34.0562 2564  IntcAzAudAddService - ok
16:01:34.0672 2564  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:01:34.0687 2564  intelide - ok
16:01:34.0874 2564  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:01:34.0890 2564  intelppm - ok
16:01:34.0968 2564  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:01:34.0999 2564  IPBusEnum - ok
16:01:35.0093 2564  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:01:35.0093 2564  IpFilterDriver - ok
16:01:35.0218 2564  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:01:35.0249 2564  iphlpsvc - ok
16:01:35.0311 2564  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:01:35.0327 2564  IPMIDRV - ok
16:01:35.0405 2564  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:01:35.0420 2564  IPNAT - ok
16:01:35.0483 2564  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:01:35.0483 2564  IRENUM - ok
16:01:35.0545 2564  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:01:35.0545 2564  isapnp - ok
16:01:35.0686 2564  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:01:35.0686 2564  iScsiPrt - ok
16:01:35.0795 2564  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:01:35.0810 2564  kbdclass - ok
16:01:35.0904 2564  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:01:35.0904 2564  kbdhid - ok
16:01:35.0951 2564  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:01:35.0966 2564  KeyIso - ok
16:01:36.0076 2564  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:01:36.0076 2564  KSecDD - ok
16:01:36.0169 2564  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:01:36.0185 2564  KSecPkg - ok
16:01:36.0388 2564  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:01:36.0403 2564  ksthunk - ok
16:01:36.0590 2564  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:01:36.0622 2564  KtmRm - ok
16:01:36.0793 2564  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:01:36.0871 2564  LanmanServer - ok
16:01:36.0996 2564  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:01:37.0012 2564  LanmanWorkstation - ok
16:01:37.0199 2564  [ 020DFDB1927C996C990E70ED86CFDB06 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
16:01:37.0214 2564  libusb0 - ok
16:01:37.0308 2564  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:01:37.0324 2564  lltdio - ok
16:01:37.0480 2564  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:01:37.0495 2564  lltdsvc - ok
16:01:37.0542 2564  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:01:37.0542 2564  lmhosts - ok
16:01:37.0698 2564  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:01:37.0714 2564  LSI_FC - ok
16:01:37.0823 2564  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:01:37.0823 2564  LSI_SAS - ok
16:01:37.0932 2564  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:01:37.0932 2564  LSI_SAS2 - ok
16:01:37.0994 2564  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:01:37.0994 2564  LSI_SCSI - ok
16:01:38.0057 2564  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:01:38.0057 2564  luafv - ok
16:01:38.0213 2564  lxbc_device - ok
16:01:38.0353 2564  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:01:38.0509 2564  megasas - ok
16:01:38.0618 2564  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:01:38.0665 2564  MegaSR - ok
16:01:38.0821 2564  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:01:38.0852 2564  MMCSS - ok
16:01:38.0899 2564  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:01:38.0899 2564  Modem - ok
16:01:39.0055 2564  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:01:39.0071 2564  monitor - ok
16:01:39.0227 2564  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
16:01:39.0227 2564  mouclass - ok
16:01:39.0352 2564  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:01:39.0352 2564  mouhid - ok
16:01:39.0476 2564  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:01:39.0492 2564  mountmgr - ok
16:01:39.0679 2564  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:01:39.0679 2564  MozillaMaintenance - ok
16:01:39.0804 2564  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:01:39.0820 2564  mpio - ok
16:01:39.0898 2564  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:01:39.0898 2564  mpsdrv - ok
16:01:40.0147 2564  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:01:40.0194 2564  MpsSvc - ok
16:01:40.0256 2564  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:01:40.0272 2564  MRxDAV - ok
16:01:40.0334 2564  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:01:40.0334 2564  mrxsmb - ok
16:01:40.0428 2564  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:01:40.0475 2564  mrxsmb10 - ok
16:01:40.0506 2564  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:01:40.0506 2564  mrxsmb20 - ok
16:01:40.0584 2564  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:01:40.0584 2564  msahci - ok
16:01:40.0662 2564  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:01:40.0662 2564  msdsm - ok
16:01:40.0740 2564  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:01:40.0756 2564  MSDTC - ok
16:01:40.0849 2564  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:01:40.0865 2564  Msfs - ok
16:01:40.0927 2564  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:01:40.0927 2564  mshidkmdf - ok
16:01:40.0974 2564  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:01:40.0974 2564  msisadrv - ok
16:01:41.0036 2564  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:01:41.0052 2564  MSiSCSI - ok
16:01:41.0083 2564  msiserver - ok
16:01:41.0161 2564  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:01:41.0161 2564  MSKSSRV - ok
16:01:41.0270 2564  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:01:41.0270 2564  MSPCLOCK - ok
16:01:41.0317 2564  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:01:41.0317 2564  MSPQM - ok
16:01:41.0426 2564  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:01:41.0442 2564  MsRPC - ok
16:01:41.0489 2564  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:01:41.0489 2564  mssmbios - ok
16:01:41.0520 2564  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:01:41.0520 2564  MSTEE - ok
16:01:41.0567 2564  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:01:41.0567 2564  MTConfig - ok
16:01:41.0614 2564  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:01:41.0614 2564  Mup - ok
16:01:41.0723 2564  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:01:41.0738 2564  napagent - ok
16:01:41.0894 2564  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:01:41.0910 2564  NativeWifiP - ok
16:01:42.0128 2564  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:01:42.0160 2564  NDIS - ok
16:01:42.0222 2564  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:01:42.0238 2564  NdisCap - ok
16:01:42.0300 2564  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:01:42.0316 2564  NdisTapi - ok
16:01:42.0409 2564  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:01:42.0425 2564  Ndisuio - ok
16:01:42.0503 2564  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:01:42.0503 2564  NdisWan - ok
16:01:42.0565 2564  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:01:42.0565 2564  NDProxy - ok
16:01:42.0643 2564  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:01:42.0643 2564  NetBIOS - ok
16:01:42.0737 2564  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:01:42.0752 2564  NetBT - ok
16:01:42.0799 2564  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:01:42.0799 2564  Netlogon - ok
16:01:42.0924 2564  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:01:42.0940 2564  Netman - ok
16:01:43.0080 2564  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:01:43.0111 2564  netprofm - ok
16:01:43.0158 2564  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:01:43.0158 2564  NetTcpPortSharing - ok
16:01:43.0891 2564  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
16:01:44.0047 2564  netw5v64 - ok
16:01:44.0141 2564  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:01:44.0141 2564  nfrd960 - ok
16:01:44.0250 2564  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:01:44.0375 2564  NlaSvc - ok
16:01:44.0453 2564  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:01:44.0453 2564  Npfs - ok
16:01:44.0515 2564  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:01:44.0515 2564  nsi - ok
16:01:44.0562 2564  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:01:44.0562 2564  nsiproxy - ok
16:01:44.0858 2564  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:01:44.0874 2564  Ntfs - ok
16:01:44.0921 2564  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:01:44.0921 2564  Null - ok
16:01:44.0968 2564  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:01:44.0968 2564  nvraid - ok
16:01:45.0030 2564  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:01:45.0030 2564  nvstor - ok
16:01:45.0092 2564  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:01:45.0092 2564  nv_agp - ok
16:01:45.0139 2564  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:01:45.0155 2564  ohci1394 - ok
16:01:45.0248 2564  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:01:45.0264 2564  ose - ok
16:01:45.0841 2564  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:01:45.0904 2564  osppsvc - ok
16:01:46.0013 2564  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:01:46.0028 2564  p2pimsvc - ok
16:01:46.0184 2564  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:01:46.0200 2564  p2psvc - ok
16:01:46.0262 2564  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:01:46.0262 2564  Parport - ok
16:01:46.0356 2564  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:01:46.0356 2564  partmgr - ok
16:01:46.0418 2564  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:01:46.0434 2564  PcaSvc - ok
16:01:46.0465 2564  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:01:46.0481 2564  pci - ok
16:01:46.0543 2564  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:01:46.0543 2564  pciide - ok
16:01:46.0621 2564  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:01:46.0621 2564  pcmcia - ok
16:01:46.0668 2564  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:01:46.0668 2564  pcw - ok
16:01:46.0762 2564  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:01:46.0777 2564  PEAUTH - ok
16:01:47.0074 2564  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:01:47.0074 2564  PerfHost - ok
16:01:47.0339 2564  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:01:47.0370 2564  pla - ok
16:01:47.0448 2564  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:01:47.0464 2564  PlugPlay - ok
16:01:47.0495 2564  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:01:47.0510 2564  PNRPAutoReg - ok
16:01:47.0542 2564  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:01:47.0542 2564  PNRPsvc - ok
16:01:47.0620 2564  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:01:47.0620 2564  PolicyAgent - ok
16:01:47.0698 2564  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:01:47.0698 2564  Power - ok
16:01:47.0791 2564  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:01:47.0807 2564  PptpMiniport - ok
16:01:47.0854 2564  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:01:47.0869 2564  Processor - ok
16:01:47.0963 2564  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:01:47.0963 2564  ProfSvc - ok
16:01:47.0994 2564  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:01:47.0994 2564  ProtectedStorage - ok
16:01:48.0150 2564  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:01:48.0181 2564  Psched - ok
16:01:48.0259 2564  [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
16:01:48.0259 2564  PSI - ok
16:01:48.0353 2564  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:01:48.0431 2564  ql2300 - ok
16:01:48.0493 2564  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:01:48.0493 2564  ql40xx - ok
16:01:48.0587 2564  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:01:48.0587 2564  QWAVE - ok
16:01:48.0743 2564  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:01:48.0743 2564  QWAVEdrv - ok
16:01:48.0836 2564  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:01:48.0836 2564  RasAcd - ok
16:01:48.0961 2564  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:01:48.0977 2564  RasAgileVpn - ok
16:01:49.0055 2564  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:01:49.0055 2564  RasAuto - ok
16:01:49.0148 2564  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:01:49.0148 2564  Rasl2tp - ok
16:01:49.0195 2564  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:01:49.0211 2564  RasMan - ok
16:01:49.0242 2564  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:01:49.0242 2564  RasPppoe - ok
16:01:49.0336 2564  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:01:49.0336 2564  RasSstp - ok
16:01:49.0382 2564  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:01:49.0398 2564  rdbss - ok
16:01:49.0429 2564  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:01:49.0445 2564  rdpbus - ok
16:01:49.0523 2564  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:01:49.0523 2564  RDPCDD - ok
16:01:49.0616 2564  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:01:49.0632 2564  RDPENCDD - ok
16:01:49.0663 2564  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:01:49.0663 2564  RDPREFMP - ok
16:01:49.0726 2564  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:01:49.0726 2564  RDPWD - ok
16:01:49.0819 2564  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:01:49.0819 2564  rdyboost - ok
16:01:49.0850 2564  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:01:49.0850 2564  RemoteAccess - ok
16:01:49.0897 2564  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:01:49.0897 2564  RemoteRegistry - ok
16:01:49.0975 2564  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:01:49.0975 2564  RpcEptMapper - ok
16:01:50.0022 2564  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:01:50.0038 2564  RpcLocator - ok
16:01:50.0178 2564  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:01:50.0178 2564  RpcSs - ok
16:01:50.0209 2564  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:01:50.0209 2564  rspndr - ok
16:01:50.0318 2564  [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
16:01:50.0334 2564  RSUSBSTOR - ok
16:01:50.0428 2564  [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:01:50.0428 2564  RTL8167 - ok
16:01:50.0584 2564  [ 03E0627C26943916A7276AC5306206C7 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
16:01:50.0599 2564  rtl8192se - ok
16:01:50.0802 2564  [ 4EA7E5DF0CB237156176FA0349E6E87F ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
16:01:50.0818 2564  RtVOsdService - ok
16:01:50.0864 2564  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:01:50.0864 2564  SamSs - ok
16:01:50.0911 2564  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:01:50.0911 2564  sbp2port - ok
16:01:50.0958 2564  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:01:50.0958 2564  SCardSvr - ok
16:01:51.0005 2564  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:01:51.0005 2564  scfilter - ok
16:01:51.0192 2564  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:01:51.0223 2564  Schedule - ok
16:01:51.0286 2564  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:01:51.0286 2564  SCPolicySvc - ok
16:01:51.0364 2564  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
16:01:51.0379 2564  sdbus - ok
16:01:51.0488 2564  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:01:51.0488 2564  SDRSVC - ok
16:01:51.0644 2564  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:01:51.0660 2564  secdrv - ok
16:01:51.0738 2564  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:01:51.0738 2564  seclogon - ok
16:01:51.0863 2564  [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
16:01:51.0910 2564  Secunia PSI Agent - ok
16:01:51.0972 2564  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
16:01:51.0972 2564  SENS - ok
16:01:52.0097 2564  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:01:52.0097 2564  SensrSvc - ok
16:01:52.0159 2564  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:01:52.0159 2564  Serenum - ok
16:01:52.0237 2564  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:01:52.0237 2564  Serial - ok
16:01:52.0284 2564  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:01:52.0284 2564  sermouse - ok
16:01:52.0346 2564  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:01:52.0346 2564  SessionEnv - ok
16:01:52.0409 2564  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:01:52.0409 2564  sffdisk - ok
16:01:52.0440 2564  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:01:52.0440 2564  sffp_mmc - ok
16:01:52.0456 2564  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:01:52.0456 2564  sffp_sd - ok
16:01:52.0502 2564  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:01:52.0502 2564  sfloppy - ok
16:01:52.0674 2564  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
16:01:52.0736 2564  Sftfs - ok
16:01:52.0924 2564  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:01:52.0939 2564  sftlist - ok
16:01:53.0048 2564  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:01:53.0064 2564  Sftplay - ok
16:01:53.0126 2564  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:01:53.0126 2564  Sftredir - ok
16:01:53.0189 2564  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
16:01:53.0189 2564  Sftvol - ok
16:01:53.0236 2564  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:01:53.0251 2564  sftvsa - ok
16:01:53.0392 2564  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:01:53.0407 2564  SharedAccess - ok
16:01:53.0470 2564  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:01:53.0485 2564  ShellHWDetection - ok
16:01:53.0610 2564  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:01:53.0610 2564  SiSRaid2 - ok
16:01:53.0688 2564  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:01:53.0688 2564  SiSRaid4 - ok
16:01:53.0844 2564  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:01:53.0860 2564  Smb - ok
16:01:54.0000 2564  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:01:54.0016 2564  SNMPTRAP - ok
16:01:54.0047 2564  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:01:54.0047 2564  spldr - ok
16:01:54.0156 2564  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:01:54.0172 2564  Spooler - ok
16:01:54.0811 2564  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:01:54.0967 2564  sppsvc - ok
16:01:55.0014 2564  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:01:55.0030 2564  sppuinotify - ok
16:01:55.0186 2564  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:01:55.0232 2564  srv - ok
16:01:55.0326 2564  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:01:55.0420 2564  srv2 - ok
16:01:55.0888 2564  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:01:55.0903 2564  SrvHsfHDA - ok
16:01:56.0184 2564  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:01:56.0215 2564  SrvHsfV92 - ok
16:01:56.0387 2564  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:01:56.0402 2564  SrvHsfWinac - ok
16:01:56.0449 2564  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:01:56.0465 2564  srvnet - ok
16:01:56.0636 2564  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:01:56.0668 2564  SSDPSRV - ok
16:01:56.0699 2564  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:01:56.0714 2564  SstpSvc - ok
16:01:57.0011 2564  [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
16:01:57.0011 2564  StarWindServiceAE - ok
16:01:57.0073 2564  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:01:57.0073 2564  stexstor - ok
16:01:57.0323 2564  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:01:57.0370 2564  stisvc - ok
16:01:57.0432 2564  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:01:57.0432 2564  swenum - ok
16:01:57.0494 2564  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:01:57.0557 2564  swprv - ok
16:01:57.0838 2564  [ 961CFAC2A5318E212F459D651F28E0A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:01:57.0869 2564  SynTP - ok
16:01:58.0165 2564  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:01:58.0196 2564  SysMain - ok
16:01:58.0259 2564  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:01:58.0259 2564  TabletInputService - ok
16:01:58.0321 2564  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:01:58.0352 2564  TapiSrv - ok
16:01:58.0399 2564  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:01:58.0399 2564  TBS - ok
16:01:58.0664 2564  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:01:58.0680 2564  Tcpip - ok
16:01:58.0774 2564  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:01:58.0789 2564  TCPIP6 - ok
16:01:58.0852 2564  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:01:58.0852 2564  tcpipreg - ok
16:01:58.0898 2564  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:01:58.0898 2564  TDPIPE - ok
16:01:58.0961 2564  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:01:58.0961 2564  TDTCP - ok
16:01:59.0070 2564  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:01:59.0086 2564  tdx - ok
16:01:59.0164 2564  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:01:59.0164 2564  TermDD - ok
16:01:59.0304 2564  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:01:59.0320 2564  TermService - ok
16:01:59.0366 2564  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:01:59.0382 2564  Themes - ok
16:01:59.0444 2564  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:01:59.0460 2564  THREADORDER - ok
16:01:59.0491 2564  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:01:59.0491 2564  TrkWks - ok
16:01:59.0616 2564  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:01:59.0632 2564  TrustedInstaller - ok
16:01:59.0710 2564  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:01:59.0710 2564  tssecsrv - ok
16:01:59.0834 2564  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:01:59.0834 2564  TsUsbFlt - ok
16:01:59.0928 2564  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:01:59.0944 2564  tunnel - ok
16:02:00.0037 2564  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:02:00.0053 2564  uagp35 - ok
16:02:00.0162 2564  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:02:00.0178 2564  udfs - ok
16:02:00.0240 2564  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:02:00.0256 2564  UI0Detect - ok
16:02:00.0271 2564  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:02:00.0271 2564  uliagpkx - ok
16:02:00.0365 2564  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
16:02:00.0365 2564  umbus - ok
16:02:00.0443 2564  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:02:00.0443 2564  UmPass - ok
16:02:00.0474 2564  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:02:00.0490 2564  upnphost - ok
16:02:00.0552 2564  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:02:00.0552 2564  USBAAPL64 - ok
16:02:00.0599 2564  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:02:00.0599 2564  usbaudio - ok
16:02:00.0630 2564  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:02:00.0630 2564  usbccgp - ok
16:02:00.0755 2564  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:02:00.0755 2564  usbcir - ok
16:02:00.0802 2564  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:02:00.0802 2564  usbehci - ok
16:02:00.0926 2564  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:02:01.0004 2564  usbhub - ok
16:02:01.0051 2564  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:02:01.0067 2564  usbohci - ok
16:02:01.0129 2564  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:02:01.0129 2564  usbprint - ok
16:02:01.0176 2564  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:02:01.0176 2564  USBSTOR - ok
16:02:01.0223 2564  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:02:01.0223 2564  usbuhci - ok
16:02:01.0316 2564  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:02:01.0316 2564  usbvideo - ok
16:02:01.0426 2564  [ 92B3172E8C14C1444682F510843A9988 ] USB_RNDIS       C:\Windows\system32\DRIVERS\usb8023.sys
16:02:01.0426 2564  USB_RNDIS - ok
16:02:01.0488 2564  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:02:01.0488 2564  UxSms - ok
16:02:01.0519 2564  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:02:01.0535 2564  VaultSvc - ok
16:02:01.0597 2564  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:02:01.0613 2564  vdrvroot - ok
16:02:01.0753 2564  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:02:01.0784 2564  vds - ok
16:02:01.0816 2564  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:02:01.0816 2564  vga - ok
16:02:01.0862 2564  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:02:01.0862 2564  VgaSave - ok
16:02:01.0925 2564  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:02:01.0940 2564  vhdmp - ok
16:02:02.0003 2564  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:02:02.0003 2564  viaide - ok
16:02:02.0034 2564  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:02:02.0034 2564  volmgr - ok
16:02:02.0112 2564  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:02:02.0128 2564  volmgrx - ok
16:02:02.0190 2564  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:02:02.0206 2564  volsnap - ok
16:02:02.0299 2564  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:02:02.0299 2564  vsmraid - ok
16:02:02.0424 2564  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:02:02.0471 2564  VSS - ok
16:02:02.0518 2564  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:02:02.0518 2564  vwifibus - ok
16:02:02.0564 2564  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:02:02.0564 2564  vwififlt - ok
16:02:02.0596 2564  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:02:02.0611 2564  W32Time - ok
16:02:02.0642 2564  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:02:02.0642 2564  WacomPen - ok
16:02:02.0783 2564  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:02:02.0798 2564  WANARP - ok
16:02:02.0845 2564  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:02:02.0845 2564  Wanarpv6 - ok
16:02:03.0079 2564  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:02:03.0142 2564  WatAdminSvc - ok
16:02:03.0454 2564  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:02:03.0500 2564  wbengine - ok
16:02:03.0547 2564  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:02:03.0547 2564  WbioSrvc - ok
16:02:03.0672 2564  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:02:03.0688 2564  wcncsvc - ok
16:02:03.0734 2564  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:02:03.0750 2564  WcsPlugInService - ok
16:02:03.0797 2564  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:02:03.0797 2564  Wd - ok
16:02:03.0968 2564  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:02:03.0984 2564  Wdf01000 - ok
16:02:04.0015 2564  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:02:04.0015 2564  WdiServiceHost - ok
16:02:04.0031 2564  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:02:04.0046 2564  WdiSystemHost - ok
16:02:04.0124 2564  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:02:04.0156 2564  WebClient - ok
16:02:04.0234 2564  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:02:04.0249 2564  Wecsvc - ok
16:02:04.0280 2564  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:02:04.0280 2564  wercplsupport - ok
16:02:04.0390 2564  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:02:04.0390 2564  WerSvc - ok
16:02:04.0452 2564  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:02:04.0452 2564  WfpLwf - ok
16:02:04.0483 2564  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:02:04.0483 2564  WIMMount - ok
16:02:04.0514 2564  WinDefend - ok
16:02:04.0561 2564  WinHttpAutoProxySvc - ok
16:02:04.0748 2564  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:02:04.0748 2564  Winmgmt - ok
16:02:05.0107 2564  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:02:05.0123 2564  WinRM - ok
16:02:05.0279 2564  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:02:05.0279 2564  WinUsb - ok
16:02:05.0482 2564  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:02:05.0497 2564  Wlansvc - ok
16:02:05.0669 2564  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:02:05.0794 2564  wlidsvc - ok
16:02:05.0872 2564  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:02:05.0872 2564  WmiAcpi - ok
16:02:05.0934 2564  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:02:05.0934 2564  wmiApSrv - ok
16:02:05.0981 2564  WMPNetworkSvc - ok
16:02:06.0059 2564  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:02:06.0152 2564  WPCSvc - ok
16:02:06.0230 2564  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:02:06.0293 2564  WPDBusEnum - ok
16:02:06.0355 2564  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:02:06.0355 2564  ws2ifsl - ok
16:02:06.0418 2564  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
16:02:06.0418 2564  wscsvc - ok
16:02:06.0433 2564  WSearch - ok
16:02:06.0605 2564  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:02:06.0667 2564  wuauserv - ok
16:02:06.0730 2564  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:02:06.0730 2564  WudfPf - ok
16:02:06.0823 2564  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:02:06.0839 2564  WUDFRd - ok
16:02:06.0917 2564  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:02:06.0932 2564  wudfsvc - ok
16:02:06.0995 2564  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:02:07.0010 2564  WwanSvc - ok
16:02:07.0104 2564  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
16:02:07.0120 2564  yukonw7 - ok
16:02:07.0135 2564  ================ Scan global ===============================
16:02:07.0260 2564  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:02:07.0322 2564  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:02:07.0354 2564  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:02:07.0416 2564  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:02:07.0494 2564  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:02:07.0510 2564  [Global] - ok
16:02:07.0525 2564  ================ Scan MBR ==================================
16:02:07.0541 2564  [ 384D1A6EA19528D1DD3123DBB8DBDFDE ] \Device\Harddisk0\DR0
16:02:09.0491 2564  \Device\Harddisk0\DR0 - ok
16:02:09.0491 2564  ================ Scan VBR ==================================
16:02:09.0506 2564  [ 24D01DDEC8E389296CABAEACB34343A8 ] \Device\Harddisk0\DR0\Partition1
16:02:09.0538 2564  \Device\Harddisk0\DR0\Partition1 - ok
16:02:09.0569 2564  [ 05F0CB4C437C0BEB64B95EE6EC2FF75D ] \Device\Harddisk0\DR0\Partition2
16:02:09.0584 2564  \Device\Harddisk0\DR0\Partition2 - ok
16:02:09.0616 2564  [ 687F7C8FD729EC7E0AA47D92B2447B10 ] \Device\Harddisk0\DR0\Partition3
16:02:09.0616 2564  \Device\Harddisk0\DR0\Partition3 - ok
16:02:09.0662 2564  [ 7CD1A52C1411CAAA2476F5C719A8F381 ] \Device\Harddisk0\DR0\Partition4
16:02:09.0694 2564  \Device\Harddisk0\DR0\Partition4 - ok
16:02:09.0709 2564  ============================================================
16:02:09.0709 2564  Scan finished
16:02:09.0709 2564  ============================================================
16:02:09.0725 2316  Detected object count: 0
16:02:09.0725 2316  Actual detected object count: 0
16:02:24.0670 1044  Deinitialize success
 

AdwCleaner

 

# AdwCleaner v2.300 - Logfile created 05/15/2013 at 16:12:22
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : David - DAVID-PC
# Boot Mode : Normal
# Running from : C:\Users\David\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4bgq2dlp.default\searchplugins\Conduit.xml
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\uTorrentBar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Users\David\AppData\Local\Conduit
Folder Deleted : C:\Users\David\AppData\Local\Max Secure Software
Folder Deleted : C:\Users\David\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\David\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\David\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\David\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DC579753-09C7-4AB9-A42B-20F260562EAF}
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1098640
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298573
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DC579753-09C7-4AB9-A42B-20F260562EAF}
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DC579753-09C7-4AB9-A42B-20F260562EAF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6514A2CB-4BD2-4623-9927-66C1B3411C25}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&CUI=UN17068594942939715&UM=2&ctid=CT3298573 --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4bgq2dlp.default\prefs.js

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4bgq2dlp.default\user.js ... Deleted !

Deleted : user_pref("CT3298573.FF19Solved", "true");
Deleted : user_pref("CT3298573.UserID", "UN40109539931067122");
Deleted : user_pref("CT3298573.browser.search.defaultthis.engineName", "true");
Deleted : user_pref("CT3298573.installDate", "8/5/2013 17:37:29");
Deleted : user_pref("CT3298573.installSessionId", "{7F97864D-4432-4801-9EEC-33EB0C965AC1}");
Deleted : user_pref("CT3298573.installSp", "TRUE");
Deleted : user_pref("CT3298573.installerVersion", "1.4.2.3");
Deleted : user_pref("CT3298573.keyword", "true");
Deleted : user_pref("CT3298573.originalHomepage", "hxxp://www.google.com/");
Deleted : user_pref("CT3298573.originalSearchAddressUrl", "hxxp://www.bing.com/search?pc=Z144&form=ZGAADF&inst[...]
Deleted : user_pref("CT3298573.originalSearchEngine", "");
Deleted : user_pref("CT3298573.searchRevert", "false");
Deleted : user_pref("CT3298573.searchUserMode", "2");
Deleted : user_pref("CT3298573.smartbar.homepage", "true");
Deleted : user_pref("CT3298573.versionFromInstaller", "10.16.1.21");
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3298573&octid=CT329857[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.bing.com/search?pc=Z144&form=ZGAADF&i[...]
Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V37 Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&CUI[...]
Deleted : user_pref("extensions.funmoods_i.aflt", "axl");
Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
Deleted : user_pref("extensions.funmoods_i.id", "ee8ac15500000000000070f1a1bc6b85");
Deleted : user_pref("extensions.funmoods_i.instlDay", "15452");
Deleted : user_pref("extensions.funmoods_i.instlRef", "");
Deleted : user_pref("extensions.funmoods_i.newTab", false);
Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=axl&q=")[...]
Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1618:45:26");
Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
Deleted : user_pref("searchreset.backup.keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT329857[...]
Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3298573");
Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN401095399[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3298573");
Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3298573");
Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN401095399310[...]

*************************

AdwCleaner[R1].txt - [9253 octets] - [15/05/2013 16:11:35]
AdwCleaner[S1].txt - [9085 octets] - [15/05/2013 16:12:22]

########## EOF - C:\AdwCleaner[S1].txt - [9145 octets] ##########
 

 

ESET

 

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IN3HLTQT\updater-startnow-200-2.5-d[1].exe    a variant of Win32/Toolbar.Zugo application    
C:\Program Files (x86)\Unlockroot\unlockroot.exe    a variant of Win32/Packed.VProtect.C application    cleaned by deleting - quarantined
C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SGRXC6DQ\bi_downloader[1].exe    a variant of Win32/Somoto.A application    cleaned by deleting - quarantined
C:\Users\David\AppData\Local\Temp\AskSLib.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Users\David\AppData\Local\Temp\nswBEE3.tmp    a variant of Win32/Somoto.A application    cleaned by deleting - quarantined
C:\Users\David\AppData\Local\Temp\Solid YouTube Downloader and Converter FileBulldog.exe    Win32/Toolbar.Zugo application    cleaned by deleting - quarantined
C:\Users\David\AppData\Local\Temp\60377607-a0fb-49b0-adba-9c435df33687\winamp563_full_emusic-7plus_en-us.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Users\David\AppData\Local\Temp\ICReinstall\cnet2_MyVideoConverter_Setup246_exe.exe    a variant of Win32/InstallCore.D application    cleaned by deleting - quarantined
C:\Users\David\Desktop\cbsidlm-tr1_13-Secunia_Personal_Software_Inspector-SEO-10717855.exe    Win32/DownloadAdmin.G application    cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IN3HLTQT\updater-startnow-200-2.5-d[1].exe    a variant of Win32/Toolbar.Zugo application    cleaned by deleting - quarantined
C:\Windows\Temp\TBU007\ToolbarUpdate.exe    a variant of Win32/Toolbar.Zugo application    cleaned by deleting - quarantined
 

 

 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:30 PM

Posted 16 May 2013 - 11:19 AM

Sorry have editor problem.

Lots of toolbar and adware junk.
When you install apps use Advanced and Not recommended so you can uncheck all the other stuff they are installing, like toolbars and browsers.

Ok, lets finish up with these.


thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Edited by boopme, 16 May 2013 - 11:20 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:30 PM

Posted 16 May 2013 - 11:22 AM

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 InertiaticESP

InertiaticESP
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 16 May 2013 - 09:15 PM

Okay. Got both of these rusults posted below.

 

I'm experiencing some symptoms - my computer is "running hot" with the fan going constantly when it didn't before. Also, I'm getting a notice upon startup that says my battery may need to be replaced.

 

But my primary concern is security and privacy. No snooping or stolen personal info. Thanks.

 

JRT Results

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by David on Thu 05/16/2013 at 18:44:43.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\StartNow Search Protect
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0809AB5E-E7B2-49CB-B53C-4423707FC3EA}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2526739D-0C06-4423-9FC5-E893C8B8959A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{ABD93EAF-D775-BC54-E63B-2804F22FD156}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F3D96542-06E4-4E27-9FCC-78375FD0BEE8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2526739D-0C06-4423-9FC5-E893C8B8959A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3721E85-F0AC-4B7E-AE4C-3E738011DC9D}



~~~ Files

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
Successfully deleted: [File] C:\Windows\syswow64\shoACF7.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB2E5.tmp
Successfully deleted: [File] "C:\Windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
Failed to delete: [Folder] "C:\Users\David\appdata\locallow\somototoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\somototoolbar"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml.old"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml"
Emptied folder: C:\Users\David\AppData\Roaming\mozilla\firefox\profiles\4bgq2dlp.default\minidumps [37 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/16/2013 at 18:52:40.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

MiniToolBox

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by David (administrator) on 16-05-2013 at 19:03:59
Running from "C:\Users\David\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8191SE 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : David-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : InertiaticESP

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : InertiaticESP
   Description . . . . . . . . . . . : Realtek RTL8191SE 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 70-F1-A1-BC-6B-85
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::44cc:66d0:f008:971b%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, May 16, 2013 6:34:39 PM
   Lease Expires . . . . . . . . . . : Friday, May 17, 2013 6:34:39 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 326168993
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-A4-FD-5E-C8-0A-A9-C4-65-AF
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : InertiaticESP
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : C8-0A-A9-C4-65-AF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.InertiaticESP:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : InertiaticESP
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3432:10b4:b812:2f3a(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3432:10b4:b812:2f3a%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    google.com
Addresses:  2607:f8b0:400a:801::1004
      173.194.33.9
      173.194.33.14
      173.194.33.3
      173.194.33.2
      173.194.33.7
      173.194.33.4
      173.194.33.5
      173.194.33.6
      173.194.33.8
      173.194.33.0
      173.194.33.1


Pinging google.com [173.194.33.32] with 32 bytes of data:
Reply from 173.194.33.32: bytes=32 time=15ms TTL=55
Reply from 173.194.33.32: bytes=32 time=16ms TTL=55

Ping statistics for 173.194.33.32:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 15ms, Maximum = 16ms, Average = 15ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  75.75.75.75

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=186ms TTL=49
Reply from 98.138.253.109: bytes=32 time=111ms TTL=49

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 111ms, Maximum = 186ms, Average = 148ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...70 f1 a1 bc 6b 85 ......Realtek RTL8191SE 802.11b/g/n WiFi Adapter
 10...c8 0a a9 c4 65 af ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.105     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.105    281
    192.168.1.105  255.255.255.255         On-link     192.168.1.105    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.105    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.105    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.105    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:4137:9e76:3432:10b4:b812:2f3a/128
                                    On-link
 12    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::3432:10b4:b812:2f3a/128
                                    On-link
 12    281 fe80::44cc:66d0:f008:971b/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2011-05-30 15:35:39.893
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\libusb0.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-05-30 15:35:39.831
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\libusb0.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-05-30 15:33:57.784
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\libusb0.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-05-30 15:33:57.722
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\libusb0.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

µTorrent (Version: 3.3.0.29126)
Acrobat.com (Version: 1.6.65)
Add or Remove Adobe Creative Suite 3 Master Collection (Version: 1.0)
Adobe Acrobat 8 Professional (Version: 8.1.3)
Adobe Acrobat 8.1.3 Professional (Version: 8.1.3)
Adobe After Effects CS3 (Version: 8)
Adobe After Effects CS3 Presets (Version: 8)
Adobe AIR (Version: 3.7.0.1530)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe BridgeTalk Plugin CS3 (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Contribute CS3 (Version: 4.1)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Dreamweaver CS3 (Version: 9)
Adobe Encore CS3 (Version: 3)
Adobe Encore CS3 Codecs (Version: 3)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Fireworks CS3 (Version: 9.0)
Adobe Flash CS3 (Version: 9.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Flash Video Encoder (Version: 2.0)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe InDesign CS3 (Version: 5.0)
Adobe InDesign CS3 Icon Handler (Version: 5.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe MotionPicture Color Files (Version: 1.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Premiere Pro CS3 (Version: 3)
Adobe Premiere Pro CS3 Functional Content (Version: 8)
Adobe Premiere Pro CS3 Third Party Content (Version: 3)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player (Version: 11.5.1.601)
Adobe SING CS3 (Version: 0.1)
Adobe Soundbooth CS3 (Version: 1)
Adobe Soundbooth CS3 Codecs (Version: 3)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe Video Profiles (Version: 1.0)
Adobe WAS CS3 (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP DVA Panels CS3 (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
AHV content for Acrobat and Flash (Version: 1)
Any Video Converter 3.3.1
ATI Catalyst Install Manager (Version: 3.0.804.0)
ATI Stream SDK v2 Developer (Version: 2.3.0.0)
Audacity 1.3.14 (Unicode)
avast! Free Antivirus (Version: 8.0.1489.0)
AVI ReComp 1.5.1 (Version: 1.5.1)
AVI to DVD Converter (Version: 3.0.26.0314)
AviSynth 2.5
Bejeweled 2 Deluxe (Version: 2.2.0.82)
Blackhawk Striker 2 (Version: 2.2.0.82)
Blasterball 3 (Version: 2.2.0.82)
Build-a-lot 2 (Version: 2.2.0.82)
Cake Mania (Version: 2.2.0.82)
Catalyst Control Center InstallProxy (Version: 2010.0310.1824.32984)
Catalyst Control Center InstallProxy (Version: 2010.1125.2142.38865)
Catalyst Control Center Localization All (Version: 2010.1125.2142.38865)
CCC Help English (Version: 2010.1125.2141.38865)
ccc-core-static (Version: 2010.1125.2142.38865)
ccc-utility64 (Version: 2010.1125.2142.38865)
CCleaner (Version: 3.01)
Chuzzle Deluxe (Version: 2.2.0.82)
CinemaNow Media Manager (Version: 1.9.1.105)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Citrix XenApp Web Plugin (Version: 11.0.0.5357)
ConverterLite 0.1 (Version: 0.1)
Coupon Printer for Windows (Version: 5.0.0.1)
CyberLink YouCam (Version: 3.0.2511)
DAEMON Tools Ultra (Version: 1.0.0.0068)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.82)
DivX Setup (Version: 2.6.1.9)
Dora's Carnival Adventure (Version: 2.2.0.82)
DVD Shrink 3.2
Escape Rosecliff Island (Version: 2.2.0.82)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
Faerie Solitaire (Version: 2.2.0.82)
FATE (Version: 2.2.0.82)
Free MP3 Cutter and Editor 2.5
Free Mp3 Wma Converter V 1.91 (Version: 1.91.0.0)
Google Earth (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.145)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Game Console
HP Games (Version: 1.0.0.80)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP Photo Creations (Version: 1.0.0.2261)
HP Power Plan Utility (Version: 1.0.6)
HP Quick Launch (Version: 1.0.17)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 1.2.3988.3281)
HP Software Framework (Version: 4.0.108.1)
HP Support Assistant (Version: 7.0.39.15)
HP Update (Version: 5.001.000.014)
HP User Guides 0178 (Version: 1.02.0000)
HP Wireless Assistant (Version: 4.0.6.0)
ImgBurn (Version: 2.5.1.0)
Java 7 Update 17 (64-bit) (Version: 7.0.170)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java™ 6 Update 39 (64-bit) (Version: 6.0.390)
Java™ 6 Update 45 (Version: 6.0.450)
Jewel Quest 3 (Version: 2.2.0.82)
Jewel Quest Solitaire 2 (Version: 2.2.0.82)
Junk Mail filter update (Version: 14.0.8089.726)
LabelPrint (Version: 2.5.2515)
LAME v3.98.3 for Audacity
Lexmark Z500-Z600 Series
Live 7.0.14
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - The New York Fortune (Version: 2.2.0.82)
MyVideoConverter 2.463 (Version: 2.463)
OpenOffice.org 3.2 (Version: 3.2.9502)
PDF Settings (Version: 1.0)
Penguins! (Version: 2.2.0.82)
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies (Version: 2.2.0.82)
Poker Superstars III (Version: 2.2.0.82)
Polar Bowler (Version: 2.2.0.82)
Polar Golfer (Version: 2.2.0.82)
Power2Go (Version: 6.1.3715)
PowerDirector (Version: 8.0.2514)
Prism Video File Converter
QuickTime (Version: 7.73.80.64)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6206)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30113)
REALTEK Wireless LAN Software (Version: 1.00.10.0104)
Recovery Manager (Version: 5.5.2512)
Revo Uninstaller 1.90 (Version: 1.90)
Roxio CinemaNow 2.0 (Version: 1.0.262)
RtVOsd (Version: 1.0.6)
Secunia PSI (3.0.0.6005) (Version: 3.0.0.6005)
Solid MP4 Video Converter 3.8.5
Solid YouTube FileBulldog Toolbar
SoulSeek 157 NS 13e
SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49 (Version: v2011.build.49)
Synaptics Pointing Device Driver (Version: 15.1.6.64)
TextTwist 2 (Version: 2.2.0.82)
UnLock Root 2.30 (Version: 2.30)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VideoPad Video Editor
Virtual Families (Version: 2.2.0.82)
Virtual Villagers - The Secret City (Version: 2.2.0.82)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VobSub 2.23 (Version: 2.23)
Wheel of Fortune 2 (Version: 2.2.0.82)
Winamp (Version: 5.622 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
WinRAR 5.00 beta 2 (64-bit) (Version: 5.00.2)
WinRAR archiver
WinZip 14.5 (Version: 14.5.9095)
WMV9/VC-1 Video Playback (Version: 1.00.0000)
Xvid 1.2.2 (Version: 1.2.2)
Zuma's Revenge (Version: 2.2.0.82)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 2810.9 MB
Available physical RAM: 1344.78 MB
Total Pagefile: 5619.99 MB
Available Pagefile: 3835.25 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.79 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:135.08 GB) (Free:57.67 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:13.68 GB) (Free:1.95 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

========================= Users: ========================================

User accounts for \\DAVID-PC

Administrator            David                    Guest                    


**** End of log ****
 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:30 PM

Posted 16 May 2013 - 09:42 PM

Can you get the sptd.sys out of the tdss quarantine and restore it

or run SFC

 

Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'

You will need your operating system  CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click  File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 InertiaticESP

InertiaticESP
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 16 May 2013 - 10:11 PM

Hi. How do I get the sptd.sys out of the tdss quarantine and restore it? When I open it, it only has an option to scan and review the most recent report.

 

I'll run an SFC if necessary.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:30 PM

Posted 17 May 2013 - 09:02 AM

Try this first
 
Let's have a look at what TDSSKiller has previously removed:
  • Please download TDSS Qlook and save it to your desktop.
  • Double-click the program and run it.
  • Type the letter A and press ENTER.
  • A logfile will open (TDSSQ.txt), please copy and paste the contents of that logfile into your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 InertiaticESP

InertiaticESP
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 17 May 2013 - 09:20 AM

TDSSQ Results

 

TDSSKiller Quarantine Information log
TDSS Qlook Version 1.0.0.5 - David - Fri 05/17/2013 -  7:19:34.51.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1  
***** START SCAN Fri 05/17/2013  7:19:35.40 *****
 
---------- TDSSKiller logs ----------
 
TDSSKiller.2.8.16.0_14.05.2013_18.58.33_log.txt
TDSSKiller.2.8.16.0_15.05.2013_15.47.41_log.txt
TDSSKiller.2.8.16.0_15.05.2013_16.00.10_log.txt
TDSSKiller.2.8.16.0_16.05.2013_20.00.12_log.txt
TDSSKiller.2.8.16.0_16.05.2013_20.14.47_log.txt
 
---------- TDSSStarter logs ----------
 
 
---------- DIR LIST ----------
 
C:\TDSSKiller_Quarantine\15.05.2013_15.47.41
C:\TDSSKiller_Quarantine\14.05.2013_18.58.34
C:\TDSSKiller_Quarantine\14.05.2013_18.58.34\susp0000
C:\TDSSKiller_Quarantine\14.05.2013_18.58.34\susp0000\object.ini
C:\TDSSKiller_Quarantine\14.05.2013_18.58.34\susp0000\svc0000
C:\TDSSKiller_Quarantine\14.05.2013_18.58.34\susp0000\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\14.05.2013_18.58.34\susp0000\svc0000\object.ini
C:\TDSSKiller_Quarantine\14.05.2013_18.58.34\susp0000\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\15.05.2013_15.47.41\susp0000
C:\TDSSKiller_Quarantine\15.05.2013_15.47.41\susp0000\object.ini
C:\TDSSKiller_Quarantine\15.05.2013_15.47.41\susp0000\svc0000
C:\TDSSKiller_Quarantine\15.05.2013_15.47.41\susp0000\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\15.05.2013_15.47.41\susp0000\svc0000\object.ini
C:\TDSSKiller_Quarantine\15.05.2013_15.47.41\susp0000\svc0000\tsk0000.ini
 
---------- INI FILES ----------
 
=== C:\TDSSKiller_Quarantine\14.05.2013_18.58.34\susp0000\object.ini
 
[InfectedObject]
Verdict: LockedFile.Multi.Generic
 
 
=== C:\TDSSKiller_Quarantine\14.05.2013_18.58.34\susp0000\svc0000\object.ini
 
[InfectedObject]
Type: Service
Name: sptd
Type: Kernel driver (0x1)
Start: Boot (0x0)
ImagePath: \SystemRoot\System32\Drivers\sptd.sys
Suspicious states: Locked file;
 
 
=== C:\TDSSKiller_Quarantine\14.05.2013_18.58.34\susp0000\svc0000\tsk0000.ini
 
[InfectedFile]
Type: Raw image
Src: C:\Windows\System32\Drivers\sptd.sys
md5: D519AD2DE7968CD2B47FEA807C5B29B2
 
 
=== C:\TDSSKiller_Quarantine\15.05.2013_15.47.41\susp0000\object.ini
 
[InfectedObject]
Verdict: LockedFile.Multi.Generic
 
 
=== C:\TDSSKiller_Quarantine\15.05.2013_15.47.41\susp0000\svc0000\object.ini
 
[InfectedObject]
Type: Service
Name: sptd
Type: Kernel driver (0x1)
Start: Boot (0x0)
ImagePath: \SystemRoot\System32\Drivers\sptd.sys
Suspicious states: Locked file;
 
 
=== C:\TDSSKiller_Quarantine\15.05.2013_15.47.41\susp0000\svc0000\tsk0000.ini
 
[InfectedFile]
Type: Raw image
Src: C:\Windows\System32\Drivers\sptd.sys
md5: D519AD2DE7968CD2B47FEA807C5B29B2
 
 
***** END SCAN Fri 05/17/2013  7:19:36.16 *****
 



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:30 PM

Posted 17 May 2013 - 01:31 PM

Hello do you use Daemon tools. If so then reinstall that App. It should replace the file,


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 InertiaticESP

InertiaticESP
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 17 May 2013 - 05:12 PM

I reinstalled Daemon tools, carefully not selecting the adware, toolbar, and data collecting associated programs.

How do I look other than that? Any worries of the sptd.sys or locked file TDSS found?



#15 InertiaticESP

InertiaticESP
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 21 May 2013 - 10:22 PM

Hello. Just following up. Should I be concerned about the locked TDSS file sptd.sys? I ran an Avast full scan today and it only found a long list of files that couldn't be scanned because it was password locked. Any worries? They all start with -

 

C:\Users\David\AppData\Local\Temp\YAgcB2Lu.exe.part |> (and then other names)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users