Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit.Win32.PMax.gen removal


  • This topic is locked This topic is locked
22 replies to this topic

#1 paolok6

paolok6

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 16 September 2013 - 09:13 AM

Hi all, I'm running Win 7 32-bit on an Acer Aspire One netbook.

 

I noticed that Gmail attachments weren't downloading, so I suspected malware. I recently ran an .exe that allegedly contained codecs. It was probably a fake torrent that may have been the source.

 

I tried to run Microsoft Security Essentials but all I got were error messages ( 0xc00000ba ) which led me to try the solutions here http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/the-application-essentails-was-unable-to-start/39629ef6-1a99-4a7e-837f-c3ac9126b3b7

 

Tried booting Windows Defender from a USB afterwards but it didn't detect anything. Next step was to use a separate PC to download and run TDSSKiller which identified the problem as Rootkit.Win32.PMax.gen. I chose delete (do you need the log for that?)

 

 

However, after that, I was still unable to run MSE. So based on this topic http://forums.malwarebytes.org/index.php?showtopic=98329 I downloaded ComboFix.

 

After using it it seems like I can download things again so I downloaded MSE and MalwareBytes without any problems and am using them to do a full scan. However all my Chrome extensions are gone, as well as my theme. is this normal? Also, has it been removed 100%? I've changed all my passwords on a different pc just in case. Thankfully I don't transact online.

 

This is a wonderful community and you guys are doing admirable work. Keep it up :)

 

Combofix change log follows:

 

ComboFix 13-09-14.01 - Paolo 09/16/2013  21:19:12.2.4 - x86
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.1.1033.18.2036.1160 [GMT 8:00]
Running from: c:\users\Paolo\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Hola\app
c:\program files\Hola\app\hola_cert.spc
c:\program files\Hola\app\hola_drv.sys
c:\program files\Hola\app\hola_drv5.cat
c:\program files\Hola\app\hola_drv5.inf
c:\program files\Hola\app\hola_drv6.cat
c:\program files\Hola\app\hola_drv6.inf
c:\program files\Hola\app\hola_mon_drv.cat
c:\program files\Hola\app\hola_mon_drv.inf
c:\program files\Hola\app\hola_mon_drv.sys
c:\program files\Hola\app\hola_net.cat
c:\program files\Hola\app\hola_net.inf
c:\program files\Hola\app\hola_net.sys
c:\program files\Hola\app\hola_setup.exe
c:\program files\Hola\app\image\Hola-Setup-1.1.565.1.exe
c:\program files\Hola\app\image\Hola-Setup-1.1.565.exe
c:\program files\Hola\app\lsp_1.1.565.dll
c:\users\Paolo\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Paolo\Documents\~WRL0003.tmp
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_hola_net
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-16 to 2013-09-16  )))))))))))))))))))))))))))))))
.
.
2013-09-17 01:33 . 2013-09-17 01:33 -------- d-----w- c:\windows\Microsoft Antimalware
2013-09-16 13:32 . 2013-09-16 13:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-16 12:28 . 2013-09-16 12:28 -------- d-----w- c:\windows\TempC1A4303C-F122-1312-D7B3-9B29E88E1CBD-Signatures
2013-09-16 12:22 . 2013-09-16 12:22 -------- d-----w- C:\TDSSKiller_Quarantine
2013-09-15 16:01 . 2013-09-15 16:01 -------- d-----w- c:\program files\x264 Video Codec
2013-09-15 06:15 . 2013-09-15 06:16 -------- d-----w- c:\users\Paolo\AppData\Roaming\FireShot
2013-09-13 12:26 . 2013-09-13 12:26 238544 ----a-w- c:\windows\system32\gcp_portmon.dll
2013-09-11 10:40 . 2013-09-11 10:40 0 ----a-w- c:\windows\system32\shoD62A.tmp
2013-09-10 13:03 . 2013-09-10 13:03 -------- d-----w- c:\program files\Web Resizer
2013-09-04 05:45 . 2013-09-04 05:45 -------- d-----w- c:\users\Paolo\AppData\Roaming\Mapi2Xml
2013-09-03 11:02 . 2013-09-03 11:02 -------- d-----w- c:\users\Paolo\AppData\Local\IsolatedStorage
2013-09-03 10:49 . 2013-09-03 10:49 -------- d-----w- c:\program files\Notably Good Ltd
2013-09-03 09:47 . 2013-09-03 09:47 -------- d-----w- c:\program files\NirSoft
2013-09-03 09:25 . 2013-09-03 09:26 -------- d-----w- c:\users\Paolo\AppData\Roaming\Nitro PDF
2013-09-03 09:05 . 2013-09-03 09:05 -------- d-----w- c:\users\Paolo\AppData\Roaming\OfficeTab
2013-09-03 08:45 . 2013-09-03 08:46 -------- d-----w- c:\program files\Tracker Software
2013-09-03 08:00 . 2013-09-03 08:00 -------- d-----w- c:\users\Paolo\AppData\Roaming\Nitro
2013-09-03 08:00 . 2013-09-03 08:00 -------- d-----w- c:\users\Paolo\AppData\Roaming\FileOpen
2013-09-03 08:00 . 2013-09-03 08:00 -------- d-----w- c:\programdata\FileOpen
2013-09-03 07:59 . 2013-07-24 13:22 18440 ----a-w- c:\windows\system32\nitrolocalui2.dll
2013-09-03 07:59 . 2013-07-24 13:22 27144 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\program files\Common Files\Nitro
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\programdata\Licenses
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\program files\Nitro
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\programdata\Nitro
2013-09-03 07:54 . 2013-09-03 07:54 -------- d-----w- c:\program files\Detong
2013-09-03 07:52 . 2013-09-03 07:52 -------- d-----w- c:\users\Paolo\AppData\Roaming\Downloaded Installations
2013-09-03 07:12 . 2013-09-03 07:13 -------- d-----w- c:\program files\LastPass
2013-09-03 00:51 . 2013-09-03 00:51 -------- d-----w- C:\found.008
2013-09-01 16:19 . 2013-09-14 14:09 -------- d-----w- C:\_acestream_cache_
2013-09-01 16:18 . 2013-09-14 14:09 -------- d-----w- c:\users\Paolo\AppData\Roaming\.ACEStream
2013-09-01 16:17 . 2013-09-01 16:18 -------- d-----w- c:\users\Paolo\AppData\Roaming\ACEStream
2013-08-29 13:28 . 2013-08-29 13:28 73880 ----a-w- c:\windows\system32\drivers\hola_net.sys
2013-08-29 13:28 . 2013-08-29 13:28 73368 ----a-w- c:\windows\system32\drivers\hola_mon_drv.sys
2013-08-29 13:28 . 2013-08-29 13:28 476056 ----a-w- c:\windows\system32\drivers\hola_drv.sys
2013-08-29 13:28 . 2013-08-29 13:29 -------- d-----w- c:\program files\Hola
2013-08-19 11:59 . 2013-09-16 13:15 -------- d-----w- c:\users\Paolo\AppData\Roaming\7 Sticky Notes
2013-08-19 11:58 . 2012-10-13 14:20 805376 ----a-w- c:\windows\system32\EditCtlsU.ocx
2013-08-19 11:58 . 2011-08-13 13:06 1031168 ----a-w- c:\windows\system32\ExLVwU.ocx
2013-08-19 11:58 . 2011-05-20 16:02 604672 ----a-w- c:\windows\system32\ExTVwU.ocx
2013-08-19 11:58 . 2004-03-08 16:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2013-08-19 11:58 . 2000-05-22 04:58 140488 ----a-w- c:\windows\system32\comdlg32.ocx
2013-08-19 11:58 . 1998-06-23 17:00 198456 ----a-w- c:\windows\system32\MCI32.OCX
2013-08-19 11:57 . 2005-04-15 07:58 1351392 ----a-w- c:\windows\system32\comctl32.ocx
2013-08-19 11:57 . 2004-03-09 06:45 212240 ----a-w- c:\windows\system32\richtx32.ocx
2013-08-19 11:57 . 2013-08-19 11:58 -------- d-----w- c:\program files\7 Sticky Notes
2013-08-19 11:57 . 2008-01-19 03:34 554008 ----a-w- c:\windows\system32\dao360.dll
2013-08-18 12:55 . 2013-08-18 12:54 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-18 12:27 . 2013-08-18 12:27 -------- d-----w- c:\program files\iPod
2013-08-18 12:27 . 2013-08-18 12:30 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-08-18 12:27 . 2013-08-18 12:30 -------- d-----w- c:\program files\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-16 13:34 . 2013-04-29 04:57 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2013-09-13 10:02 . 2012-07-23 08:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-13 10:02 . 2012-07-23 08:33 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-18 12:54 . 2013-03-18 02:25 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-18 12:54 . 2013-03-18 02:25 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-24 13:23 . 2013-07-24 13:23 69640 ----a-w- c:\windows\system32\NLSSRV32.EXE
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-04-29 04:58 222808 ----a-w- c:\users\Paolo\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-04-29 04:58 222808 ----a-w- c:\users\Paolo\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-04-29 04:58 222808 ----a-w- c:\users\Paolo\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MediaIconsOverlay]
@="{1EC23CFF-4C58-458f-924C-8519AEF61B32}"
[HKEY_CLASSES_ROOT\CLSID\{1EC23CFF-4C58-458f-924C-8519AEF61B32}]
2013-09-15 16:01 225280 ----a-w- c:\programdata\Microsoft\Media Tools\MediaIconsOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{69925D1B-6A0F-4413-861A-81AB98039DB9}"
[HKEY_CLASSES_ROOT\CLSID\{69925D1B-6A0F-4413-861A-81AB98039DB9}]
2013-01-30 05:12 159488 ----a-w- c:\windows\System32\SSCbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{39D54CC2-69CF-43b4-B167-577D25E7F496}"
[HKEY_CLASSES_ROOT\CLSID\{39D54CC2-69CF-43b4-B167-577D25E7F496}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncSharedPending]
@="{F7395C2E-A5D8-4a32-9536-5C6A9F1DC450}"
[HKEY_CLASSES_ROOT\CLSID\{F7395C2E-A5D8-4a32-9536-5C6A9F1DC450}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F.lux"="c:\users\Paolo\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2013-06-27 20097696]
"Facebook Update"="c:\users\Paolo\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-06-30 138096]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2013-03-10 2598496]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Affixa"="c:\program files\Notably Good Ltd\Affixa\AffixaTray.exe" [2013-08-09 838768]
"E7428167E15C013EAD8A642BC66E67B24899F6C5._service_run"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-09-02 829392]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-07-06 142144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-07-06 175936]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-07-06 168256]
"GfxServiceInstall"="c:\windows\system32\GfxCUIServiceInstall.vbs" [2012-06-27 131]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-10-08 1934632]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-01-10 10959464]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-08 714120]
"Everything"="c:\program files\Everything\Everything.exe" [2009-03-13 602624]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-11 253816]
"AffixaPersonalSettings"="c:\program files\Notably Good Ltd\Affixa\AffixaHandler.exe" [2013-08-09 299632]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-08-16 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
c:\users\Paolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
7 Sticky Notes.lnk - c:\program files\7 Sticky Notes\7StickyNotes.exe [2013-8-19 10661888]
Dropbox.lnk - c:\users\Paolo\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{C28617FD-4FE7-4043-AD51-C8132CE90106}"= "c:\windows\system32\SSCbFsMntNtf3.dll" [2013-01-30 159488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"EldosMountNotificator"= {C28617FD-4FE7-4043-AD51-C8132CE90106} - c:\windows\system32\SSCbFsMntNtf3.dll [2013-01-30 159488]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 lpncstkd;lpncstkd;c:\windows\system32\drivers\lpncstkd.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-09-16 35488]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-09-16 290976]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-09-16 97440]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-09-16 147616]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-09-16 60064]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-09-16 263968]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-09-16 440992]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2013-04-11 41584]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-23 242240]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-23 21600]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-23 16936]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-23 62240]
S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2011-09-16 84640]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2013-03-26 23552]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-08 738688]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Nitro\Pro 8\NitroPDFDriverService8.exe [2013-07-24 196616]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [2013-07-24 69640]
S2 NOBU;Norton Online Backup;c:\program files\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-09-16 25248]
S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
S3 igdkmd32;igdkmd32;c:\windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 SSCBFS3;SugarSync CallBack File System driver v3;c:\windows\system32\DRIVERS\sscbfs3.sys [2013-01-30 295936]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ   SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 09:16 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-23 10:02]
.
2013-09-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2104525065-2349409941-407069166-1000Core.job
- c:\users\Paolo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30 03:16]
.
2013-09-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2104525065-2349409941-407069166-1000UA.job
- c:\users\Paolo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30 03:16]
.
2013-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-24 13:51]
.
2013-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-24 13:51]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www1.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=2CB9083E8E26BB5C
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-22936726.sys
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3856)
c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
c:\windows\system32\SSCbFsMntNtf3.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\taskhost.exe
c:\program files\Launch Manager\LMworker.exe
c:\program files\Launch Manager\LMutilps32.exe
c:\program files\Symantec\Norton Online Backup\NOBuAgent.exe
c:\program files\BlueSprig\JetBoost\JetBoostTray.exe
c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Completion time: 2013-09-16  21:40:24 - machine was rebooted
ComboFix-quarantined-files.txt  2013-09-16 13:40
.
Pre-Run: 283,147,939,840 bytes free
Post-Run: 283,030,757,376 bytes free
.
- - End Of File - - EFD72B3ED9AC574F0B92E596E5B30981
A36C5E4F47E84449FF07ED3517B43A31
 

 

 

 

 

 

 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:09 PM

Posted 16 September 2013 - 09:30 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Never follow the instructions designed for other users!

This may have unforeseen consequences for your computer and your personal data and my seriously damge them.

 

 

TDSS-Killer was run and has produced a log at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.

If there are multiple files, post the content of them all.


Edited by TB-Psychotic, 16 September 2013 - 09:30 AM.

Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 paolok6

paolok6
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 16 September 2013 - 11:48 AM

log number 1 out of 3
 
***
 
19:52:28.0899 0x0744  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
19:52:29.0895 0x0744  ============================================================
19:52:29.0895 0x0744  Current date / time: 2013/09/16 19:52:29.0895
19:52:29.0895 0x0744  SystemInfo:
19:52:29.0895 0x0744  
19:52:29.0896 0x0744  OS Version: 6.1.7601 ServicePack: 1.0
19:52:29.0896 0x0744  Product type: Workstation
19:52:29.0896 0x0744  ComputerName: PAOLO-PC
19:52:29.0896 0x0744  UserName: Paolo
19:52:29.0896 0x0744  Windows directory: C:\Windows
19:52:29.0896 0x0744  System windows directory: C:\Windows
19:52:29.0897 0x0744  Processor architecture: Intel x86
19:52:29.0897 0x0744  Number of processors: 4
19:52:29.0897 0x0744  Page size: 0x1000
19:52:29.0897 0x0744  Boot type: Normal boot
19:52:29.0897 0x0744  ============================================================
19:52:30.0930 0x0744  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:52:30.0939 0x0744  Drive \Device\Harddisk1\DR1 - Size: 0xF0B00000 (3.76 Gb), SectorSize: 0x200, Cylinders: 0x1EA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:52:30.0941 0x0744  ============================================================
19:52:30.0941 0x0744  \Device\Harddisk0\DR0:
19:52:30.0942 0x0744  MBR partitions:
19:52:30.0942 0x0744  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
19:52:30.0942 0x0744  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
19:52:30.0942 0x0744  \Device\Harddisk1\DR1:
19:52:30.0943 0x0744  MBR partitions:
19:52:30.0943 0x0744  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3C8, BlocksNum 0x785438
19:52:30.0943 0x0744  ============================================================
19:52:30.0968 0x0744  C: <-> \Device\Harddisk0\DR0\Partition2
19:52:30.0969 0x0744  ============================================================
19:52:30.0969 0x0744  Initialize success
19:52:30.0969 0x0744  ============================================================
19:52:33.0156 0x0d70  ============================================================
19:52:33.0156 0x0d70  Scan started
19:52:33.0156 0x0d70  Mode: Manual; 
19:52:33.0157 0x0d70  ============================================================
19:52:35.0096 0x0d70  ================ Scan system memory ========================
19:52:35.0096 0x0d70  System memory - ok
19:52:35.0098 0x0d70  ================ Scan services =============================
19:52:35.0758 0x0d70  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:52:35.0767 0x0d70  1394ohci - ok
19:52:35.0828 0x0d70  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:52:35.0838 0x0d70  ACPI - ok
19:52:35.0882 0x0d70  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:52:35.0888 0x0d70  AcpiPmi - ok
19:52:35.0999 0x0d70  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:52:36.0004 0x0d70  AdobeARMservice - ok
19:52:36.0079 0x0d70  [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:52:36.0089 0x0d70  AdobeFlashPlayerUpdateSvc - ok
19:52:36.0140 0x0d70  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:52:36.0149 0x0d70  adp94xx - ok
19:52:36.0226 0x0d70  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:52:36.0234 0x0d70  adpahci - ok
19:52:36.0249 0x0d70  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:52:36.0255 0x0d70  adpu320 - ok
19:52:36.0330 0x0d70  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:52:36.0336 0x0d70  AeLookupSvc - ok
19:52:36.0443 0x0d70  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
19:52:36.0457 0x0d70  AFD - ok
19:52:36.0530 0x0d70  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
19:52:36.0535 0x0d70  agp440 - ok
19:52:36.0572 0x0d70  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
19:52:36.0578 0x0d70  aic78xx - ok
19:52:36.0670 0x0d70  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
19:52:36.0674 0x0d70  ALG - ok
19:52:36.0740 0x0d70  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:52:36.0746 0x0d70  aliide - ok
19:52:36.0773 0x0d70  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:52:36.0786 0x0d70  amdagp - ok
19:52:36.0810 0x0d70  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:52:36.0819 0x0d70  amdide - ok
19:52:36.0836 0x0d70  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:52:36.0851 0x0d70  AmdK8 - ok
19:52:36.0865 0x0d70  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:52:36.0869 0x0d70  AmdPPM - ok
19:52:36.0886 0x0d70  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:52:36.0890 0x0d70  amdsata - ok
19:52:36.0906 0x0d70  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:52:36.0912 0x0d70  amdsbs - ok
19:52:36.0950 0x0d70  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:52:36.0954 0x0d70  amdxata - ok
19:52:36.0976 0x0d70  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
19:52:36.0979 0x0d70  AppID - ok
19:52:37.0016 0x0d70  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:52:37.0019 0x0d70  AppIDSvc - ok
19:52:37.0070 0x0d70  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\Windows\System32\appinfo.dll
19:52:37.0075 0x0d70  Appinfo - ok
19:52:37.0158 0x0d70  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:52:37.0165 0x0d70  Apple Mobile Device - ok
19:52:37.0209 0x0d70  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\drivers\arc.sys
19:52:37.0217 0x0d70  arc - ok
19:52:37.0239 0x0d70  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:52:37.0249 0x0d70  arcsas - ok
19:52:37.0292 0x0d70  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:52:37.0295 0x0d70  AsyncMac - ok
19:52:37.0328 0x0d70  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
19:52:37.0333 0x0d70  atapi - ok
19:52:37.0378 0x0d70  [ 0EC9C66DAB2C69E5484E3E3400C5BFF4 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
19:52:37.0382 0x0d70  AthBTPort - ok
19:52:37.0467 0x0d70  [ FF18F1868EFF449D51BA35E67BA1CC52 ] AtherosSvc      C:\Program Files\Bluetooth Suite\adminservice.exe
19:52:37.0471 0x0d70  AtherosSvc - ok
19:52:37.0569 0x0d70  [ 8309BF4D39DAA99E5035B58C7B1533D9 ] athr            C:\Windows\system32\DRIVERS\athr.sys
19:52:37.0652 0x0d70  athr - ok
19:52:37.0708 0x0d70  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:52:37.0718 0x0d70  AudioEndpointBuilder - ok
19:52:37.0741 0x0d70  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:52:37.0748 0x0d70  Audiosrv - ok
19:52:37.0780 0x0d70  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:52:37.0784 0x0d70  AxInstSV - ok
19:52:37.0834 0x0d70  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
19:52:37.0844 0x0d70  b06bdrv - ok
19:52:37.0877 0x0d70  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
19:52:37.0886 0x0d70  b57nd60x - ok
19:52:37.0937 0x0d70  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:52:37.0942 0x0d70  BDESVC - ok
19:52:37.0967 0x0d70  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:52:37.0970 0x0d70  Beep - ok
19:52:38.0011 0x0d70  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
19:52:38.0021 0x0d70  BFE - ok
19:52:38.0057 0x0d70  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
19:52:38.0079 0x0d70  BITS - ok
19:52:38.0095 0x0d70  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
19:52:38.0098 0x0d70  blbdrive - ok
19:52:38.0166 0x0d70  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:52:38.0174 0x0d70  Bonjour Service - ok
19:52:38.0204 0x0d70  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:52:38.0208 0x0d70  bowser - ok
19:52:38.0231 0x0d70  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:52:38.0235 0x0d70  BrFiltLo - ok
19:52:38.0250 0x0d70  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:52:38.0254 0x0d70  BrFiltUp - ok
19:52:38.0296 0x0d70  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
19:52:38.0300 0x0d70  Browser - ok
19:52:38.0320 0x0d70  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:52:38.0329 0x0d70  Brserid - ok
19:52:38.0344 0x0d70  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:52:38.0349 0x0d70  BrSerWdm - ok
19:52:38.0366 0x0d70  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:52:38.0371 0x0d70  BrUsbMdm - ok
19:52:38.0404 0x0d70  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:52:38.0407 0x0d70  BrUsbSer - ok
19:52:38.0479 0x0d70  [ 5708B8F128A524553E03D1520B536FE2 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
19:52:38.0488 0x0d70  BTATH_A2DP - ok
19:52:38.0516 0x0d70  [ 9F6C5D94048148D10A713FB08992D535 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
19:52:38.0520 0x0d70  btath_avdt - ok
19:52:38.0553 0x0d70  [ C32FB5FDE56302258C2A44A57116979F ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
19:52:38.0555 0x0d70  BTATH_BUS - ok
19:52:38.0585 0x0d70  [ F7A1B8334EF7D99EA9D894D995553D3E ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
19:52:38.0592 0x0d70  BTATH_HCRP - ok
19:52:38.0623 0x0d70  [ 03F0F96D729B47EBFE5BBC8842C74DBD ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:52:38.0627 0x0d70  BTATH_LWFLT - ok
19:52:38.0673 0x0d70  [ 92A08096BF01937847063D43CDB72F2A ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
19:52:38.0690 0x0d70  BTATH_RCP - ok
19:52:38.0740 0x0d70  [ 3195B198153FF53874B5D539F1F618B4 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
19:52:38.0749 0x0d70  BtFilter - ok
19:52:38.0802 0x0d70  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
19:52:38.0808 0x0d70  BthEnum - ok
19:52:38.0842 0x0d70  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:52:38.0847 0x0d70  BTHMODEM - ok
19:52:38.0890 0x0d70  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:52:38.0896 0x0d70  BthPan - ok
19:52:38.0939 0x0d70  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
19:52:38.0959 0x0d70  BTHPORT - ok
19:52:39.0015 0x0d70  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
19:52:39.0020 0x0d70  bthserv - ok
19:52:39.0087 0x0d70  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:52:39.0094 0x0d70  BTHUSB - ok
19:52:39.0133 0x0d70  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:52:39.0139 0x0d70  cdfs - ok
19:52:39.0180 0x0d70  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:52:39.0184 0x0d70  cdrom - ok
19:52:39.0228 0x0d70  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:52:39.0232 0x0d70  CertPropSvc - ok
19:52:39.0255 0x0d70  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:52:39.0258 0x0d70  circlass - ok
19:52:39.0291 0x0d70  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
19:52:39.0297 0x0d70  CLFS - ok
19:52:39.0398 0x0d70  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:39.0408 0x0d70  clr_optimization_v2.0.50727_32 - ok
19:52:39.0521 0x0d70  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:52:39.0558 0x0d70  clr_optimization_v4.0.30319_32 - ok
19:52:39.0587 0x0d70  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:52:39.0591 0x0d70  CmBatt - ok
19:52:39.0634 0x0d70  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:52:39.0638 0x0d70  cmdide - ok
19:52:39.0677 0x0d70  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
19:52:39.0688 0x0d70  CNG - ok
19:52:39.0731 0x0d70  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:52:39.0734 0x0d70  Compbatt - ok
19:52:39.0763 0x0d70  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:52:39.0765 0x0d70  CompositeBus - ok
19:52:39.0792 0x0d70  COMSysApp - ok
19:52:39.0818 0x0d70  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:52:39.0821 0x0d70  crcdisk - ok
19:52:39.0914 0x0d70  [ 2C53AB51F07EF7B58D32C36D8F2F8C16 ] CronService     C:\Prey\platform\windows\cronsvc.exe
19:52:39.0916 0x0d70  CronService - ok
19:52:39.0972 0x0d70  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:52:39.0979 0x0d70  CryptSvc - ok
19:52:40.0109 0x0d70  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:52:40.0122 0x0d70  cvhsvc - ok
19:52:40.0181 0x0d70  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:52:40.0201 0x0d70  DcomLaunch - ok
19:52:40.0260 0x0d70  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:52:40.0270 0x0d70  defragsvc - ok
19:52:40.0305 0x0d70  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:52:40.0309 0x0d70  DfsC - ok
19:52:40.0359 0x0d70  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:52:40.0369 0x0d70  Dhcp - ok
19:52:40.0416 0x0d70  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
19:52:40.0419 0x0d70  discache - ok
19:52:40.0443 0x0d70  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\drivers\disk.sys
19:52:40.0446 0x0d70  Disk - ok
19:52:40.0474 0x0d70  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:52:40.0481 0x0d70  Dnscache - ok
19:52:40.0508 0x0d70  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:52:40.0515 0x0d70  dot3svc - ok
19:52:40.0533 0x0d70  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
19:52:40.0538 0x0d70  DPS - ok
19:52:40.0573 0x0d70  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:52:40.0577 0x0d70  drmkaud - ok
19:52:40.0666 0x0d70  [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService   C:\Program Files\Launch Manager\dsiwmis.exe
19:52:40.0677 0x0d70  DsiWMIService - ok
19:52:40.0780 0x0d70  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:52:40.0788 0x0d70  dtsoftbus01 - ok
19:52:40.0839 0x0d70  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:52:40.0870 0x0d70  DXGKrnl - ok
19:52:40.0902 0x0d70  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
19:52:40.0907 0x0d70  EapHost - ok
19:52:41.0023 0x0d70  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
19:52:41.0126 0x0d70  ebdrv - ok
19:52:41.0172 0x0d70  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
19:52:41.0176 0x0d70  EFS - ok
19:52:41.0236 0x0d70  [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
19:52:41.0242 0x0d70  EgisTec Ticket Service - ok
19:52:41.0297 0x0d70  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:52:41.0307 0x0d70  elxstor - ok
19:52:41.0396 0x0d70  [ 81ECBF63B68F07DAA1185612F00FEBA1 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:52:41.0428 0x0d70  ePowerSvc - ok
19:52:41.0450 0x0d70  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:52:41.0454 0x0d70  ErrDev - ok
19:52:41.0519 0x0d70  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
19:52:41.0526 0x0d70  EventSystem - ok
19:52:41.0557 0x0d70  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
19:52:41.0562 0x0d70  exfat - ok
19:52:41.0606 0x0d70  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:52:41.0611 0x0d70  fastfat - ok
19:52:41.0659 0x0d70  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
19:52:41.0676 0x0d70  Fax - ok
19:52:41.0688 0x0d70  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\drivers\fdc.sys
19:52:41.0692 0x0d70  fdc - ok
19:52:41.0712 0x0d70  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
19:52:41.0716 0x0d70  fdPHost - ok
19:52:41.0743 0x0d70  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
19:52:41.0750 0x0d70  FDResPub - ok
19:52:41.0772 0x0d70  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:52:41.0776 0x0d70  FileInfo - ok
19:52:41.0796 0x0d70  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:52:41.0799 0x0d70  Filetrace - ok
19:52:41.0817 0x0d70  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:52:41.0820 0x0d70  flpydisk - ok
19:52:41.0848 0x0d70  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:52:41.0853 0x0d70  FltMgr - ok
19:52:41.0920 0x0d70  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
19:52:41.0952 0x0d70  FontCache - ok
19:52:42.0007 0x0d70  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:52:42.0010 0x0d70  FontCache3.0.0.0 - ok
19:52:42.0036 0x0d70  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:52:42.0039 0x0d70  FsDepends - ok
19:52:42.0074 0x0d70  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:52:42.0079 0x0d70  Fs_Rec - ok
19:52:42.0126 0x0d70  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:52:42.0133 0x0d70  fvevol - ok
19:52:42.0161 0x0d70  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:52:42.0169 0x0d70  gagp30kx - ok
19:52:42.0212 0x0d70  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:52:42.0214 0x0d70  GEARAspiWDM - ok
19:52:42.0251 0x0d70  [ 035EAF9A18B84F9560984BCF41F52E99 ] gfiark          C:\Windows\system32\drivers\gfiark.sys
19:52:42.0255 0x0d70  gfiark - ok
19:52:42.0310 0x0d70  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:52:42.0328 0x0d70  gpsvc - ok
19:52:42.0399 0x0d70  [ 32096F187020A54D29C95B3A1467D963 ] GREGService     C:\Program Files\Acer\Registration\GREGsvc.exe
19:52:42.0403 0x0d70  GREGService - ok
19:52:42.0486 0x0d70  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:42.0492 0x0d70  gupdate - ok
19:52:42.0527 0x0d70  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:42.0531 0x0d70  gupdatem - ok
19:52:42.0574 0x0d70  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:52:42.0579 0x0d70  hcw85cir - ok
19:52:42.0620 0x0d70  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:52:42.0627 0x0d70  HdAudAddService - ok
19:52:42.0713 0x0d70  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:52:42.0717 0x0d70  HDAudBus - ok
19:52:42.0733 0x0d70  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:52:42.0737 0x0d70  HidBatt - ok
19:52:42.0785 0x0d70  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:52:42.0789 0x0d70  HidBth - ok
19:52:42.0805 0x0d70  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:52:42.0810 0x0d70  HidIr - ok
19:52:42.0848 0x0d70  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
19:52:42.0853 0x0d70  hidserv - ok
19:52:42.0879 0x0d70  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:52:42.0883 0x0d70  HidUsb - ok
19:52:42.0916 0x0d70  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:52:42.0921 0x0d70  hkmsvc - ok
19:52:42.0989 0x0d70  [ CEAF89A631C5C78EC26BA15DD888FD52 ] hola_net        C:\Windows\system32\DRIVERS\hola_net.sys
19:52:42.0993 0x0d70  hola_net - ok
19:52:43.0044 0x0d70  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:52:43.0052 0x0d70  HomeGroupListener - ok
19:52:43.0133 0x0d70  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:52:43.0145 0x0d70  HomeGroupProvider - ok
19:52:43.0222 0x0d70  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:52:43.0225 0x0d70  HpSAMD - ok
19:52:43.0345 0x0d70  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:52:43.0366 0x0d70  HTTP - ok
19:52:43.0395 0x0d70  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:52:43.0400 0x0d70  hwpolicy - ok
19:52:43.0442 0x0d70  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:52:43.0445 0x0d70  i8042prt - ok
19:52:43.0496 0x0d70  [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
19:52:43.0501 0x0d70  iaStor - ok
19:52:43.0573 0x0d70  [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:52:43.0576 0x0d70  IAStorDataMgrSvc - ok
19:52:43.0627 0x0d70  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:52:43.0635 0x0d70  iaStorV - ok
19:52:43.0737 0x0d70  [ 0DFFBA5AE3D2E1C076BD8E6F52C4FDFB ] IconMan_R       C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:52:43.0791 0x0d70  IconMan_R - ok
19:52:43.0862 0x0d70  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:52:43.0892 0x0d70  idsvc - ok
19:52:43.0971 0x0d70  [ 96FE1D82D1B4420D350AB6493C6FCE41 ] igddim32        C:\Windows\system32\DRIVERS\igddim32.sys
19:52:44.0032 0x0d70  igddim32 - ok
19:52:44.0081 0x0d70  [ 30D8327539E11CFE5006BCF762F07EB9 ] igdkmd32        C:\Windows\system32\DRIVERS\igdkmd32.sys
19:52:44.0091 0x0d70  igdkmd32 - ok
19:52:44.0134 0x0d70  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:52:44.0140 0x0d70  iirsp - ok
19:52:44.0216 0x0d70  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:52:44.0252 0x0d70  IKEEXT - ok
19:52:44.0454 0x0d70  [ 303129C4432D58DE0A56CF6F25512956 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:52:44.0577 0x0d70  IntcAzAudAddService - ok
19:52:44.0631 0x0d70  [ 8F4D251F1EA15FA97E8399128A72CC83 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:52:44.0638 0x0d70  IntcDAud - ok
19:52:44.0667 0x0d70  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:52:44.0671 0x0d70  intelide - ok
19:52:44.0720 0x0d70  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:52:44.0722 0x0d70  intelppm - ok
19:52:44.0759 0x0d70  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:52:44.0765 0x0d70  IPBusEnum - ok
19:52:44.0777 0x0d70  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:44.0780 0x0d70  IpFilterDriver - ok
19:52:44.0837 0x0d70  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] IpHlpSvc        C:\Windows\System32\iphlpsvc.dll
19:52:44.0848 0x0d70  IpHlpSvc - ok
19:52:44.0860 0x0d70  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:52:44.0864 0x0d70  IPMIDRV - ok
19:52:44.0881 0x0d70  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:52:44.0886 0x0d70  IPNAT - ok
19:52:44.0956 0x0d70  [ D8B8B5A8FE57CF4F307A540D9A153C23 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:52:44.0966 0x0d70  iPod Service - ok
19:52:45.0001 0x0d70  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:52:45.0004 0x0d70  IRENUM - ok
19:52:45.0019 0x0d70  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:52:45.0023 0x0d70  isapnp - ok
19:52:45.0057 0x0d70  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:52:45.0065 0x0d70  iScsiPrt - ok
19:52:45.0092 0x0d70  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:52:45.0096 0x0d70  kbdclass - ok
19:52:45.0122 0x0d70  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:52:45.0126 0x0d70  kbdhid - ok
19:52:45.0142 0x0d70  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
19:52:45.0147 0x0d70  KeyIso - ok
19:52:45.0218 0x0d70  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:52:45.0223 0x0d70  KSecDD - ok
19:52:45.0248 0x0d70  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:52:45.0253 0x0d70  KSecPkg - ok
19:52:45.0297 0x0d70  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:52:45.0308 0x0d70  KtmRm - ok
19:52:45.0354 0x0d70  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:52:45.0363 0x0d70  LanmanServer - ok
19:52:45.0407 0x0d70  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:52:45.0422 0x0d70  LanmanWorkstation - ok
19:52:45.0487 0x0d70  [ 6BB516A31DE232DAB436FF3A117E1E80 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:52:45.0494 0x0d70  Live Updater Service - ok
19:52:45.0555 0x0d70  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:52:45.0558 0x0d70  lltdio - ok
19:52:45.0598 0x0d70  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:52:45.0606 0x0d70  lltdsvc - ok
19:52:45.0631 0x0d70  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:52:45.0636 0x0d70  lmhosts - ok
19:52:45.0656 0x0d70  lpncstkd - ok
19:52:45.0709 0x0d70  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:52:45.0713 0x0d70  LSI_FC - ok
19:52:45.0730 0x0d70  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:52:45.0736 0x0d70  LSI_SAS - ok
19:52:45.0753 0x0d70  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:52:45.0757 0x0d70  LSI_SAS2 - ok
19:52:45.0773 0x0d70  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:52:45.0778 0x0d70  LSI_SCSI - ok
19:52:45.0812 0x0d70  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
19:52:45.0817 0x0d70  luafv - ok
19:52:45.0854 0x0d70  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:52:45.0858 0x0d70  megasas - ok
19:52:45.0876 0x0d70  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:52:45.0882 0x0d70  MegaSR - ok
19:52:46.0110 0x0d70  Microsoft SharePoint Workspace Audit Service - ok
19:52:46.0149 0x0d70  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
19:52:46.0163 0x0d70  MMCSS - ok
19:52:46.0199 0x0d70  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
19:52:46.0203 0x0d70  Modem - ok
19:52:46.0243 0x0d70  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:52:46.0245 0x0d70  monitor - ok
19:52:46.0270 0x0d70  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:52:46.0273 0x0d70  mouclass - ok
19:52:46.0291 0x0d70  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:52:46.0296 0x0d70  mouhid - ok
19:52:46.0312 0x0d70  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:52:46.0317 0x0d70  mountmgr - ok
19:52:46.0367 0x0d70  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:52:46.0375 0x0d70  MpFilter - ok
19:52:46.0405 0x0d70  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:52:46.0412 0x0d70  mpio - ok
19:52:46.0433 0x0d70  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:52:46.0436 0x0d70  mpsdrv - ok
19:52:46.0482 0x0d70  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:52:46.0502 0x0d70  MpsSvc - ok
19:52:46.0517 0x0d70  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:52:46.0524 0x0d70  MRxDAV - ok
19:52:46.0559 0x0d70  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:46.0564 0x0d70  mrxsmb - ok
19:52:46.0588 0x0d70  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:46.0594 0x0d70  mrxsmb10 - ok
19:52:46.0622 0x0d70  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:46.0627 0x0d70  mrxsmb20 - ok
19:52:46.0642 0x0d70  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
19:52:46.0649 0x0d70  msahci - ok
19:52:46.0662 0x0d70  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:52:46.0670 0x0d70  msdsm - ok
19:52:46.0693 0x0d70  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
19:52:46.0700 0x0d70  MSDTC - ok
19:52:46.0743 0x0d70  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:52:46.0747 0x0d70  Msfs - ok
19:52:46.0769 0x0d70  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:52:46.0773 0x0d70  mshidkmdf - ok
19:52:46.0799 0x0d70  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:52:46.0803 0x0d70  msisadrv - ok
19:52:46.0846 0x0d70  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:52:46.0854 0x0d70  MSiSCSI - ok
19:52:46.0865 0x0d70  msiserver - ok
19:52:46.0900 0x0d70  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:52:46.0904 0x0d70  MSKSSRV - ok
19:52:46.0955 0x0d70  MsMpSvc - ok
19:52:46.0970 0x0d70  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:46.0975 0x0d70  MSPCLOCK - ok
19:52:46.0991 0x0d70  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:52:46.0997 0x0d70  MSPQM - ok
19:52:47.0022 0x0d70  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:52:47.0028 0x0d70  MsRPC - ok
19:52:47.0076 0x0d70  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:52:47.0078 0x0d70  mssmbios - ok
19:52:47.0094 0x0d70  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:52:47.0097 0x0d70  MSTEE - ok
19:52:47.0117 0x0d70  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:52:47.0120 0x0d70  MTConfig - ok
19:52:47.0146 0x0d70  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:52:47.0150 0x0d70  Mup - ok
19:52:47.0173 0x0d70  [ 383379F94280E5CCE2C563711FD17F43 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:52:47.0176 0x0d70  mwlPSDFilter - ok
19:52:47.0197 0x0d70  [ 9DDF22CFFACFE91FB60336276A2F2524 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:52:47.0201 0x0d70  mwlPSDNServ - ok
19:52:47.0220 0x0d70  [ 755B8CEFEC291F42CDC560A68CDDE6EF ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:52:47.0224 0x0d70  mwlPSDVDisk - ok
19:52:47.0267 0x0d70  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
19:52:47.0278 0x0d70  napagent - ok
19:52:47.0314 0x0d70  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:52:47.0320 0x0d70  NativeWifiP - ok
19:52:47.0376 0x0d70  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:52:47.0406 0x0d70  NDIS - ok
19:52:47.0432 0x0d70  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:52:47.0436 0x0d70  NdisCap - ok
19:52:47.0470 0x0d70  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:47.0473 0x0d70  NdisTapi - ok
19:52:47.0492 0x0d70  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:47.0497 0x0d70  Ndisuio - ok
19:52:47.0518 0x0d70  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:47.0523 0x0d70  NdisWan - ok
19:52:47.0535 0x0d70  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:52:47.0540 0x0d70  NDProxy - ok
19:52:47.0563 0x0d70  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:52:47.0566 0x0d70  NetBIOS - ok
19:52:47.0593 0x0d70  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:52:47.0598 0x0d70  NetBT - ok
19:52:47.0617 0x0d70  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
19:52:47.0621 0x0d70  Netlogon - ok
19:52:47.0677 0x0d70  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
19:52:47.0686 0x0d70  Netman - ok
19:52:47.0708 0x0d70  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
19:52:47.0720 0x0d70  netprofm - ok
19:52:47.0752 0x0d70  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:52:47.0758 0x0d70  NetTcpPortSharing - ok
19:52:47.0802 0x0d70  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:52:47.0806 0x0d70  nfrd960 - ok
19:52:47.0849 0x0d70  [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:52:47.0854 0x0d70  NisDrv - ok
19:52:47.0869 0x0d70  NisSrv - ok
19:52:48.0022 0x0d70  [ D10C1F16AAA5EBE1616C9DB7EEF022BA ] NitroDriverReadSpool8 C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
19:52:48.0029 0x0d70  NitroDriverReadSpool8 - ok
19:52:48.0082 0x0d70  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:52:48.0092 0x0d70  NlaSvc - ok
19:52:48.0150 0x0d70  [ 43436B5756A45EA11D274B3983204095 ] nlsX86cc        C:\Windows\system32\NLSSRV32.EXE
19:52:48.0158 0x0d70  nlsX86cc - ok
19:52:48.0276 0x0d70  [ A634584C506F2C82680039371AA1772C ] NOBU            C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
19:52:48.0329 0x0d70  NOBU - ok
19:52:48.0356 0x0d70  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:52:48.0359 0x0d70  Npfs - ok
19:52:48.0393 0x0d70  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
19:52:48.0399 0x0d70  nsi - ok
19:52:48.0420 0x0d70  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:52:48.0423 0x0d70  nsiproxy - ok
19:52:48.0491 0x0d70  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:52:48.0535 0x0d70  Ntfs - ok
19:52:48.0582 0x0d70  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
19:52:48.0585 0x0d70  Null - ok
19:52:48.0632 0x0d70  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:52:48.0640 0x0d70  nvraid - ok
19:52:48.0659 0x0d70  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:52:48.0669 0x0d70  nvstor - ok
19:52:48.0702 0x0d70  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:52:48.0707 0x0d70  nv_agp - ok
19:52:48.0723 0x0d70  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:52:48.0727 0x0d70  ohci1394 - ok
19:52:48.0796 0x0d70  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:48.0801 0x0d70  ose - ok
19:52:48.0953 0x0d70  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:52:49.0085 0x0d70  osppsvc - ok
19:52:49.0143 0x0d70  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:52:49.0153 0x0d70  p2pimsvc - ok
19:52:49.0191 0x0d70  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:52:49.0202 0x0d70  p2psvc - ok
19:52:49.0234 0x0d70  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\drivers\parport.sys
19:52:49.0238 0x0d70  Parport - ok
19:52:49.0260 0x0d70  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:52:49.0264 0x0d70  partmgr - ok
19:52:49.0289 0x0d70  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
19:52:49.0294 0x0d70  Parvdm - ok
19:52:49.0319 0x0d70  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
19:52:49.0325 0x0d70  pci - ok
19:52:49.0338 0x0d70  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
19:52:49.0343 0x0d70  pciide - ok
19:52:49.0361 0x0d70  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:52:49.0368 0x0d70  pcmcia - ok
19:52:49.0394 0x0d70  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
19:52:49.0398 0x0d70  pcw - ok
19:52:49.0448 0x0d70  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:52:49.0465 0x0d70  PEAUTH - ok
19:52:49.0559 0x0d70  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
19:52:49.0603 0x0d70  pla - ok
19:52:49.0651 0x0d70  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:52:49.0661 0x0d70  PlugPlay - ok
19:52:49.0725 0x0d70  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:52:49.0731 0x0d70  PNRPAutoReg - ok
19:52:49.0755 0x0d70  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:52:49.0761 0x0d70  PNRPsvc - ok
19:52:49.0792 0x0d70  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
19:52:49.0800 0x0d70  Power - ok
19:52:49.0842 0x0d70  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:52:49.0846 0x0d70  PptpMiniport - ok
19:52:49.0875 0x0d70  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\drivers\processr.sys
19:52:49.0882 0x0d70  Processor - ok
19:52:49.0939 0x0d70  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
19:52:49.0947 0x0d70  ProfSvc - ok
19:52:49.0972 0x0d70  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:52:49.0976 0x0d70  ProtectedStorage - ok
19:52:50.0005 0x0d70  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:52:50.0009 0x0d70  Psched - ok
19:52:50.0087 0x0d70  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:52:50.0133 0x0d70  ql2300 - ok
19:52:50.0160 0x0d70  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:52:50.0165 0x0d70  ql40xx - ok
19:52:50.0194 0x0d70  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
19:52:50.0203 0x0d70  QWAVE - ok
19:52:50.0239 0x0d70  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:52:50.0244 0x0d70  QWAVEdrv - ok
19:52:50.0256 0x0d70  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:52:50.0260 0x0d70  RasAcd - ok
19:52:50.0339 0x0d70  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:52:50.0342 0x0d70  RasAgileVpn - ok
19:52:50.0397 0x0d70  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
19:52:50.0406 0x0d70  RasAuto - ok
19:52:50.0447 0x0d70  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:50.0452 0x0d70  Rasl2tp - ok
19:52:50.0502 0x0d70  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
19:52:50.0524 0x0d70  RasMan - ok
19:52:50.0555 0x0d70  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:50.0562 0x0d70  RasPppoe - ok
19:52:50.0594 0x0d70  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:52:50.0600 0x0d70  RasSstp - ok
19:52:50.0623 0x0d70  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:52:50.0629 0x0d70  rdbss - ok
19:52:50.0670 0x0d70  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:52:50.0674 0x0d70  rdpbus - ok
19:52:50.0699 0x0d70  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:50.0703 0x0d70  RDPCDD - ok
19:52:50.0745 0x0d70  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:52:50.0749 0x0d70  RDPENCDD - ok
19:52:50.0769 0x0d70  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:52:50.0772 0x0d70  RDPREFMP - ok
19:52:50.0791 0x0d70  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:52:50.0799 0x0d70  RDPWD - ok
19:52:50.0829 0x0d70  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:52:50.0835 0x0d70  rdyboost - ok
19:52:50.0874 0x0d70  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:52:50.0882 0x0d70  RemoteRegistry - ok
19:52:50.0915 0x0d70  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:52:50.0921 0x0d70  RFCOMM - ok
19:52:50.0983 0x0d70  [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
19:52:50.0987 0x0d70  RimUsb - ok
19:52:51.0031 0x0d70  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:52:51.0038 0x0d70  RpcEptMapper - ok
19:52:51.0074 0x0d70  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
19:52:51.0079 0x0d70  RpcLocator - ok
19:52:51.0111 0x0d70  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
19:52:51.0120 0x0d70  RpcSs - ok
19:52:51.0179 0x0d70  [ 683B328B077D21F06E18C426DBAC0616 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
19:52:51.0186 0x0d70  RSPCIESTOR - ok
19:52:51.0234 0x0d70  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:52:51.0238 0x0d70  rspndr - ok
19:52:51.0313 0x0d70  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service      C:\Program Files\Acer\Acer VCM\RS_Service.exe
19:52:51.0330 0x0d70  RS_Service - ok
19:52:51.0401 0x0d70  [ 6A2586DCB5B04A52404699EB325DF1DB ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
19:52:51.0421 0x0d70  RTL8167 - ok
19:52:51.0483 0x0d70  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
19:52:51.0486 0x0d70  SamSs - ok
19:52:51.0525 0x0d70  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:52:51.0530 0x0d70  sbp2port - ok
19:52:51.0582 0x0d70  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:52:51.0591 0x0d70  SCardSvr - ok
19:52:51.0662 0x0d70  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:52:51.0670 0x0d70  scfilter - ok
19:52:51.0723 0x0d70  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
19:52:51.0755 0x0d70  Schedule - ok
19:52:51.0773 0x0d70  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:52:51.0775 0x0d70  SCPolicySvc - ok
19:52:51.0802 0x0d70  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:52:51.0810 0x0d70  SDRSVC - ok
19:52:51.0842 0x0d70  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:52:51.0846 0x0d70  secdrv - ok
19:52:51.0860 0x0d70  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
19:52:51.0867 0x0d70  seclogon - ok
19:52:51.0897 0x0d70  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
19:52:51.0904 0x0d70  SENS - ok
19:52:51.0917 0x0d70  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:52:51.0924 0x0d70  SensrSvc - ok
19:52:51.0950 0x0d70  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:52:51.0954 0x0d70  Serenum - ok
19:52:51.0971 0x0d70  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\drivers\serial.sys
19:52:51.0978 0x0d70  Serial - ok
19:52:51.0990 0x0d70  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:52:51.0994 0x0d70  sermouse - ok
19:52:52.0050 0x0d70  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:52:52.0059 0x0d70  SessionEnv - ok
19:52:52.0072 0x0d70  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:52:52.0079 0x0d70  sffdisk - ok
19:52:52.0092 0x0d70  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:52:52.0095 0x0d70  sffp_mmc - ok
19:52:52.0115 0x0d70  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:52:52.0120 0x0d70  sffp_sd - ok
19:52:52.0136 0x0d70  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:52:52.0140 0x0d70  sfloppy - ok
19:52:52.0197 0x0d70  [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
19:52:52.0208 0x0d70  Sftfs - ok
19:52:52.0269 0x0d70  [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist         C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
19:52:52.0279 0x0d70  sftlist - ok
19:52:52.0304 0x0d70  [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:52:52.0311 0x0d70  Sftplay - ok
19:52:52.0332 0x0d70  [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:52:52.0336 0x0d70  Sftredir - ok
19:52:52.0360 0x0d70  [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
19:52:52.0363 0x0d70  Sftvol - ok
19:52:52.0385 0x0d70  [ A5812F0281CA5081BF696626F9BF324D ] sftvsa          C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
19:52:52.0391 0x0d70  sftvsa - ok
19:52:52.0434 0x0d70  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:52:52.0444 0x0d70  SharedAccess - ok
19:52:52.0503 0x0d70  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:52:52.0522 0x0d70  ShellHWDetection - ok
19:52:52.0567 0x0d70  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:52:52.0573 0x0d70  sisagp - ok
19:52:52.0586 0x0d70  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:52:52.0591 0x0d70  SiSRaid2 - ok
19:52:52.0608 0x0d70  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:52:52.0616 0x0d70  SiSRaid4 - ok
19:52:52.0670 0x0d70  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:52:52.0675 0x0d70  SkypeUpdate - ok
19:52:52.0703 0x0d70  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:52:52.0707 0x0d70  Smb - ok
19:52:52.0760 0x0d70  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:52:52.0770 0x0d70  SNMPTRAP - ok
19:52:52.0788 0x0d70  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:52:52.0792 0x0d70  spldr - ok
19:52:52.0837 0x0d70  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
19:52:52.0848 0x0d70  Spooler - ok
19:52:53.0014 0x0d70  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
19:52:53.0129 0x0d70  sppsvc - ok
19:52:53.0158 0x0d70  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:52:53.0166 0x0d70  sppuinotify - ok
19:52:53.0198 0x0d70  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:52:53.0207 0x0d70  srv - ok
19:52:53.0240 0x0d70  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:52:53.0248 0x0d70  srv2 - ok
19:52:53.0276 0x0d70  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:52:53.0281 0x0d70  srvnet - ok
19:52:53.0358 0x0d70  [ 6A09C136CF33547820CB963E4D5AAF9E ] SSCBFS3         C:\Windows\system32\DRIVERS\sscbfs3.sys
19:52:53.0365 0x0d70  SSCBFS3 - ok
19:52:53.0406 0x0d70  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:52:53.0415 0x0d70  SSDPSRV - ok
19:52:53.0432 0x0d70  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:52:53.0440 0x0d70  SstpSvc - ok
19:52:53.0475 0x0d70  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:52:53.0481 0x0d70  stexstor - ok
19:52:53.0523 0x0d70  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
19:52:53.0541 0x0d70  StiSvc - ok
19:52:53.0557 0x0d70  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:52:53.0563 0x0d70  swenum - ok
19:52:53.0588 0x0d70  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
19:52:53.0600 0x0d70  swprv - ok
19:52:53.0688 0x0d70  [ 31B6B2D25FCFF1B71AE225000D656CD0 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:52:53.0732 0x0d70  SynTP - ok
19:52:53.0789 0x0d70  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
19:52:53.0835 0x0d70  SysMain - ok
19:52:53.0861 0x0d70  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:52:53.0870 0x0d70  TabletInputService - ok
19:52:53.0896 0x0d70  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:52:53.0908 0x0d70  TapiSrv - ok
19:52:53.0935 0x0d70  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
19:52:53.0942 0x0d70  TBS - ok
19:52:54.0034 0x0d70  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:52:54.0078 0x0d70  Tcpip - ok
19:52:54.0127 0x0d70  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:52:54.0143 0x0d70  TCPIP6 - ok
19:52:54.0184 0x0d70  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:52:54.0188 0x0d70  tcpipreg - ok
19:52:54.0239 0x0d70  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:52:54.0242 0x0d70  TDPIPE - ok
19:52:54.0253 0x0d70  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:52:54.0257 0x0d70  TDTCP - ok
19:52:54.0295 0x0d70  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:52:54.0300 0x0d70  tdx - ok
19:52:54.0327 0x0d70  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:52:54.0331 0x0d70  TermDD - ok
19:52:54.0377 0x0d70  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
19:52:54.0398 0x0d70  TermService - ok
19:52:54.0418 0x0d70  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
19:52:54.0426 0x0d70  Themes - ok
19:52:54.0448 0x0d70  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
19:52:54.0452 0x0d70  THREADORDER - ok
19:52:54.0482 0x0d70  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
19:52:54.0491 0x0d70  TrkWks - ok
19:52:54.0539 0x0d70  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:52:54.0545 0x0d70  TrustedInstaller - ok
19:52:54.0594 0x0d70  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:54.0598 0x0d70  tssecsrv - ok
19:52:54.0666 0x0d70  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:52:54.0670 0x0d70  TsUsbFlt - ok
19:52:54.0698 0x0d70  [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:52:54.0704 0x0d70  TsUsbGD - ok
19:52:54.0754 0x0d70  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:52:54.0759 0x0d70  tunnel - ok
19:52:54.0774 0x0d70  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:52:54.0778 0x0d70  uagp35 - ok
19:52:54.0803 0x0d70  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:52:54.0809 0x0d70  udfs - ok
19:52:54.0862 0x0d70  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:52:54.0870 0x0d70  UI0Detect - ok
19:52:54.0891 0x0d70  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:52:54.0896 0x0d70  uliagpkx - ok
19:52:54.0930 0x0d70  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:52:54.0934 0x0d70  umbus - ok
19:52:54.0946 0x0d70  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:52:54.0950 0x0d70  UmPass - ok
19:52:54.0984 0x0d70  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
19:52:55.0005 0x0d70  upnphost - ok
19:52:55.0026 0x0d70  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:52:55.0030 0x0d70  usbccgp - ok
19:52:55.0065 0x0d70  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:52:55.0070 0x0d70  usbcir - ok
19:52:55.0106 0x0d70  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:52:55.0110 0x0d70  usbehci - ok
19:52:55.0142 0x0d70  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:52:55.0148 0x0d70  usbhub - ok
19:52:55.0177 0x0d70  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:52:55.0182 0x0d70  usbohci - ok
19:52:55.0208 0x0d70  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:52:55.0212 0x0d70  usbprint - ok
19:52:55.0243 0x0d70  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:55.0248 0x0d70  USBSTOR - ok
19:52:55.0283 0x0d70  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:52:55.0287 0x0d70  usbuhci - ok
19:52:55.0324 0x0d70  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:52:55.0329 0x0d70  usbvideo - ok
19:52:55.0365 0x0d70  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
19:52:55.0373 0x0d70  UxSms - ok
19:52:55.0405 0x0d70  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
19:52:55.0409 0x0d70  VaultSvc - ok
19:52:55.0436 0x0d70  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:52:55.0440 0x0d70  vdrvroot - ok
19:52:55.0483 0x0d70  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
19:52:55.0516 0x0d70  vds - ok
19:52:55.0569 0x0d70  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:55.0575 0x0d70  vga - ok
19:52:55.0607 0x0d70  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:52:55.0610 0x0d70  VgaSave - ok
19:52:55.0631 0x0d70  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:52:55.0639 0x0d70  vhdmp - ok
19:52:55.0680 0x0d70  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:52:55.0685 0x0d70  viaagp - ok
19:52:55.0698 0x0d70  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
19:52:55.0703 0x0d70  ViaC7 - ok
19:52:55.0721 0x0d70  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
19:52:55.0725 0x0d70  viaide - ok
19:52:55.0751 0x0d70  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:52:55.0756 0x0d70  volmgr - ok
19:52:55.0785 0x0d70  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:52:55.0794 0x0d70  volmgrx - ok
19:52:55.0818 0x0d70  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:52:55.0826 0x0d70  volsnap - ok
19:52:55.0849 0x0d70  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:52:55.0857 0x0d70  vsmraid - ok
19:52:55.0970 0x0d70  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
19:52:56.0003 0x0d70  VSS - ok
19:52:56.0022 0x0d70  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:52:56.0025 0x0d70  vwifibus - ok
19:52:56.0072 0x0d70  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:52:56.0076 0x0d70  vwififlt - ok
19:52:56.0108 0x0d70  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
19:52:56.0119 0x0d70  W32Time - ok
19:52:56.0148 0x0d70  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:52:56.0153 0x0d70  WacomPen - ok
19:52:56.0187 0x0d70  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:52:56.0191 0x0d70  WANARP - ok
19:52:56.0201 0x0d70  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:52:56.0204 0x0d70  Wanarpv6 - ok
19:52:56.0262 0x0d70  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
19:52:56.0304 0x0d70  wbengine - ok
19:52:56.0321 0x0d70  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:52:56.0331 0x0d70  WbioSrvc - ok
19:52:56.0353 0x0d70  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:52:56.0365 0x0d70  wcncsvc - ok
19:52:56.0387 0x0d70  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:52:56.0396 0x0d70  WcsPlugInService - ok
19:52:56.0423 0x0d70  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\drivers\wd.sys
19:52:56.0429 0x0d70  Wd - ok
19:52:56.0476 0x0d70  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:52:56.0493 0x0d70  Wdf01000 - ok
19:52:56.0514 0x0d70  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:52:56.0523 0x0d70  WdiServiceHost - ok
19:52:56.0533 0x0d70  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:52:56.0540 0x0d70  WdiSystemHost - ok
19:52:56.0559 0x0d70  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
19:52:56.0570 0x0d70  WebClient - ok
19:52:56.0602 0x0d70  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:52:56.0612 0x0d70  Wecsvc - ok
19:52:56.0633 0x0d70  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:52:56.0641 0x0d70  wercplsupport - ok
19:52:56.0668 0x0d70  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:52:56.0676 0x0d70  WerSvc - ok
19:52:56.0725 0x0d70  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:52:56.0728 0x0d70  WfpLwf - ok
19:52:56.0756 0x0d70  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:52:56.0760 0x0d70  WIMMount - ok
19:52:56.0830 0x0d70  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:52:56.0862 0x0d70  WinDefend - ok
19:52:56.0890 0x0d70  WinHttpAutoProxySvc - ok
19:52:56.0978 0x0d70  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:52:56.0987 0x0d70  Winmgmt - ok
19:52:57.0075 0x0d70  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
19:52:57.0113 0x0d70  WinRM - ok
19:52:57.0225 0x0d70  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:52:57.0232 0x0d70  WinUsb - ok
19:52:57.0327 0x0d70  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:52:57.0359 0x0d70  Wlansvc - ok
19:52:57.0442 0x0d70  [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:52:57.0463 0x0d70  wlcrasvc - ok
19:52:57.0582 0x0d70  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:52:57.0636 0x0d70  wlidsvc - ok
19:52:57.0681 0x0d70  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:52:57.0682 0x0d70  WmiAcpi - ok
19:52:57.0738 0x0d70  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:52:57.0744 0x0d70  wmiApSrv - ok
19:52:57.0896 0x0d70  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:52:57.0921 0x0d70  WMPNetworkSvc - ok
19:52:57.0967 0x0d70  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:52:57.0977 0x0d70  WPCSvc - ok
19:52:58.0014 0x0d70  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:52:58.0027 0x0d70  WPDBusEnum - ok
19:52:58.0071 0x0d70  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:52:58.0074 0x0d70  ws2ifsl - ok
19:52:58.0116 0x0d70  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
19:52:58.0124 0x0d70  wscsvc - ok
19:52:58.0135 0x0d70  WSearch - ok
19:52:58.0269 0x0d70  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:52:58.0323 0x0d70  wuauserv - ok
19:52:58.0360 0x0d70  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:52:58.0364 0x0d70  WudfPf - ok
19:52:58.0403 0x0d70  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:58.0409 0x0d70  WUDFRd - ok
19:52:58.0441 0x0d70  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:52:58.0449 0x0d70  wudfsvc - ok
19:52:58.0487 0x0d70  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:52:58.0498 0x0d70  WwanSvc - ok
19:52:58.0624 0x0d70  [ D3B7598A8F41337B7303DD3D7F9ACC3F ] etadpug        C:\Program Files\Google\Desktop\Install\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\   \...\ﯹ๛\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\GoogleUpdate.exe
19:52:58.0629 0x0d70  etadpug ( Rootkit.Win32.PMax.gen ) - infected
19:52:58.0629 0x0d70  etadpug - detected Rootkit.Win32.PMax.gen (0)
19:52:58.0631 0x0d70  ================ Scan global ===============================
19:52:58.0659 0x0d70  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:52:58.0693 0x0d70  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
19:52:58.0727 0x0d70  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
19:52:58.0768 0x0d70  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:52:58.0813 0x0d70  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:52:58.0823 0x0d70  [Global] - ok
19:52:58.0824 0x0d70  ================ Scan MBR ==================================
19:52:58.0840 0x0d70  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:52:59.0952 0x0d70  \Device\Harddisk0\DR0 - ok
19:52:59.0971 0x0d70  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:54:10.0753 0x0d70  \Device\Harddisk1\DR1 - ok
19:54:10.0754 0x0d70  ================ Scan VBR ==================================
19:54:10.0807 0x0d70  [ DB78C982ECBC3D1A3C624B7ECFBDBD81 ] \Device\Harddisk0\DR0\Partition1
19:54:10.0815 0x0d70  \Device\Harddisk0\DR0\Partition1 - ok
19:54:10.0838 0x0d70  [ 6275B959055016181A8E6210A7B09003 ] \Device\Harddisk0\DR0\Partition2
19:54:10.0850 0x0d70  \Device\Harddisk0\DR0\Partition2 - ok
19:54:10.0860 0x0d70  [ E235E76279DD85501C7A5E54B224815C ] \Device\Harddisk1\DR1\Partition1
19:54:10.0864 0x0d70  \Device\Harddisk1\DR1\Partition1 - ok
19:54:10.0868 0x0d70  ============================================================
19:54:10.0868 0x0d70  Scan finished
19:54:10.0868 0x0d70  ============================================================
19:54:10.0903 0x0690  Detected object count: 1
19:54:10.0903 0x0690  Actual detected object count: 1
20:04:29.0319 0x0690  etadpug ( Rootkit.Win32.PMax.gen ) - skipped by user
20:04:29.0319 0x0690  etadpug ( Rootkit.Win32.PMax.gen ) - User select action: Skip 
20:06:23.0969 0x11f8  Deinitialize success
 

 



#4 paolok6

paolok6
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 16 September 2013 - 07:53 PM

log number 2 out of 3

20:10:44.0717 0x1604 TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
20:10:45.0419 0x1604 ============================================================
20:10:45.0419 0x1604 Current date / time: 2013/09/16 20:10:45.0419
20:10:45.0419 0x1604 SystemInfo:
20:10:45.0419 0x1604
20:10:45.0419 0x1604 OS Version: 6.1.7601 ServicePack: 1.0
20:10:45.0419 0x1604 Product type: Workstation
20:10:45.0419 0x1604 ComputerName: PAOLO-PC
20:10:45.0419 0x1604 UserName: Paolo
20:10:45.0419 0x1604 Windows directory: C:\Windows
20:10:45.0419 0x1604 System windows directory: C:\Windows
20:10:45.0419 0x1604 Processor architecture: Intel x86
20:10:45.0419 0x1604 Number of processors: 4
20:10:45.0419 0x1604 Page size: 0x1000
20:10:45.0419 0x1604 Boot type: Normal boot
20:10:45.0419 0x1604 ============================================================
20:10:46.0355 0x1604 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:10:46.0370 0x1604 Drive \Device\Harddisk1\DR3 - Size: 0xF0B00000 (3.76 Gb), SectorSize: 0x200, Cylinders: 0x1EA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:10:46.0370 0x1604 ============================================================
20:10:46.0370 0x1604 \Device\Harddisk0\DR0:
20:10:46.0370 0x1604 MBR partitions:
20:10:46.0370 0x1604 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
20:10:46.0370 0x1604 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
20:10:46.0370 0x1604 \Device\Harddisk1\DR3:
20:10:46.0370 0x1604 MBR partitions:
20:10:46.0370 0x1604 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xB, StartLBA 0x3C8, BlocksNum 0x785438
20:10:46.0370 0x1604 ============================================================
20:10:46.0402 0x1604 C: <-> \Device\Harddisk0\DR0\Partition2
20:10:46.0402 0x1604 ============================================================
20:10:46.0402 0x1604 Initialize success
20:10:46.0402 0x1604 ============================================================
20:10:47.0868 0x0d2c ============================================================
20:10:47.0868 0x0d2c Scan started
20:10:47.0868 0x0d2c Mode: Manual;
20:10:47.0868 0x0d2c ============================================================
20:10:48.0492 0x0d2c ================ Scan system memory ========================
20:10:48.0492 0x0d2c System memory - ok
20:10:48.0492 0x0d2c ================ Scan services =============================
20:10:49.0038 0x0d2c [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:10:49.0038 0x0d2c 1394ohci - ok
20:10:49.0085 0x0d2c [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:10:49.0100 0x0d2c ACPI - ok
20:10:49.0147 0x0d2c [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:10:49.0147 0x0d2c AcpiPmi - ok
20:10:49.0256 0x0d2c [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:10:49.0256 0x0d2c AdobeARMservice - ok
20:10:49.0334 0x0d2c [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:10:49.0334 0x0d2c AdobeFlashPlayerUpdateSvc - ok
20:10:49.0397 0x0d2c [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:10:49.0412 0x0d2c adp94xx - ok
20:10:49.0459 0x0d2c [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:10:49.0459 0x0d2c adpahci - ok
20:10:49.0475 0x0d2c [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:10:49.0475 0x0d2c adpu320 - ok
20:10:49.0553 0x0d2c [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:10:49.0553 0x0d2c AeLookupSvc - ok
20:10:49.0615 0x0d2c [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:10:49.0615 0x0d2c AFD - ok
20:10:49.0678 0x0d2c [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:10:49.0693 0x0d2c agp440 - ok
20:10:49.0756 0x0d2c [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:10:49.0756 0x0d2c aic78xx - ok
20:10:49.0834 0x0d2c [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:10:49.0834 0x0d2c ALG - ok
20:10:49.0865 0x0d2c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:10:49.0865 0x0d2c aliide - ok
20:10:49.0896 0x0d2c [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:10:49.0896 0x0d2c amdagp - ok
20:10:49.0912 0x0d2c [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:10:49.0912 0x0d2c amdide - ok
20:10:49.0927 0x0d2c [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:10:49.0927 0x0d2c AmdK8 - ok
20:10:49.0943 0x0d2c [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:10:49.0943 0x0d2c AmdPPM - ok
20:10:49.0974 0x0d2c [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:10:49.0974 0x0d2c amdsata - ok
20:10:49.0990 0x0d2c [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:10:49.0990 0x0d2c amdsbs - ok
20:10:50.0005 0x0d2c [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:10:50.0005 0x0d2c amdxata - ok
20:10:50.0036 0x0d2c [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:10:50.0036 0x0d2c AppID - ok
20:10:50.0052 0x0d2c [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:10:50.0068 0x0d2c AppIDSvc - ok
20:10:50.0099 0x0d2c [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
20:10:50.0099 0x0d2c Appinfo - ok
20:10:50.0161 0x0d2c [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:10:50.0177 0x0d2c Apple Mobile Device - ok
20:10:50.0224 0x0d2c [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:10:50.0224 0x0d2c arc - ok
20:10:50.0255 0x0d2c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:10:50.0255 0x0d2c arcsas - ok
20:10:50.0286 0x0d2c [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:10:50.0286 0x0d2c AsyncMac - ok
20:10:50.0333 0x0d2c [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:10:50.0333 0x0d2c atapi - ok
20:10:50.0380 0x0d2c [ 0EC9C66DAB2C69E5484E3E3400C5BFF4 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:10:50.0380 0x0d2c AthBTPort - ok
20:10:50.0458 0x0d2c [ FF18F1868EFF449D51BA35E67BA1CC52 ] AtherosSvc C:\Program Files\Bluetooth Suite\adminservice.exe
20:10:50.0458 0x0d2c AtherosSvc - ok
20:10:50.0598 0x0d2c [ 8309BF4D39DAA99E5035B58C7B1533D9 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:10:50.0629 0x0d2c athr - ok
20:10:50.0723 0x0d2c [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:10:50.0738 0x0d2c AudioEndpointBuilder - ok
20:10:50.0801 0x0d2c [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:10:50.0801 0x0d2c Audiosrv - ok
20:10:50.0832 0x0d2c [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:10:50.0832 0x0d2c AxInstSV - ok
20:10:50.0894 0x0d2c [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:10:50.0894 0x0d2c b06bdrv - ok
20:10:50.0926 0x0d2c [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:10:50.0941 0x0d2c b57nd60x - ok
20:10:51.0004 0x0d2c [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:10:51.0004 0x0d2c BDESVC - ok
20:10:51.0035 0x0d2c [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:10:51.0035 0x0d2c Beep - ok
20:10:51.0082 0x0d2c [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:10:51.0082 0x0d2c BFE - ok
20:10:51.0128 0x0d2c [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:10:51.0144 0x0d2c BITS - ok
20:10:51.0191 0x0d2c [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:10:51.0191 0x0d2c blbdrive - ok
20:10:51.0253 0x0d2c [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:10:51.0253 0x0d2c Bonjour Service - ok
20:10:51.0300 0x0d2c [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:10:51.0300 0x0d2c bowser - ok
20:10:51.0331 0x0d2c [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:10:51.0331 0x0d2c BrFiltLo - ok
20:10:51.0347 0x0d2c [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:10:51.0347 0x0d2c BrFiltUp - ok
20:10:51.0378 0x0d2c [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:10:51.0394 0x0d2c Browser - ok
20:10:51.0425 0x0d2c [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:10:51.0425 0x0d2c Brserid - ok
20:10:51.0440 0x0d2c [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:10:51.0440 0x0d2c BrSerWdm - ok
20:10:51.0472 0x0d2c [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:10:51.0472 0x0d2c BrUsbMdm - ok
20:10:51.0503 0x0d2c [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:10:51.0503 0x0d2c BrUsbSer - ok
20:10:51.0565 0x0d2c [ 5708B8F128A524553E03D1520B536FE2 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:10:51.0565 0x0d2c BTATH_A2DP - ok
20:10:51.0612 0x0d2c [ 9F6C5D94048148D10A713FB08992D535 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
20:10:51.0612 0x0d2c btath_avdt - ok
20:10:51.0659 0x0d2c [ C32FB5FDE56302258C2A44A57116979F ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
20:10:51.0659 0x0d2c BTATH_BUS - ok
20:10:51.0690 0x0d2c [ F7A1B8334EF7D99EA9D894D995553D3E ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:10:51.0706 0x0d2c BTATH_HCRP - ok
20:10:51.0752 0x0d2c [ 03F0F96D729B47EBFE5BBC8842C74DBD ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:10:51.0752 0x0d2c BTATH_LWFLT - ok
20:10:51.0799 0x0d2c [ 92A08096BF01937847063D43CDB72F2A ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
20:10:51.0815 0x0d2c BTATH_RCP - ok
20:10:51.0877 0x0d2c [ 3195B198153FF53874B5D539F1F618B4 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:10:51.0877 0x0d2c BtFilter - ok
20:10:51.0940 0x0d2c [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:10:51.0940 0x0d2c BthEnum - ok
20:10:51.0971 0x0d2c [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:10:51.0971 0x0d2c BTHMODEM - ok
20:10:52.0018 0x0d2c [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:10:52.0018 0x0d2c BthPan - ok
20:10:52.0049 0x0d2c [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:10:52.0064 0x0d2c BTHPORT - ok
20:10:52.0096 0x0d2c [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:10:52.0111 0x0d2c bthserv - ok
20:10:52.0142 0x0d2c [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:10:52.0142 0x0d2c BTHUSB - ok
20:10:52.0174 0x0d2c [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:10:52.0174 0x0d2c cdfs - ok
20:10:52.0220 0x0d2c [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:10:52.0220 0x0d2c cdrom - ok
20:10:52.0252 0x0d2c [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:10:52.0252 0x0d2c CertPropSvc - ok
20:10:52.0283 0x0d2c [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:10:52.0283 0x0d2c circlass - ok
20:10:52.0298 0x0d2c [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:10:52.0314 0x0d2c CLFS - ok
20:10:52.0408 0x0d2c [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:10:52.0408 0x0d2c clr_optimization_v2.0.50727_32 - ok
20:10:52.0501 0x0d2c [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:10:52.0517 0x0d2c clr_optimization_v4.0.30319_32 - ok
20:10:52.0548 0x0d2c [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:10:52.0548 0x0d2c CmBatt - ok
20:10:52.0579 0x0d2c [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:10:52.0579 0x0d2c cmdide - ok
20:10:52.0626 0x0d2c [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:10:52.0642 0x0d2c CNG - ok
20:10:52.0673 0x0d2c [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:10:52.0673 0x0d2c Compbatt - ok
20:10:52.0704 0x0d2c [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:10:52.0704 0x0d2c CompositeBus - ok
20:10:52.0735 0x0d2c COMSysApp - ok
20:10:52.0766 0x0d2c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:10:52.0766 0x0d2c crcdisk - ok
20:10:52.0876 0x0d2c [ 2C53AB51F07EF7B58D32C36D8F2F8C16 ] CronService C:\Prey\platform\windows\cronsvc.exe
20:10:52.0876 0x0d2c CronService - ok
20:10:52.0922 0x0d2c [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:10:52.0938 0x0d2c CryptSvc - ok
20:10:53.0063 0x0d2c [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:10:53.0094 0x0d2c cvhsvc - ok
20:10:53.0141 0x0d2c [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:10:53.0156 0x0d2c DcomLaunch - ok
20:10:53.0203 0x0d2c [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:10:53.0203 0x0d2c defragsvc - ok
20:10:53.0234 0x0d2c [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:10:53.0234 0x0d2c DfsC - ok
20:10:53.0281 0x0d2c [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:10:53.0281 0x0d2c Dhcp - ok
20:10:53.0312 0x0d2c [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:10:53.0312 0x0d2c discache - ok
20:10:53.0344 0x0d2c [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:10:53.0344 0x0d2c Disk - ok
20:10:53.0375 0x0d2c [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:10:53.0375 0x0d2c Dnscache - ok
20:10:53.0406 0x0d2c [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:10:53.0406 0x0d2c dot3svc - ok
20:10:53.0437 0x0d2c [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:10:53.0437 0x0d2c DPS - ok
20:10:53.0453 0x0d2c [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:10:53.0453 0x0d2c drmkaud - ok
20:10:53.0515 0x0d2c [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files\Launch Manager\dsiwmis.exe
20:10:53.0531 0x0d2c DsiWMIService - ok
20:10:53.0578 0x0d2c [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:10:53.0578 0x0d2c dtsoftbus01 - ok
20:10:53.0640 0x0d2c [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:10:53.0656 0x0d2c DXGKrnl - ok
20:10:53.0687 0x0d2c [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:10:53.0687 0x0d2c EapHost - ok
20:10:53.0843 0x0d2c [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:10:53.0890 0x0d2c ebdrv - ok
20:10:53.0921 0x0d2c [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:10:53.0921 0x0d2c EFS - ok
20:10:53.0968 0x0d2c [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
20:10:53.0968 0x0d2c EgisTec Ticket Service - ok
20:10:54.0014 0x0d2c [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:10:54.0014 0x0d2c elxstor - ok
20:10:54.0108 0x0d2c [ 81ECBF63B68F07DAA1185612F00FEBA1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:10:54.0124 0x0d2c ePowerSvc - ok
20:10:54.0139 0x0d2c [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:10:54.0139 0x0d2c ErrDev - ok
20:10:54.0233 0x0d2c [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:10:54.0233 0x0d2c EventSystem - ok
20:10:54.0264 0x0d2c [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:10:54.0264 0x0d2c exfat - ok
20:10:54.0311 0x0d2c [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:10:54.0326 0x0d2c fastfat - ok
20:10:54.0373 0x0d2c [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:10:54.0389 0x0d2c Fax - ok
20:10:54.0404 0x0d2c [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
20:10:54.0404 0x0d2c fdc - ok
20:10:54.0436 0x0d2c [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:10:54.0436 0x0d2c fdPHost - ok
20:10:54.0467 0x0d2c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:10:54.0467 0x0d2c FDResPub - ok
20:10:54.0498 0x0d2c [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:10:54.0498 0x0d2c FileInfo - ok
20:10:54.0529 0x0d2c [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:10:54.0529 0x0d2c Filetrace - ok
20:10:54.0545 0x0d2c [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:10:54.0545 0x0d2c flpydisk - ok
20:10:54.0576 0x0d2c [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:10:54.0576 0x0d2c FltMgr - ok
20:10:54.0638 0x0d2c [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
20:10:54.0654 0x0d2c FontCache - ok
20:10:54.0701 0x0d2c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:10:54.0701 0x0d2c FontCache3.0.0.0 - ok
20:10:54.0732 0x0d2c [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:10:54.0732 0x0d2c FsDepends - ok
20:10:54.0779 0x0d2c [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:10:54.0779 0x0d2c Fs_Rec - ok
20:10:54.0826 0x0d2c [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:10:54.0826 0x0d2c fvevol - ok
20:10:54.0857 0x0d2c [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:10:54.0857 0x0d2c gagp30kx - ok
20:10:54.0904 0x0d2c [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:10:54.0904 0x0d2c GEARAspiWDM - ok
20:10:54.0950 0x0d2c [ 035EAF9A18B84F9560984BCF41F52E99 ] gfiark C:\Windows\system32\drivers\gfiark.sys
20:10:54.0950 0x0d2c gfiark - ok
20:10:55.0028 0x0d2c [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:10:55.0044 0x0d2c gpsvc - ok
20:10:55.0106 0x0d2c [ 32096F187020A54D29C95B3A1467D963 ] GREGService C:\Program Files\Acer\Registration\GREGsvc.exe
20:10:55.0106 0x0d2c GREGService - ok
20:10:55.0200 0x0d2c [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:10:55.0200 0x0d2c gupdate - ok
20:10:55.0231 0x0d2c [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:10:55.0231 0x0d2c gupdatem - ok
20:10:55.0278 0x0d2c [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:10:55.0278 0x0d2c hcw85cir - ok
20:10:55.0325 0x0d2c [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:10:55.0325 0x0d2c HdAudAddService - ok
20:10:55.0356 0x0d2c [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:10:55.0356 0x0d2c HDAudBus - ok
20:10:55.0372 0x0d2c [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:10:55.0372 0x0d2c HidBatt - ok
20:10:55.0387 0x0d2c [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:10:55.0387 0x0d2c HidBth - ok
20:10:55.0403 0x0d2c [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:10:55.0418 0x0d2c HidIr - ok
20:10:55.0450 0x0d2c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:10:55.0450 0x0d2c hidserv - ok
20:10:55.0481 0x0d2c [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:10:55.0481 0x0d2c HidUsb - ok
20:10:55.0496 0x0d2c [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:10:55.0512 0x0d2c hkmsvc - ok
20:10:55.0574 0x0d2c [ CEAF89A631C5C78EC26BA15DD888FD52 ] hola_net C:\Windows\system32\DRIVERS\hola_net.sys
20:10:55.0574 0x0d2c hola_net - ok
20:10:55.0606 0x0d2c [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:10:55.0621 0x0d2c HomeGroupListener - ok
20:10:55.0652 0x0d2c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:10:55.0652 0x0d2c HomeGroupProvider - ok
20:10:55.0715 0x0d2c [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:10:55.0715 0x0d2c HpSAMD - ok
20:10:55.0746 0x0d2c [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:10:55.0762 0x0d2c HTTP - ok
20:10:55.0777 0x0d2c [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:10:55.0777 0x0d2c hwpolicy - ok
20:10:55.0824 0x0d2c [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:10:55.0824 0x0d2c i8042prt - ok
20:10:55.0855 0x0d2c [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:10:55.0871 0x0d2c iaStor - ok
20:10:55.0933 0x0d2c [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:10:55.0933 0x0d2c IAStorDataMgrSvc - ok
20:10:55.0996 0x0d2c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:10:55.0996 0x0d2c iaStorV - ok
20:10:56.0120 0x0d2c [ 0DFFBA5AE3D2E1C076BD8E6F52C4FDFB ] IconMan_R C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:10:56.0136 0x0d2c IconMan_R - ok
20:10:56.0198 0x0d2c [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:10:56.0214 0x0d2c idsvc - ok
20:10:56.0292 0x0d2c [ 96FE1D82D1B4420D350AB6493C6FCE41 ] igddim32 C:\Windows\system32\DRIVERS\igddim32.sys
20:10:56.0323 0x0d2c igddim32 - ok
20:10:56.0354 0x0d2c [ 30D8327539E11CFE5006BCF762F07EB9 ] igdkmd32 C:\Windows\system32\DRIVERS\igdkmd32.sys
20:10:56.0354 0x0d2c igdkmd32 - ok
20:10:56.0417 0x0d2c [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:10:56.0417 0x0d2c iirsp - ok
20:10:56.0464 0x0d2c [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:10:56.0479 0x0d2c IKEEXT - ok
20:10:56.0666 0x0d2c [ 303129C4432D58DE0A56CF6F25512956 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:10:56.0713 0x0d2c IntcAzAudAddService - ok
20:10:56.0776 0x0d2c [ 8F4D251F1EA15FA97E8399128A72CC83 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:10:56.0776 0x0d2c IntcDAud - ok
20:10:56.0807 0x0d2c [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:10:56.0807 0x0d2c intelide - ok
20:10:56.0838 0x0d2c [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:10:56.0838 0x0d2c intelppm - ok
20:10:56.0885 0x0d2c [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:10:56.0885 0x0d2c IPBusEnum - ok
20:10:56.0900 0x0d2c [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:10:56.0900 0x0d2c IpFilterDriver - ok
20:10:56.0947 0x0d2c [ 58F67245D041FBE7AF88F4EAF79DF0FA ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
20:10:56.0963 0x0d2c IpHlpSvc - ok
20:10:56.0963 0x0d2c [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:10:56.0963 0x0d2c IPMIDRV - ok
20:10:56.0978 0x0d2c [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:10:56.0978 0x0d2c IPNAT - ok
20:10:57.0056 0x0d2c [ D8B8B5A8FE57CF4F307A540D9A153C23 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:10:57.0072 0x0d2c iPod Service - ok
20:10:57.0119 0x0d2c [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:10:57.0119 0x0d2c IRENUM - ok
20:10:57.0150 0x0d2c [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:10:57.0150 0x0d2c isapnp - ok
20:10:57.0181 0x0d2c [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:10:57.0181 0x0d2c iScsiPrt - ok
20:10:57.0212 0x0d2c [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:10:57.0212 0x0d2c kbdclass - ok
20:10:57.0244 0x0d2c [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:10:57.0244 0x0d2c kbdhid - ok
20:10:57.0259 0x0d2c [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:10:57.0259 0x0d2c KeyIso - ok
20:10:57.0290 0x0d2c [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:10:57.0290 0x0d2c KSecDD - ok
20:10:57.0322 0x0d2c [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:10:57.0322 0x0d2c KSecPkg - ok
20:10:57.0368 0x0d2c [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:10:57.0384 0x0d2c KtmRm - ok
20:10:57.0431 0x0d2c [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:10:57.0446 0x0d2c LanmanServer - ok
20:10:57.0478 0x0d2c [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:10:57.0493 0x0d2c LanmanWorkstation - ok
20:10:57.0540 0x0d2c [ 6BB516A31DE232DAB436FF3A117E1E80 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:10:57.0540 0x0d2c Live Updater Service - ok
20:10:57.0587 0x0d2c [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:10:57.0587 0x0d2c lltdio - ok
20:10:57.0618 0x0d2c [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:10:57.0634 0x0d2c lltdsvc - ok
20:10:57.0649 0x0d2c [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:10:57.0665 0x0d2c lmhosts - ok
20:10:57.0665 0x0d2c lpncstkd - ok
20:10:57.0727 0x0d2c [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:10:57.0727 0x0d2c LSI_FC - ok
20:10:57.0743 0x0d2c [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:10:57.0743 0x0d2c LSI_SAS - ok
20:10:57.0758 0x0d2c [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:10:57.0758 0x0d2c LSI_SAS2 - ok
20:10:57.0774 0x0d2c [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:10:57.0774 0x0d2c LSI_SCSI - ok
20:10:57.0821 0x0d2c [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:10:57.0821 0x0d2c luafv - ok
20:10:57.0852 0x0d2c [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:10:57.0852 0x0d2c megasas - ok
20:10:57.0883 0x0d2c [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:10:57.0899 0x0d2c MegaSR - ok
20:10:58.0133 0x0d2c Microsoft SharePoint Workspace Audit Service - ok
20:10:58.0164 0x0d2c [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:10:58.0180 0x0d2c MMCSS - ok
20:10:58.0226 0x0d2c [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:10:58.0226 0x0d2c Modem - ok
20:10:58.0273 0x0d2c [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:10:58.0273 0x0d2c monitor - ok
20:10:58.0304 0x0d2c [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:10:58.0304 0x0d2c mouclass - ok
20:10:58.0336 0x0d2c [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:10:58.0336 0x0d2c mouhid - ok
20:10:58.0351 0x0d2c [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:10:58.0351 0x0d2c mountmgr - ok
20:10:58.0398 0x0d2c [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:10:58.0398 0x0d2c MpFilter - ok
20:10:58.0429 0x0d2c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:10:58.0429 0x0d2c mpio - ok
20:10:58.0460 0x0d2c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:10:58.0460 0x0d2c mpsdrv - ok
20:10:58.0507 0x0d2c [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:10:58.0523 0x0d2c MpsSvc - ok
20:10:58.0538 0x0d2c [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:10:58.0538 0x0d2c MRxDAV - ok
20:10:58.0570 0x0d2c [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:10:58.0570 0x0d2c mrxsmb - ok
20:10:58.0601 0x0d2c [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:10:58.0601 0x0d2c mrxsmb10 - ok
20:10:58.0616 0x0d2c [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:10:58.0616 0x0d2c mrxsmb20 - ok
20:10:58.0632 0x0d2c [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:10:58.0632 0x0d2c msahci - ok
20:10:58.0648 0x0d2c [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:10:58.0648 0x0d2c msdsm - ok
20:10:58.0679 0x0d2c [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:10:58.0679 0x0d2c MSDTC - ok
20:10:58.0726 0x0d2c [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:10:58.0726 0x0d2c Msfs - ok
20:10:58.0741 0x0d2c [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:10:58.0741 0x0d2c mshidkmdf - ok
20:10:58.0757 0x0d2c [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:10:58.0772 0x0d2c msisadrv - ok
20:10:58.0819 0x0d2c [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:10:58.0819 0x0d2c MSiSCSI - ok
20:10:58.0819 0x0d2c msiserver - ok
20:10:58.0866 0x0d2c [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:10:58.0866 0x0d2c MSKSSRV - ok
20:10:58.0913 0x0d2c MsMpSvc - ok
20:10:58.0960 0x0d2c [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:10:58.0960 0x0d2c MSPCLOCK - ok
20:10:58.0991 0x0d2c [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:10:58.0991 0x0d2c MSPQM - ok
20:10:59.0053 0x0d2c [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:10:59.0053 0x0d2c MsRPC - ok
20:10:59.0116 0x0d2c [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:10:59.0116 0x0d2c mssmbios - ok
20:10:59.0131 0x0d2c [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:10:59.0131 0x0d2c MSTEE - ok
20:10:59.0147 0x0d2c [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:10:59.0147 0x0d2c MTConfig - ok
20:10:59.0194 0x0d2c [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:10:59.0194 0x0d2c Mup - ok
20:10:59.0209 0x0d2c [ 383379F94280E5CCE2C563711FD17F43 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:10:59.0225 0x0d2c mwlPSDFilter - ok
20:10:59.0256 0x0d2c [ 9DDF22CFFACFE91FB60336276A2F2524 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:10:59.0256 0x0d2c mwlPSDNServ - ok
20:10:59.0272 0x0d2c [ 755B8CEFEC291F42CDC560A68CDDE6EF ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:10:59.0272 0x0d2c mwlPSDVDisk - ok
20:10:59.0318 0x0d2c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:10:59.0334 0x0d2c napagent - ok
20:10:59.0365 0x0d2c [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:10:59.0365 0x0d2c NativeWifiP - ok
20:10:59.0428 0x0d2c [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:10:59.0443 0x0d2c NDIS - ok
20:10:59.0459 0x0d2c [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:10:59.0459 0x0d2c NdisCap - ok
20:10:59.0490 0x0d2c [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:10:59.0490 0x0d2c NdisTapi - ok
20:10:59.0506 0x0d2c [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:10:59.0521 0x0d2c Ndisuio - ok
20:10:59.0537 0x0d2c [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:10:59.0537 0x0d2c NdisWan - ok
20:10:59.0552 0x0d2c [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:10:59.0552 0x0d2c NDProxy - ok
20:10:59.0584 0x0d2c [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:10:59.0584 0x0d2c NetBIOS - ok
20:10:59.0599 0x0d2c [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:10:59.0599 0x0d2c NetBT - ok
20:10:59.0630 0x0d2c [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:10:59.0630 0x0d2c Netlogon - ok
20:10:59.0693 0x0d2c [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:10:59.0693 0x0d2c Netman - ok
20:10:59.0708 0x0d2c [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:10:59.0724 0x0d2c netprofm - ok
20:10:59.0755 0x0d2c [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:10:59.0771 0x0d2c NetTcpPortSharing - ok
20:10:59.0818 0x0d2c [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:10:59.0818 0x0d2c nfrd960 - ok
20:10:59.0864 0x0d2c [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:10:59.0864 0x0d2c NisDrv - ok
20:10:59.0864 0x0d2c NisSrv - ok
20:11:00.0052 0x0d2c [ D10C1F16AAA5EBE1616C9DB7EEF022BA ] NitroDriverReadSpool8 C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
20:11:00.0067 0x0d2c NitroDriverReadSpool8 - ok
20:11:00.0130 0x0d2c [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:11:00.0130 0x0d2c NlaSvc - ok
20:11:00.0208 0x0d2c [ 43436B5756A45EA11D274B3983204095 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
20:11:00.0208 0x0d2c nlsX86cc - ok
20:11:00.0332 0x0d2c [ A634584C506F2C82680039371AA1772C ] NOBU C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
20:11:00.0364 0x0d2c NOBU - ok
20:11:00.0395 0x0d2c [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:11:00.0395 0x0d2c Npfs - ok
20:11:00.0426 0x0d2c [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:11:00.0426 0x0d2c nsi - ok
20:11:00.0457 0x0d2c [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:11:00.0457 0x0d2c nsiproxy - ok
20:11:00.0520 0x0d2c [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:11:00.0535 0x0d2c Ntfs - ok
20:11:00.0566 0x0d2c [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:11:00.0566 0x0d2c Null - ok
20:11:00.0598 0x0d2c [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:11:00.0598 0x0d2c nvraid - ok
20:11:00.0613 0x0d2c [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:11:00.0613 0x0d2c nvstor - ok
20:11:00.0629 0x0d2c [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:11:00.0629 0x0d2c nv_agp - ok
20:11:00.0644 0x0d2c [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:11:00.0660 0x0d2c ohci1394 - ok
20:11:00.0722 0x0d2c [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:11:00.0738 0x0d2c ose - ok
20:11:00.0910 0x0d2c [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:11:00.0972 0x0d2c osppsvc - ok
20:11:01.0019 0x0d2c [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:11:01.0019 0x0d2c p2pimsvc - ok
20:11:01.0066 0x0d2c [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:11:01.0081 0x0d2c p2psvc - ok
20:11:01.0112 0x0d2c [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
20:11:01.0112 0x0d2c Parport - ok
20:11:01.0144 0x0d2c [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:11:01.0144 0x0d2c partmgr - ok
20:11:01.0159 0x0d2c [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:11:01.0175 0x0d2c Parvdm - ok
20:11:01.0190 0x0d2c [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:11:01.0206 0x0d2c pci - ok
20:11:01.0206 0x0d2c [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:11:01.0222 0x0d2c pciide - ok
20:11:01.0237 0x0d2c [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:11:01.0237 0x0d2c pcmcia - ok
20:11:01.0253 0x0d2c [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:11:01.0268 0x0d2c pcw - ok
20:11:01.0315 0x0d2c [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:11:01.0315 0x0d2c PEAUTH - ok
20:11:01.0424 0x0d2c [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:11:01.0456 0x0d2c pla - ok
20:11:01.0487 0x0d2c [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:11:01.0502 0x0d2c PlugPlay - ok
20:11:01.0518 0x0d2c [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:11:01.0534 0x0d2c PNRPAutoReg - ok
20:11:01.0549 0x0d2c [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:11:01.0565 0x0d2c PNRPsvc - ok
20:11:01.0596 0x0d2c [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:11:01.0596 0x0d2c Power - ok
20:11:01.0643 0x0d2c [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:11:01.0643 0x0d2c PptpMiniport - ok
20:11:01.0658 0x0d2c [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:11:01.0658 0x0d2c Processor - ok
20:11:01.0705 0x0d2c [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:11:01.0705 0x0d2c ProfSvc - ok
20:11:01.0721 0x0d2c [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:11:01.0736 0x0d2c ProtectedStorage - ok
20:11:01.0752 0x0d2c [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:11:01.0752 0x0d2c Psched - ok
20:11:01.0799 0x0d2c [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:11:01.0830 0x0d2c ql2300 - ok
20:11:01.0830 0x0d2c [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:11:01.0846 0x0d2c ql40xx - ok
20:11:01.0877 0x0d2c [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:11:01.0892 0x0d2c QWAVE - ok
20:11:01.0908 0x0d2c [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:11:01.0908 0x0d2c QWAVEdrv - ok
20:11:01.0924 0x0d2c [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:11:01.0924 0x0d2c RasAcd - ok
20:11:01.0955 0x0d2c [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:11:01.0955 0x0d2c RasAgileVpn - ok
20:11:01.0970 0x0d2c [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:11:01.0986 0x0d2c RasAuto - ok
20:11:02.0002 0x0d2c [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:11:02.0002 0x0d2c Rasl2tp - ok
20:11:02.0048 0x0d2c [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:11:02.0048 0x0d2c RasMan - ok
20:11:02.0080 0x0d2c [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:11:02.0080 0x0d2c RasPppoe - ok
20:11:02.0111 0x0d2c [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:11:02.0111 0x0d2c RasSstp - ok
20:11:02.0126 0x0d2c [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:11:02.0142 0x0d2c rdbss - ok
20:11:02.0158 0x0d2c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:11:02.0158 0x0d2c rdpbus - ok
20:11:02.0189 0x0d2c [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:11:02.0189 0x0d2c RDPCDD - ok
20:11:02.0236 0x0d2c [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:11:02.0236 0x0d2c RDPENCDD - ok
20:11:02.0251 0x0d2c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:11:02.0251 0x0d2c RDPREFMP - ok
20:11:02.0267 0x0d2c [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:11:02.0267 0x0d2c RDPWD - ok
20:11:02.0298 0x0d2c [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:11:02.0314 0x0d2c rdyboost - ok
20:11:02.0345 0x0d2c [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:11:02.0345 0x0d2c RemoteRegistry - ok
20:11:02.0376 0x0d2c [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:11:02.0392 0x0d2c RFCOMM - ok
20:11:02.0454 0x0d2c [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
20:11:02.0454 0x0d2c RimUsb - ok
20:11:02.0501 0x0d2c [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:11:02.0501 0x0d2c RpcEptMapper - ok
20:11:02.0532 0x0d2c [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:11:02.0548 0x0d2c RpcLocator - ok
20:11:02.0563 0x0d2c [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:11:02.0579 0x0d2c RpcSs - ok
20:11:02.0626 0x0d2c [ 683B328B077D21F06E18C426DBAC0616 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:11:02.0626 0x0d2c RSPCIESTOR - ok
20:11:02.0672 0x0d2c [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:11:02.0672 0x0d2c rspndr - ok
20:11:02.0735 0x0d2c [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
20:11:02.0750 0x0d2c RS_Service - ok
20:11:02.0813 0x0d2c [ 6A2586DCB5B04A52404699EB325DF1DB ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
20:11:02.0828 0x0d2c RTL8167 - ok
20:11:02.0844 0x0d2c [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:11:02.0860 0x0d2c SamSs - ok
20:11:02.0891 0x0d2c [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:11:02.0891 0x0d2c sbp2port - ok
20:11:02.0922 0x0d2c [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:11:02.0938 0x0d2c SCardSvr - ok
20:11:02.0969 0x0d2c [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:11:02.0969 0x0d2c scfilter - ok
20:11:03.0016 0x0d2c [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:11:03.0031 0x0d2c Schedule - ok
20:11:03.0062 0x0d2c [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:11:03.0062 0x0d2c SCPolicySvc - ok
20:11:03.0094 0x0d2c [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:11:03.0094 0x0d2c SDRSVC - ok
20:11:03.0125 0x0d2c [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:11:03.0125 0x0d2c secdrv - ok
20:11:03.0140 0x0d2c [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:11:03.0156 0x0d2c seclogon - ok
20:11:03.0187 0x0d2c [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:11:03.0187 0x0d2c SENS - ok
20:11:03.0203 0x0d2c [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:11:03.0203 0x0d2c SensrSvc - ok
20:11:03.0234 0x0d2c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:11:03.0234 0x0d2c Serenum - ok
20:11:03.0250 0x0d2c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
20:11:03.0250 0x0d2c Serial - ok
20:11:03.0265 0x0d2c [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:11:03.0265 0x0d2c sermouse - ok
20:11:03.0312 0x0d2c [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:11:03.0328 0x0d2c SessionEnv - ok
20:11:03.0328 0x0d2c [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:11:03.0343 0x0d2c sffdisk - ok
20:11:03.0343 0x0d2c [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:11:03.0343 0x0d2c sffp_mmc - ok
20:11:03.0374 0x0d2c [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:11:03.0374 0x0d2c sffp_sd - ok
20:11:03.0374 0x0d2c [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:11:03.0390 0x0d2c sfloppy - ok
20:11:03.0437 0x0d2c [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:11:03.0452 0x0d2c Sftfs - ok
20:11:03.0499 0x0d2c [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
20:11:03.0515 0x0d2c sftlist - ok
20:11:03.0530 0x0d2c [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:11:03.0546 0x0d2c Sftplay - ok
20:11:03.0577 0x0d2c [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:11:03.0577 0x0d2c Sftredir - ok
20:11:03.0593 0x0d2c [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:11:03.0593 0x0d2c Sftvol - ok
20:11:03.0624 0x0d2c [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
20:11:03.0624 0x0d2c sftvsa - ok
20:11:03.0671 0x0d2c [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:11:03.0671 0x0d2c SharedAccess - ok
20:11:03.0718 0x0d2c [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:11:03.0718 0x0d2c ShellHWDetection - ok
20:11:03.0749 0x0d2c [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:11:03.0764 0x0d2c sisagp - ok
20:11:03.0780 0x0d2c [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:11:03.0780 0x0d2c SiSRaid2 - ok
20:11:03.0811 0x0d2c [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:11:03.0811 0x0d2c SiSRaid4 - ok
20:11:03.0858 0x0d2c [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:11:03.0858 0x0d2c SkypeUpdate - ok
20:11:03.0874 0x0d2c [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:11:03.0889 0x0d2c Smb - ok
20:11:03.0936 0x0d2c [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:11:03.0952 0x0d2c SNMPTRAP - ok
20:11:03.0983 0x0d2c [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:11:03.0983 0x0d2c spldr - ok
20:11:04.0030 0x0d2c [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:11:04.0030 0x0d2c Spooler - ok
20:11:04.0139 0x0d2c [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:11:04.0186 0x0d2c sppsvc - ok
20:11:04.0217 0x0d2c [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:11:04.0217 0x0d2c sppuinotify - ok
20:11:04.0248 0x0d2c [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:11:04.0264 0x0d2c srv - ok
20:11:04.0279 0x0d2c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:11:04.0295 0x0d2c srv2 - ok
20:11:04.0310 0x0d2c [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:11:04.0310 0x0d2c srvnet - ok
20:11:04.0373 0x0d2c [ 6A09C136CF33547820CB963E4D5AAF9E ] SSCBFS3 C:\Windows\system32\DRIVERS\sscbfs3.sys
20:11:04.0388 0x0d2c SSCBFS3 - ok
20:11:04.0435 0x0d2c [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:11:04.0435 0x0d2c SSDPSRV - ok
20:11:04.0482 0x0d2c [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:11:04.0498 0x0d2c SstpSvc - ok
20:11:04.0544 0x0d2c [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:11:04.0544 0x0d2c stexstor - ok
20:11:04.0591 0x0d2c [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:11:04.0591 0x0d2c StiSvc - ok
20:11:04.0654 0x0d2c [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:11:04.0654 0x0d2c swenum - ok
20:11:04.0716 0x0d2c [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:11:04.0732 0x0d2c swprv - ok
20:11:04.0856 0x0d2c [ 31B6B2D25FCFF1B71AE225000D656CD0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:11:04.0888 0x0d2c SynTP - ok
20:11:04.0934 0x0d2c [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:11:04.0950 0x0d2c SysMain - ok
20:11:04.0966 0x0d2c [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:11:04.0981 0x0d2c TabletInputService - ok
20:11:05.0012 0x0d2c [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:11:05.0012 0x0d2c TapiSrv - ok
20:11:05.0059 0x0d2c [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:11:05.0059 0x0d2c TBS - ok
20:11:05.0137 0x0d2c [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:11:05.0153 0x0d2c Tcpip - ok
20:11:05.0231 0x0d2c [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:11:05.0262 0x0d2c TCPIP6 - ok
20:11:05.0293 0x0d2c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:11:05.0293 0x0d2c tcpipreg - ok
20:11:05.0340 0x0d2c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:11:05.0340 0x0d2c TDPIPE - ok
20:11:05.0356 0x0d2c [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:11:05.0356 0x0d2c TDTCP - ok
20:11:05.0387 0x0d2c [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:11:05.0402 0x0d2c tdx - ok
20:11:05.0434 0x0d2c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:11:05.0434 0x0d2c TermDD - ok
20:11:05.0480 0x0d2c [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:11:05.0496 0x0d2c TermService - ok
20:11:05.0527 0x0d2c [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:11:05.0543 0x0d2c Themes - ok
20:11:05.0558 0x0d2c [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:11:05.0558 0x0d2c THREADORDER - ok
20:11:05.0590 0x0d2c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:11:05.0605 0x0d2c TrkWks - ok
20:11:05.0652 0x0d2c [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:11:05.0652 0x0d2c TrustedInstaller - ok
20:11:05.0699 0x0d2c [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:11:05.0699 0x0d2c tssecsrv - ok
20:11:05.0730 0x0d2c [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:11:05.0730 0x0d2c TsUsbFlt - ok
20:11:05.0761 0x0d2c [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:11:05.0761 0x0d2c TsUsbGD - ok
20:11:05.0824 0x0d2c [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:11:05.0824 0x0d2c tunnel - ok
20:11:05.0839 0x0d2c [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:11:05.0839 0x0d2c uagp35 - ok
20:11:05.0870 0x0d2c [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:11:05.0870 0x0d2c udfs - ok
20:11:05.0902 0x0d2c [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:11:05.0917 0x0d2c UI0Detect - ok
20:11:05.0933 0x0d2c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:11:05.0948 0x0d2c uliagpkx - ok
20:11:05.0980 0x0d2c [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:11:05.0980 0x0d2c umbus - ok
20:11:05.0995 0x0d2c [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:11:05.0995 0x0d2c UmPass - ok
20:11:06.0011 0x0d2c [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:11:06.0026 0x0d2c upnphost - ok
20:11:06.0042 0x0d2c [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:11:06.0058 0x0d2c usbccgp - ok
20:11:06.0073 0x0d2c [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:11:06.0073 0x0d2c usbcir - ok
20:11:06.0104 0x0d2c [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:11:06.0104 0x0d2c usbehci - ok
20:11:06.0136 0x0d2c [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:11:06.0136 0x0d2c usbhub - ok
20:11:06.0151 0x0d2c [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:11:06.0151 0x0d2c usbohci - ok
20:11:06.0182 0x0d2c [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:11:06.0182 0x0d2c usbprint - ok
20:11:06.0214 0x0d2c [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:11:06.0229 0x0d2c USBSTOR - ok
20:11:06.0245 0x0d2c [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:11:06.0245 0x0d2c usbuhci - ok
20:11:06.0292 0x0d2c [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:11:06.0292 0x0d2c usbvideo - ok
20:11:06.0323 0x0d2c [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:11:06.0323 0x0d2c UxSms - ok
20:11:06.0354 0x0d2c [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:11:06.0354 0x0d2c VaultSvc - ok
20:11:06.0385 0x0d2c [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:11:06.0385 0x0d2c vdrvroot - ok
20:11:06.0416 0x0d2c [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:11:06.0432 0x0d2c vds - ok
20:11:06.0448 0x0d2c [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:11:06.0448 0x0d2c vga - ok
20:11:06.0479 0x0d2c [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:11:06.0479 0x0d2c VgaSave - ok
20:11:06.0494 0x0d2c [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:11:06.0494 0x0d2c vhdmp - ok
20:11:06.0510 0x0d2c [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:11:06.0510 0x0d2c viaagp - ok
20:11:06.0526 0x0d2c [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:11:06.0526 0x0d2c ViaC7 - ok
20:11:06.0541 0x0d2c [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:11:06.0541 0x0d2c viaide - ok
20:11:06.0572 0x0d2c [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:11:06.0572 0x0d2c volmgr - ok
20:11:06.0588 0x0d2c [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:11:06.0604 0x0d2c volmgrx - ok
20:11:06.0619 0x0d2c [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:11:06.0635 0x0d2c volsnap - ok
20:11:06.0666 0x0d2c [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:11:06.0666 0x0d2c vsmraid - ok
20:11:06.0728 0x0d2c [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:11:06.0775 0x0d2c VSS - ok
20:11:06.0806 0x0d2c [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:11:06.0806 0x0d2c vwifibus - ok
20:11:06.0838 0x0d2c [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:11:06.0838 0x0d2c vwififlt - ok
20:11:06.0869 0x0d2c [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:11:06.0884 0x0d2c W32Time - ok
20:11:06.0900 0x0d2c [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:11:06.0900 0x0d2c WacomPen - ok
20:11:06.0931 0x0d2c [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:11:06.0931 0x0d2c WANARP - ok
20:11:06.0947 0x0d2c [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:11:06.0947 0x0d2c Wanarpv6 - ok
20:11:06.0994 0x0d2c [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:11:07.0009 0x0d2c wbengine - ok
20:11:07.0025 0x0d2c [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:11:07.0040 0x0d2c WbioSrvc - ok
20:11:07.0056 0x0d2c [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:11:07.0056 0x0d2c wcncsvc - ok
20:11:07.0087 0x0d2c [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:11:07.0087 0x0d2c WcsPlugInService - ok
20:11:07.0118 0x0d2c [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:11:07.0118 0x0d2c Wd - ok
20:11:07.0165 0x0d2c [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:11:07.0165 0x0d2c Wdf01000 - ok
20:11:07.0196 0x0d2c [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:11:07.0196 0x0d2c WdiServiceHost - ok
20:11:07.0212 0x0d2c [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:11:07.0212 0x0d2c WdiSystemHost - ok
20:11:07.0228 0x0d2c [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:11:07.0243 0x0d2c WebClient - ok
20:11:07.0259 0x0d2c [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:11:07.0259 0x0d2c Wecsvc - ok
20:11:07.0290 0x0d2c [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:11:07.0290 0x0d2c wercplsupport - ok
20:11:07.0321 0x0d2c [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:11:07.0321 0x0d2c WerSvc - ok
20:11:07.0368 0x0d2c [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:11:07.0368 0x0d2c WfpLwf - ok
20:11:07.0399 0x0d2c [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:11:07.0399 0x0d2c WIMMount - ok
20:11:07.0477 0x0d2c [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:11:07.0493 0x0d2c WinDefend - ok
20:11:07.0524 0x0d2c WinHttpAutoProxySvc - ok
20:11:07.0602 0x0d2c [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:11:07.0602 0x0d2c Winmgmt - ok
20:11:07.0664 0x0d2c [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:11:07.0680 0x0d2c WinRM - ok
20:11:07.0727 0x0d2c [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:11:07.0727 0x0d2c WinUsb - ok
20:11:07.0789 0x0d2c [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:11:07.0820 0x0d2c Wlansvc - ok
20:11:07.0883 0x0d2c [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:11:07.0883 0x0d2c wlcrasvc - ok
20:11:08.0023 0x0d2c [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:11:08.0054 0x0d2c wlidsvc - ok
20:11:08.0101 0x0d2c [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:11:08.0101 0x0d2c WmiAcpi - ok
20:11:08.0164 0x0d2c [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:11:08.0164 0x0d2c wmiApSrv - ok
20:11:08.0257 0x0d2c [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:11:08.0273 0x0d2c WMPNetworkSvc - ok
20:11:08.0304 0x0d2c [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:11:08.0304 0x0d2c WPCSvc - ok
20:11:08.0335 0x0d2c [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:11:08.0335 0x0d2c WPDBusEnum - ok
20:11:08.0366 0x0d2c [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:11:08.0366 0x0d2c ws2ifsl - ok
20:11:08.0398 0x0d2c [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:11:08.0398 0x0d2c wscsvc - ok
20:11:08.0413 0x0d2c WSearch - ok
20:11:08.0522 0x0d2c [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:11:08.0554 0x0d2c wuauserv - ok
20:11:08.0585 0x0d2c [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:11:08.0585 0x0d2c WudfPf - ok
20:11:08.0632 0x0d2c [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:11:08.0632 0x0d2c WUDFRd - ok
20:11:08.0663 0x0d2c [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:11:08.0663 0x0d2c wudfsvc - ok
20:11:08.0710 0x0d2c [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:11:08.0710 0x0d2c WwanSvc - ok
20:11:08.0819 0x0d2c [ D3B7598A8F41337B7303DD3D7F9ACC3F ] ‮etadpug C:\Program Files\Google\Desktop\Install\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\ \...\‮ﯹ๛\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\GoogleUpdate.exe
20:11:08.0819 0x0d2c ‮etadpug ( Rootkit.Win32.PMax.gen ) - infected
20:11:08.0819 0x0d2c ‮etadpug - detected Rootkit.Win32.PMax.gen (0)
20:11:08.0834 0x0d2c ================ Scan global ===============================
20:11:08.0866 0x0d2c [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:11:08.0897 0x0d2c [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:11:08.0928 0x0d2c [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:11:08.0975 0x0d2c [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:11:09.0006 0x0d2c [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:11:09.0006 0x0d2c [Global] - ok
20:11:09.0006 0x0d2c ================ Scan MBR ==================================
20:11:09.0053 0x0d2c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:11:10.0238 0x0d2c \Device\Harddisk0\DR0 - ok
20:11:10.0270 0x0d2c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR3
20:12:34.0024 0x0d2c \Device\Harddisk1\DR3 - ok
20:12:34.0024 0x0d2c ================ Scan VBR ==================================
20:12:34.0086 0x0d2c [ DB78C982ECBC3D1A3C624B7ECFBDBD81 ] \Device\Harddisk0\DR0\Partition1
20:12:34.0086 0x0d2c \Device\Harddisk0\DR0\Partition1 - ok
20:12:34.0102 0x0d2c [ 6275B959055016181A8E6210A7B09003 ] \Device\Harddisk0\DR0\Partition2
20:12:34.0117 0x0d2c \Device\Harddisk0\DR0\Partition2 - ok
20:12:34.0133 0x0d2c [ 7681D9846BED079E8C74F576A6A8DFF7 ] \Device\Harddisk1\DR3\Partition1
20:12:34.0148 0x0d2c \Device\Harddisk1\DR3\Partition1 - ok
20:12:34.0148 0x0d2c ============================================================
20:12:34.0148 0x0d2c Scan finished
20:12:34.0148 0x0d2c ============================================================
20:12:34.0195 0x0d4c Detected object count: 1
20:12:34.0195 0x0d4c Actual detected object count: 1
20:14:06.0423 0x0d4c ‮etadpug ( Rootkit.Win32.PMax.gen ) - skipped by user
20:14:06.0423 0x0d4c ‮etadpug ( Rootkit.Win32.PMax.gen ) - User select action: Skip
20:19:17.0316 0x0f3c ============================================================
20:19:17.0316 0x0f3c Scan started
20:19:17.0316 0x0f3c Mode: Manual;
20:19:17.0316 0x0f3c ============================================================
20:19:17.0597 0x0f3c ================ Scan system memory ========================
20:19:17.0597 0x0f3c System memory - ok
20:19:17.0597 0x0f3c ================ Scan services =============================
20:19:17.0972 0x0f3c [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:19:17.0972 0x0f3c 1394ohci - ok
20:19:18.0018 0x0f3c [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:19:18.0034 0x0f3c ACPI - ok
20:19:18.0050 0x0f3c [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:19:18.0050 0x0f3c AcpiPmi - ok
20:19:18.0159 0x0f3c [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:19:18.0159 0x0f3c AdobeARMservice - ok
20:19:18.0237 0x0f3c [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:19:18.0252 0x0f3c AdobeFlashPlayerUpdateSvc - ok
20:19:18.0299 0x0f3c [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:19:18.0315 0x0f3c adp94xx - ok
20:19:18.0346 0x0f3c [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:19:18.0362 0x0f3c adpahci - ok
20:19:18.0393 0x0f3c [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:19:18.0393 0x0f3c adpu320 - ok
20:19:18.0440 0x0f3c [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:19:18.0440 0x0f3c AeLookupSvc - ok
20:19:18.0471 0x0f3c [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:19:18.0486 0x0f3c AFD - ok
20:19:18.0518 0x0f3c [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:19:18.0518 0x0f3c agp440 - ok
20:19:18.0533 0x0f3c [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:19:18.0533 0x0f3c aic78xx - ok
20:19:18.0564 0x0f3c [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:19:18.0564 0x0f3c ALG - ok
20:19:18.0580 0x0f3c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:19:18.0580 0x0f3c aliide - ok
20:19:18.0596 0x0f3c [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:19:18.0596 0x0f3c amdagp - ok
20:19:18.0611 0x0f3c [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:19:18.0611 0x0f3c amdide - ok
20:19:18.0627 0x0f3c [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:19:18.0627 0x0f3c AmdK8 - ok
20:19:18.0642 0x0f3c [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:19:18.0642 0x0f3c AmdPPM - ok
20:19:18.0658 0x0f3c [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:19:18.0658 0x0f3c amdsata - ok
20:19:18.0689 0x0f3c [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:19:18.0689 0x0f3c amdsbs - ok
20:19:18.0705 0x0f3c [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:19:18.0705 0x0f3c amdxata - ok
20:19:18.0720 0x0f3c [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:19:18.0720 0x0f3c AppID - ok
20:19:18.0752 0x0f3c [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:19:18.0752 0x0f3c AppIDSvc - ok
20:19:18.0798 0x0f3c [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
20:19:18.0798 0x0f3c Appinfo - ok
20:19:18.0861 0x0f3c [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:19:18.0861 0x0f3c Apple Mobile Device - ok
20:19:18.0892 0x0f3c [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:19:18.0892 0x0f3c arc - ok
20:19:18.0923 0x0f3c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:19:18.0923 0x0f3c arcsas - ok
20:19:18.0939 0x0f3c [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:19:18.0939 0x0f3c AsyncMac - ok
20:19:18.0970 0x0f3c [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:19:18.0970 0x0f3c atapi - ok
20:19:19.0001 0x0f3c [ 0EC9C66DAB2C69E5484E3E3400C5BFF4 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:19:19.0001 0x0f3c AthBTPort - ok
20:19:19.0064 0x0f3c [ FF18F1868EFF449D51BA35E67BA1CC52 ] AtherosSvc C:\Program Files\Bluetooth Suite\adminservice.exe
20:19:19.0079 0x0f3c AtherosSvc - ok
20:19:19.0188 0x0f3c [ 8309BF4D39DAA99E5035B58C7B1533D9 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:19:19.0220 0x0f3c athr - ok
20:19:19.0266 0x0f3c [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:19:19.0266 0x0f3c AudioEndpointBuilder - ok
20:19:19.0298 0x0f3c [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:19:19.0313 0x0f3c Audiosrv - ok
20:19:19.0329 0x0f3c [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:19:19.0329 0x0f3c AxInstSV - ok
20:19:19.0376 0x0f3c [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:19:19.0391 0x0f3c b06bdrv - ok
20:19:19.0407 0x0f3c [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:19:19.0422 0x0f3c b57nd60x - ok
20:19:19.0438 0x0f3c [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:19:19.0438 0x0f3c BDESVC - ok
20:19:19.0454 0x0f3c [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:19:19.0469 0x0f3c Beep - ok
20:19:19.0500 0x0f3c [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:19:19.0500 0x0f3c BFE - ok
20:19:19.0532 0x0f3c [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:19:19.0547 0x0f3c BITS - ok
20:19:19.0563 0x0f3c [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:19:19.0563 0x0f3c blbdrive - ok
20:19:19.0625 0x0f3c [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:19:19.0641 0x0f3c Bonjour Service - ok
20:19:19.0672 0x0f3c [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:19:19.0672 0x0f3c bowser - ok
20:19:19.0703 0x0f3c [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:19:19.0703 0x0f3c BrFiltLo - ok
20:19:19.0734 0x0f3c [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:19:19.0734 0x0f3c BrFiltUp - ok
20:19:19.0766 0x0f3c [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:19:19.0766 0x0f3c Browser - ok
20:19:19.0781 0x0f3c [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:19:19.0797 0x0f3c Brserid - ok
20:19:19.0797 0x0f3c [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:19:19.0812 0x0f3c BrSerWdm - ok
20:19:19.0812 0x0f3c [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:19:19.0812 0x0f3c BrUsbMdm - ok
20:19:19.0844 0x0f3c [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:19:19.0844 0x0f3c BrUsbSer - ok
20:19:19.0875 0x0f3c [ 5708B8F128A524553E03D1520B536FE2 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:19:19.0890 0x0f3c BTATH_A2DP - ok
20:19:19.0906 0x0f3c [ 9F6C5D94048148D10A713FB08992D535 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
20:19:19.0906 0x0f3c btath_avdt - ok
20:19:19.0953 0x0f3c [ C32FB5FDE56302258C2A44A57116979F ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
20:19:19.0953 0x0f3c BTATH_BUS - ok
20:19:19.0984 0x0f3c [ F7A1B8334EF7D99EA9D894D995553D3E ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:19:19.0984 0x0f3c BTATH_HCRP - ok
20:19:20.0000 0x0f3c [ 03F0F96D729B47EBFE5BBC8842C74DBD ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:19:20.0000 0x0f3c BTATH_LWFLT - ok
20:19:20.0062 0x0f3c [ 92A08096BF01937847063D43CDB72F2A ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
20:19:20.0078 0x0f3c BTATH_RCP - ok
20:19:20.0124 0x0f3c [ 3195B198153FF53874B5D539F1F618B4 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:19:20.0124 0x0f3c BtFilter - ok
20:19:20.0171 0x0f3c [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:19:20.0171 0x0f3c BthEnum - ok
20:19:20.0202 0x0f3c [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:19:20.0202 0x0f3c BTHMODEM - ok
20:19:20.0249 0x0f3c [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:19:20.0249 0x0f3c BthPan - ok
20:19:20.0280 0x0f3c [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:19:20.0296 0x0f3c BTHPORT - ok
20:19:20.0312 0x0f3c [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:19:20.0327 0x0f3c bthserv - ok
20:19:20.0343 0x0f3c [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:19:20.0343 0x0f3c BTHUSB - ok
20:19:20.0374 0x0f3c [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:19:20.0374 0x0f3c cdfs - ok
20:19:20.0405 0x0f3c [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:19:20.0405 0x0f3c cdrom - ok
20:19:20.0436 0x0f3c [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:19:20.0436 0x0f3c CertPropSvc - ok
20:19:20.0452 0x0f3c [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:19:20.0468 0x0f3c circlass - ok
20:19:20.0499 0x0f3c [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:19:20.0499 0x0f3c CLFS - ok
20:19:20.0592 0x0f3c [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:19:20.0592 0x0f3c clr_optimization_v2.0.50727_32 - ok
20:19:20.0702 0x0f3c [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:19:20.0702 0x0f3c clr_optimization_v4.0.30319_32 - ok
20:19:20.0733 0x0f3c [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:19:20.0733 0x0f3c CmBatt - ok
20:19:20.0780 0x0f3c [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:19:20.0780 0x0f3c cmdide - ok
20:19:20.0826 0x0f3c [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:19:20.0826 0x0f3c CNG - ok
20:19:20.0858 0x0f3c [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:19:20.0858 0x0f3c Compbatt - ok
20:19:20.0873 0x0f3c [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:19:20.0873 0x0f3c CompositeBus - ok
20:19:20.0889 0x0f3c COMSysApp - ok
20:19:20.0904 0x0f3c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:19:20.0904 0x0f3c crcdisk - ok
20:19:20.0982 0x0f3c [ 2C53AB51F07EF7B58D32C36D8F2F8C16 ] CronService C:\Prey\platform\windows\cronsvc.exe
20:19:20.0982 0x0f3c CronService - ok
20:19:21.0046 0x0f3c [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:19:21.0046 0x0f3c CryptSvc - ok
20:19:21.0186 0x0f3c [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:19:21.0202 0x0f3c cvhsvc - ok
20:19:21.0264 0x0f3c [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:19:21.0280 0x0f3c DcomLaunch - ok
20:19:21.0327 0x0f3c [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:19:21.0327 0x0f3c defragsvc - ok
20:19:21.0358 0x0f3c [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:19:21.0358 0x0f3c DfsC - ok
20:19:21.0389 0x0f3c [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:19:21.0389 0x0f3c Dhcp - ok
20:19:21.0420 0x0f3c [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:19:21.0420 0x0f3c discache - ok
20:19:21.0436 0x0f3c [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:19:21.0436 0x0f3c Disk - ok
20:19:21.0451 0x0f3c [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:19:21.0451 0x0f3c Dnscache - ok
20:19:21.0483 0x0f3c [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:19:21.0483 0x0f3c dot3svc - ok
20:19:21.0498 0x0f3c [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:19:21.0498 0x0f3c DPS - ok
20:19:21.0529 0x0f3c [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:19:21.0529 0x0f3c drmkaud - ok
20:19:21.0576 0x0f3c [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files\Launch Manager\dsiwmis.exe
20:19:21.0576 0x0f3c DsiWMIService - ok
20:19:21.0623 0x0f3c [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:19:21.0623 0x0f3c dtsoftbus01 - ok
20:19:21.0670 0x0f3c [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:19:21.0685 0x0f3c DXGKrnl - ok
20:19:21.0717 0x0f3c [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:19:21.0717 0x0f3c EapHost - ok
20:19:21.0857 0x0f3c [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:19:21.0888 0x0f3c ebdrv - ok
20:19:21.0919 0x0f3c [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:19:21.0919 0x0f3c EFS - ok
20:19:21.0966 0x0f3c [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
20:19:21.0966 0x0f3c EgisTec Ticket Service - ok
20:19:21.0997 0x0f3c [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:19:22.0013 0x0f3c elxstor - ok
20:19:22.0122 0x0f3c [ 81ECBF63B68F07DAA1185612F00FEBA1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:19:22.0138 0x0f3c ePowerSvc - ok
20:19:22.0169 0x0f3c [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:19:22.0169 0x0f3c ErrDev - ok
20:19:22.0231 0x0f3c [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:19:22.0247 0x0f3c EventSystem - ok
20:19:22.0278 0x0f3c [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:19:22.0278 0x0f3c exfat - ok
20:19:22.0341 0x0f3c [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:19:22.0341 0x0f3c fastfat - ok
20:19:22.0372 0x0f3c [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:19:22.0387 0x0f3c Fax - ok
20:19:22.0403 0x0f3c [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
20:19:22.0403 0x0f3c fdc - ok
20:19:22.0434 0x0f3c [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:19:22.0434 0x0f3c fdPHost - ok
20:19:22.0465 0x0f3c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:19:22.0465 0x0f3c FDResPub - ok
20:19:22.0481 0x0f3c [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:19:22.0481 0x0f3c FileInfo - ok
20:19:22.0512 0x0f3c [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:19:22.0512 0x0f3c Filetrace - ok
20:19:22.0528 0x0f3c [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:19:22.0528 0x0f3c flpydisk - ok
20:19:22.0559 0x0f3c [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:19:22.0559 0x0f3c FltMgr - ok
20:19:22.0621 0x0f3c [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
20:19:22.0637 0x0f3c FontCache - ok
20:19:22.0699 0x0f3c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:19:22.0699 0x0f3c FontCache3.0.0.0 - ok
20:19:22.0731 0x0f3c [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:19:22.0731 0x0f3c FsDepends - ok
20:19:22.0762 0x0f3c [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:19:22.0762 0x0f3c Fs_Rec - ok
20:19:22.0809 0x0f3c [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:19:22.0809 0x0f3c fvevol - ok
20:19:22.0824 0x0f3c [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:19:22.0840 0x0f3c gagp30kx - ok
20:19:22.0871 0x0f3c [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:19:22.0871 0x0f3c GEARAspiWDM - ok
20:19:22.0918 0x0f3c [ 035EAF9A18B84F9560984BCF41F52E99 ] gfiark C:\Windows\system32\drivers\gfiark.sys
20:19:22.0918 0x0f3c gfiark - ok
20:19:22.0965 0x0f3c [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:19:22.0980 0x0f3c gpsvc - ok
20:19:23.0043 0x0f3c [ 32096F187020A54D29C95B3A1467D963 ] GREGService C:\Program Files\Acer\Registration\GREGsvc.exe
20:19:23.0043 0x0f3c GREGService - ok
20:19:23.0105 0x0f3c [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:19:23.0121 0x0f3c gupdate - ok
20:19:23.0121 0x0f3c [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:19:23.0121 0x0f3c gupdatem - ok
20:19:23.0152 0x0f3c [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:19:23.0152 0x0f3c hcw85cir - ok
20:19:23.0183 0x0f3c [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:19:23.0183 0x0f3c HdAudAddService - ok
20:19:23.0199 0x0f3c [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:19:23.0214 0x0f3c HDAudBus - ok
20:19:23.0214 0x0f3c [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:19:23.0214 0x0f3c HidBatt - ok
20:19:23.0230 0x0f3c [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:19:23.0245 0x0f3c HidBth - ok
20:19:23.0261 0x0f3c [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:19:23.0277 0x0f3c HidIr - ok
20:19:23.0308 0x0f3c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:19:23.0308 0x0f3c hidserv - ok
20:19:23.0323 0x0f3c [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:19:23.0323 0x0f3c HidUsb - ok
20:19:23.0355 0x0f3c [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:19:23.0355 0x0f3c hkmsvc - ok
20:19:23.0386 0x0f3c [ CEAF89A631C5C78EC26BA15DD888FD52 ] hola_net C:\Windows\system32\DRIVERS\hola_net.sys
20:19:23.0401 0x0f3c hola_net - ok
20:19:23.0433 0x0f3c [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:19:23.0433 0x0f3c HomeGroupListener - ok
20:19:23.0479 0x0f3c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:19:23.0479 0x0f3c HomeGroupProvider - ok
20:19:23.0511 0x0f3c [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:19:23.0511 0x0f3c HpSAMD - ok
20:19:23.0542 0x0f3c [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:19:23.0557 0x0f3c HTTP - ok
20:19:23.0573 0x0f3c [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:19:23.0573 0x0f3c hwpolicy - ok
20:19:23.0604 0x0f3c [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:19:23.0604 0x0f3c i8042prt - ok
20:19:23.0651 0x0f3c [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:19:23.0651 0x0f3c iaStor - ok
20:19:23.0713 0x0f3c [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:19:23.0713 0x0f3c IAStorDataMgrSvc - ok
20:19:23.0760 0x0f3c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:19:23.0760 0x0f3c iaStorV - ok
20:19:23.0885 0x0f3c [ 0DFFBA5AE3D2E1C076BD8E6F52C4FDFB ] IconMan_R C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:19:23.0901 0x0f3c IconMan_R - ok
20:19:23.0979 0x0f3c [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:19:23.0994 0x0f3c idsvc - ok
20:19:24.0103 0x0f3c [ 96FE1D82D1B4420D350AB6493C6FCE41 ] igddim32 C:\Windows\system32\DRIVERS\igddim32.sys
20:19:24.0119 0x0f3c igddim32 - ok
20:19:24.0166 0x0f3c [ 30D8327539E11CFE5006BCF762F07EB9 ] igdkmd32 C:\Windows\system32\DRIVERS\igdkmd32.sys
20:19:24.0166 0x0f3c igdkmd32 - ok
20:19:24.0213 0x0f3c [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:19:24.0213 0x0f3c iirsp - ok
20:19:24.0259 0x0f3c [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:19:24.0275 0x0f3c IKEEXT - ok
20:19:24.0447 0x0f3c [ 303129C4432D58DE0A56CF6F25512956 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:19:24.0493 0x0f3c IntcAzAudAddService - ok
20:19:24.0525 0x0f3c [ 8F4D251F1EA15FA97E8399128A72CC83 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:19:24.0525 0x0f3c IntcDAud - ok
20:19:24.0540 0x0f3c [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:19:24.0540 0x0f3c intelide - ok
20:19:24.0571 0x0f3c [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:19:24.0571 0x0f3c intelppm - ok
20:19:24.0603 0x0f3c [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:19:24.0603 0x0f3c IPBusEnum - ok
20:19:24.0618 0x0f3c [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:19:24.0618 0x0f3c IpFilterDriver - ok
20:19:24.0681 0x0f3c [ 58F67245D041FBE7AF88F4EAF79DF0FA ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
20:19:24.0681 0x0f3c IpHlpSvc - ok
20:19:24.0696 0x0f3c [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:19:24.0696 0x0f3c IPMIDRV - ok
20:19:24.0712 0x0f3c [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:19:24.0712 0x0f3c IPNAT - ok
20:19:24.0774 0x0f3c [ D8B8B5A8FE57CF4F307A540D9A153C23 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:19:24.0790 0x0f3c iPod Service - ok
20:19:24.0821 0x0f3c [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:19:24.0821 0x0f3c IRENUM - ok
20:19:24.0852 0x0f3c [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:19:24.0852 0x0f3c isapnp - ok
20:19:24.0883 0x0f3c [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:19:24.0883 0x0f3c iScsiPrt - ok
20:19:24.0899 0x0f3c [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:19:24.0915 0x0f3c kbdclass - ok
20:19:24.0930 0x0f3c [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:19:24.0930 0x0f3c kbdhid - ok
20:19:24.0946 0x0f3c [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:19:24.0946 0x0f3c KeyIso - ok
20:19:24.0977 0x0f3c [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:19:24.0977 0x0f3c KSecDD - ok
20:19:25.0008 0x0f3c [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:19:25.0008 0x0f3c KSecPkg - ok
20:19:25.0055 0x0f3c [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:19:25.0071 0x0f3c KtmRm - ok
20:19:25.0102 0x0f3c [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:19:25.0117 0x0f3c LanmanServer - ok
20:19:25.0149 0x0f3c [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:19:25.0149 0x0f3c LanmanWorkstation - ok
20:19:25.0195 0x0f3c [ 6BB516A31DE232DAB436FF3A117E1E80 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:19:25.0211 0x0f3c Live Updater Service - ok
20:19:25.0242 0x0f3c [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:19:25.0242 0x0f3c lltdio - ok
20:19:25.0273 0x0f3c [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:19:25.0273 0x0f3c lltdsvc - ok
20:19:25.0305 0x0f3c [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:19:25.0305 0x0f3c lmhosts - ok
20:19:25.0320 0x0f3c lpncstkd - ok
20:19:25.0351 0x0f3c [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:19:25.0367 0x0f3c LSI_FC - ok
20:19:25.0367 0x0f3c [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:19:25.0367 0x0f3c LSI_SAS - ok
20:19:25.0383 0x0f3c [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:19:25.0398 0x0f3c LSI_SAS2 - ok
20:19:25.0398 0x0f3c [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:19:25.0398 0x0f3c LSI_SCSI - ok
20:19:25.0429 0x0f3c [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:19:25.0445 0x0f3c luafv - ok
20:19:25.0461 0x0f3c [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:19:25.0461 0x0f3c megasas - ok
20:19:25.0476 0x0f3c [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:19:25.0476 0x0f3c MegaSR - ok
20:19:25.0710 0x0f3c Microsoft SharePoint Workspace Audit Service - ok
20:19:25.0741 0x0f3c [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:19:25.0741 0x0f3c MMCSS - ok
20:19:25.0788 0x0f3c [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:19:25.0788 0x0f3c Modem - ok
20:19:25.0835 0x0f3c [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:19:25.0835 0x0f3c monitor - ok
20:19:25.0866 0x0f3c [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:19:25.0866 0x0f3c mouclass - ok
20:19:25.0897 0x0f3c [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:19:25.0897 0x0f3c mouhid - ok
20:19:25.0913 0x0f3c [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:19:25.0913 0x0f3c mountmgr - ok
20:19:25.0944 0x0f3c [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:19:25.0960 0x0f3c MpFilter - ok
20:19:25.0975 0x0f3c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:19:25.0975 0x0f3c mpio - ok
20:19:26.0007 0x0f3c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:19:26.0007 0x0f3c mpsdrv - ok
20:19:26.0038 0x0f3c [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:19:26.0053 0x0f3c MpsSvc - ok
20:19:26.0069 0x0f3c [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:19:26.0069 0x0f3c MRxDAV - ok
20:19:26.0085 0x0f3c [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:19:26.0085 0x0f3c mrxsmb - ok
20:19:26.0116 0x0f3c [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:19:26.0116 0x0f3c mrxsmb10 - ok
20:19:26.0131 0x0f3c [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:19:26.0131 0x0f3c mrxsmb20 - ok
20:19:26.0147 0x0f3c [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:19:26.0147 0x0f3c msahci - ok
20:19:26.0163 0x0f3c [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:19:26.0163 0x0f3c msdsm - ok
20:19:26.0194 0x0f3c [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:19:26.0194 0x0f3c MSDTC - ok
20:19:26.0241 0x0f3c [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:19:26.0241 0x0f3c Msfs - ok
20:19:26.0256 0x0f3c [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:19:26.0256 0x0f3c mshidkmdf - ok
20:19:26.0287 0x0f3c [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:19:26.0287 0x0f3c msisadrv - ok
20:19:26.0334 0x0f3c [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:19:26.0334 0x0f3c MSiSCSI - ok
20:19:26.0350 0x0f3c msiserver - ok
20:19:26.0397 0x0f3c [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:19:26.0397 0x0f3c MSKSSRV - ok
20:19:26.0428 0x0f3c MsMpSvc - ok
20:19:26.0443 0x0f3c [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:19:26.0443 0x0f3c MSPCLOCK - ok
20:19:26.0459 0x0f3c [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:19:26.0459 0x0f3c MSPQM - ok
20:19:26.0475 0x0f3c [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:19:26.0490 0x0f3c MsRPC - ok
20:19:26.0506 0x0f3c [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:19:26.0521 0x0f3c mssmbios - ok
20:19:26.0521 0x0f3c [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:19:26.0521 0x0f3c MSTEE - ok
20:19:26.0537 0x0f3c [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:19:26.0553 0x0f3c MTConfig - ok
20:19:26.0568 0x0f3c [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:19:26.0568 0x0f3c Mup - ok
20:19:26.0584 0x0f3c [ 383379F94280E5CCE2C563711FD17F43 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:19:26.0584 0x0f3c mwlPSDFilter - ok
20:19:26.0615 0x0f3c [ 9DDF22CFFACFE91FB60336276A2F2524 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:19:26.0615 0x0f3c mwlPSDNServ - ok
20:19:26.0631 0x0f3c [ 755B8CEFEC291F42CDC560A68CDDE6EF ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:19:26.0631 0x0f3c mwlPSDVDisk - ok
20:19:26.0677 0x0f3c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:19:26.0693 0x0f3c napagent - ok
20:19:26.0724 0x0f3c [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:19:26.0740 0x0f3c NativeWifiP - ok
20:19:26.0787 0x0f3c [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:19:26.0802 0x0f3c NDIS - ok
20:19:26.0833 0x0f3c [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:19:26.0833 0x0f3c NdisCap - ok
20:19:26.0880 0x0f3c [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:19:26.0880 0x0f3c NdisTapi - ok
20:19:26.0911 0x0f3c [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:19:26.0911 0x0f3c Ndisuio - ok
20:19:26.0943 0x0f3c [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:19:26.0943 0x0f3c NdisWan - ok
20:19:26.0958 0x0f3c [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:19:26.0958 0x0f3c NDProxy - ok
20:19:26.0989 0x0f3c [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:19:26.0989 0x0f3c NetBIOS - ok
20:19:27.0021 0x0f3c [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:19:27.0021 0x0f3c NetBT - ok
20:19:27.0052 0x0f3c [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:19:27.0052 0x0f3c Netlogon - ok
20:19:27.0099 0x0f3c [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:19:27.0114 0x0f3c Netman - ok
20:19:27.0130 0x0f3c [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:19:27.0130 0x0f3c netprofm - ok
20:19:27.0177 0x0f3c [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:19:27.0177 0x0f3c NetTcpPortSharing - ok
20:19:27.0208 0x0f3c [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:19:27.0208 0x0f3c nfrd960 - ok
20:19:27.0239 0x0f3c [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:19:27.0239 0x0f3c NisDrv - ok
20:19:27.0255 0x0f3c NisSrv - ok
20:19:27.0395 0x0f3c [ D10C1F16AAA5EBE1616C9DB7EEF022BA ] NitroDriverReadSpool8 C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
20:19:27.0395 0x0f3c NitroDriverReadSpool8 - ok
20:19:27.0442 0x0f3c [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:19:27.0457 0x0f3c NlaSvc - ok
20:19:27.0504 0x0f3c [ 43436B5756A45EA11D274B3983204095 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
20:19:27.0504 0x0f3c nlsX86cc - ok
20:19:27.0629 0x0f3c [ A634584C506F2C82680039371AA1772C ] NOBU C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
20:19:27.0645 0x0f3c NOBU - ok
20:19:27.0676 0x0f3c [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:19:27.0676 0x0f3c Npfs - ok
20:19:27.0707 0x0f3c [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:19:27.0707 0x0f3c nsi - ok
20:19:27.0738 0x0f3c [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:19:27.0738 0x0f3c nsiproxy - ok
20:19:27.0816 0x0f3c [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:19:27.0847 0x0f3c Ntfs - ok
20:19:27.0879 0x0f3c [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:19:27.0894 0x0f3c Null - ok
20:19:27.0910 0x0f3c [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:19:27.0910 0x0f3c nvraid - ok
20:19:27.0925 0x0f3c [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:19:27.0925 0x0f3c nvstor - ok
20:19:27.0941 0x0f3c [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:19:27.0941 0x0f3c nv_agp - ok
20:19:27.0957 0x0f3c [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:19:27.0957 0x0f3c ohci1394 - ok
20:19:28.0003 0x0f3c [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:19:28.0003 0x0f3c ose - ok
20:19:28.0192 0x0f3c [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:19:28.0238 0x0f3c osppsvc - ok
20:19:28.0285 0x0f3c [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:19:28.0285 0x0f3c p2pimsvc - ok
20:19:28.0316 0x0f3c [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:19:28.0332 0x0f3c p2psvc - ok
20:19:28.0363 0x0f3c [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
20:19:28.0363 0x0f3c Parport - ok
20:19:28.0379 0x0f3c [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:19:28.0394 0x0f3c partmgr - ok
20:19:28.0410 0x0f3c [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:19:28.0410 0x0f3c Parvdm - ok
20:19:28.0441 0x0f3c [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:19:28.0441 0x0f3c pci - ok
20:19:28.0457 0x0f3c [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:19:28.0457 0x0f3c pciide - ok
20:19:28.0472 0x0f3c [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:19:28.0488 0x0f3c pcmcia - ok
20:19:28.0504 0x0f3c [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:19:28.0504 0x0f3c pcw - ok
20:19:28.0535 0x0f3c [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:19:28.0550 0x0f3c PEAUTH - ok
20:19:28.0644 0x0f3c [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:19:28.0660 0x0f3c pla - ok
20:19:28.0691 0x0f3c [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:19:28.0706 0x0f3c PlugPlay - ok
20:19:28.0722 0x0f3c [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:19:28.0738 0x0f3c PNRPAutoReg - ok
20:19:28.0753 0x0f3c [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:19:28.0769 0x0f3c PNRPsvc - ok
20:19:28.0800 0x0f3c [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:19:28.0800 0x0f3c Power - ok
20:19:28.0847 0x0f3c [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:19:28.0847 0x0f3c PptpMiniport - ok
20:19:28.0862 0x0f3c [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:19:28.0862 0x0f3c Processor - ok
20:19:28.0909 0x0f3c [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:19:28.0909 0x0f3c ProfSvc - ok
20:19:28.0940 0x0f3c [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:19:28.0940 0x0f3c ProtectedStorage - ok
20:19:28.0972 0x0f3c [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:19:28.0972 0x0f3c Psched - ok
20:19:29.0018 0x0f3c [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:19:29.0034 0x0f3c ql2300 - ok
20:19:29.0050 0x0f3c [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:19:29.0050 0x0f3c ql40xx - ok
20:19:29.0096 0x0f3c [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:19:29.0112 0x0f3c QWAVE - ok
20:19:29.0128 0x0f3c [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:19:29.0128 0x0f3c QWAVEdrv - ok
20:19:29.0128 0x0f3c [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:19:29.0143 0x0f3c RasAcd - ok
20:19:29.0160 0x0f3c [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:19:29.0160 0x0f3c RasAgileVpn - ok
20:19:29.0191 0x0f3c [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:19:29.0191 0x0f3c RasAuto - ok
20:19:29.0222 0x0f3c [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:19:29.0222 0x0f3c Rasl2tp - ok
20:19:29.0238 0x0f3c [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:19:29.0238 0x0f3c RasMan - ok
20:19:29.0269 0x0f3c [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:19:29.0269 0x0f3c RasPppoe - ok
20:19:29.0285 0x0f3c [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:19:29.0285 0x0f3c RasSstp - ok
20:19:29.0316 0x0f3c [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:19:29.0316 0x0f3c rdbss - ok
20:19:29.0347 0x0f3c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:19:29.0347 0x0f3c rdpbus - ok
20:19:29.0363 0x0f3c [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:19:29.0378 0x0f3c RDPCDD - ok
20:19:29.0394 0x0f3c [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:19:29.0394 0x0f3c RDPENCDD - ok
20:19:29.0409 0x0f3c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:19:29.0409 0x0f3c RDPREFMP - ok
20:19:29.0441 0x0f3c [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:19:29.0441 0x0f3c RDPWD - ok
20:19:29.0472 0x0f3c [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:19:29.0472 0x0f3c rdyboost - ok
20:19:29.0503 0x0f3c [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:19:29.0503 0x0f3c RemoteRegistry - ok
20:19:29.0534 0x0f3c [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:19:29.0534 0x0f3c RFCOMM - ok
20:19:29.0581 0x0f3c [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
20:19:29.0581 0x0f3c RimUsb - ok
20:19:29.0612 0x0f3c [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:19:29.0612 0x0f3c RpcEptMapper - ok
20:19:29.0659 0x0f3c [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:19:29.0659 0x0f3c RpcLocator - ok
20:19:29.0675 0x0f3c [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:19:29.0690 0x0f3c RpcSs - ok
20:19:29.0721 0x0f3c [ 683B328B077D21F06E18C426DBAC0616 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:19:29.0737 0x0f3c RSPCIESTOR - ok
20:19:29.0753 0x0f3c [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:19:29.0768 0x0f3c rspndr - ok
20:19:29.0831 0x0f3c [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
20:19:29.0831 0x0f3c RS_Service - ok
20:19:29.0877 0x0f3c [ 6A2586DCB5B04A52404699EB325DF1DB ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
20:19:29.0893 0x0f3c RTL8167 - ok
20:19:29.0909 0x0f3c [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:19:29.0909 0x0f3c SamSs - ok
20:19:29.0940 0x0f3c [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:19:29.0940 0x0f3c sbp2port - ok
20:19:29.0971 0x0f3c [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:19:29.0987 0x0f3c SCardSvr - ok
20:19:30.0002 0x0f3c [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:19:30.0018 0x0f3c scfilter - ok
20:19:30.0049 0x0f3c [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:19:30.0065 0x0f3c Schedule - ok
20:19:30.0080 0x0f3c [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:19:30.0096 0x0f3c SCPolicySvc - ok
20:19:30.0111 0x0f3c [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:19:30.0127 0x0f3c SDRSVC - ok
20:19:30.0143 0x0f3c [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:19:30.0143 0x0f3c secdrv - ok
20:19:30.0159 0x0f3c [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:19:30.0175 0x0f3c seclogon - ok
20:19:30.0190 0x0f3c [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:19:30.0190 0x0f3c SENS - ok
20:19:30.0206 0x0f3c [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:19:30.0206 0x0f3c SensrSvc - ok
20:19:30.0237 0x0f3c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:19:30.0237 0x0f3c Serenum - ok
20:19:30.0253 0x0f3c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
20:19:30.0253 0x0f3c Serial - ok
20:19:30.0268 0x0f3c [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:19:30.0268 0x0f3c sermouse - ok
20:19:30.0315 0x0f3c [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:19:30.0315 0x0f3c SessionEnv - ok
20:19:30.0331 0x0f3c [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:19:30.0331 0x0f3c sffdisk - ok
20:19:30.0346 0x0f3c [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:19:30.0346 0x0f3c sffp_mmc - ok
20:19:30.0362 0x0f3c [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:19:30.0362 0x0f3c sffp_sd - ok
20:19:30.0378 0x0f3c [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:19:30.0378 0x0f3c sfloppy - ok
20:19:30.0424 0x0f3c [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:19:30.0440 0x0f3c Sftfs - ok
20:19:30.0502 0x0f3c [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
20:19:30.0502 0x0f3c sftlist - ok
20:19:30.0549 0x0f3c [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:19:30.0549 0x0f3c Sftplay - ok
20:19:30.0580 0x0f3c [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:19:30.0580 0x0f3c Sftredir - ok
20:19:30.0612 0x0f3c [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:19:30.0612 0x0f3c Sftvol - ok
20:19:30.0627 0x0f3c [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
20:19:30.0643 0x0f3c sftvsa - ok
20:19:30.0674 0x0f3c [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:19:30.0674 0x0f3c SharedAccess - ok
20:19:30.0721 0x0f3c [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:19:30.0721 0x0f3c ShellHWDetection - ok
20:19:30.0752 0x0f3c [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:19:30.0768 0x0f3c sisagp - ok
20:19:30.0768 0x0f3c [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:19:30.0768 0x0f3c SiSRaid2 - ok
20:19:30.0799 0x0f3c [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:19:30.0799 0x0f3c SiSRaid4 - ok
20:19:30.0830 0x0f3c [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:19:30.0830 0x0f3c SkypeUpdate - ok
20:19:30.0846 0x0f3c [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:19:30.0846 0x0f3c Smb - ok
20:19:30.0892 0x0f3c [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:19:30.0908 0x0f3c SNMPTRAP - ok
20:19:30.0924 0x0f3c [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:19:30.0924 0x0f3c spldr - ok
20:19:30.0971 0x0f3c [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:19:30.0986 0x0f3c Spooler - ok
20:19:31.0127 0x0f3c [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:19:31.0158 0x0f3c sppsvc - ok
20:19:31.0189 0x0f3c [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:19:31.0189 0x0f3c sppuinotify - ok
20:19:31.0220 0x0f3c [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:19:31.0220 0x0f3c srv - ok
20:19:31.0251 0x0f3c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:19:31.0251 0x0f3c srv2 - ok
20:19:31.0267 0x0f3c [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:19:31.0267 0x0f3c srvnet - ok
20:19:31.0314 0x0f3c [ 6A09C136CF33547820CB963E4D5AAF9E ] SSCBFS3 C:\Windows\system32\DRIVERS\sscbfs3.sys
20:19:31.0329 0x0f3c SSCBFS3 - ok
20:19:31.0345 0x0f3c [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:19:31.0345 0x0f3c SSDPSRV - ok
20:19:31.0376 0x0f3c [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:19:31.0376 0x0f3c SstpSvc - ok
20:19:31.0407 0x0f3c [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:19:31.0407 0x0f3c stexstor - ok
20:19:31.0454 0x0f3c [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:19:31.0454 0x0f3c StiSvc - ok
20:19:31.0470 0x0f3c [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:19:31.0470 0x0f3c swenum - ok
20:19:31.0517 0x0f3c [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:19:31.0517 0x0f3c swprv - ok
20:19:31.0595 0x0f3c [ 31B6B2D25FCFF1B71AE225000D656CD0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:19:31.0610 0x0f3c SynTP - ok
20:19:31.0641 0x0f3c [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:19:31.0673 0x0f3c SysMain - ok
20:19:31.0688 0x0f3c [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:19:31.0688 0x0f3c TabletInputService - ok
20:19:31.0719 0x0f3c [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:19:31.0735 0x0f3c TapiSrv - ok
20:19:31.0766 0x0f3c [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:19:31.0766 0x0f3c TBS - ok
20:19:31.0844 0x0f3c [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:19:31.0875 0x0f3c Tcpip - ok
20:19:31.0922 0x0f3c [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:19:31.0938 0x0f3c TCPIP6 - ok
20:19:31.0969 0x0f3c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:19:31.0969 0x0f3c tcpipreg - ok
20:19:32.0016 0x0f3c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:19:32.0016 0x0f3c TDPIPE - ok
20:19:32.0031 0x0f3c [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:19:32.0031 0x0f3c TDTCP - ok
20:19:32.0047 0x0f3c [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:19:32.0063 0x0f3c tdx - ok
20:19:32.0078 0x0f3c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:19:32.0078 0x0f3c TermDD - ok
20:19:32.0125 0x0f3c [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:19:32.0141 0x0f3c TermService - ok
20:19:32.0156 0x0f3c [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:19:32.0156 0x0f3c Themes - ok
20:19:32.0187 0x0f3c [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:19:32.0187 0x0f3c THREADORDER - ok
20:19:32.0203 0x0f3c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:19:32.0219 0x0f3c TrkWks - ok
20:19:32.0265 0x0f3c [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:19:32.0265 0x0f3c TrustedInstaller - ok
20:19:32.0312 0x0f3c [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:19:32.0312 0x0f3c tssecsrv - ok
20:19:32.0328 0x0f3c [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:19:32.0328 0x0f3c TsUsbFlt - ok
20:19:32.0343 0x0f3c [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:19:32.0343 0x0f3c TsUsbGD - ok
20:19:32.0375 0x0f3c [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:19:32.0375 0x0f3c tunnel - ok
20:19:32.0390 0x0f3c [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:19:32.0390 0x0f3c uagp35 - ok
20:19:32.0406 0x0f3c [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:19:32.0406 0x0f3c udfs - ok
20:19:32.0437 0x0f3c [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:19:32.0453 0x0f3c UI0Detect - ok
20:19:32.0468 0x0f3c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:19:32.0468 0x0f3c uliagpkx - ok
20:19:32.0484 0x0f3c [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:19:32.0484 0x0f3c umbus - ok
20:19:32.0499 0x0f3c [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:19:32.0499 0x0f3c UmPass - ok
20:19:32.0546 0x0f3c [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:19:32.0546 0x0f3c upnphost - ok
20:19:32.0577 0x0f3c [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:19:32.0577 0x0f3c usbccgp - ok
20:19:32.0609 0x0f3c [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:19:32.0609 0x0f3c usbcir - ok
20:19:32.0624 0x0f3c [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:19:32.0640 0x0f3c usbehci - ok
20:19:32.0655 0x0f3c [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:19:32.0655 0x0f3c usbhub - ok
20:19:32.0687 0x0f3c [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:19:32.0687 0x0f3c usbohci - ok
20:19:32.0702 0x0f3c [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:19:32.0702 0x0f3c usbprint - ok
20:19:32.0718 0x0f3c [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:19:32.0733 0x0f3c USBSTOR - ok
20:19:32.0749 0x0f3c [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:19:32.0749 0x0f3c usbuhci - ok
20:19:32.0780 0x0f3c [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:19:32.0780 0x0f3c usbvideo - ok
20:19:32.0811 0x0f3c [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:19:32.0827 0x0f3c UxSms - ok
20:19:32.0843 0x0f3c [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:19:32.0843 0x0f3c VaultSvc - ok
20:19:32.0874 0x0f3c [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:19:32.0874 0x0f3c vdrvroot - ok
20:19:32.0905 0x0f3c [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:19:32.0921 0x0f3c vds - ok
20:19:32.0936 0x0f3c [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:19:32.0936 0x0f3c vga - ok
20:19:32.0967 0x0f3c [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:19:32.0967 0x0f3c VgaSave - ok
20:19:32.0983 0x0f3c [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:19:32.0983 0x0f3c vhdmp - ok
20:19:32.0999 0x0f3c [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:19:32.0999 0x0f3c viaagp - ok
20:19:33.0014 0x0f3c [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:19:33.0014 0x0f3c ViaC7 - ok
20:19:33.0030 0x0f3c [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:19:33.0045 0x0f3c viaide - ok
20:19:33.0061 0x0f3c [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:19:33.0061 0x0f3c volmgr - ok
20:19:33.0092 0x0f3c [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:19:33.0092 0x0f3c volmgrx - ok
20:19:33.0123 0x0f3c [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:19:33.0123 0x0f3c volsnap - ok
20:19:33.0155 0x0f3c [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:19:33.0155 0x0f3c vsmraid - ok
20:19:33.0218 0x0f3c [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:19:33.0249 0x0f3c VSS - ok
20:19:33.0265 0x0f3c [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:19:33.0280 0x0f3c vwifibus - ok
20:19:33.0296 0x0f3c [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:19:33.0296 0x0f3c vwififlt - ok
20:19:33.0327 0x0f3c [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:19:33.0343 0x0f3c W32Time - ok
20:19:33.0358 0x0f3c [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:19:33.0358 0x0f3c WacomPen - ok
20:19:33.0390 0x0f3c [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:19:33.0390 0x0f3c WANARP - ok
20:19:33.0405 0x0f3c [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:19:33.0405 0x0f3c Wanarpv6 - ok
20:19:33.0468 0x0f3c [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:19:33.0483 0x0f3c wbengine - ok
20:19:33.0499 0x0f3c [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:19:33.0499 0x0f3c WbioSrvc - ok
20:19:33.0514 0x0f3c [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:19:33.0530 0x0f3c wcncsvc - ok
20:19:33.0561 0x0f3c [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:19:33.0561 0x0f3c WcsPlugInService - ok
20:19:33.0592 0x0f3c [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:19:33.0592 0x0f3c Wd - ok
20:19:33.0639 0x0f3c [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:19:33.0655 0x0f3c Wdf01000 - ok
20:19:33.0670 0x0f3c [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:19:33.0686 0x0f3c WdiServiceHost - ok
20:19:33.0686 0x0f3c [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:19:33.0702 0x0f3c WdiSystemHost - ok
20:19:33.0717 0x0f3c [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:19:33.0717 0x0f3c WebClient - ok
20:19:33.0748 0x0f3c [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:19:33.0748 0x0f3c Wecsvc - ok
20:19:33.0780 0x0f3c [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:19:33.0780 0x0f3c wercplsupport - ok
20:19:33.0795 0x0f3c [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:19:33.0811 0x0f3c WerSvc - ok
20:19:33.0826 0x0f3c [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:19:33.0826 0x0f3c WfpLwf - ok
20:19:33.0858 0x0f3c [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:19:33.0858 0x0f3c WIMMount - ok
20:19:33.0920 0x0f3c [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:19:33.0936 0x0f3c WinDefend - ok
20:19:33.0951 0x0f3c WinHttpAutoProxySvc - ok
20:19:34.0060 0x0f3c [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:19:34.0060 0x0f3c Winmgmt - ok
20:19:34.0154 0x0f3c [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:19:34.0202 0x0f3c WinRM - ok
20:19:34.0280 0x0f3c [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:19:34.0280 0x0f3c WinUsb - ok
20:19:34.0342 0x0f3c [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:19:34.0373 0x0f3c Wlansvc - ok
20:19:34.0451 0x0f3c [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:19:34.0451 0x0f3c wlcrasvc - ok
20:19:34.0561 0x0f3c [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:19:34.0592 0x0f3c wlidsvc - ok
20:19:34.0623 0x0f3c [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:19:34.0623 0x0f3c WmiAcpi - ok
20:19:34.0670 0x0f3c [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:19:34.0670 0x0f3c wmiApSrv - ok
20:19:34.0748 0x0f3c [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:19:34.0763 0x0f3c WMPNetworkSvc - ok
20:19:34.0779 0x0f3c [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:19:34.0795 0x0f3c WPCSvc - ok
20:19:34.0810 0x0f3c [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:19:34.0826 0x0f3c WPDBusEnum - ok
20:19:34.0841 0x0f3c [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:19:34.0841 0x0f3c ws2ifsl - ok
20:19:34.0873 0x0f3c [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:19:34.0873 0x0f3c wscsvc - ok
20:19:34.0888 0x0f3c WSearch - ok
20:19:34.0982 0x0f3c [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:19:35.0013 0x0f3c wuauserv - ok
20:19:35.0060 0x0f3c [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:19:35.0060 0x0f3c WudfPf - ok
20:19:35.0091 0x0f3c [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:19:35.0091 0x0f3c WUDFRd - ok
20:19:35.0107 0x0f3c [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:19:35.0122 0x0f3c wudfsvc - ok
20:19:35.0153 0x0f3c [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:19:35.0169 0x0f3c WwanSvc - ok
20:19:35.0247 0x0f3c [ D3B7598A8F41337B7303DD3D7F9ACC3F ] ‮etadpug C:\Program Files\Google\Desktop\Install\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\ \...\‮ﯹ๛\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\GoogleUpdate.exe
20:19:35.0263 0x0f3c ‮etadpug ( Rootkit.Win32.PMax.gen ) - infected
20:19:35.0263 0x0f3c ‮etadpug - detected Rootkit.Win32.PMax.gen (0)
20:19:35.0263 0x0f3c ================ Scan global ===============================
20:19:35.0294 0x0f3c [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:19:35.0341 0x0f3c [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:19:35.0372 0x0f3c [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:19:35.0419 0x0f3c [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:19:35.0465 0x0f3c [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:19:35.0481 0x0f3c [Global] - ok
20:19:35.0481 0x0f3c ================ Scan MBR ==================================
20:19:35.0497 0x0f3c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:19:36.0682 0x0f3c \Device\Harddisk0\DR0 - ok
20:19:36.0713 0x0f3c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR3
20:20:30.0207 0x0720 ============================================================
20:20:30.0207 0x0720 Scan started
20:20:30.0207 0x0720 Mode: Manual;
20:20:30.0207 0x0720 ============================================================
20:20:30.0519 0x0720 ================ Scan system memory ========================
20:20:30.0519 0x0720 System memory - ok
20:20:30.0519 0x0720 ================ Scan services =============================
20:20:30.0971 0x0720 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:20:30.0971 0x0720 1394ohci - ok
20:20:31.0033 0x0720 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:20:31.0033 0x0720 ACPI - ok
20:20:31.0049 0x0720 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:20:31.0065 0x0720 AcpiPmi - ok
20:20:31.0158 0x0720 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:20:31.0174 0x0720 AdobeARMservice - ok
20:20:31.0283 0x0720 [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:20:31.0283 0x0720 AdobeFlashPlayerUpdateSvc - ok
20:20:31.0314 0x0720 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:20:31.0330 0x0720 adp94xx - ok
20:20:31.0345 0x0720 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:20:31.0345 0x0720 adpahci - ok
20:20:31.0361 0x0720 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:20:31.0361 0x0720 adpu320 - ok
20:20:31.0408 0x0720 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:20:31.0408 0x0720 AeLookupSvc - ok
20:20:31.0439 0x0720 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:20:31.0439 0x0720 AFD - ok
20:20:31.0470 0x0720 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:20:31.0470 0x0720 agp440 - ok
20:20:31.0501 0x0720 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:20:31.0501 0x0720 aic78xx - ok
20:20:31.0517 0x0720 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:20:31.0517 0x0720 ALG - ok
20:20:31.0533 0x0720 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:20:31.0533 0x0720 aliide - ok
20:20:31.0548 0x0720 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:20:31.0548 0x0720 amdagp - ok
20:20:31.0564 0x0720 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:20:31.0564 0x0720 amdide - ok
20:20:31.0579 0x0720 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:20:31.0579 0x0720 AmdK8 - ok
20:20:31.0595 0x0720 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:20:31.0595 0x0720 AmdPPM - ok
20:20:31.0611 0x0720 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:20:31.0611 0x0720 amdsata - ok
20:20:31.0626 0x0720 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:20:31.0626 0x0720 amdsbs - ok
20:20:31.0657 0x0720 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:20:31.0657 0x0720 amdxata - ok
20:20:31.0657 0x0720 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:20:31.0657 0x0720 AppID - ok
20:20:31.0689 0x0720 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:20:31.0689 0x0720 AppIDSvc - ok
20:20:31.0720 0x0720 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
20:20:31.0720 0x0720 Appinfo - ok
20:20:31.0798 0x0720 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:20:31.0798 0x0720 Apple Mobile Device - ok
20:20:31.0829 0x0720 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:20:31.0829 0x0720 arc - ok
20:20:31.0860 0x0720 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:20:31.0860 0x0720 arcsas - ok
20:20:31.0876 0x0720 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:31.0876 0x0720 AsyncMac - ok
20:20:31.0907 0x0720 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:20:31.0907 0x0720 atapi - ok
20:20:31.0938 0x0720 [ 0EC9C66DAB2C69E5484E3E3400C5BFF4 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:20:31.0954 0x0720 AthBTPort - ok
20:20:32.0016 0x0720 [ FF18F1868EFF449D51BA35E67BA1CC52 ] AtherosSvc C:\Program Files\Bluetooth Suite\adminservice.exe
20:20:32.0016 0x0720 AtherosSvc - ok
20:20:32.0141 0x0720 [ 8309BF4D39DAA99E5035B58C7B1533D9 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:20:32.0172 0x0720 athr - ok
20:20:32.0203 0x0720 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:20:32.0219 0x0720 AudioEndpointBuilder - ok
20:20:32.0235 0x0720 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:20:32.0250 0x0720 Audiosrv - ok
20:20:32.0266 0x0720 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:20:32.0266 0x0720 AxInstSV - ok
20:20:32.0328 0x0720 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:20:32.0328 0x0720 b06bdrv - ok
20:20:32.0359 0x0720 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:20:32.0359 0x0720 b57nd60x - ok
20:20:32.0375 0x0720 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:20:32.0375 0x0720 BDESVC - ok
20:20:32.0406 0x0720 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:20:32.0406 0x0720 Beep - ok
20:20:32.0437 0x0720 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:20:32.0453 0x0720 BFE - ok
20:20:32.0484 0x0720 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:20:32.0500 0x0720 BITS - ok
20:20:32.0515 0x0720 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:20:32.0515 0x0720 blbdrive - ok
20:20:32.0578 0x0720 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:20:32.0593 0x0720 Bonjour Service - ok
20:20:32.0640 0x0720 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:20:32.0640 0x0720 bowser - ok
20:20:32.0671 0x0720 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:20:32.0671 0x0720 BrFiltLo - ok
20:20:32.0703 0x0720 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:20:32.0703 0x0720 BrFiltUp - ok
20:20:32.0734 0x0720 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:20:32.0749 0x0720 Browser - ok
20:20:32.0765 0x0720 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:20:32.0765 0x0720 Brserid - ok
20:20:32.0781 0x0720 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:20:32.0781 0x0720 BrSerWdm - ok
20:20:32.0796 0x0720 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:20:32.0796 0x0720 BrUsbMdm - ok
20:20:32.0827 0x0720 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:20:32.0827 0x0720 BrUsbSer - ok
20:20:32.0874 0x0720 [ 5708B8F128A524553E03D1520B536FE2 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:20:32.0874 0x0720 BTATH_A2DP - ok
20:20:32.0905 0x0720 [ 9F6C5D94048148D10A713FB08992D535 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
20:20:32.0905 0x0720 btath_avdt - ok
20:20:32.0937 0x0720 [ C32FB5FDE56302258C2A44A57116979F ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
20:20:32.0937 0x0720 BTATH_BUS - ok
20:20:32.0968 0x0720 [ F7A1B8334EF7D99EA9D894D995553D3E ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:20:32.0983 0x0720 BTATH_HCRP - ok
20:20:32.0999 0x0720 [ 03F0F96D729B47EBFE5BBC8842C74DBD ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:20:32.0999 0x0720 BTATH_LWFLT - ok
20:20:33.0046 0x0720 [ 92A08096BF01937847063D43CDB72F2A ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
20:20:33.0046 0x0720 BTATH_RCP - ok
20:20:33.0077 0x0720 [ 3195B198153FF53874B5D539F1F618B4 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:20:33.0077 0x0720 BtFilter - ok
20:20:33.0108 0x0720 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:20:33.0108 0x0720 BthEnum - ok
20:20:33.0139 0x0720 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:20:33.0139 0x0720 BTHMODEM - ok
20:20:33.0186 0x0720 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:20:33.0186 0x0720 BthPan - ok
20:20:33.0249 0x0720 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:20:33.0249 0x0720 BTHPORT - ok
20:20:33.0280 0x0720 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:20:33.0280 0x0720 bthserv - ok
20:20:33.0311 0x0720 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:20:33.0311 0x0720 BTHUSB - ok
20:20:33.0327 0x0720 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:20:33.0342 0x0720 cdfs - ok
20:20:33.0373 0x0720 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:20:33.0373 0x0720 cdrom - ok
20:20:33.0389 0x0720 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:20:33.0405 0x0720 CertPropSvc - ok
20:20:33.0420 0x0720 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:20:33.0420 0x0720 circlass - ok
20:20:33.0451 0x0720 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:20:33.0451 0x0720 CLFS - ok
20:20:33.0545 0x0720 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:20:33.0545 0x0720 clr_optimization_v2.0.50727_32 - ok
20:20:33.0654 0x0720 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:20:33.0654 0x0720 clr_optimization_v4.0.30319_32 - ok
20:20:33.0685 0x0720 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:20:33.0685 0x0720 CmBatt - ok
20:20:33.0748 0x0720 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:20:33.0748 0x0720 cmdide - ok
20:20:33.0795 0x0720 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:20:33.0810 0x0720 CNG - ok
20:20:33.0841 0x0720 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:20:33.0841 0x0720 Compbatt - ok
20:20:33.0873 0x0720 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:20:33.0873 0x0720 CompositeBus - ok
20:20:33.0888 0x0720 COMSysApp - ok
20:20:33.0904 0x0720 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:20:33.0919 0x0720 crcdisk - ok
20:20:33.0997 0x0720 [ 2C53AB51F07EF7B58D32C36D8F2F8C16 ] CronService C:\Prey\platform\windows\cronsvc.exe
20:20:33.0997 0x0720 CronService - ok
20:20:34.0060 0x0720 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:20:34.0075 0x0720 CryptSvc - ok
20:20:34.0231 0x0720 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:20:34.0231 0x0720 cvhsvc - ok
20:20:34.0294 0x0720 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:20:34.0309 0x0720 DcomLaunch - ok
20:20:34.0341 0x0720 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:20:34.0356 0x0720 defragsvc - ok
20:20:34.0372 0x0720 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:20:34.0372 0x0720 DfsC - ok
20:20:34.0403 0x0720 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:20:34.0403 0x0720 Dhcp - ok
20:20:34.0434 0x0720 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:20:34.0434 0x0720 discache - ok
20:20:34.0450 0x0720 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:20:34.0450 0x0720 Disk - ok
20:20:34.0481 0x0720 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:20:34.0497 0x0720 Dnscache - ok
20:20:34.0512 0x0720 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:20:34.0512 0x0720 dot3svc - ok
20:20:34.0528 0x0720 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:20:34.0528 0x0720 DPS - ok
20:20:34.0559 0x0720 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:20:34.0559 0x0720 drmkaud - ok
20:20:34.0637 0x0720 [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files\Launch Manager\dsiwmis.exe
20:20:34.0637 0x0720 DsiWMIService - ok
20:20:34.0731 0x0720 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:20:34.0731 0x0720 dtsoftbus01 - ok
20:20:34.0777 0x0720 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:20:34.0793 0x0720 DXGKrnl - ok
20:20:34.0824 0x0720 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:20:34.0824 0x0720 EapHost - ok
20:20:34.0980 0x0720 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:20:35.0011 0x0720 ebdrv - ok
20:20:35.0043 0x0720 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:20:35.0058 0x0720 EFS - ok
20:20:35.0089 0x0720 [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
20:20:35.0089 0x0720 EgisTec Ticket Service - ok
20:20:35.0152 0x0720 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:20:35.0152 0x0720 elxstor - ok
20:20:35.0245 0x0720 [ 81ECBF63B68F07DAA1185612F00FEBA1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:20:35.0261 0x0720 ePowerSvc - ok
20:20:35.0277 0x0720 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:20:35.0277 0x0720 ErrDev - ok
20:20:35.0339 0x0720 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:20:35.0339 0x0720 EventSystem - ok
20:20:35.0370 0x0720 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:20:35.0370 0x0720 exfat - ok
20:20:35.0401 0x0720 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:20:35.0401 0x0720 fastfat - ok
20:20:35.0433 0x0720 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:20:35.0448 0x0720 Fax - ok
20:20:35.0464 0x0720 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
20:20:35.0464 0x0720 fdc - ok
20:20:35.0495 0x0720 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:20:35.0495 0x0720 fdPHost - ok
20:20:35.0511 0x0720 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:20:35.0511 0x0720 FDResPub - ok
20:20:35.0542 0x0720 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:20:35.0542 0x0720 FileInfo - ok
20:20:35.0557 0x0720 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:20:35.0573 0x0720 Filetrace - ok
20:20:35.0573 0x0720 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:20:35.0573 0x0720 flpydisk - ok
20:20:35.0604 0x0720 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:20:35.0604 0x0720 FltMgr - ok
20:20:35.0667 0x0720 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
20:20:35.0698 0x0720 FontCache - ok
20:20:35.0760 0x0720 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:20:35.0760 0x0720 FontCache3.0.0.0 - ok
20:20:35.0791 0x0720 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:20:35.0791 0x0720 FsDepends - ok
20:20:35.0823 0x0720 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:20:35.0823 0x0720 Fs_Rec - ok
20:20:35.0869 0x0720 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:20:35.0885 0x0720 fvevol - ok
20:20:35.0901 0x0720 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:20:35.0901 0x0720 gagp30kx - ok
20:20:35.0947 0x0720 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:20:35.0947 0x0720 GEARAspiWDM - ok
20:20:35.0979 0x0720 [ 035EAF9A18B84F9560984BCF41F52E99 ] gfiark C:\Windows\system32\drivers\gfiark.sys
20:20:35.0979 0x0720 gfiark - ok
20:20:36.0041 0x0720 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:20:36.0057 0x0720 gpsvc - ok
20:20:36.0119 0x0720 [ 32096F187020A54D29C95B3A1467D963 ] GREGService C:\Program Files\Acer\Registration\GREGsvc.exe
20:20:36.0119 0x0720 GREGService - ok
20:20:36.0197 0x0720 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:20:36.0197 0x0720 gupdate - ok
20:20:36.0213 0x0720 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:20:36.0228 0x0720 gupdatem - ok
20:20:36.0259 0x0720 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:20:36.0259 0x0720 hcw85cir - ok
20:20:36.0275 0x0720 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:20:36.0275 0x0720 HdAudAddService - ok
20:20:36.0306 0x0720 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:20:36.0306 0x0720 HDAudBus - ok
20:20:36.0322 0x0720 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:20:36.0322 0x0720 HidBatt - ok
20:20:36.0337 0x0720 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:20:36.0337 0x0720 HidBth - ok
20:20:36.0369 0x0720 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:20:36.0369 0x0720 HidIr - ok
20:20:36.0400 0x0720 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:20:36.0400 0x0720 hidserv - ok
20:20:36.0415 0x0720 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:20:36.0415 0x0720 HidUsb - ok
20:20:36.0447 0x0720 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:20:36.0447 0x0720 hkmsvc - ok
20:20:36.0493 0x0720 [ CEAF89A631C5C78EC26BA15DD888FD52 ] hola_net C:\Windows\system32\DRIVERS\hola_net.sys
20:20:36.0493 0x0720 hola_net - ok
20:20:36.0540 0x0720 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:20:36.0540 0x0720 HomeGroupListener - ok
20:20:36.0587 0x0720 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:20:36.0587 0x0720 HomeGroupProvider - ok
20:20:36.0618 0x0720 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:20:36.0618 0x0720 HpSAMD - ok
20:20:36.0649 0x0720 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:20:36.0665 0x0720 HTTP - ok
20:20:36.0681 0x0720 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:20:36.0681 0x0720 hwpolicy - ok
20:20:36.0712 0x0720 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:20:36.0712 0x0720 i8042prt - ok
20:20:36.0759 0x0720 [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:20:36.0759 0x0720 iaStor - ok
20:20:36.0821 0x0720 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:20:36.0821 0x0720 IAStorDataMgrSvc - ok
20:20:36.0868 0x0720 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:20:36.0868 0x0720 iaStorV - ok
20:20:36.0961 0x0720 [ 0DFFBA5AE3D2E1C076BD8E6F52C4FDFB ] IconMan_R C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:20:36.0977 0x0720 IconMan_R - ok
20:20:37.0039 0x0720 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:20:37.0071 0x0720 idsvc - ok
20:20:37.0149 0x0720 [ 96FE1D82D1B4420D350AB6493C6FCE41 ] igddim32 C:\Windows\system32\DRIVERS\igddim32.sys
20:20:37.0164 0x0720 igddim32 - ok
20:20:37.0195 0x0720 [ 30D8327539E11CFE5006BCF762F07EB9 ] igdkmd32 C:\Windows\system32\DRIVERS\igdkmd32.sys
20:20:37.0211 0x0720 igdkmd32 - ok
20:20:37.0242 0x0720 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:20:37.0242 0x0720 iirsp - ok
20:20:37.0305 0x0720 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:20:37.0305 0x0720 IKEEXT - ok
20:20:37.0461 0x0720 [ 303129C4432D58DE0A56CF6F25512956 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:20:37.0507 0x0720 IntcAzAudAddService - ok
20:20:37.0539 0x0720 [ 8F4D251F1EA15FA97E8399128A72CC83 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:20:37.0539 0x0720 IntcDAud - ok
20:20:37.0554 0x0720 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:20:37.0554 0x0720 intelide - ok
20:20:37.0570 0x0720 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:20:37.0585 0x0720 intelppm - ok
20:20:37.0601 0x0720 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:20:37.0601 0x0720 IPBusEnum - ok
20:20:37.0601 0x0720 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:37.0601 0x0720 IpFilterDriver - ok
20:20:37.0648 0x0720 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
20:20:37.0663 0x0720 IpHlpSvc - ok
20:20:37.0663 0x0720 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:20:37.0663 0x0720 IPMIDRV - ok
20:20:37.0679 0x0720 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:20:37.0679 0x0720 IPNAT - ok
20:20:37.0741 0x0720 [ D8B8B5A8FE57CF4F307A540D9A153C23 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:20:37.0757 0x0720 iPod Service - ok
20:20:37.0773 0x0720 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:20:37.0773 0x0720 IRENUM - ok
20:20:37.0788 0x0720 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:20:37.0788 0x0720 isapnp - ok
20:20:37.0819 0x0720 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:20:37.0819 0x0720 iScsiPrt - ok
20:20:37.0835 0x0720 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:20:37.0835 0x0720 kbdclass - ok
20:20:37.0851 0x0720 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:20:37.0851 0x0720 kbdhid - ok
20:20:37.0866 0x0720 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:20:37.0866 0x0720 KeyIso - ok
20:20:37.0913 0x0720 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:20:37.0913 0x0720 KSecDD - ok
20:20:37.0929 0x0720 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:20:37.0929 0x0720 KSecPkg - ok
20:20:37.0960 0x0720 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:20:37.0975 0x0720 KtmRm - ok
20:20:38.0007 0x0720 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:20:38.0022 0x0720 LanmanServer - ok
20:20:38.0069 0x0720 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:20:38.0085 0x0720 LanmanWorkstation - ok
20:20:38.0147 0x0720 [ 6BB516A31DE232DAB436FF3A117E1E80 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:20:38.0147 0x0720 Live Updater Service - ok
20:20:38.0194 0x0720 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:20:38.0194 0x0720 lltdio - ok
20:20:38.0241 0x0720 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:20:38.0241 0x0720 lltdsvc - ok
20:20:38.0272 0x0720 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:20:38.0287 0x0720 lmhosts - ok
20:20:38.0303 0x0720 lpncstkd - ok
20:20:38.0350 0x0720 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:20:38.0350 0x0720 LSI_FC - ok
20:20:38.0365 0x0720 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:20:38.0365 0x0720 LSI_SAS - ok
20:20:38.0381 0x0720 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:20:38.0381 0x0720 LSI_SAS2 - ok
20:20:38.0397 0x0720 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:20:38.0397 0x0720 LSI_SCSI - ok
20:20:38.0428 0x0720 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:20:38.0428 0x0720 luafv - ok
20:20:38.0443 0x0720 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:20:38.0459 0x0720 megasas - ok
20:20:38.0459 0x0720 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:20:38.0475 0x0720 MegaSR - ok
20:20:38.0693 0x0720 Microsoft SharePoint Workspace Audit Service - ok
20:20:38.0755 0x0720 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:20:38.0755 0x0720 MMCSS - ok
20:20:38.0802 0x0720 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:20:38.0802 0x0720 Modem - ok
20:20:38.0849 0x0720 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:20:38.0865 0x0720 monitor - ok
20:20:38.0911 0x0720 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:20:38.0911 0x0720 mouclass - ok
20:20:38.0989 0x0720 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:20:38.0989 0x0720 mouhid - ok
20:20:39.0052 0x0720 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:20:39.0052 0x0720 mountmgr - ok
20:20:39.0130 0x0720 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:20:39.0130 0x0720 MpFilter - ok
20:20:39.0145 0x0720 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:20:39.0145 0x0720 mpio - ok
20:20:39.0208 0x0720 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:20:39.0208 0x0720 mpsdrv - ok
20:20:39.0270 0x0720 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:20:39.0286 0x0720 MpsSvc - ok
20:20:39.0301 0x0720 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:20:39.0317 0x0720 MRxDAV - ok
20:20:39.0333 0x0720 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:39.0333 0x0720 mrxsmb - ok
20:20:39.0348 0x0720 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:39.0364 0x0720 mrxsmb10 - ok
20:20:39.0379 0x0720 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:39.0379 0x0720 mrxsmb20 - ok
20:20:39.0411 0x0720 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:20:39.0411 0x0720 msahci - ok
20:20:39.0426 0x0720 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:20:39.0426 0x0720 msdsm - ok
20:20:39.0442 0x0720 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:20:39.0457 0x0720 MSDTC - ok
20:20:39.0489 0x0720 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:20:39.0489 0x0720 Msfs - ok
20:20:39.0520 0x0720 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:20:39.0520 0x0720 mshidkmdf - ok
20:20:39.0535 0x0720 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:20:39.0535 0x0720 msisadrv - ok
20:20:39.0567 0x0720 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:20:39.0567 0x0720 MSiSCSI - ok
20:20:39.0582 0x0720 msiserver - ok
20:20:39.0598 0x0720 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:20:39.0598 0x0720 MSKSSRV - ok
20:20:39.0629 0x0720 MsMpSvc - ok
20:20:39.0629 0x0720 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:39.0629 0x0720 MSPCLOCK - ok
20:20:39.0645 0x0720 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:20:39.0645 0x0720 MSPQM - ok
20:20:39.0660 0x0720 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:20:39.0676 0x0720 MsRPC - ok
20:20:39.0691 0x0720 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:20:39.0691 0x0720 mssmbios - ok
20:20:39.0691 0x0720 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:20:39.0707 0x0720 MSTEE - ok
20:20:39.0723 0x0720 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:20:39.0723 0x0720 MTConfig - ok
20:20:39.0738 0x0720 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:20:39.0738 0x0720 Mup - ok
20:20:39.0754 0x0720 [ 383379F94280E5CCE2C563711FD17F43 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:20:39.0754 0x0720 mwlPSDFilter - ok
20:20:39.0769 0x0720 [ 9DDF22CFFACFE91FB60336276A2F2524 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:20:39.0769 0x0720 mwlPSDNServ - ok
20:20:39.0785 0x0720 [ 755B8CEFEC291F42CDC560A68CDDE6EF ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:20:39.0785 0x0720 mwlPSDVDisk - ok
20:20:39.0816 0x0720 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:20:39.0832 0x0720 napagent - ok
20:20:39.0879 0x0720 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:20:39.0879 0x0720 NativeWifiP - ok
20:20:39.0925 0x0720 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:20:39.0941 0x0720 NDIS - ok
20:20:39.0972 0x0720 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:20:39.0988 0x0720 NdisCap - ok
20:20:40.0019 0x0720 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:40.0019 0x0720 NdisTapi - ok
20:20:40.0050 0x0720 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:40.0050 0x0720 Ndisuio - ok
20:20:40.0081 0x0720 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:40.0081 0x0720 NdisWan - ok
20:20:40.0081 0x0720 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:20:40.0097 0x0720 NDProxy - ok
20:20:40.0144 0x0720 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:20:40.0159 0x0720 NetBIOS - ok
20:20:40.0191 0x0720 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:20:40.0191 0x0720 NetBT - ok
20:20:40.0222 0x0720 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:20:40.0222 0x0720 Netlogon - ok
20:20:40.0269 0x0720 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:20:40.0269 0x0720 Netman - ok
20:20:40.0300 0x0720 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:20:40.0300 0x0720 netprofm - ok
20:20:40.0331 0x0720 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:20:40.0331 0x0720 NetTcpPortSharing - ok
20:20:40.0362 0x0720 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:20:40.0362 0x0720 nfrd960 - ok
20:20:40.0393 0x0720 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:20:40.0393 0x0720 NisDrv - ok
20:20:40.0409 0x0720 NisSrv - ok
20:20:40.0549 0x0720 [ D10C1F16AAA5EBE1616C9DB7EEF022BA ] NitroDriverReadSpool8 C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
20:20:40.0549 0x0720 NitroDriverReadSpool8 - ok
20:20:40.0596 0x0720 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:20:40.0612 0x0720 NlaSvc - ok
20:20:40.0627 0x0720 [ 43436B5756A45EA11D274B3983204095 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
20:20:40.0627 0x0720 nlsX86cc - ok
20:20:40.0752 0x0720 [ A634584C506F2C82680039371AA1772C ] NOBU C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
20:20:40.0783 0x0720 NOBU - ok
20:20:40.0799 0x0720 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:20:40.0799 0x0720 Npfs - ok
20:20:40.0830 0x0720 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:20:40.0846 0x0720 nsi - ok
20:20:40.0861 0x0720 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:20:40.0861 0x0720 nsiproxy - ok
20:20:40.0939 0x0720 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:20:40.0955 0x0720 Ntfs - ok
20:20:40.0986 0x0720 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:20:41.0002 0x0720 Null - ok
20:20:41.0017 0x0720 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:20:41.0017 0x0720 nvraid - ok
20:20:41.0033 0x0720 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:20:41.0033 0x0720 nvstor - ok
20:20:41.0049 0x0720 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:20:41.0049 0x0720 nv_agp - ok
20:20:41.0064 0x0720 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:20:41.0064 0x0720 ohci1394 - ok
20:20:41.0095 0x0720 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:20:41.0095 0x0720 ose - ok
20:20:41.0267 0x0720 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:20:41.0314 0x0720 osppsvc - ok
20:20:41.0361 0x0720 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:20:41.0361 0x0720 p2pimsvc - ok
20:20:41.0392 0x0720 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:20:41.0407 0x0720 p2psvc - ok
20:20:41.0423 0x0720 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
20:20:41.0423 0x0720 Parport - ok
20:20:41.0454 0x0720 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:20:41.0454 0x0720 partmgr - ok
20:20:41.0470 0x0720 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:20:41.0470 0x0720 Parvdm - ok
20:20:41.0501 0x0720 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:20:41.0501 0x0720 pci - ok
20:20:41.0517 0x0720 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:20:41.0517 0x0720 pciide - ok
20:20:41.0517 0x0720 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:20:41.0532 0x0720 pcmcia - ok
20:20:41.0548 0x0720 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:20:41.0548 0x0720 pcw - ok
20:20:41.0579 0x0720 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:20:41.0595 0x0720 PEAUTH - ok
20:20:41.0673 0x0720 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:20:41.0704 0x0720 pla - ok
20:20:41.0751 0x0720 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:20:41.0766 0x0720 PlugPlay - ok
20:20:41.0813 0x0720 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:20:41.0829 0x0720 PNRPAutoReg - ok
20:20:41.0860 0x0720 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:20:41.0860 0x0720 PNRPsvc - ok
20:20:41.0891 0x0720 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:20:41.0907 0x0720 Power - ok
20:20:41.0938 0x0720 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:20:41.0938 0x0720 PptpMiniport - ok
20:20:41.0969 0x0720 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:20:41.0969 0x0720 Processor - ok
20:20:42.0000 0x0720 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:20:42.0016 0x0720 ProfSvc - ok
20:20:42.0078 0x0720 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:20:42.0078 0x0720 ProtectedStorage - ok
20:20:42.0109 0x0720 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:20:42.0109 0x0720 Psched - ok
20:20:42.0172 0x0720 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:20:42.0203 0x0720 ql2300 - ok
20:20:42.0219 0x0720 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:20:42.0219 0x0720 ql40xx - ok
20:20:42.0250 0x0720 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:20:42.0250 0x0720 QWAVE - ok
20:20:42.0265 0x0720 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:20:42.0281 0x0720 QWAVEdrv - ok
20:20:42.0281 0x0720 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:20:42.0281 0x0720 RasAcd - ok
20:20:42.0312 0x0720 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:20:42.0312 0x0720 RasAgileVpn - ok
20:20:42.0343 0x0720 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:20:42.0343 0x0720 RasAuto - ok
20:20:42.0375 0x0720 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:20:42.0390 0x0720 Rasl2tp - ok
20:20:42.0406 0x0720 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:20:42.0406 0x0720 RasMan - ok
20:20:42.0437 0x0720 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:20:42.0437 0x0720 RasPppoe - ok
20:20:42.0453 0x0720 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:20:42.0453 0x0720 RasSstp - ok
20:20:42.0484 0x0720 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:20:42.0499 0x0720 rdbss - ok
20:20:42.0515 0x0720 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:20:42.0515 0x0720 rdpbus - ok
20:20:42.0531 0x0720 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:20:42.0531 0x0720 RDPCDD - ok
20:20:42.0562 0x0720 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:20:42.0562 0x0720 RDPENCDD - ok
20:20:42.0577 0x0720 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:20:42.0577 0x0720 RDPREFMP - ok
20:20:42.0577 0x0720 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:20:42.0593 0x0720 RDPWD - ok
20:20:42.0609 0x0720 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:20:42.0609 0x0720 rdyboost - ok
20:20:42.0640 0x0720 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:20:42.0655 0x0720 RemoteRegistry - ok
20:20:42.0671 0x0720 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:20:42.0671 0x0720 RFCOMM - ok
20:20:42.0702 0x0720 [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
20:20:42.0702 0x0720 RimUsb - ok
20:20:42.0749 0x0720 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:20:42.0749 0x0720 RpcEptMapper - ok
20:20:42.0780 0x0720 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:20:42.0780 0x0720 RpcLocator - ok
20:20:42.0796 0x0720 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:20:42.0811 0x0720 RpcSs - ok
20:20:42.0843 0x0720 [ 683B328B077D21F06E18C426DBAC0616 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:20:42.0843 0x0720 RSPCIESTOR - ok
20:20:42.0874 0x0720 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:20:42.0874 0x0720 rspndr - ok
20:20:42.0936 0x0720 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
20:20:42.0952 0x0720 RS_Service - ok
20:20:42.0999 0x0720 [ 6A2586DCB5B04A52404699EB325DF1DB ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
20:20:43.0014 0x0720 RTL8167 - ok
20:20:43.0030 0x0720 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:20:43.0030 0x0720 SamSs - ok
20:20:43.0061 0x0720 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:20:43.0061 0x0720 sbp2port - ok
20:20:43.0092 0x0720 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:20:43.0108 0x0720 SCardSvr - ok
20:20:43.0155 0x0720 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:20:43.0155 0x0720 scfilter - ok
20:20:43.0186 0x0720 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:20:43.0201 0x0720 Schedule - ok
20:20:43.0217 0x0720 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:20:43.0217 0x0720 SCPolicySvc - ok
20:20:43.0248 0x0720 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:20:43.0248 0x0720 SDRSVC - ok
20:20:43.0279 0x0720 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:20:43.0279 0x0720 secdrv - ok
20:20:43.0295 0x0720 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:20:43.0295 0x0720 seclogon - ok
20:20:43.0311 0x0720 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:20:43.0311 0x0720 SENS - ok
20:20:43.0326 0x0720 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:20:43.0326 0x0720 SensrSvc - ok
20:20:43.0357 0x0720 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:20:43.0357 0x0720 Serenum - ok
20:20:43.0357 0x0720 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
20:20:43.0373 0x0720 Serial - ok
20:20:43.0373 0x0720 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:20:43.0373 0x0720 sermouse - ok
20:20:43.0420 0x0720 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:20:43.0420 0x0720 SessionEnv - ok
20:20:43.0435 0x0720 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:20:43.0435 0x0720 sffdisk - ok
20:20:43.0451 0x0720 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:20:43.0451 0x0720 sffp_mmc - ok
20:20:43.0451 0x0720 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:20:43.0451 0x0720 sffp_sd - ok
20:20:43.0467 0x0720 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:20:43.0467 0x0720 sfloppy - ok
20:20:43.0513 0x0720 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:20:43.0529 0x0720 Sftfs - ok
20:20:43.0591 0x0720 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
20:20:43.0607 0x0720 sftlist - ok
20:20:43.0638 0x0720 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:20:43.0638 0x0720 Sftplay - ok
20:20:43.0669 0x0720 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:20:43.0685 0x0720 Sftredir - ok
20:20:43.0701 0x0720 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:20:43.0701 0x0720 Sftvol - ok
20:20:43.0716 0x0720 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
20:20:43.0716 0x0720 sftvsa - ok
20:20:43.0763 0x0720 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:20:43.0763 0x0720 SharedAccess - ok
20:20:43.0810 0x0720 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:20:43.0810 0x0720 ShellHWDetection - ok
20:20:43.0841 0x0720 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:20:43.0841 0x0720 sisagp - ok
20:20:43.0841 0x0720 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:20:43.0841 0x0720 SiSRaid2 - ok
20:20:43.0857 0x0720 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:20:43.0857 0x0720 SiSRaid4 - ok
20:20:43.0888 0x0720 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:20:43.0903 0x0720 SkypeUpdate - ok
20:20:43.0903 0x0720 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:20:43.0903 0x0720 Smb - ok
20:20:43.0935 0x0720 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:20:43.0950 0x0720 SNMPTRAP - ok
20:20:43.0966 0x0720 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:20:43.0966 0x0720 spldr - ok
20:20:44.0013 0x0720 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:20:44.0028 0x0720 Spooler - ok
20:20:44.0184 0x0720 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:20:44.0247 0x0720 sppsvc - ok
20:20:44.0278 0x0720 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:20:44.0293 0x0720 sppuinotify - ok
20:20:44.0325 0x0720 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:20:44.0325 0x0720 srv - ok
20:20:44.0356 0x0720 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:20:44.0356 0x0720 srv2 - ok
20:20:44.0387 0x0720 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:20:44.0387 0x0720 srvnet - ok
20:20:44.0434 0x0720 [ 6A09C136CF33547820CB963E4D5AAF9E ] SSCBFS3 C:\Windows\system32\DRIVERS\sscbfs3.sys
20:20:44.0449 0x0720 SSCBFS3 - ok
20:20:44.0481 0x0720 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:20:44.0496 0x0720 SSDPSRV - ok
20:20:44.0512 0x0720 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:20:44.0512 0x0720 SstpSvc - ok
20:20:44.0543 0x0720 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:20:44.0543 0x0720 stexstor - ok
20:20:44.0590 0x0720 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:20:44.0605 0x0720 StiSvc - ok
20:20:44.0621 0x0720 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:20:44.0621 0x0720 swenum - ok
20:20:44.0652 0x0720 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:20:44.0668 0x0720 swprv - ok
20:20:44.0715 0x0720 [ 31B6B2D25FCFF1B71AE225000D656CD0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:20:44.0730 0x0720 SynTP - ok
20:20:44.0777 0x0720 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:20:44.0793 0x0720 SysMain - ok
20:20:44.0824 0x0720 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:20:44.0824 0x0720 TabletInputService - ok
20:20:44.0855 0x0720 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:20:44.0855 0x0720 TapiSrv - ok
20:20:44.0886 0x0720 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:20:44.0886 0x0720 TBS - ok
20:20:44.0964 0x0720 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:20:44.0964 0x0720 Tcpip - ok
20:20:45.0027 0x0720 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:20:45.0042 0x0720 TCPIP6 - ok
20:20:45.0058 0x0720 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:20:45.0058 0x0720 tcpipreg - ok
20:20:45.0105 0x0720 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:20:45.0105 0x0720 TDPIPE - ok
20:20:45.0120 0x0720 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:20:45.0120 0x0720 TDTCP - ok
20:20:45.0136 0x0720 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:20:45.0136 0x0720 tdx - ok
20:20:45.0167 0x0720 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:20:45.0167 0x0720 TermDD - ok
20:20:45.0214 0x0720 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:20:45.0214 0x0720 TermService - ok
20:20:45.0245 0x0720 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:20:45.0245 0x0720 Themes - ok
20:20:45.0276 0x0720 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:20:45.0276 0x0720 THREADORDER - ok
20:20:45.0292 0x0720 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:20:45.0307 0x0720 TrkWks - ok
20:20:45.0354 0x0720 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:20:45.0354 0x0720 TrustedInstaller - ok
20:20:45.0401 0x0720 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:20:45.0401 0x0720 tssecsrv - ok
20:20:45.0417 0x0720 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:20:45.0432 0x0720 TsUsbFlt - ok
20:20:45.0448 0x0720 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:20:45.0448 0x0720 TsUsbGD - ok
20:20:45.0479 0x0720 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:20:45.0479 0x0720 tunnel - ok
20:20:45.0495 0x0720 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:20:45.0495 0x0720 uagp35 - ok
20:20:45.0510 0x0720 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:20:45.0510 0x0720 udfs - ok
20:20:45.0557 0x0720 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:20:45.0557 0x0720 UI0Detect - ok
20:20:45.0573 0x0720 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:20:45.0573 0x0720 uliagpkx - ok
20:20:45.0604 0x0720 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:20:45.0604 0x0720 umbus - ok
20:20:45.0604 0x0720 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:20:45.0604 0x0720 UmPass - ok
20:20:45.0635 0x0720 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:20:45.0651 0x0720 upnphost - ok
20:20:45.0666 0x0720 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:20:45.0666 0x0720 usbccgp - ok
20:20:45.0697 0x0720 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:20:45.0697 0x0720 usbcir - ok
20:20:45.0729 0x0720 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:20:45.0729 0x0720 usbehci - ok
20:20:45.0760 0x0720 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:20:45.0775 0x0720 usbhub - ok
20:20:45.0807 0x0720 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:20:45.0807 0x0720 usbohci - ok
20:20:45.0822 0x0720 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:20:45.0822 0x0720 usbprint - ok
20:20:45.0838 0x0720 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:20:45.0853 0x0720 USBSTOR - ok
20:20:45.0869 0x0720 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:20:45.0869 0x0720 usbuhci - ok
20:20:45.0900 0x0720 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:20:45.0900 0x0720 usbvideo - ok
20:20:45.0931 0x0720 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:20:45.0931 0x0720 UxSms - ok
20:20:45.0963 0x0720 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:20:45.0963 0x0720 VaultSvc - ok
20:20:45.0978 0x0720 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:20:45.0978 0x0720 vdrvroot - ok
20:20:46.0025 0x0720 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:20:46.0025 0x0720 vds - ok
20:20:46.0087 0x0720 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:20:46.0087 0x0720 vga - ok
20:20:46.0119 0x0720 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:20:46.0119 0x0720 VgaSave - ok
20:20:46.0150 0x0720 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:20:46.0150 0x0720 vhdmp - ok
20:20:46.0181 0x0720 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:20:46.0181 0x0720 viaagp - ok
20:20:46.0197 0x0720 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:20:46.0197 0x0720 ViaC7 - ok
20:20:46.0212 0x0720 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:20:46.0212 0x0720 viaide - ok
20:20:46.0228 0x0720 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:20:46.0228 0x0720 volmgr - ok
20:20:46.0259 0x0720 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:20:46.0275 0x0720 volmgrx - ok
20:20:46.0290 0x0720 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:20:46.0306 0x0720 volsnap - ok
20:20:46.0321 0x0720 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:20:46.0337 0x0720 vsmraid - ok
20:20:46.0399 0x0720 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:20:46.0415 0x0720 VSS - ok
20:20:46.0446 0x0720 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:20:46.0446 0x0720 vwifibus - ok
20:20:46.0477 0x0720 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:20:46.0493 0x0720 vwififlt - ok
20:20:46.0524 0x0720 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:20:46.0540 0x0720 W32Time - ok
20:20:46.0555 0x0720 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:20:46.0555 0x0720 WacomPen - ok
20:20:46.0571 0x0720 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:20:46.0571 0x0720 WANARP - ok
20:20:46.0587 0x0720 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:20:46.0587 0x0720 Wanarpv6 - ok
20:20:46.0633 0x0720 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:20:46.0649 0x0720 wbengine - ok
20:20:46.0665 0x0720 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:20:46.0680 0x0720 WbioSrvc - ok
20:20:46.0696 0x0720 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:20:46.0696 0x0720 wcncsvc - ok
20:20:46.0727 0x0720 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:20:46.0727 0x0720 WcsPlugInService - ok
20:20:46.0743 0x0720 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:20:46.0743 0x0720 Wd - ok
20:20:46.0805 0x0720 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:20:46.0805 0x0720 Wdf01000 - ok
20:20:46.0836 0x0720 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:20:46.0836 0x0720 WdiServiceHost - ok
20:20:46.0852 0x0720 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:20:46.0867 0x0720 WdiSystemHost - ok
20:20:46.0899 0x0720 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:20:46.0899 0x0720 WebClient - ok
20:20:46.0930 0x0720 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:20:46.0945 0x0720 Wecsvc - ok
20:20:46.0961 0x0720 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:20:46.0977 0x0720 wercplsupport - ok
20:20:46.0992 0x0720 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:20:46.0992 0x0720 WerSvc - ok
20:20:47.0008 0x0720 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:20:47.0023 0x0720 WfpLwf - ok
20:20:47.0039 0x0720 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:20:47.0039 0x0720 WIMMount - ok
20:20:47.0086 0x0720 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:20:47.0101 0x0720 WinDefend - ok
20:20:47.0117 0x0720 WinHttpAutoProxySvc - ok
20:20:47.0195 0x0720 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:20:47.0195 0x0720 Winmgmt - ok
20:20:47.0257 0x0720 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:20:47.0289 0x0720 WinRM - ok
20:20:47.0335 0x0720 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:20:47.0335 0x0720 WinUsb - ok
20:20:47.0398 0x0720 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:20:47.0413 0x0720 Wlansvc - ok
20:20:47.0491 0x0720 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:20:47.0491 0x0720 wlcrasvc - ok
20:20:47.0595 0x0720 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:20:47.0615 0x0720 wlidsvc - ok
20:20:47.0635 0x0720 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:20:47.0645 0x0720 WmiAcpi - ok
20:20:47.0685 0x0720 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:20:47.0685 0x0720 wmiApSrv - ok
20:20:47.0785 0x0720 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:20:47.0805 0x0720 WMPNetworkSvc - ok
20:20:47.0825 0x0720 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:20:47.0835 0x0720 WPCSvc - ok
20:20:47.0865 0x0720 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:20:47.0865 0x0720 WPDBusEnum - ok
20:20:47.0885 0x0720 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:20:47.0885 0x0720 ws2ifsl - ok
20:20:47.0905 0x0720 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:20:47.0915 0x0720 wscsvc - ok
20:20:47.0925 0x0720 WSearch - ok
20:20:48.0025 0x0720 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:20:48.0055 0x0720 wuauserv - ok
20:20:48.0121 0x0720 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:20:48.0136 0x0720 WudfPf - ok
20:20:48.0167 0x0720 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:20:48.0183 0x0720 WUDFRd - ok
20:20:48.0230 0x0720 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:20:48.0245 0x0720 wudfsvc - ok
20:20:48.0277 0x0720 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:20:48.0292 0x0720 WwanSvc - ok
20:20:48.0355 0x0720 [ D3B7598A8F41337B7303DD3D7F9ACC3F ] ‮etadpug C:\Program Files\Google\Desktop\Install\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\ \...\‮ﯹ๛\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\GoogleUpdate.exe
20:20:48.0370 0x0720 ‮etadpug ( Rootkit.Win32.PMax.gen ) - infected
20:20:48.0370 0x0720 ‮etadpug - detected Rootkit.Win32.PMax.gen (0)
20:20:48.0370 0x0720 ================ Scan global ===============================
20:20:48.0401 0x0720 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:20:48.0448 0x0720 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:20:48.0495 0x0720 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:20:48.0542 0x0720 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:20:48.0589 0x0720 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:20:48.0604 0x0720 [Global] - ok
20:20:48.0604 0x0720 ================ Scan MBR ==================================
20:20:48.0620 0x0720 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:20:49.0727 0x0720 \Device\Harddisk0\DR0 - ok
20:20:49.0743 0x0720 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR3
20:22:12.0619 0x0720 \Device\Harddisk1\DR3 - ok
20:22:12.0619 0x0720 ================ Scan VBR ==================================
20:22:12.0666 0x0720 [ DB78C982ECBC3D1A3C624B7ECFBDBD81 ] \Device\Harddisk0\DR0\Partition1
20:22:12.0682 0x0720 \Device\Harddisk0\DR0\Partition1 - ok
20:22:12.0697 0x0720 [ 6275B959055016181A8E6210A7B09003 ] \Device\Harddisk0\DR0\Partition2
20:22:12.0713 0x0720 \Device\Harddisk0\DR0\Partition2 - ok
20:22:12.0729 0x0720 [ 7681D9846BED079E8C74F576A6A8DFF7 ] \Device\Harddisk1\DR3\Partition1
20:22:12.0744 0x0720 \Device\Harddisk1\DR3\Partition1 - ok
20:22:12.0744 0x0720 ============================================================
20:22:12.0744 0x0720 Scan finished
20:22:12.0744 0x0720 ============================================================
20:22:12.0869 0x064c Detected object count: 1
20:22:12.0869 0x064c Actual detected object count: 1
20:22:46.0253 0x064c C:\Program Files\Google\Desktop\Install\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\ \...\‮ﯹ๛\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\GoogleUpdate.exe - copied to quarantine
20:22:46.0300 0x064c HKLM\SYSTEM\ControlSet001\services\‮etadpug - will be deleted on reboot
20:22:46.0315 0x064c HKLM\SYSTEM\ControlSet002\services\‮etadpug - will be deleted on reboot
20:22:46.0471 0x064c C:\Program Files\Google\Desktop\Install\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\ \...\‮ﯹ๛\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\GoogleUpdate.exe - will be deleted on reboot
20:22:46.0471 0x064c ‮etadpug ( Rootkit.Win32.PMax.gen ) - User select action: Delete
20:22:52.0103 0x0f34 Deinitialize success



#5 paolok6

paolok6
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 16 September 2013 - 07:54 PM




log 3 out of 3

20:25:05.0861 0x0f90 TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
20:25:06.0610 0x0f90 ============================================================
20:25:06.0610 0x0f90 Current date / time: 2013/09/16 20:25:06.0610
20:25:06.0610 0x0f90 SystemInfo:
20:25:06.0610 0x0f90
20:25:06.0625 0x0f90 OS Version: 6.1.7601 ServicePack: 1.0
20:25:06.0625 0x0f90 Product type: Workstation
20:25:06.0625 0x0f90 ComputerName: PAOLO-PC
20:25:06.0625 0x0f90 UserName: Paolo
20:25:06.0625 0x0f90 Windows directory: C:\Windows
20:25:06.0625 0x0f90 System windows directory: C:\Windows
20:25:06.0625 0x0f90 Processor architecture: Intel x86
20:25:06.0625 0x0f90 Number of processors: 4
20:25:06.0625 0x0f90 Page size: 0x1000
20:25:06.0625 0x0f90 Boot type: Normal boot
20:25:06.0625 0x0f90 ============================================================
20:25:06.0656 0x0f90 BG loaded
20:25:07.0468 0x0f90 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:25:07.0483 0x0f90 Drive \Device\Harddisk1\DR1 - Size: 0xF0B00000 (3.76 Gb), SectorSize: 0x200, Cylinders: 0x1EA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:25:07.0499 0x0f90 ============================================================
20:25:07.0499 0x0f90 \Device\Harddisk0\DR0:
20:25:07.0499 0x0f90 MBR partitions:
20:25:07.0499 0x0f90 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
20:25:07.0499 0x0f90 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
20:25:07.0499 0x0f90 \Device\Harddisk1\DR1:
20:25:07.0499 0x0f90 MBR partitions:
20:25:07.0499 0x0f90 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3C8, BlocksNum 0x785438
20:25:07.0499 0x0f90 ============================================================
20:25:07.0530 0x0f90 C: <-> \Device\Harddisk0\DR0\Partition2
20:25:07.0530 0x0f90 ============================================================
20:25:07.0530 0x0f90 Initialize success
20:25:07.0530 0x0f90 ============================================================
20:25:29.0728 0x15cc ============================================================
20:25:29.0728 0x15cc Scan started
20:25:29.0728 0x15cc Mode: Manual;
20:25:29.0728 0x15cc ============================================================
20:25:38.0092 0x15cc ================ Scan system memory ========================
20:25:38.0092 0x15cc System memory - ok
20:25:38.0092 0x15cc ================ Scan services =============================
20:25:39.0230 0x15cc [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:25:39.0230 0x15cc 1394ohci - ok
20:25:39.0761 0x15cc [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:25:39.0870 0x15cc ACPI - ok
20:25:40.0135 0x15cc [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:25:40.0135 0x15cc AcpiPmi - ok
20:25:40.0790 0x15cc [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:25:40.0790 0x15cc AdobeARMservice - ok
20:25:41.0149 0x15cc [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:25:41.0149 0x15cc AdobeFlashPlayerUpdateSvc - ok
20:25:41.0570 0x15cc [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:25:41.0570 0x15cc adp94xx - ok
20:25:42.0538 0x15cc [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:25:42.0616 0x15cc adpahci - ok
20:25:42.0896 0x15cc [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:25:43.0006 0x15cc adpu320 - ok
20:25:43.0302 0x15cc [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:25:43.0302 0x15cc AeLookupSvc - ok
20:25:43.0583 0x15cc [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:25:44.0004 0x15cc AFD - ok
20:25:44.0113 0x15cc [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:25:44.0113 0x15cc agp440 - ok
20:25:44.0285 0x15cc [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:25:44.0285 0x15cc aic78xx - ok
20:25:44.0534 0x15cc [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:25:44.0550 0x15cc ALG - ok
20:25:44.0768 0x15cc [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:25:44.0784 0x15cc aliide - ok
20:25:44.0956 0x15cc [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:25:44.0956 0x15cc amdagp - ok
20:25:45.0455 0x15cc [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:25:45.0455 0x15cc amdide - ok
20:25:45.0533 0x15cc [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:25:45.0533 0x15cc AmdK8 - ok
20:25:45.0736 0x15cc [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:25:45.0736 0x15cc AmdPPM - ok
20:25:45.0923 0x15cc [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:25:45.0938 0x15cc amdsata - ok
20:25:46.0422 0x15cc [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:25:46.0422 0x15cc amdsbs - ok
20:25:46.0640 0x15cc [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:25:46.0640 0x15cc amdxata - ok
20:25:46.0718 0x15cc [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:25:46.0718 0x15cc AppID - ok
20:25:46.0859 0x15cc [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:25:46.0859 0x15cc AppIDSvc - ok
20:25:47.0046 0x15cc [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
20:25:47.0046 0x15cc Appinfo - ok
20:25:47.0420 0x15cc [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:25:47.0420 0x15cc Apple Mobile Device - ok
20:25:47.0530 0x15cc [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:25:47.0530 0x15cc arc - ok
20:25:47.0576 0x15cc [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:25:47.0576 0x15cc arcsas - ok
20:25:47.0608 0x15cc [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:25:47.0623 0x15cc AsyncMac - ok
20:25:47.0701 0x15cc [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:25:47.0717 0x15cc atapi - ok
20:25:47.0873 0x15cc [ 0EC9C66DAB2C69E5484E3E3400C5BFF4 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:25:47.0873 0x15cc AthBTPort - ok
20:25:48.0388 0x15cc [ FF18F1868EFF449D51BA35E67BA1CC52 ] AtherosSvc C:\Program Files\Bluetooth Suite\adminservice.exe
20:25:48.0388 0x15cc AtherosSvc - ok
20:25:48.0918 0x15cc [ 8309BF4D39DAA99E5035B58C7B1533D9 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:25:48.0996 0x15cc athr - ok
20:25:49.0230 0x15cc [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:25:49.0230 0x15cc AudioEndpointBuilder - ok
20:25:49.0417 0x15cc [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:25:49.0433 0x15cc Audiosrv - ok
20:25:49.0526 0x15cc [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:25:49.0526 0x15cc AxInstSV - ok
20:25:49.0963 0x15cc [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:25:50.0026 0x15cc b06bdrv - ok
20:25:50.0213 0x15cc [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:25:50.0306 0x15cc b57nd60x - ok
20:25:50.0431 0x15cc [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:25:50.0431 0x15cc BDESVC - ok
20:25:50.0665 0x15cc [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:25:50.0665 0x15cc Beep - ok
20:25:50.0993 0x15cc [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:25:50.0993 0x15cc BFE - ok
20:25:51.0414 0x15cc [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:25:51.0445 0x15cc BITS - ok
20:25:51.0492 0x15cc [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:25:51.0492 0x15cc blbdrive - ok
20:25:52.0116 0x15cc [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:25:52.0132 0x15cc Bonjour Service - ok
20:25:52.0272 0x15cc [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:25:52.0272 0x15cc bowser - ok
20:25:52.0319 0x15cc [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:25:52.0319 0x15cc BrFiltLo - ok
20:25:53.0146 0x15cc [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:25:53.0177 0x15cc BrFiltUp - ok
20:25:53.0770 0x15cc [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:25:53.0785 0x15cc Browser - ok
20:25:54.0191 0x15cc [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:25:54.0721 0x15cc Brserid - ok
20:25:54.0862 0x15cc [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:25:54.0862 0x15cc BrSerWdm - ok
20:25:55.0142 0x15cc [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:25:55.0142 0x15cc BrUsbMdm - ok
20:25:55.0283 0x15cc [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:25:55.0283 0x15cc BrUsbSer - ok
20:25:55.0564 0x15cc [ 5708B8F128A524553E03D1520B536FE2 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:25:55.0829 0x15cc BTATH_A2DP - ok
20:25:55.0891 0x15cc [ 9F6C5D94048148D10A713FB08992D535 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
20:25:55.0891 0x15cc btath_avdt - ok
20:25:56.0125 0x15cc [ C32FB5FDE56302258C2A44A57116979F ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
20:25:56.0125 0x15cc BTATH_BUS - ok
20:25:56.0749 0x15cc [ F7A1B8334EF7D99EA9D894D995553D3E ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:25:56.0765 0x15cc BTATH_HCRP - ok
20:25:57.0326 0x15cc [ 03F0F96D729B47EBFE5BBC8842C74DBD ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:25:57.0373 0x15cc BTATH_LWFLT - ok
20:25:57.0545 0x15cc [ 92A08096BF01937847063D43CDB72F2A ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
20:25:57.0560 0x15cc BTATH_RCP - ok
20:25:58.0044 0x15cc [ 3195B198153FF53874B5D539F1F618B4 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:25:58.0247 0x15cc BtFilter - ok
20:25:58.0918 0x15cc [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:25:59.0214 0x15cc BthEnum - ok
20:25:59.0363 0x15cc [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:25:59.0368 0x15cc BTHMODEM - ok
20:25:59.0467 0x15cc [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:25:59.0502 0x15cc BthPan - ok
20:25:59.0621 0x15cc [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:25:59.0632 0x15cc BTHPORT - ok
20:25:59.0891 0x15cc [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:25:59.0894 0x15cc bthserv - ok
20:25:59.0966 0x15cc [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:25:59.0969 0x15cc BTHUSB - ok
20:26:00.0130 0x15cc [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:26:00.0132 0x15cc cdfs - ok
20:26:00.0423 0x15cc [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:26:00.0492 0x15cc cdrom - ok
20:26:00.0774 0x15cc [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:26:00.0774 0x15cc CertPropSvc - ok
20:26:00.0961 0x15cc [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:26:00.0976 0x15cc circlass - ok
20:26:01.0132 0x15cc [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:26:01.0257 0x15cc CLFS - ok
20:26:01.0616 0x15cc [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:26:01.0616 0x15cc clr_optimization_v2.0.50727_32 - ok
20:26:01.0944 0x15cc [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:26:02.0209 0x15cc clr_optimization_v4.0.30319_32 - ok
20:26:02.0256 0x15cc [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:26:02.0256 0x15cc CmBatt - ok
20:26:02.0350 0x15cc [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:26:02.0350 0x15cc cmdide - ok
20:26:02.0506 0x15cc [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:26:02.0553 0x15cc CNG - ok
20:26:02.0631 0x15cc [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:26:02.0631 0x15cc Compbatt - ok
20:26:02.0771 0x15cc [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:26:02.0771 0x15cc CompositeBus - ok
20:26:02.0959 0x15cc COMSysApp - ok
20:26:03.0115 0x15cc [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:26:03.0115 0x15cc crcdisk - ok
20:26:03.0506 0x15cc [ 2C53AB51F07EF7B58D32C36D8F2F8C16 ] CronService C:\Prey\platform\windows\cronsvc.exe
20:26:03.0506 0x15cc CronService - ok
20:26:03.0646 0x15cc [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:26:03.0646 0x15cc CryptSvc - ok
20:26:04.0700 0x15cc [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:26:04.0717 0x15cc cvhsvc - ok
20:26:04.0854 0x15cc [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:26:04.0867 0x15cc DcomLaunch - ok
20:26:05.0057 0x15cc [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:26:05.0065 0x15cc defragsvc - ok
20:26:05.0103 0x15cc [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:26:05.0106 0x15cc DfsC - ok
20:26:05.0234 0x15cc [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:26:05.0242 0x15cc Dhcp - ok
20:26:05.0425 0x15cc [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:26:05.0443 0x15cc discache - ok
20:26:05.0504 0x15cc [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:26:05.0508 0x15cc Disk - ok
20:26:05.0685 0x15cc [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:26:05.0691 0x15cc Dnscache - ok
20:26:06.0342 0x15cc [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:26:06.0529 0x15cc dot3svc - ok
20:26:06.0674 0x15cc [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:26:06.0683 0x15cc DPS - ok
20:26:06.0805 0x15cc [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:26:06.0834 0x15cc drmkaud - ok
20:26:07.0207 0x15cc [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files\Launch Manager\dsiwmis.exe
20:26:07.0218 0x15cc DsiWMIService - ok
20:26:07.0465 0x15cc [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:26:07.0471 0x15cc dtsoftbus01 - ok
20:26:07.0567 0x15cc [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:26:07.0624 0x15cc DXGKrnl - ok
20:26:07.0734 0x15cc [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:26:07.0742 0x15cc EapHost - ok
20:26:08.0403 0x15cc [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:26:08.0795 0x15cc ebdrv - ok
20:26:08.0870 0x15cc [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:26:08.0878 0x15cc EFS - ok
20:26:09.0469 0x15cc [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
20:26:09.0479 0x15cc EgisTec Ticket Service - ok
20:26:09.0654 0x15cc [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:26:09.0671 0x15cc elxstor - ok
20:26:09.0983 0x15cc [ 81ECBF63B68F07DAA1185612F00FEBA1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:26:10.0000 0x15cc ePowerSvc - ok
20:26:10.0068 0x15cc [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:26:10.0071 0x15cc ErrDev - ok
20:26:10.0396 0x15cc [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:26:10.0407 0x15cc EventSystem - ok
20:26:10.0466 0x15cc [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:26:10.0475 0x15cc exfat - ok
20:26:10.0549 0x15cc [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:26:10.0553 0x15cc fastfat - ok
20:26:10.0750 0x15cc [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:26:10.0766 0x15cc Fax - ok
20:26:10.0823 0x15cc [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
20:26:10.0827 0x15cc fdc - ok
20:26:10.0886 0x15cc [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:26:10.0893 0x15cc fdPHost - ok
20:26:10.0964 0x15cc [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:26:10.0971 0x15cc FDResPub - ok
20:26:11.0037 0x15cc [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:26:11.0045 0x15cc FileInfo - ok
20:26:11.0205 0x15cc [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:26:11.0209 0x15cc Filetrace - ok
20:26:11.0269 0x15cc [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:26:11.0272 0x15cc flpydisk - ok
20:26:11.0402 0x15cc [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:26:11.0408 0x15cc FltMgr - ok
20:26:11.0656 0x15cc [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
20:26:11.0680 0x15cc FontCache - ok
20:26:11.0838 0x15cc [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:26:11.0841 0x15cc FontCache3.0.0.0 - ok
20:26:11.0901 0x15cc [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:26:11.0906 0x15cc FsDepends - ok
20:26:11.0972 0x15cc [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:26:11.0978 0x15cc Fs_Rec - ok
20:26:12.0290 0x15cc [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:26:12.0294 0x15cc fvevol - ok
20:26:12.0392 0x15cc [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:26:12.0395 0x15cc gagp30kx - ok
20:26:12.0432 0x15cc [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:26:12.0435 0x15cc GEARAspiWDM - ok
20:26:12.0538 0x15cc [ 035EAF9A18B84F9560984BCF41F52E99 ] gfiark C:\Windows\system32\drivers\gfiark.sys
20:26:12.0546 0x15cc gfiark - ok
20:26:12.0694 0x15cc [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:26:12.0704 0x15cc gpsvc - ok
20:26:12.0919 0x15cc [ 32096F187020A54D29C95B3A1467D963 ] GREGService C:\Program Files\Acer\Registration\GREGsvc.exe
20:26:12.0920 0x15cc GREGService - ok
20:26:13.0249 0x15cc [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:26:13.0251 0x15cc gupdate - ok
20:26:13.0312 0x15cc [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:26:13.0315 0x15cc gupdatem - ok
20:26:13.0438 0x15cc [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:26:13.0441 0x15cc hcw85cir - ok
20:26:13.0494 0x15cc [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:26:13.0500 0x15cc HdAudAddService - ok
20:26:13.0578 0x15cc [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:26:13.0580 0x15cc HDAudBus - ok
20:26:13.0648 0x15cc [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:26:13.0653 0x15cc HidBatt - ok
20:26:13.0717 0x15cc [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:26:13.0724 0x15cc HidBth - ok
20:26:13.0851 0x15cc [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:26:13.0856 0x15cc HidIr - ok
20:26:13.0946 0x15cc [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:26:13.0955 0x15cc hidserv - ok
20:26:14.0155 0x15cc [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:26:14.0162 0x15cc HidUsb - ok
20:26:14.0303 0x15cc [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:26:14.0313 0x15cc hkmsvc - ok
20:26:14.0497 0x15cc [ CEAF89A631C5C78EC26BA15DD888FD52 ] hola_net C:\Windows\system32\DRIVERS\hola_net.sys
20:26:14.0509 0x15cc hola_net - ok
20:26:14.0597 0x15cc [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:26:14.0722 0x15cc HomeGroupListener - ok
20:26:14.0884 0x15cc [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:26:14.0893 0x15cc HomeGroupProvider - ok
20:26:14.0976 0x15cc [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:26:14.0980 0x15cc HpSAMD - ok
20:26:15.0108 0x15cc [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:26:15.0114 0x15cc HTTP - ok
20:26:15.0170 0x15cc [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:26:15.0173 0x15cc hwpolicy - ok
20:26:15.0361 0x15cc [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:26:15.0495 0x15cc i8042prt - ok
20:26:15.0715 0x15cc [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:26:15.0720 0x15cc iaStor - ok
20:26:16.0215 0x15cc [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:26:16.0250 0x15cc IAStorDataMgrSvc - ok
20:26:16.0378 0x15cc [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:26:16.0385 0x15cc iaStorV - ok
20:26:16.0796 0x15cc [ 0DFFBA5AE3D2E1C076BD8E6F52C4FDFB ] IconMan_R C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:26:16.0815 0x15cc IconMan_R - ok
20:26:17.0033 0x15cc [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:26:17.0160 0x15cc idsvc - ok
20:26:17.0409 0x15cc [ 96FE1D82D1B4420D350AB6493C6FCE41 ] igddim32 C:\Windows\system32\DRIVERS\igddim32.sys
20:26:17.0488 0x15cc igddim32 - ok
20:26:17.0643 0x15cc [ 30D8327539E11CFE5006BCF762F07EB9 ] igdkmd32 C:\Windows\system32\DRIVERS\igdkmd32.sys
20:26:17.0652 0x15cc igdkmd32 - ok
20:26:17.0720 0x15cc [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:26:17.0723 0x15cc iirsp - ok
20:26:17.0861 0x15cc [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:26:17.0872 0x15cc IKEEXT - ok
20:26:18.0513 0x15cc [ 303129C4432D58DE0A56CF6F25512956 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:26:18.0657 0x15cc IntcAzAudAddService - ok
20:26:18.0863 0x15cc [ 8F4D251F1EA15FA97E8399128A72CC83 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:26:18.0872 0x15cc IntcDAud - ok
20:26:18.0910 0x15cc [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:26:18.0912 0x15cc intelide - ok
20:26:19.0019 0x15cc [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:26:19.0021 0x15cc intelppm - ok
20:26:19.0068 0x15cc [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:26:19.0077 0x15cc IPBusEnum - ok
20:26:19.0202 0x15cc [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:26:19.0207 0x15cc IpFilterDriver - ok
20:26:19.0400 0x15cc [ 58F67245D041FBE7AF88F4EAF79DF0FA ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
20:26:19.0408 0x15cc IpHlpSvc - ok
20:26:19.0514 0x15cc [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:26:19.0520 0x15cc IPMIDRV - ok
20:26:19.0641 0x15cc [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:26:19.0651 0x15cc IPNAT - ok
20:26:20.0108 0x15cc [ D8B8B5A8FE57CF4F307A540D9A153C23 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:26:20.0115 0x15cc iPod Service - ok
20:26:20.0187 0x15cc [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:26:20.0189 0x15cc IRENUM - ok
20:26:20.0362 0x15cc [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:26:20.0365 0x15cc isapnp - ok
20:26:20.0523 0x15cc [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:26:20.0545 0x15cc iScsiPrt - ok
20:26:20.0645 0x15cc [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:26:20.0648 0x15cc kbdclass - ok
20:26:20.0710 0x15cc [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:26:20.0713 0x15cc kbdhid - ok
20:26:20.0748 0x15cc [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:26:20.0751 0x15cc KeyIso - ok
20:26:20.0872 0x15cc [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:26:20.0880 0x15cc KSecDD - ok
20:26:20.0937 0x15cc [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:26:20.0943 0x15cc KSecPkg - ok
20:26:21.0063 0x15cc [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:26:21.0265 0x15cc KtmRm - ok
20:26:21.0364 0x15cc [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:26:21.0379 0x15cc LanmanServer - ok
20:26:21.0495 0x15cc [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:26:21.0508 0x15cc LanmanWorkstation - ok
20:26:21.0695 0x15cc [ 6BB516A31DE232DAB436FF3A117E1E80 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:26:21.0698 0x15cc Live Updater Service - ok
20:26:21.0886 0x15cc [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:26:21.0889 0x15cc lltdio - ok
20:26:21.0975 0x15cc [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:26:21.0989 0x15cc lltdsvc - ok
20:26:22.0052 0x15cc [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:26:22.0061 0x15cc lmhosts - ok
20:26:22.0307 0x15cc lpncstkd - ok
20:26:22.0407 0x15cc [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:26:22.0410 0x15cc LSI_FC - ok
20:26:22.0476 0x15cc [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:26:22.0489 0x15cc LSI_SAS - ok
20:26:22.0587 0x15cc [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:26:22.0590 0x15cc LSI_SAS2 - ok
20:26:22.0656 0x15cc [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:26:22.0659 0x15cc LSI_SCSI - ok
20:26:22.0707 0x15cc [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:26:22.0711 0x15cc luafv - ok
20:26:22.0802 0x15cc [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:26:22.0807 0x15cc megasas - ok
20:26:22.0887 0x15cc [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:26:22.0920 0x15cc MegaSR - ok
20:26:24.0397 0x15cc Microsoft SharePoint Workspace Audit Service - ok
20:26:24.0457 0x15cc [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:26:24.0462 0x15cc MMCSS - ok
20:26:24.0530 0x15cc [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:26:24.0533 0x15cc Modem - ok
20:26:24.0585 0x15cc [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:26:24.0587 0x15cc monitor - ok
20:26:24.0701 0x15cc [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:26:24.0705 0x15cc mouclass - ok
20:26:24.0765 0x15cc [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:26:24.0768 0x15cc mouhid - ok
20:26:24.0832 0x15cc [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:26:24.0838 0x15cc mountmgr - ok
20:26:24.0920 0x15cc [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:26:24.0927 0x15cc MpFilter - ok
20:26:24.0992 0x15cc [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:26:24.0996 0x15cc mpio - ok
20:26:25.0046 0x15cc [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:26:25.0049 0x15cc mpsdrv - ok
20:26:25.0255 0x15cc [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:26:25.0268 0x15cc MpsSvc - ok
20:26:25.0317 0x15cc [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:26:25.0321 0x15cc MRxDAV - ok
20:26:25.0389 0x15cc [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:26:25.0391 0x15cc mrxsmb - ok
20:26:25.0496 0x15cc [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:26:25.0500 0x15cc mrxsmb10 - ok
20:26:25.0564 0x15cc [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:26:25.0567 0x15cc mrxsmb20 - ok
20:26:25.0623 0x15cc [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:26:25.0626 0x15cc msahci - ok
20:26:25.0692 0x15cc [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:26:25.0696 0x15cc msdsm - ok
20:26:25.0781 0x15cc [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:26:25.0796 0x15cc MSDTC - ok
20:26:25.0907 0x15cc [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:26:25.0910 0x15cc Msfs - ok
20:26:25.0988 0x15cc [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:26:25.0992 0x15cc mshidkmdf - ok
20:26:26.0029 0x15cc [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:26:26.0032 0x15cc msisadrv - ok
20:26:26.0154 0x15cc [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:26:26.0163 0x15cc MSiSCSI - ok
20:26:26.0182 0x15cc msiserver - ok
20:26:26.0341 0x15cc [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:26:26.0345 0x15cc MSKSSRV - ok
20:26:26.0495 0x15cc MsMpSvc - ok
20:26:26.0631 0x15cc [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:26:26.0633 0x15cc MSPCLOCK - ok
20:26:26.0687 0x15cc [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:26:26.0691 0x15cc MSPQM - ok
20:26:26.0774 0x15cc [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:26:26.0781 0x15cc MsRPC - ok
20:26:26.0873 0x15cc [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:26:26.0875 0x15cc mssmbios - ok
20:26:26.0968 0x15cc [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:26:26.0972 0x15cc MSTEE - ok
20:26:27.0031 0x15cc [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:26:27.0035 0x15cc MTConfig - ok
20:26:27.0121 0x15cc [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:26:27.0125 0x15cc Mup - ok
20:26:27.0181 0x15cc [ 383379F94280E5CCE2C563711FD17F43 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:26:27.0186 0x15cc mwlPSDFilter - ok
20:26:27.0239 0x15cc [ 9DDF22CFFACFE91FB60336276A2F2524 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:26:27.0243 0x15cc mwlPSDNServ - ok
20:26:27.0299 0x15cc [ 755B8CEFEC291F42CDC560A68CDDE6EF ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:26:27.0303 0x15cc mwlPSDVDisk - ok
20:26:27.0422 0x15cc [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:26:27.0442 0x15cc napagent - ok
20:26:27.0558 0x15cc [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:26:27.0571 0x15cc NativeWifiP - ok
20:26:27.0756 0x15cc [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:26:27.0781 0x15cc NDIS - ok
20:26:28.0018 0x15cc [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:26:28.0024 0x15cc NdisCap - ok
20:26:28.0100 0x15cc [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:26:28.0106 0x15cc NdisTapi - ok
20:26:28.0312 0x15cc [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:26:28.0317 0x15cc Ndisuio - ok
20:26:28.0393 0x15cc [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:26:28.0399 0x15cc NdisWan - ok
20:26:28.0482 0x15cc [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:26:28.0486 0x15cc NDProxy - ok
20:26:28.0581 0x15cc [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:26:28.0584 0x15cc NetBIOS - ok
20:26:28.0678 0x15cc [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:26:28.0725 0x15cc NetBT - ok
20:26:28.0791 0x15cc [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:26:28.0797 0x15cc Netlogon - ok
20:26:28.0933 0x15cc [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:26:28.0946 0x15cc Netman - ok
20:26:29.0053 0x15cc [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:26:29.0161 0x15cc netprofm - ok
20:26:29.0361 0x15cc [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:26:29.0413 0x15cc NetTcpPortSharing - ok
20:26:29.0577 0x15cc [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:26:29.0583 0x15cc nfrd960 - ok
20:26:29.0769 0x15cc [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:26:29.0776 0x15cc NisDrv - ok
20:26:29.0839 0x15cc NisSrv - ok
20:26:30.0195 0x15cc [ D10C1F16AAA5EBE1616C9DB7EEF022BA ] NitroDriverReadSpool8 C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
20:26:30.0290 0x15cc NitroDriverReadSpool8 - ok
20:26:30.0603 0x15cc [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:26:30.0617 0x15cc NlaSvc - ok
20:26:31.0068 0x15cc [ 43436B5756A45EA11D274B3983204095 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
20:26:31.0078 0x15cc nlsX86cc - ok
20:26:31.0790 0x15cc [ A634584C506F2C82680039371AA1772C ] NOBU C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
20:26:31.0813 0x15cc NOBU - ok
20:26:31.0886 0x15cc [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:26:31.0889 0x15cc Npfs - ok
20:26:31.0967 0x15cc [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:26:31.0977 0x15cc nsi - ok
20:26:32.0062 0x15cc [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:26:32.0065 0x15cc nsiproxy - ok
20:26:32.0396 0x15cc [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:26:32.0648 0x15cc Ntfs - ok
20:26:32.0823 0x15cc [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:26:32.0827 0x15cc Null - ok
20:26:33.0150 0x15cc [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:26:33.0156 0x15cc nvraid - ok
20:26:33.0220 0x15cc [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:26:33.0224 0x15cc nvstor - ok
20:26:33.0544 0x15cc [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:26:33.0549 0x15cc nv_agp - ok
20:26:33.0602 0x15cc [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:26:33.0605 0x15cc ohci1394 - ok
20:26:33.0922 0x15cc [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:26:33.0962 0x15cc ose - ok
20:26:35.0024 0x15cc [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:26:35.0278 0x15cc osppsvc - ok
20:26:35.0395 0x15cc [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:26:35.0404 0x15cc p2pimsvc - ok
20:26:35.0486 0x15cc [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:26:35.0496 0x15cc p2psvc - ok
20:26:35.0585 0x15cc [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
20:26:35.0588 0x15cc Parport - ok
20:26:35.0634 0x15cc [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:26:35.0638 0x15cc partmgr - ok
20:26:35.0685 0x15cc [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:26:35.0689 0x15cc Parvdm - ok
20:26:35.0804 0x15cc [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:26:35.0808 0x15cc pci - ok
20:26:35.0889 0x15cc [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:26:35.0895 0x15cc pciide - ok
20:26:36.0063 0x15cc [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:26:36.0151 0x15cc pcmcia - ok
20:26:36.0213 0x15cc [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:26:36.0219 0x15cc pcw - ok
20:26:36.0368 0x15cc [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:26:36.0377 0x15cc PEAUTH - ok
20:26:36.0986 0x15cc [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:26:37.0071 0x15cc pla - ok
20:26:37.0280 0x15cc [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:26:37.0292 0x15cc PlugPlay - ok
20:26:37.0410 0x15cc [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:26:37.0416 0x15cc PNRPAutoReg - ok
20:26:37.0528 0x15cc [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:26:37.0537 0x15cc PNRPsvc - ok
20:26:37.0644 0x15cc [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:26:37.0651 0x15cc Power - ok
20:26:37.0839 0x15cc [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:26:37.0842 0x15cc PptpMiniport - ok
20:26:38.0016 0x15cc [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:26:38.0033 0x15cc Processor - ok
20:26:38.0168 0x15cc [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:26:38.0175 0x15cc ProfSvc - ok
20:26:38.0336 0x15cc [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:26:38.0340 0x15cc ProtectedStorage - ok
20:26:38.0436 0x15cc [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:26:38.0440 0x15cc Psched - ok
20:26:38.0673 0x15cc [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:26:38.0759 0x15cc ql2300 - ok
20:26:39.0069 0x15cc [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:26:39.0076 0x15cc ql40xx - ok
20:26:39.0201 0x15cc [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:26:39.0213 0x15cc QWAVE - ok
20:26:39.0259 0x15cc [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:26:39.0263 0x15cc QWAVEdrv - ok
20:26:39.0302 0x15cc [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:26:39.0305 0x15cc RasAcd - ok
20:26:39.0447 0x15cc [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:26:39.0449 0x15cc RasAgileVpn - ok
20:26:39.0538 0x15cc [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:26:39.0545 0x15cc RasAuto - ok
20:26:39.0645 0x15cc [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:26:39.0655 0x15cc Rasl2tp - ok
20:26:39.0753 0x15cc [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:26:39.0771 0x15cc RasMan - ok
20:26:39.0872 0x15cc [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:26:39.0880 0x15cc RasPppoe - ok
20:26:39.0969 0x15cc [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:26:39.0975 0x15cc RasSstp - ok
20:26:40.0141 0x15cc [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:26:40.0149 0x15cc rdbss - ok
20:26:40.0256 0x15cc [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:26:40.0261 0x15cc rdpbus - ok
20:26:40.0308 0x15cc [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:26:40.0311 0x15cc RDPCDD - ok
20:26:40.0542 0x15cc [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:26:40.0699 0x15cc RDPENCDD - ok
20:26:40.0755 0x15cc [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:26:40.0759 0x15cc RDPREFMP - ok
20:26:40.0872 0x15cc [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:26:40.0878 0x15cc RDPWD - ok
20:26:41.0002 0x15cc [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:26:41.0008 0x15cc rdyboost - ok
20:26:41.0071 0x15cc [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:26:41.0085 0x15cc RemoteRegistry - ok
20:26:41.0201 0x15cc [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:26:41.0205 0x15cc RFCOMM - ok
20:26:41.0613 0x15cc [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
20:26:41.0616 0x15cc RimUsb - ok
20:26:41.0950 0x15cc [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:26:41.0955 0x15cc RpcEptMapper - ok
20:26:42.0026 0x15cc [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:26:42.0031 0x15cc RpcLocator - ok
20:26:42.0084 0x15cc [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:26:42.0093 0x15cc RpcSs - ok
20:26:42.0185 0x15cc [ 683B328B077D21F06E18C426DBAC0616 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:26:42.0192 0x15cc RSPCIESTOR - ok
20:26:42.0309 0x15cc [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:26:42.0312 0x15cc rspndr - ok
20:26:42.0437 0x15cc [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
20:26:42.0441 0x15cc RS_Service - ok
20:26:42.0744 0x15cc [ 6A2586DCB5B04A52404699EB325DF1DB ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
20:26:42.0811 0x15cc RTL8167 - ok
20:26:42.0857 0x15cc [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:26:42.0862 0x15cc SamSs - ok
20:26:42.0933 0x15cc [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:26:42.0936 0x15cc sbp2port - ok
20:26:43.0079 0x15cc [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:26:43.0094 0x15cc SCardSvr - ok
20:26:43.0181 0x15cc [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:26:43.0185 0x15cc scfilter - ok
20:26:43.0396 0x15cc [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:26:43.0419 0x15cc Schedule - ok
20:26:43.0492 0x15cc [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:26:43.0494 0x15cc SCPolicySvc - ok
20:26:43.0554 0x15cc [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:26:43.0562 0x15cc SDRSVC - ok
20:26:43.0650 0x15cc [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:26:43.0653 0x15cc secdrv - ok
20:26:43.0686 0x15cc [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:26:43.0694 0x15cc seclogon - ok
20:26:43.0771 0x15cc [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:26:43.0789 0x15cc SENS - ok
20:26:43.0834 0x15cc [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:26:43.0841 0x15cc SensrSvc - ok
20:26:43.0881 0x15cc [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:26:43.0886 0x15cc Serenum - ok
20:26:43.0984 0x15cc [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
20:26:43.0988 0x15cc Serial - ok
20:26:44.0028 0x15cc [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:26:44.0032 0x15cc sermouse - ok
20:26:44.0125 0x15cc [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:26:44.0133 0x15cc SessionEnv - ok
20:26:44.0195 0x15cc [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:26:44.0199 0x15cc sffdisk - ok
20:26:44.0239 0x15cc [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:26:44.0243 0x15cc sffp_mmc - ok
20:26:44.0362 0x15cc [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:26:44.0365 0x15cc sffp_sd - ok
20:26:44.0395 0x15cc [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:26:44.0398 0x15cc sfloppy - ok
20:26:44.0826 0x15cc [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:26:44.0842 0x15cc Sftfs - ok
20:26:45.0049 0x15cc [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
20:26:45.0061 0x15cc sftlist - ok
20:26:45.0347 0x15cc [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:26:45.0356 0x15cc Sftplay - ok
20:26:45.0616 0x15cc [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:26:45.0619 0x15cc Sftredir - ok
20:26:45.0690 0x15cc [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:26:45.0696 0x15cc Sftvol - ok
20:26:45.0904 0x15cc [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
20:26:45.0908 0x15cc sftvsa - ok
20:26:46.0073 0x15cc [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:26:46.0344 0x15cc SharedAccess - ok
20:26:46.0608 0x15cc [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:26:46.0653 0x15cc ShellHWDetection - ok
20:26:46.0774 0x15cc [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:26:46.0779 0x15cc sisagp - ok
20:26:46.0886 0x15cc [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:26:46.0889 0x15cc SiSRaid2 - ok
20:26:46.0944 0x15cc [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:26:46.0948 0x15cc SiSRaid4 - ok
20:26:47.0155 0x15cc [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:26:47.0157 0x15cc SkypeUpdate - ok
20:26:47.0299 0x15cc [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:26:47.0303 0x15cc Smb - ok
20:26:47.0579 0x15cc [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:26:47.0586 0x15cc SNMPTRAP - ok
20:26:47.0675 0x15cc [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:26:47.0683 0x15cc spldr - ok
20:26:47.0899 0x15cc [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:26:47.0907 0x15cc Spooler - ok
20:26:48.0549 0x15cc [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:26:48.0663 0x15cc sppsvc - ok
20:26:48.0698 0x15cc [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:26:48.0708 0x15cc sppuinotify - ok
20:26:48.0793 0x15cc [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:26:48.0845 0x15cc srv - ok
20:26:48.0896 0x15cc [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:26:48.0903 0x15cc srv2 - ok
20:26:48.0950 0x15cc [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:26:48.0955 0x15cc srvnet - ok
20:26:49.0124 0x15cc [ 6A09C136CF33547820CB963E4D5AAF9E ] SSCBFS3 C:\Windows\system32\DRIVERS\sscbfs3.sys
20:26:49.0172 0x15cc SSCBFS3 - ok
20:26:49.0290 0x15cc [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:26:49.0303 0x15cc SSDPSRV - ok
20:26:49.0351 0x15cc [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:26:49.0362 0x15cc SstpSvc - ok
20:26:49.0438 0x15cc [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:26:49.0456 0x15cc stexstor - ok
20:26:49.0597 0x15cc [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:26:49.0618 0x15cc StiSvc - ok
20:26:49.0655 0x15cc [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:26:49.0672 0x15cc swenum - ok
20:26:49.0828 0x15cc [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:26:49.0842 0x15cc swprv - ok
20:26:50.0307 0x15cc [ 31B6B2D25FCFF1B71AE225000D656CD0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:26:50.0607 0x15cc SynTP - ok
20:26:50.0755 0x15cc [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:26:50.0781 0x15cc SysMain - ok
20:26:50.0824 0x15cc [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:26:50.0834 0x15cc TabletInputService - ok
20:26:50.0890 0x15cc [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:26:50.0903 0x15cc TapiSrv - ok
20:26:50.0953 0x15cc [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:26:50.0961 0x15cc TBS - ok
20:26:51.0173 0x15cc [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:26:51.0233 0x15cc Tcpip - ok
20:26:51.0289 0x15cc [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:26:51.0311 0x15cc TCPIP6 - ok
20:26:51.0358 0x15cc [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:26:51.0361 0x15cc tcpipreg - ok
20:26:51.0435 0x15cc [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:26:51.0437 0x15cc TDPIPE - ok
20:26:51.0479 0x15cc [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:26:51.0482 0x15cc TDTCP - ok
20:26:51.0569 0x15cc [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:26:51.0573 0x15cc tdx - ok
20:26:51.0612 0x15cc [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:26:51.0616 0x15cc TermDD - ok
20:26:51.0717 0x15cc [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:26:51.0746 0x15cc TermService - ok
20:26:51.0814 0x15cc [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:26:51.0825 0x15cc Themes - ok
20:26:51.0878 0x15cc [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:26:51.0885 0x15cc THREADORDER - ok
20:26:51.0934 0x15cc [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:26:51.0944 0x15cc TrkWks - ok
20:26:52.0056 0x15cc [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:26:52.0063 0x15cc TrustedInstaller - ok
20:26:52.0112 0x15cc [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:26:52.0126 0x15cc tssecsrv - ok
20:26:52.0151 0x15cc [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:26:52.0156 0x15cc TsUsbFlt - ok
20:26:52.0183 0x15cc [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:26:52.0187 0x15cc TsUsbGD - ok
20:26:52.0295 0x15cc [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:26:52.0300 0x15cc tunnel - ok
20:26:52.0317 0x15cc [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:26:52.0322 0x15cc uagp35 - ok
20:26:52.0392 0x15cc [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:26:52.0397 0x15cc udfs - ok
20:26:52.0469 0x15cc [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:26:52.0477 0x15cc UI0Detect - ok
20:26:52.0539 0x15cc [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:26:52.0543 0x15cc uliagpkx - ok
20:26:52.0715 0x15cc [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:26:52.0719 0x15cc umbus - ok
20:26:52.0729 0x15cc [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:26:52.0733 0x15cc UmPass - ok
20:26:52.0878 0x15cc [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:26:52.0890 0x15cc upnphost - ok
20:26:52.0934 0x15cc [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:26:52.0937 0x15cc usbccgp - ok
20:26:53.0009 0x15cc [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:26:53.0012 0x15cc usbcir - ok
20:26:53.0060 0x15cc [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:26:53.0064 0x15cc usbehci - ok
20:26:53.0150 0x15cc [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:26:53.0156 0x15cc usbhub - ok
20:26:53.0229 0x15cc [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:26:53.0232 0x15cc usbohci - ok
20:26:53.0359 0x15cc [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:26:53.0383 0x15cc usbprint - ok
20:26:53.0418 0x15cc [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:26:53.0423 0x15cc USBSTOR - ok
20:26:53.0491 0x15cc [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:26:53.0496 0x15cc usbuhci - ok
20:26:53.0633 0x15cc [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:26:53.0638 0x15cc usbvideo - ok
20:26:53.0762 0x15cc [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:26:53.0769 0x15cc UxSms - ok
20:26:53.0813 0x15cc [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:26:53.0817 0x15cc VaultSvc - ok
20:26:53.0933 0x15cc [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:26:53.0950 0x15cc vdrvroot - ok
20:26:54.0056 0x15cc [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:26:54.0091 0x15cc vds - ok
20:26:54.0176 0x15cc [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:26:54.0180 0x15cc vga - ok
20:26:54.0215 0x15cc [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:26:54.0220 0x15cc VgaSave - ok
20:26:54.0282 0x15cc [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:26:54.0292 0x15cc vhdmp - ok
20:26:54.0358 0x15cc [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:26:54.0363 0x15cc viaagp - ok
20:26:54.0394 0x15cc [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:26:54.0397 0x15cc ViaC7 - ok
20:26:54.0439 0x15cc [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:26:54.0444 0x15cc viaide - ok
20:26:54.0482 0x15cc [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:26:54.0487 0x15cc volmgr - ok
20:26:54.0526 0x15cc [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:26:54.0534 0x15cc volmgrx - ok
20:26:54.0580 0x15cc [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:26:54.0588 0x15cc volsnap - ok
20:26:54.0712 0x15cc [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:26:54.0719 0x15cc vsmraid - ok
20:26:54.0785 0x15cc [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:26:54.0836 0x15cc VSS - ok
20:26:54.0875 0x15cc [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:26:54.0879 0x15cc vwifibus - ok
20:26:54.0980 0x15cc [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:26:54.0985 0x15cc vwififlt - ok
20:26:55.0064 0x15cc [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:26:55.0094 0x15cc W32Time - ok
20:26:55.0134 0x15cc [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:26:55.0138 0x15cc WacomPen - ok
20:26:55.0206 0x15cc [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:26:55.0212 0x15cc WANARP - ok
20:26:55.0248 0x15cc [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:26:55.0252 0x15cc Wanarpv6 - ok
20:26:55.0385 0x15cc [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:26:55.0420 0x15cc wbengine - ok
20:26:55.0473 0x15cc [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:26:55.0483 0x15cc WbioSrvc - ok
20:26:55.0504 0x15cc [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:26:55.0518 0x15cc wcncsvc - ok
20:26:55.0562 0x15cc [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:26:55.0571 0x15cc WcsPlugInService - ok
20:26:55.0611 0x15cc [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:26:55.0619 0x15cc Wd - ok
20:26:55.0702 0x15cc [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:26:55.0730 0x15cc Wdf01000 - ok
20:26:55.0800 0x15cc [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:26:55.0807 0x15cc WdiServiceHost - ok
20:26:55.0820 0x15cc [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:26:55.0827 0x15cc WdiSystemHost - ok
20:26:55.0867 0x15cc [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:26:55.0887 0x15cc WebClient - ok
20:26:55.0982 0x15cc [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:26:55.0997 0x15cc Wecsvc - ok
20:26:56.0063 0x15cc [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:26:56.0075 0x15cc wercplsupport - ok
20:26:56.0157 0x15cc [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:26:56.0167 0x15cc WerSvc - ok
20:26:56.0267 0x15cc [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:26:56.0270 0x15cc WfpLwf - ok
20:26:56.0331 0x15cc [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:26:56.0335 0x15cc WIMMount - ok
20:26:56.0509 0x15cc [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:26:56.0530 0x15cc WinDefend - ok
20:26:56.0560 0x15cc WinHttpAutoProxySvc - ok
20:26:56.0728 0x15cc [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:26:56.0732 0x15cc Winmgmt - ok
20:26:56.0861 0x15cc [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:26:56.0895 0x15cc WinRM - ok
20:26:57.0100 0x15cc [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:26:57.0106 0x15cc WinUsb - ok
20:26:57.0226 0x15cc [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:26:57.0291 0x15cc Wlansvc - ok
20:26:57.0448 0x15cc [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:26:57.0492 0x15cc wlcrasvc - ok
20:26:57.0990 0x15cc [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:26:58.0062 0x15cc wlidsvc - ok
20:26:58.0100 0x15cc [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:26:58.0102 0x15cc WmiAcpi - ok
20:26:58.0203 0x15cc [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:26:58.0230 0x15cc wmiApSrv - ok
20:26:58.0351 0x15cc [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:26:58.0394 0x15cc WMPNetworkSvc - ok
20:26:58.0442 0x15cc [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:26:58.0462 0x15cc WPCSvc - ok
20:26:58.0532 0x15cc [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:26:58.0541 0x15cc WPDBusEnum - ok
20:26:58.0590 0x15cc [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:26:58.0650 0x15cc ws2ifsl - ok
20:26:58.0792 0x15cc [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:26:58.0801 0x15cc wscsvc - ok
20:26:58.0817 0x15cc WSearch - ok
20:26:59.0288 0x15cc [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:26:59.0334 0x15cc wuauserv - ok
20:26:59.0423 0x15cc [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:26:59.0430 0x15cc WudfPf - ok
20:26:59.0503 0x15cc [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:26:59.0507 0x15cc WUDFRd - ok
20:26:59.0582 0x15cc [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:26:59.0591 0x15cc wudfsvc - ok
20:26:59.0640 0x15cc [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:26:59.0674 0x15cc WwanSvc - ok
20:26:59.0827 0x15cc ================ Scan global ===============================
20:26:59.0905 0x15cc [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:27:00.0002 0x15cc [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:27:00.0048 0x15cc [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:27:00.0101 0x15cc [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:27:00.0154 0x15cc [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:27:00.0174 0x15cc [Global] - ok
20:27:00.0181 0x15cc ================ Scan MBR ==================================
20:27:00.0216 0x15cc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:27:01.0082 0x15cc \Device\Harddisk0\DR0 - ok
20:27:01.0097 0x15cc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:28:07.0441 0x15cc \Device\Harddisk1\DR1 - ok
20:28:07.0443 0x15cc ================ Scan VBR ==================================
20:28:07.0459 0x15cc [ DB78C982ECBC3D1A3C624B7ECFBDBD81 ] \Device\Harddisk0\DR0\Partition1
20:28:07.0464 0x15cc \Device\Harddisk0\DR0\Partition1 - ok
20:28:07.0490 0x15cc [ 6275B959055016181A8E6210A7B09003 ] \Device\Harddisk0\DR0\Partition2
20:28:07.0496 0x15cc \Device\Harddisk0\DR0\Partition2 - ok
20:28:07.0505 0x15cc [ 7681D9846BED079E8C74F576A6A8DFF7 ] \Device\Harddisk1\DR1\Partition1
20:28:07.0509 0x15cc \Device\Harddisk1\DR1\Partition1 - ok
20:28:07.0511 0x15cc ============================================================
20:28:07.0511 0x15cc Scan finished
20:28:07.0511 0x15cc ============================================================
20:28:07.0541 0x1594 Detected object count: 0
20:28:07.0541 0x1594 Actual detected object count: 0
20:30:31.0682 0x084c ============================================================
20:30:31.0682 0x084c Scan started
20:30:31.0682 0x084c Mode: Manual;
20:30:31.0682 0x084c ============================================================
20:30:33.0559 0x084c ================ Scan system memory ========================
20:30:33.0560 0x084c System memory - ok
20:30:33.0564 0x084c ================ Scan services =============================
20:30:34.0031 0x084c [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:30:34.0034 0x084c 1394ohci - ok
20:30:34.0099 0x084c [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:30:34.0104 0x084c ACPI - ok
20:30:34.0125 0x084c [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:30:34.0127 0x084c AcpiPmi - ok
20:30:34.0229 0x084c [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:30:34.0236 0x084c AdobeARMservice - ok
20:30:34.0376 0x084c [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:30:34.0384 0x084c AdobeFlashPlayerUpdateSvc - ok
20:30:34.0502 0x084c [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:30:34.0508 0x084c adp94xx - ok
20:30:34.0566 0x084c [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:30:34.0574 0x084c adpahci - ok
20:30:34.0601 0x084c [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:30:34.0607 0x084c adpu320 - ok
20:30:34.0682 0x084c [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:30:34.0683 0x084c AeLookupSvc - ok
20:30:34.0716 0x084c [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:30:34.0721 0x084c AFD - ok
20:30:34.0734 0x084c [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:30:34.0736 0x084c agp440 - ok
20:30:34.0790 0x084c [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:30:34.0794 0x084c aic78xx - ok
20:30:34.0844 0x084c [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:30:34.0846 0x084c ALG - ok
20:30:34.0863 0x084c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:30:34.0865 0x084c aliide - ok
20:30:34.0886 0x084c [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:30:34.0888 0x084c amdagp - ok
20:30:34.0908 0x084c [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:30:34.0910 0x084c amdide - ok
20:30:34.0933 0x084c [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:30:34.0935 0x084c AmdK8 - ok
20:30:34.0975 0x084c [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:30:34.0977 0x084c AmdPPM - ok
20:30:35.0003 0x084c [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:30:35.0005 0x084c amdsata - ok
20:30:35.0020 0x084c [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:30:35.0024 0x084c amdsbs - ok
20:30:35.0047 0x084c [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:30:35.0048 0x084c amdxata - ok
20:30:35.0059 0x084c [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:30:35.0060 0x084c AppID - ok
20:30:35.0090 0x084c [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:30:35.0092 0x084c AppIDSvc - ok
20:30:35.0122 0x084c [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
20:30:35.0124 0x084c Appinfo - ok
20:30:35.0187 0x084c [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:30:35.0190 0x084c Apple Mobile Device - ok
20:30:35.0207 0x084c [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:30:35.0209 0x084c arc - ok
20:30:35.0225 0x084c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:30:35.0227 0x084c arcsas - ok
20:30:35.0239 0x084c [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:30:35.0243 0x084c AsyncMac - ok
20:30:35.0256 0x084c [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:30:35.0257 0x084c atapi - ok
20:30:35.0297 0x084c [ 0EC9C66DAB2C69E5484E3E3400C5BFF4 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:30:35.0298 0x084c AthBTPort - ok
20:30:35.0408 0x084c [ FF18F1868EFF449D51BA35E67BA1CC52 ] AtherosSvc C:\Program Files\Bluetooth Suite\adminservice.exe
20:30:35.0414 0x084c AtherosSvc - ok
20:30:35.0592 0x084c [ 8309BF4D39DAA99E5035B58C7B1533D9 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:30:35.0618 0x084c athr - ok
20:30:35.0682 0x084c [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:30:35.0689 0x084c AudioEndpointBuilder - ok
20:30:35.0715 0x084c [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:30:35.0721 0x084c Audiosrv - ok
20:30:35.0743 0x084c [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:30:35.0746 0x084c AxInstSV - ok
20:30:35.0797 0x084c [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:30:35.0802 0x084c b06bdrv - ok
20:30:35.0828 0x084c [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:30:35.0831 0x084c b57nd60x - ok
20:30:35.0856 0x084c [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:30:35.0858 0x084c BDESVC - ok
20:30:35.0886 0x084c [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:30:35.0888 0x084c Beep - ok
20:30:35.0931 0x084c [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:30:35.0938 0x084c BFE - ok
20:30:35.0976 0x084c [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:30:35.0985 0x084c BITS - ok
20:30:36.0003 0x084c [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:30:36.0004 0x084c blbdrive - ok
20:30:36.0062 0x084c [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:30:36.0068 0x084c Bonjour Service - ok
20:30:36.0134 0x084c [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:30:36.0136 0x084c bowser - ok
20:30:36.0161 0x084c [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:30:36.0162 0x084c BrFiltLo - ok
20:30:36.0180 0x084c [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:30:36.0181 0x084c BrFiltUp - ok
20:30:36.0216 0x084c [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:30:36.0218 0x084c Browser - ok
20:30:36.0238 0x084c [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:30:36.0242 0x084c Brserid - ok
20:30:36.0263 0x084c [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:30:36.0265 0x084c BrSerWdm - ok
20:30:36.0277 0x084c [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:30:36.0281 0x084c BrUsbMdm - ok
20:30:36.0322 0x084c [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:30:36.0323 0x084c BrUsbSer - ok
20:30:36.0374 0x084c [ 5708B8F128A524553E03D1520B536FE2 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:30:36.0378 0x084c BTATH_A2DP - ok
20:30:36.0401 0x084c [ 9F6C5D94048148D10A713FB08992D535 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
20:30:36.0402 0x084c btath_avdt - ok
20:30:36.0438 0x084c [ C32FB5FDE56302258C2A44A57116979F ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
20:30:36.0439 0x084c BTATH_BUS - ok
20:30:36.0471 0x084c [ F7A1B8334EF7D99EA9D894D995553D3E ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:30:36.0473 0x084c BTATH_HCRP - ok
20:30:36.0498 0x084c [ 03F0F96D729B47EBFE5BBC8842C74DBD ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:30:36.0500 0x084c BTATH_LWFLT - ok
20:30:36.0534 0x084c [ 92A08096BF01937847063D43CDB72F2A ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
20:30:36.0537 0x084c BTATH_RCP - ok
20:30:36.0570 0x084c [ 3195B198153FF53874B5D539F1F618B4 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:30:36.0577 0x084c BtFilter - ok
20:30:36.0609 0x084c [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:30:36.0610 0x084c BthEnum - ok
20:30:36.0639 0x084c [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:30:36.0640 0x084c BTHMODEM - ok
20:30:36.0686 0x084c [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:30:36.0688 0x084c BthPan - ok
20:30:36.0723 0x084c [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:30:36.0729 0x084c BTHPORT - ok
20:30:36.0767 0x084c [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:30:36.0769 0x084c bthserv - ok
20:30:36.0794 0x084c [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:30:36.0796 0x084c BTHUSB - ok
20:30:36.0817 0x084c [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:30:36.0819 0x084c cdfs - ok
20:30:36.0854 0x084c [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:30:36.0856 0x084c cdrom - ok
20:30:36.0880 0x084c [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:30:36.0885 0x084c CertPropSvc - ok
20:30:36.0907 0x084c [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:30:36.0908 0x084c circlass - ok
20:30:36.0945 0x084c [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:30:36.0948 0x084c CLFS - ok
20:30:37.0073 0x084c [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:30:37.0077 0x084c clr_optimization_v2.0.50727_32 - ok
20:30:37.0295 0x084c [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:30:37.0298 0x084c clr_optimization_v4.0.30319_32 - ok
20:30:37.0339 0x084c [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:30:37.0340 0x084c CmBatt - ok
20:30:37.0375 0x084c [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:30:37.0376 0x084c cmdide - ok
20:30:37.0418 0x084c [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:30:37.0422 0x084c CNG - ok
20:30:37.0472 0x084c [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:30:37.0473 0x084c Compbatt - ok
20:30:37.0492 0x084c [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:30:37.0494 0x084c CompositeBus - ok
20:30:37.0508 0x084c COMSysApp - ok
20:30:37.0527 0x084c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:30:37.0528 0x084c crcdisk - ok
20:30:37.0589 0x084c [ 2C53AB51F07EF7B58D32C36D8F2F8C16 ] CronService C:\Prey\platform\windows\cronsvc.exe
20:30:37.0592 0x084c CronService - ok
20:30:37.0658 0x084c [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:30:37.0664 0x084c CryptSvc - ok
20:30:37.0796 0x084c [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:30:37.0807 0x084c cvhsvc - ok
20:30:37.0852 0x084c [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:30:37.0861 0x084c DcomLaunch - ok
20:30:37.0900 0x084c [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:30:37.0904 0x084c defragsvc - ok
20:30:37.0923 0x084c [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:30:37.0925 0x084c DfsC - ok
20:30:37.0955 0x084c [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:30:37.0959 0x084c Dhcp - ok
20:30:37.0990 0x084c [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:30:37.0991 0x084c discache - ok
20:30:38.0004 0x084c [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:30:38.0006 0x084c Disk - ok
20:30:38.0071 0x084c [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:30:38.0074 0x084c Dnscache - ok
20:30:38.0161 0x084c [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:30:38.0166 0x084c dot3svc - ok
20:30:38.0261 0x084c [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:30:38.0270 0x084c DPS - ok
20:30:38.0314 0x084c [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:30:38.0316 0x084c drmkaud - ok
20:30:38.0382 0x084c [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files\Launch Manager\dsiwmis.exe
20:30:38.0388 0x084c DsiWMIService - ok
20:30:38.0464 0x084c [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:30:38.0469 0x084c dtsoftbus01 - ok
20:30:38.0524 0x084c [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:30:38.0532 0x084c DXGKrnl - ok
20:30:38.0554 0x084c [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:30:38.0557 0x084c EapHost - ok
20:30:38.0674 0x084c [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:30:38.0705 0x084c ebdrv - ok
20:30:38.0746 0x084c [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:30:38.0751 0x084c EFS - ok
20:30:38.0800 0x084c [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
20:30:38.0802 0x084c EgisTec Ticket Service - ok
20:30:38.0839 0x084c [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:30:38.0844 0x084c elxstor - ok
20:30:38.0932 0x084c [ 81ECBF63B68F07DAA1185612F00FEBA1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:30:38.0951 0x084c ePowerSvc - ok
20:30:38.0968 0x084c [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:30:38.0970 0x084c ErrDev - ok
20:30:39.0039 0x084c [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:30:39.0046 0x084c EventSystem - ok
20:30:39.0076 0x084c [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:30:39.0080 0x084c exfat - ok
20:30:39.0170 0x084c [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:30:39.0174 0x084c fastfat - ok
20:30:39.0281 0x084c [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:30:39.0296 0x084c Fax - ok
20:30:39.0313 0x084c [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
20:30:39.0316 0x084c fdc - ok
20:30:39.0363 0x084c [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:30:39.0368 0x084c fdPHost - ok
20:30:39.0396 0x084c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:30:39.0399 0x084c FDResPub - ok
20:30:39.0424 0x084c [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:30:39.0427 0x084c FileInfo - ok
20:30:39.0448 0x084c [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:30:39.0450 0x084c Filetrace - ok
20:30:39.0466 0x084c [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:30:39.0469 0x084c flpydisk - ok
20:30:39.0489 0x084c [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:30:39.0492 0x084c FltMgr - ok
20:30:39.0551 0x084c [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
20:30:39.0563 0x084c FontCache - ok
20:30:39.0614 0x084c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:30:39.0616 0x084c FontCache3.0.0.0 - ok
20:30:39.0644 0x084c [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:30:39.0647 0x084c FsDepends - ok
20:30:39.0682 0x084c [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:30:39.0685 0x084c Fs_Rec - ok
20:30:39.0747 0x084c [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:30:39.0753 0x084c fvevol - ok
20:30:39.0792 0x084c [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:30:39.0798 0x084c gagp30kx - ok
20:30:39.0842 0x084c [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:30:39.0847 0x084c GEARAspiWDM - ok
20:30:39.0892 0x084c [ 035EAF9A18B84F9560984BCF41F52E99 ] gfiark C:\Windows\system32\drivers\gfiark.sys
20:30:39.0898 0x084c gfiark - ok
20:30:39.0964 0x084c [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:30:39.0997 0x084c gpsvc - ok
20:30:40.0085 0x084c [ 32096F187020A54D29C95B3A1467D963 ] GREGService C:\Program Files\Acer\Registration\GREGsvc.exe
20:30:40.0087 0x084c GREGService - ok
20:30:40.0227 0x084c [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:30:40.0232 0x084c gupdate - ok
20:30:40.0270 0x084c [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:30:40.0275 0x084c gupdatem - ok
20:30:40.0359 0x084c [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:30:40.0363 0x084c hcw85cir - ok
20:30:40.0388 0x084c [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:30:40.0397 0x084c HdAudAddService - ok
20:30:40.0432 0x084c [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:30:40.0436 0x084c HDAudBus - ok
20:30:40.0453 0x084c [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:30:40.0467 0x084c HidBatt - ok
20:30:40.0482 0x084c [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:30:40.0487 0x084c HidBth - ok
20:30:40.0516 0x084c [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:30:40.0520 0x084c HidIr - ok
20:30:40.0556 0x084c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:30:40.0563 0x084c hidserv - ok
20:30:40.0588 0x084c [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:30:40.0590 0x084c HidUsb - ok
20:30:40.0635 0x084c [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:30:40.0642 0x084c hkmsvc - ok
20:30:40.0687 0x084c [ CEAF89A631C5C78EC26BA15DD888FD52 ] hola_net C:\Windows\system32\DRIVERS\hola_net.sys
20:30:40.0692 0x084c hola_net - ok
20:30:40.0731 0x084c [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:30:40.0749 0x084c HomeGroupListener - ok
20:30:40.0796 0x084c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:30:40.0807 0x084c HomeGroupProvider - ok
20:30:40.0842 0x084c [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:30:40.0847 0x084c HpSAMD - ok
20:30:40.0887 0x084c [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:30:40.0905 0x084c HTTP - ok
20:30:40.0926 0x084c [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:30:40.0928 0x084c hwpolicy - ok
20:30:40.0951 0x084c [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:30:40.0955 0x084c i8042prt - ok
20:30:40.0995 0x084c [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:30:41.0004 0x084c iaStor - ok
20:30:41.0093 0x084c [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:30:41.0095 0x084c IAStorDataMgrSvc - ok
20:30:41.0134 0x084c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:30:41.0143 0x084c iaStorV - ok
20:30:41.0365 0x084c [ 0DFFBA5AE3D2E1C076BD8E6F52C4FDFB ] IconMan_R C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:30:41.0402 0x084c IconMan_R - ok
20:30:41.0479 0x084c [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:30:41.0524 0x084c idsvc - ok
20:30:41.0674 0x084c [ 96FE1D82D1B4420D350AB6493C6FCE41 ] igddim32 C:\Windows\system32\DRIVERS\igddim32.sys
20:30:41.0709 0x084c igddim32 - ok
20:30:41.0747 0x084c [ 30D8327539E11CFE5006BCF762F07EB9 ] igdkmd32 C:\Windows\system32\DRIVERS\igdkmd32.sys
20:30:41.0762 0x084c igdkmd32 - ok
20:30:41.0798 0x084c [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:30:41.0813 0x084c iirsp - ok
20:30:41.0890 0x084c [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:30:41.0913 0x084c IKEEXT - ok
20:30:42.0752 0x084c [ 303129C4432D58DE0A56CF6F25512956 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:30:42.0840 0x084c IntcAzAudAddService - ok
20:30:42.0949 0x084c [ 8F4D251F1EA15FA97E8399128A72CC83 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:30:42.0956 0x084c IntcDAud - ok
20:30:42.0998 0x084c [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:30:43.0002 0x084c intelide - ok
20:30:43.0040 0x084c [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:30:43.0041 0x084c intelppm - ok
20:30:43.0078 0x084c [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:30:43.0083 0x084c IPBusEnum - ok
20:30:43.0106 0x084c [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:30:43.0109 0x084c IpFilterDriver - ok
20:30:43.0244 0x084c [ 58F67245D041FBE7AF88F4EAF79DF0FA ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
20:30:43.0255 0x084c IpHlpSvc - ok
20:30:43.0270 0x084c [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:30:43.0275 0x084c IPMIDRV - ok
20:30:43.0292 0x084c [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:30:43.0297 0x084c IPNAT - ok
20:30:43.0385 0x084c [ D8B8B5A8FE57CF4F307A540D9A153C23 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:30:43.0396 0x084c iPod Service - ok
20:30:43.0420 0x084c [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:30:43.0423 0x084c IRENUM - ok
20:30:43.0435 0x084c [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:30:43.0438 0x084c isapnp - ok
20:30:43.0465 0x084c [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:30:43.0472 0x084c iScsiPrt - ok
20:30:43.0500 0x084c [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:30:43.0504 0x084c kbdclass - ok
20:30:43.0520 0x084c [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:30:43.0524 0x084c kbdhid - ok
20:30:43.0534 0x084c [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:30:43.0537 0x084c KeyIso - ok
20:30:43.0571 0x084c [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:30:43.0575 0x084c KSecDD - ok
20:30:43.0602 0x084c [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:30:43.0607 0x084c KSecPkg - ok
20:30:43.0650 0x084c [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:30:43.0660 0x084c KtmRm - ok
20:30:43.0696 0x084c [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:30:43.0705 0x084c LanmanServer - ok
20:30:43.0727 0x084c [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:30:43.0735 0x084c LanmanWorkstation - ok
20:30:43.0837 0x084c [ 6BB516A31DE232DAB436FF3A117E1E80 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:30:43.0876 0x084c Live Updater Service - ok
20:30:43.0919 0x084c [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:30:43.0925 0x084c lltdio - ok
20:30:43.0964 0x084c [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:30:43.0977 0x084c lltdsvc - ok
20:30:44.0007 0x084c [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:30:44.0013 0x084c lmhosts - ok
20:30:44.0024 0x084c lpncstkd - ok
20:30:44.0073 0x084c [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:30:44.0079 0x084c LSI_FC - ok
20:30:44.0094 0x084c [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:30:44.0099 0x084c LSI_SAS - ok
20:30:44.0113 0x084c [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:30:44.0118 0x084c LSI_SAS2 - ok
20:30:44.0135 0x084c [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:30:44.0141 0x084c LSI_SCSI - ok
20:30:44.0162 0x084c [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:30:44.0167 0x084c luafv - ok
20:30:44.0183 0x084c [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:30:44.0186 0x084c megasas - ok
20:30:44.0200 0x084c [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:30:44.0206 0x084c MegaSR - ok
20:30:44.0807 0x084c Microsoft SharePoint Workspace Audit Service - ok
20:30:44.0857 0x084c [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:30:44.0865 0x084c MMCSS - ok
20:30:44.0896 0x084c [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:30:44.0900 0x084c Modem - ok
20:30:44.0963 0x084c [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:30:44.0966 0x084c monitor - ok
20:30:45.0001 0x084c [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:30:45.0005 0x084c mouclass - ok
20:30:45.0032 0x084c [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:30:45.0036 0x084c mouhid - ok
20:30:45.0066 0x084c [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:30:45.0071 0x084c mountmgr - ok
20:30:45.0104 0x084c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:30:45.0111 0x084c mpio - ok
20:30:45.0142 0x084c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:30:45.0147 0x084c mpsdrv - ok
20:30:45.0205 0x084c [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:30:45.0239 0x084c MpsSvc - ok
20:30:45.0256 0x084c [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:30:45.0262 0x084c MRxDAV - ok
20:30:45.0289 0x084c [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:30:45.0296 0x084c mrxsmb - ok
20:30:45.0340 0x084c [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:30:45.0346 0x084c mrxsmb10 - ok
20:30:45.0363 0x084c [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:30:45.0367 0x084c mrxsmb20 - ok
20:30:45.0378 0x084c [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:30:45.0382 0x084c msahci - ok
20:30:45.0394 0x084c [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:30:45.0399 0x084c msdsm - ok
20:30:45.0423 0x084c [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:30:45.0430 0x084c MSDTC - ok
20:30:45.0462 0x084c [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:30:45.0465 0x084c Msfs - ok
20:30:45.0488 0x084c [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:30:45.0491 0x084c mshidkmdf - ok
20:30:45.0507 0x084c [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:30:45.0510 0x084c msisadrv - ok
20:30:45.0553 0x084c [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:30:45.0560 0x084c MSiSCSI - ok
20:30:45.0569 0x084c msiserver - ok
20:30:45.0596 0x084c [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:30:45.0599 0x084c MSKSSRV - ok
20:30:45.0610 0x084c [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:30:45.0613 0x084c MSPCLOCK - ok
20:30:45.0624 0x084c [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:30:45.0627 0x084c MSPQM - ok
20:30:45.0652 0x084c [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:30:45.0658 0x084c MsRPC - ok
20:30:45.0684 0x084c [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:30:45.0686 0x084c mssmbios - ok
20:30:45.0696 0x084c [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:30:45.0699 0x084c MSTEE - ok
20:30:45.0721 0x084c [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:30:45.0723 0x084c MTConfig - ok
20:30:45.0754 0x084c [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:30:45.0757 0x084c Mup - ok
20:30:45.0781 0x084c [ 383379F94280E5CCE2C563711FD17F43 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:30:45.0784 0x084c mwlPSDFilter - ok
20:30:45.0805 0x084c [ 9DDF22CFFACFE91FB60336276A2F2524 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:30:45.0809 0x084c mwlPSDNServ - ok
20:30:45.0828 0x084c [ 755B8CEFEC291F42CDC560A68CDDE6EF ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:30:45.0832 0x084c mwlPSDVDisk - ok
20:30:45.0896 0x084c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:30:45.0904 0x084c napagent - ok
20:30:45.0934 0x084c [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:30:45.0941 0x084c NativeWifiP - ok
20:30:45.0983 0x084c [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:30:46.0014 0x084c NDIS - ok
20:30:46.0062 0x084c [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:30:46.0076 0x084c NdisCap - ok
20:30:46.0099 0x084c [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:30:46.0103 0x084c NdisTapi - ok
20:30:46.0122 0x084c [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:30:46.0126 0x084c Ndisuio - ok
20:30:46.0148 0x084c [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:30:46.0153 0x084c NdisWan - ok
20:30:46.0163 0x084c [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:30:46.0167 0x084c NDProxy - ok
20:30:46.0203 0x084c [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:30:46.0207 0x084c NetBIOS - ok
20:30:46.0224 0x084c [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:30:46.0230 0x084c NetBT - ok
20:30:46.0247 0x084c [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:30:46.0250 0x084c Netlogon - ok
20:30:46.0296 0x084c [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:30:46.0304 0x084c Netman - ok
20:30:46.0330 0x084c [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:30:46.0341 0x084c netprofm - ok
20:30:46.0381 0x084c [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:30:46.0385 0x084c NetTcpPortSharing - ok
20:30:46.0410 0x084c [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:30:46.0414 0x084c nfrd960 - ok
20:30:46.0595 0x084c [ D10C1F16AAA5EBE1616C9DB7EEF022BA ] NitroDriverReadSpool8 C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
20:30:46.0605 0x084c NitroDriverReadSpool8 - ok
20:30:46.0670 0x084c [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:30:46.0705 0x084c NlaSvc - ok
20:30:46.0767 0x084c [ 43436B5756A45EA11D274B3983204095 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
20:30:46.0776 0x084c nlsX86cc - ok
20:30:47.0334 0x084c [ A634584C506F2C82680039371AA1772C ] NOBU C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
20:30:47.0379 0x084c NOBU - ok
20:30:47.0430 0x084c [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:30:47.0433 0x084c Npfs - ok
20:30:47.0479 0x084c [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:30:47.0486 0x084c nsi - ok
20:30:47.0516 0x084c [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:30:47.0517 0x084c nsiproxy - ok
20:30:47.0598 0x084c [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:30:47.0630 0x084c Ntfs - ok
20:30:47.0723 0x084c [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:30:47.0727 0x084c Null - ok
20:30:47.0762 0x084c [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:30:47.0771 0x084c nvraid - ok
20:30:47.0794 0x084c [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:30:47.0803 0x084c nvstor - ok
20:30:47.0824 0x084c [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:30:47.0832 0x084c nv_agp - ok
20:30:47.0888 0x084c [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:30:47.0895 0x084c ohci1394 - ok
20:30:47.0938 0x084c [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:30:47.0947 0x084c ose - ok
20:30:48.0146 0x084c [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:30:48.0254 0x084c osppsvc - ok
20:30:48.0327 0x084c [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:30:48.0342 0x084c p2pimsvc - ok
20:30:48.0434 0x084c [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:30:48.0467 0x084c p2psvc - ok
20:30:48.0497 0x084c [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
20:30:48.0501 0x084c Parport - ok
20:30:48.0523 0x084c [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:30:48.0527 0x084c partmgr - ok
20:30:48.0552 0x084c [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:30:48.0556 0x084c Parvdm - ok
20:30:48.0614 0x084c [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:30:48.0619 0x084c pci - ok
20:30:48.0666 0x084c [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:30:48.0669 0x084c pciide - ok
20:30:48.0703 0x084c [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:30:48.0709 0x084c pcmcia - ok
20:30:48.0746 0x084c [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:30:48.0750 0x084c pcw - ok
20:30:48.0832 0x084c [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:30:48.0844 0x084c PEAUTH - ok
20:30:48.0932 0x084c [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:30:48.0987 0x084c pla - ok
20:30:49.0036 0x084c [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:30:49.0047 0x084c PlugPlay - ok
20:30:49.0065 0x084c [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:30:49.0073 0x084c PNRPAutoReg - ok
20:30:49.0106 0x084c [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:30:49.0112 0x084c PNRPsvc - ok
20:30:49.0155 0x084c [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:30:49.0162 0x084c Power - ok
20:30:49.0194 0x084c [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:30:49.0198 0x084c PptpMiniport - ok
20:30:49.0227 0x084c [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:30:49.0231 0x084c Processor - ok
20:30:49.0268 0x084c [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:30:49.0276 0x084c ProfSvc - ok
20:30:49.0291 0x084c [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:30:49.0294 0x084c ProtectedStorage - ok
20:30:49.0312 0x084c [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:30:49.0317 0x084c Psched - ok
20:30:49.0371 0x084c [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:30:49.0446 0x084c ql2300 - ok
20:30:49.0478 0x084c [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:30:49.0484 0x084c ql40xx - ok
20:30:49.0513 0x084c [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:30:49.0525 0x084c QWAVE - ok
20:30:49.0547 0x084c [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:30:49.0552 0x084c QWAVEdrv - ok
20:30:49.0565 0x084c [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:30:49.0569 0x084c RasAcd - ok
20:30:49.0602 0x084c [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:30:49.0606 0x084c RasAgileVpn - ok
20:30:49.0639 0x084c [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:30:49.0648 0x084c RasAuto - ok
20:30:49.0677 0x084c [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:30:49.0682 0x084c Rasl2tp - ok
20:30:49.0709 0x084c [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:30:49.0730 0x084c RasMan - ok
20:30:49.0749 0x084c [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:30:49.0755 0x084c RasPppoe - ok
20:30:49.0779 0x084c [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:30:49.0785 0x084c RasSstp - ok
20:30:49.0830 0x084c [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:30:49.0840 0x084c rdbss - ok
20:30:49.0867 0x084c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:30:49.0870 0x084c rdpbus - ok
20:30:49.0918 0x084c [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:30:49.0921 0x084c RDPCDD - ok
20:30:49.0975 0x084c [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:30:49.0978 0x084c RDPENCDD - ok
20:30:50.0011 0x084c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:30:50.0014 0x084c RDPREFMP - ok
20:30:50.0038 0x084c [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:30:50.0045 0x084c RDPWD - ok
20:30:50.0148 0x084c [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:30:50.0158 0x084c rdyboost - ok
20:30:50.0193 0x084c [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:30:50.0205 0x084c RemoteRegistry - ok
20:30:50.0235 0x084c [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:30:50.0242 0x084c RFCOMM - ok
20:30:50.0279 0x084c [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
20:30:50.0284 0x084c RimUsb - ok
20:30:50.0338 0x084c [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:30:50.0349 0x084c RpcEptMapper - ok
20:30:50.0381 0x084c [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:30:50.0387 0x084c RpcLocator - ok
20:30:50.0482 0x084c [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:30:50.0503 0x084c RpcSs - ok
20:30:50.0553 0x084c [ 683B328B077D21F06E18C426DBAC0616 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:30:50.0561 0x084c RSPCIESTOR - ok
20:30:50.0609 0x084c [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:30:50.0613 0x084c rspndr - ok
20:30:50.0715 0x084c [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
20:30:50.0722 0x084c RS_Service - ok
20:30:50.0786 0x084c [ 6A2586DCB5B04A52404699EB325DF1DB ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
20:30:50.0799 0x084c RTL8167 - ok
20:30:50.0824 0x084c [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:30:50.0843 0x084c SamSs - ok
20:30:50.0866 0x084c [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:30:50.0872 0x084c sbp2port - ok
20:30:50.0902 0x084c [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:30:50.0912 0x084c SCardSvr - ok
20:30:50.0936 0x084c [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:30:50.0941 0x084c scfilter - ok
20:30:50.0988 0x084c [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:30:51.0032 0x084c Schedule - ok
20:30:51.0069 0x084c [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:30:51.0072 0x084c SCPolicySvc - ok
20:30:51.0099 0x084c [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:30:51.0109 0x084c SDRSVC - ok
20:30:51.0128 0x084c [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:30:51.0132 0x084c secdrv - ok
20:30:51.0146 0x084c [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:30:51.0155 0x084c seclogon - ok
20:30:51.0182 0x084c [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:30:51.0188 0x084c SENS - ok
20:30:51.0200 0x084c [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:30:51.0206 0x084c SensrSvc - ok
20:30:51.0224 0x084c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:30:51.0228 0x084c Serenum - ok
20:30:51.0240 0x084c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
20:30:51.0245 0x084c Serial - ok
20:30:51.0255 0x084c [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:30:51.0259 0x084c sermouse - ok
20:30:51.0291 0x084c [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:30:51.0299 0x084c SessionEnv - ok
20:30:51.0311 0x084c [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:30:51.0314 0x084c sffdisk - ok
20:30:51.0324 0x084c [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:30:51.0327 0x084c sffp_mmc - ok
20:30:51.0337 0x084c [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:30:51.0341 0x084c sffp_sd - ok
20:30:51.0353 0x084c [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:30:51.0356 0x084c sfloppy - ok
20:30:51.0434 0x084c [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:30:51.0456 0x084c Sftfs - ok
20:30:51.0526 0x084c [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
20:30:51.0539 0x084c sftlist - ok
20:30:51.0568 0x084c [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:30:51.0575 0x084c Sftplay - ok
20:30:51.0606 0x084c [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:30:51.0610 0x084c Sftredir - ok
20:30:51.0645 0x084c [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:30:51.0650 0x084c Sftvol - ok
20:30:51.0682 0x084c [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
20:30:51.0688 0x084c sftvsa - ok
20:30:51.0731 0x084c [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:30:51.0742 0x084c SharedAccess - ok
20:30:51.0777 0x084c [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:30:51.0798 0x084c ShellHWDetection - ok
20:30:51.0830 0x084c [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:30:51.0835 0x084c sisagp - ok
20:30:51.0849 0x084c [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:30:51.0853 0x084c SiSRaid2 - ok
20:30:51.0870 0x084c [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:30:51.0875 0x084c SiSRaid4 - ok
20:30:51.0911 0x084c [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:30:51.0915 0x084c SkypeUpdate - ok
20:30:51.0925 0x084c [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:30:51.0929 0x084c Smb - ok
20:30:51.0968 0x084c [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:30:51.0975 0x084c SNMPTRAP - ok
20:30:51.0996 0x084c [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:30:51.0999 0x084c spldr - ok
20:30:52.0044 0x084c [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:30:52.0055 0x084c Spooler - ok
20:30:52.0263 0x084c [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:30:52.0304 0x084c sppsvc - ok
20:30:52.0332 0x084c [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:30:52.0359 0x084c sppuinotify - ok
20:30:52.0404 0x084c [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:30:52.0413 0x084c srv - ok
20:30:52.0436 0x084c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:30:52.0449 0x084c srv2 - ok
20:30:52.0472 0x084c [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:30:52.0477 0x084c srvnet - ok
20:30:52.0521 0x084c [ 6A09C136CF33547820CB963E4D5AAF9E ] SSCBFS3 C:\Windows\system32\DRIVERS\sscbfs3.sys
20:30:52.0527 0x084c SSCBFS3 - ok
20:30:52.0569 0x084c [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:30:52.0575 0x084c SSDPSRV - ok
20:30:52.0595 0x084c [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:30:52.0604 0x084c SstpSvc - ok
20:30:52.0638 0x084c [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:30:52.0642 0x084c stexstor - ok
20:30:52.0685 0x084c [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:30:52.0702 0x084c StiSvc - ok
20:30:52.0720 0x084c [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:30:52.0724 0x084c swenum - ok
20:30:52.0762 0x084c [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:30:52.0774 0x084c swprv - ok
20:30:52.0838 0x084c [ 31B6B2D25FCFF1B71AE225000D656CD0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:30:52.0880 0x084c SynTP - ok
20:30:52.0957 0x084c [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:30:52.0993 0x084c SysMain - ok
20:30:53.0025 0x084c [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:30:53.0033 0x084c TabletInputService - ok
20:30:53.0058 0x084c [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:30:53.0068 0x084c TapiSrv - ok
20:30:53.0088 0x084c [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:30:53.0095 0x084c TBS - ok
20:30:53.0177 0x084c [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:30:53.0243 0x084c Tcpip - ok
20:30:53.0290 0x084c [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:30:53.0303 0x084c TCPIP6 - ok
20:30:53.0325 0x084c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:30:53.0328 0x084c tcpipreg - ok
20:30:53.0368 0x084c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:30:53.0372 0x084c TDPIPE - ok
20:30:53.0382 0x084c [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:30:53.0385 0x084c TDTCP - ok
20:30:53.0402 0x084c [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:30:53.0407 0x084c tdx - ok
20:30:53.0424 0x084c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:30:53.0428 0x084c TermDD - ok
20:30:53.0473 0x084c [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:30:53.0492 0x084c TermService - ok
20:30:53.0514 0x084c [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:30:53.0521 0x084c Themes - ok
20:30:53.0544 0x084c [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:30:53.0550 0x084c THREADORDER - ok
20:30:53.0579 0x084c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:30:53.0586 0x084c TrkWks - ok
20:30:53.0646 0x084c [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:30:53.0651 0x084c TrustedInstaller - ok
20:30:53.0690 0x084c [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:30:53.0693 0x084c tssecsrv - ok
20:30:53.0729 0x084c [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:30:53.0732 0x084c TsUsbFlt - ok
20:30:53.0750 0x084c [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:30:53.0754 0x084c TsUsbGD - ok
20:30:53.0773 0x084c [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:30:53.0780 0x084c tunnel - ok
20:30:53.0790 0x084c [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:30:53.0793 0x084c uagp35 - ok
20:30:53.0809 0x084c [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:30:53.0816 0x084c udfs - ok
20:30:53.0903 0x084c [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:30:53.0911 0x084c UI0Detect - ok
20:30:53.0921 0x084c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:30:53.0925 0x084c uliagpkx - ok
20:30:53.0948 0x084c [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:30:53.0953 0x084c umbus - ok
20:30:53.0962 0x084c [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:30:53.0965 0x084c UmPass - ok
20:30:54.0003 0x084c [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:30:54.0021 0x084c upnphost - ok
20:30:54.0045 0x084c [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:30:54.0049 0x084c usbccgp - ok
20:30:54.0073 0x084c [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:30:54.0078 0x084c usbcir - ok
20:30:54.0102 0x084c [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:30:54.0106 0x084c usbehci - ok
20:30:54.0139 0x084c [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:30:54.0145 0x084c usbhub - ok
20:30:54.0163 0x084c [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:30:54.0167 0x084c usbohci - ok
20:30:54.0178 0x084c [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:30:54.0183 0x084c usbprint - ok
20:30:54.0206 0x084c [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:30:54.0208 0x084c USBSTOR - ok
20:30:54.0235 0x084c [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:30:54.0245 0x084c usbuhci - ok
20:30:54.0263 0x084c [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:30:54.0269 0x084c usbvideo - ok
20:30:54.0295 0x084c [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:30:54.0302 0x084c UxSms - ok
20:30:54.0323 0x084c [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:30:54.0327 0x084c VaultSvc - ok
20:30:54.0343 0x084c [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:30:54.0346 0x084c vdrvroot - ok
20:30:54.0379 0x084c [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:30:54.0399 0x084c vds - ok
20:30:54.0420 0x084c [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:30:54.0424 0x084c vga - ok
20:30:54.0448 0x084c [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:30:54.0452 0x084c VgaSave - ok
20:30:54.0464 0x084c [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:30:54.0470 0x084c vhdmp - ok
20:30:54.0481 0x084c [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:30:54.0485 0x084c viaagp - ok
20:30:54.0496 0x084c [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:30:54.0500 0x084c ViaC7 - ok
20:30:54.0511 0x084c [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:30:54.0515 0x084c viaide - ok
20:30:54.0537 0x084c [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:30:54.0540 0x084c volmgr - ok
20:30:54.0582 0x084c [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:30:54.0590 0x084c volmgrx - ok
20:30:54.0625 0x084c [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:30:54.0630 0x084c volsnap - ok
20:30:54.0657 0x084c [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:30:54.0682 0x084c vsmraid - ok
20:30:54.0748 0x084c [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:30:54.0832 0x084c VSS - ok
20:30:54.0852 0x084c [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:30:54.0857 0x084c vwifibus - ok
20:30:54.0936 0x084c [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:30:54.0943 0x084c vwififlt - ok
20:30:54.0995 0x084c [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:30:55.0009 0x084c W32Time - ok
20:30:55.0044 0x084c [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:30:55.0048 0x084c WacomPen - ok
20:30:55.0072 0x084c [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:30:55.0078 0x084c WANARP - ok
20:30:55.0086 0x084c [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:30:55.0088 0x084c Wanarpv6 - ok
20:30:55.0133 0x084c [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:30:55.0179 0x084c wbengine - ok
20:30:55.0203 0x084c [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:30:55.0229 0x084c WbioSrvc - ok
20:30:55.0259 0x084c [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:30:55.0276 0x084c wcncsvc - ok
20:30:55.0306 0x084c [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:30:55.0319 0x084c WcsPlugInService - ok
20:30:55.0342 0x084c [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:30:55.0348 0x084c Wd - ok
20:30:55.0406 0x084c [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:30:55.0422 0x084c Wdf01000 - ok
20:30:55.0444 0x084c [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:30:55.0452 0x084c WdiServiceHost - ok
20:30:55.0460 0x084c [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:30:55.0466 0x084c WdiSystemHost - ok
20:30:55.0480 0x084c [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:30:55.0490 0x084c WebClient - ok
20:30:55.0520 0x084c [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:30:55.0530 0x084c Wecsvc - ok
20:30:55.0551 0x084c [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:30:55.0560 0x084c wercplsupport - ok
20:30:55.0573 0x084c [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:30:55.0581 0x084c WerSvc - ok
20:30:55.0610 0x084c [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:30:55.0614 0x084c WfpLwf - ok
20:30:55.0631 0x084c [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:30:55.0635 0x084c WIMMount - ok
20:30:55.0770 0x084c [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:30:55.0787 0x084c WinDefend - ok
20:30:55.0815 0x084c WinHttpAutoProxySvc - ok
20:30:55.0962 0x084c [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:30:55.0970 0x084c Winmgmt - ok
20:30:56.0056 0x084c [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:30:56.0111 0x084c WinRM - ok
20:30:56.0165 0x084c [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:30:56.0187 0x084c WinUsb - ok
20:30:56.0286 0x084c [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:30:56.0363 0x084c Wlansvc - ok
20:30:56.0460 0x084c [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:30:56.0469 0x084c wlcrasvc - ok
20:30:56.0708 0x084c [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:30:56.0778 0x084c wlidsvc - ok
20:30:56.0833 0x084c [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:30:56.0834 0x084c WmiAcpi - ok
20:30:56.0903 0x084c [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:30:56.0907 0x084c wmiApSrv - ok
20:30:57.0085 0x084c [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:30:57.0130 0x084c WMPNetworkSvc - ok
20:30:57.0164 0x084c [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:30:57.0177 0x084c WPCSvc - ok
20:30:57.0199 0x084c [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:30:57.0211 0x084c WPDBusEnum - ok
20:30:57.0245 0x084c [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:30:57.0251 0x084c ws2ifsl - ok
20:30:57.0280 0x084c [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:30:57.0291 0x084c wscsvc - ok
20:30:57.0304 0x084c WSearch - ok
20:30:57.0457 0x084c [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:30:57.0529 0x084c wuauserv - ok
20:30:57.0578 0x084c [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:30:57.0584 0x084c WudfPf - ok
20:30:57.0622 0x084c [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:30:57.0626 0x084c WUDFRd - ok
20:30:57.0660 0x084c [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:30:57.0669 0x084c wudfsvc - ok
20:30:57.0740 0x084c [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:30:57.0764 0x084c WwanSvc - ok
20:30:57.0809 0x084c ================ Scan global ===============================
20:30:57.0866 0x084c [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:30:57.0990 0x084c [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:30:58.0021 0x084c [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:30:58.0065 0x084c [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:30:58.0142 0x084c [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:30:58.0149 0x084c [Global] - ok
20:30:58.0152 0x084c ================ Scan MBR ==================================
20:30:58.0182 0x084c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:30:59.0118 0x084c \Device\Harddisk0\DR0 - ok
20:30:59.0131 0x084c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:32:08.0041 0x084c \Device\Harddisk1\DR1 - ok
20:32:08.0043 0x084c ================ Scan VBR ==================================
20:32:08.0103 0x084c [ DB78C982ECBC3D1A3C624B7ECFBDBD81 ] \Device\Harddisk0\DR0\Partition1
20:32:08.0107 0x084c \Device\Harddisk0\DR0\Partition1 - ok
20:32:08.0134 0x084c [ 6275B959055016181A8E6210A7B09003 ] \Device\Harddisk0\DR0\Partition2
20:32:08.0139 0x084c \Device\Harddisk0\DR0\Partition2 - ok
20:32:08.0151 0x084c [ 7681D9846BED079E8C74F576A6A8DFF7 ] \Device\Harddisk1\DR1\Partition1
20:32:08.0154 0x084c \Device\Harddisk1\DR1\Partition1 - ok
20:32:08.0156 0x084c ============================================================
20:32:08.0156 0x084c Scan finished
20:32:08.0156 0x084c ============================================================
20:32:08.0189 0x168c Detected object count: 0
20:32:08.0189 0x168c Actual detected object count: 0
20:33:24.0650 0x0f04 Deinitialize success



#6 paolok6

paolok6
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 16 September 2013 - 08:06 PM

 I scanned part of the hard drive with MSE and MalwareBytes after Combofix enabled me to download and install them, but aborted the scan when I was told not to do anything more to the PC. Attached are Malware Bytes' log of what it and MSE found (no log for MSE). 

 
I think the malware won't let me post to forums from the infected PC so it's still there. Am I supposed to disconnect my infected PC from the internet? Am I also supposed to stop using other applications or can I edit MS Office files? Are files created from my PC infected (say, a compressed folder)? Lastly, are files saved in cloud services like Dropbox/Google Drive potentially infected?

 

Attached Files



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:09 PM

Posted 17 September 2013 - 01:41 AM

You were infected by teo different nasty rootkits. I won´t transfer any files from or to the infected machine until we have clearly identified the threat.

Don´t disconnect it from the internet yet.

 

 

Scan with Malwarebytes Anti-Rootkit

Please download Malwarebytes Anti-Rootkit from here Malwarebytes : Malwarebytes Anti-Rootkit and save it to your desktop.

Be sure to print out and follow the instructions provided on that same page.

Caution: This is a beta version so please be sure to read the disclaimer and back up any important data before using.

  • Double click the mbar.zip file to open it, then 'Extract all files'.
  • Double click the mbar folder to open it, then double click mbar.exe to start the tool.

Check for Updates, then Scan your system for malware

If malware is found, do NOT press the Cleanup button yet. Click EXIT.

I'd like to see the log first so I can see what it sees. You'll find the log in that mbar folder as MBAR-log-[date and time]***.txt . Please attach that to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 paolok6

paolok6
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 17 September 2013 - 04:21 AM

There was a popup that said "Error". The explanation given was "The system volume seems inaccessible or encrypted. Scan can't continue."

In the background of this pop-up, it says "Congratulations, no cleanup is required". Upon exiting the popup it adds "Scan Finished, No malware found!".

 

The log produced is pasted below and also attached.

 

BTW, can I still use Dropbox and other cloud sharing? I have temporarily disabled Dropbox and Google Drive connection between my infected PC and my other one.

 

 
Malwarebytes Anti-Rootkit BETA 1.07.0.1005
www.malwarebytes.org
 
Database version: v2013.09.17.03
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16576
Paolo :: PAOLO-PC [administrator]
 
9/17/2013 5:15:37 PM
mbar-log-2013-09-17 (17-15-37).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 0
Time elapsed: 31 second(s) [aborted]
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)

 

Attached Files


Edited by paolok6, 17 September 2013 - 04:26 AM.


#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:09 PM

Posted 17 September 2013 - 05:14 AM

Delete your existing copy of Combofix.

 

 

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 paolok6

paolok6
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 17 September 2013 - 08:12 PM

ComboFix 13-09-17.01 - Paolo 09/18/2013   9:22.3.4 - x86
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.1.1033.18.2036.971 [GMT 8:00]
Running from: c:\users\Paolo\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-18 to 2013-09-18  )))))))))))))))))))))))))))))))
.
.
2013-09-18 01:37 . 2013-09-18 01:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-18 01:00 . 2013-09-18 01:00 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2013-09-18 00:44 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E915C3BB-D8CE-411C-98DF-4290EE24E665}\mpengine.dll
2013-09-17 09:15 . 2013-09-17 09:15 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-09-17 01:33 . 2013-09-17 01:33 -------- d-----w- c:\windows\Microsoft Antimalware
2013-09-16 22:57 . 2013-09-16 22:57 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-09-16 22:42 . 2013-09-16 22:42 -------- d-----w- c:\windows\system32\MRT
2013-09-16 16:11 . 2013-09-16 16:11 144896 ----a-w- c:\programdata\Microsoft\Media Tools\temp\tmpE7B2.exe
2013-09-16 14:41 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-09-16 14:41 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-09-16 14:41 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-09-16 14:41 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-09-16 14:41 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-09-16 14:40 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-09-16 14:39 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-09-16 14:39 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-09-16 14:39 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-09-16 14:39 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-09-16 14:39 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-09-16 14:38 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2013-09-16 14:38 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2013-09-16 14:38 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2013-09-16 14:37 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-16 14:37 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll
2013-09-16 14:37 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-09-16 14:36 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-09-16 14:36 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-16 14:35 . 2013-08-05 01:56 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-16 14:35 . 2013-08-08 01:03 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-09-16 14:35 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-09-16 14:09 . 2013-09-16 14:09 718712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{595645E9-E1FD-4600-8D74-9DC4B6DF8FD7}\gapaengine.dll
2013-09-16 14:09 . 2013-08-05 16:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-16 14:02 . 2013-09-16 14:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-16 14:02 . 2013-04-04 06:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-16 13:51 . 2013-08-19 16:47 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{12EEF00A-87E9-4009-A863-7358623F9FFA}\mpengine.dll
2013-09-16 12:28 . 2013-09-16 12:28 -------- d-----w- c:\windows\TempC1A4303C-F122-1312-D7B3-9B29E88E1CBD-Signatures
2013-09-16 12:22 . 2013-09-16 12:22 -------- d-----w- C:\TDSSKiller_Quarantine
2013-09-15 16:01 . 2013-09-15 16:01 -------- d-----w- c:\program files\x264 Video Codec
2013-09-15 06:15 . 2013-09-15 06:16 -------- d-----w- c:\users\Paolo\AppData\Roaming\FireShot
2013-09-13 12:26 . 2013-09-13 12:26 238544 ----a-w- c:\windows\system32\gcp_portmon.dll
2013-09-11 10:40 . 2013-09-11 10:40 0 ----a-w- c:\windows\system32\shoD62A.tmp
2013-09-10 13:03 . 2013-09-10 13:03 -------- d-----w- c:\program files\Web Resizer
2013-09-04 05:45 . 2013-09-04 05:45 -------- d-----w- c:\users\Paolo\AppData\Roaming\Mapi2Xml
2013-09-03 11:02 . 2013-09-03 11:02 -------- d-----w- c:\users\Paolo\AppData\Local\IsolatedStorage
2013-09-03 10:49 . 2013-09-03 10:49 -------- d-----w- c:\program files\Notably Good Ltd
2013-09-03 09:47 . 2013-09-03 09:47 -------- d-----w- c:\program files\NirSoft
2013-09-03 09:25 . 2013-09-03 09:26 -------- d-----w- c:\users\Paolo\AppData\Roaming\Nitro PDF
2013-09-03 09:05 . 2013-09-03 09:05 -------- d-----w- c:\users\Paolo\AppData\Roaming\OfficeTab
2013-09-03 08:45 . 2013-09-03 08:46 -------- d-----w- c:\program files\Tracker Software
2013-09-03 08:00 . 2013-09-03 08:00 -------- d-----w- c:\users\Paolo\AppData\Roaming\Nitro
2013-09-03 08:00 . 2013-09-03 08:00 -------- d-----w- c:\users\Paolo\AppData\Roaming\FileOpen
2013-09-03 08:00 . 2013-09-03 08:00 -------- d-----w- c:\programdata\FileOpen
2013-09-03 07:59 . 2013-07-24 13:22 18440 ----a-w- c:\windows\system32\nitrolocalui2.dll
2013-09-03 07:59 . 2013-07-24 13:22 27144 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\program files\Common Files\Nitro
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\programdata\Licenses
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\program files\Nitro
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\programdata\Nitro
2013-09-03 07:54 . 2013-09-03 07:54 -------- d-----w- c:\program files\Detong
2013-09-03 07:52 . 2013-09-03 07:52 -------- d-----w- c:\users\Paolo\AppData\Roaming\Downloaded Installations
2013-09-03 07:12 . 2013-09-03 07:13 -------- d-----w- c:\program files\LastPass
2013-09-03 00:51 . 2013-09-03 00:51 -------- d-----w- C:\found.008
2013-09-01 16:19 . 2013-09-14 14:09 -------- d-----w- C:\_acestream_cache_
2013-09-01 16:18 . 2013-09-14 14:09 -------- d-----w- c:\users\Paolo\AppData\Roaming\.ACEStream
2013-09-01 16:17 . 2013-09-01 16:18 -------- d-----w- c:\users\Paolo\AppData\Roaming\ACEStream
2013-08-29 13:28 . 2013-08-29 13:28 73880 ----a-w- c:\windows\system32\drivers\hola_net.sys
2013-08-29 13:28 . 2013-08-29 13:28 73368 ----a-w- c:\windows\system32\drivers\hola_mon_drv.sys
2013-08-29 13:28 . 2013-08-29 13:28 476056 ----a-w- c:\windows\system32\drivers\hola_drv.sys
2013-08-29 13:28 . 2013-08-29 13:29 -------- d-----w- c:\program files\Hola
2013-08-19 11:59 . 2013-09-18 01:17 -------- d-----w- c:\users\Paolo\AppData\Roaming\7 Sticky Notes
2013-08-19 11:58 . 2012-10-13 14:20 805376 ----a-w- c:\windows\system32\EditCtlsU.ocx
2013-08-19 11:58 . 2011-08-13 13:06 1031168 ----a-w- c:\windows\system32\ExLVwU.ocx
2013-08-19 11:58 . 2011-05-20 16:02 604672 ----a-w- c:\windows\system32\ExTVwU.ocx
2013-08-19 11:58 . 2004-03-08 16:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2013-08-19 11:58 . 2000-05-22 04:58 140488 ----a-w- c:\windows\system32\comdlg32.ocx
2013-08-19 11:58 . 1998-06-23 17:00 198456 ----a-w- c:\windows\system32\MCI32.OCX
2013-08-19 11:57 . 2005-04-15 07:58 1351392 ----a-w- c:\windows\system32\comctl32.ocx
2013-08-19 11:57 . 2004-03-09 06:45 212240 ----a-w- c:\windows\system32\richtx32.ocx
2013-08-19 11:57 . 2013-08-19 11:58 -------- d-----w- c:\program files\7 Sticky Notes
2013-08-19 11:57 . 2008-01-19 03:34 554008 ----a-w- c:\windows\system32\dao360.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-18 01:18 . 2013-04-29 04:57 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2013-09-13 10:02 . 2012-07-23 08:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-13 10:02 . 2012-07-23 08:33 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-18 12:54 . 2013-08-18 12:55 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-18 12:54 . 2013-03-18 02:25 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-18 12:54 . 2013-03-18 02:25 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-06 20:22 . 2013-02-24 22:33 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-07-24 13:23 . 2013-07-24 13:23 69640 ----a-w- c:\windows\system32\NLSSRV32.EXE
2013-06-26 11:23 . 2013-06-26 11:23 20136 ----a-w- c:\windows\system32\drivers\Sftvollh.sys
2013-06-26 11:23 . 2013-06-26 11:23 24232 ----a-w- c:\windows\system32\drivers\Sftredirlh.sys
2013-06-26 11:23 . 2013-06-26 11:23 197800 ----a-w- c:\windows\system32\drivers\Sftplaylh.sys
2013-06-26 11:23 . 2013-06-26 11:23 1084072 ----a-w- c:\windows\system32\sftldr.dll
2013-06-26 11:22 . 2013-06-26 11:22 583848 ----a-w- c:\windows\system32\drivers\Sftfslh.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-04-29 04:58 222808 ----a-w- c:\users\Paolo\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-04-29 04:58 222808 ----a-w- c:\users\Paolo\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-04-29 04:58 222808 ----a-w- c:\users\Paolo\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MediaIconsOverlay]
@="{1EC23CFF-4C58-458f-924C-8519AEF61B32}"
[HKEY_CLASSES_ROOT\CLSID\{1EC23CFF-4C58-458f-924C-8519AEF61B32}]
2013-09-15 16:01 225280 ----a-w- c:\programdata\Microsoft\Media Tools\MediaIconsOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{69925D1B-6A0F-4413-861A-81AB98039DB9}"
[HKEY_CLASSES_ROOT\CLSID\{69925D1B-6A0F-4413-861A-81AB98039DB9}]
2013-01-30 05:12 159488 ----a-w- c:\windows\System32\SSCbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{39D54CC2-69CF-43b4-B167-577D25E7F496}"
[HKEY_CLASSES_ROOT\CLSID\{39D54CC2-69CF-43b4-B167-577D25E7F496}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncSharedPending]
@="{F7395C2E-A5D8-4a32-9536-5C6A9F1DC450}"
[HKEY_CLASSES_ROOT\CLSID\{F7395C2E-A5D8-4a32-9536-5C6A9F1DC450}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F.lux"="c:\users\Paolo\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2013-06-27 20097696]
"Facebook Update"="c:\users\Paolo\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-06-30 138096]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2013-03-10 2598496]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Affixa"="c:\program files\Notably Good Ltd\Affixa\AffixaTray.exe" [2013-08-09 838768]
"E7428167E15C013EAD8A642BC66E67B24899F6C5._service_run"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-09-02 829392]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-07-06 142144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-07-06 175936]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-07-06 168256]
"GfxServiceInstall"="c:\windows\system32\GfxCUIServiceInstall.vbs" [2012-06-27 131]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-10-08 1934632]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-01-10 10959464]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-08 714120]
"Everything"="c:\program files\Everything\Everything.exe" [2009-03-13 602624]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-11 253816]
"AffixaPersonalSettings"="c:\program files\Notably Good Ltd\Affixa\AffixaHandler.exe" [2013-08-09 299632]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-08-16 152392]
"MRT"="c:\windows\system32\MRT.exe" [2013-09-01 76725432]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
c:\users\Paolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
7 Sticky Notes.lnk - c:\program files\7 Sticky Notes\7StickyNotes.exe [2013-8-19 10661888]
Dropbox.lnk - c:\users\Paolo\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{C28617FD-4FE7-4043-AD51-C8132CE90106}"= "c:\windows\system32\SSCbFsMntNtf3.dll" [2013-01-30 159488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"EldosMountNotificator"= {C28617FD-4FE7-4043-AD51-C8132CE90106} - c:\windows\system32\SSCbFsMntNtf3.dll [2013-01-30 159488]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 lpncstkd;lpncstkd;c:\windows\system32\drivers\lpncstkd.sys [x]
R1 nhjybiuk;nhjybiuk;c:\windows\system32\drivers\nhjybiuk.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-09-16 35488]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-09-16 290976]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-09-16 97440]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-09-16 147616]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-09-16 60064]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-09-16 263968]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-09-16 440992]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2013-04-11 41584]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-07-18 295376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-23 242240]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-23 21600]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-23 16936]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-23 62240]
S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2011-09-16 84640]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2013-03-26 23552]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-08 738688]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Nitro\Pro 8\NitroPDFDriverService8.exe [2013-07-24 196616]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [2013-07-24 69640]
S2 NOBU;Norton Online Backup;c:\program files\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-09-16 25248]
S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
S3 igdkmd32;igdkmd32;c:\windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S3 SSCBFS3;SugarSync CallBack File System driver v3;c:\windows\system32\DRIVERS\sscbfs3.sys [2013-01-30 295936]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ   SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 09:16 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-23 10:02]
.
2013-09-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2104525065-2349409941-407069166-1000Core.job
- c:\users\Paolo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30 03:16]
.
2013-09-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2104525065-2349409941-407069166-1000UA.job
- c:\users\Paolo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30 03:16]
.
2013-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-24 13:51]
.
2013-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-24 13:51]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www1.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=2CB9083E8E26BB5C
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-MSC - c:\program files\Microsoft Security Client\mssecex.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2096)
c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
c:\windows\system32\SSCbFsMntNtf3.dll
c:\program files\Acer\Acer ePower Management\SysHook.dll
.
Completion time: 2013-09-18  09:40:58
ComboFix-quarantined-files.txt  2013-09-18 01:40
ComboFix2.txt  2013-09-16 13:40
.
Pre-Run: 281,502,855,168 bytes free
Post-Run: 281,351,737,344 bytes free
.
- - End Of File - - 0156A9C8A7BE993451AB4D9108879135
A36C5E4F47E84449FF07ED3517B43A31

Edited by paolok6, 17 September 2013 - 08:56 PM.


#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:09 PM

Posted 18 September 2013 - 02:43 AM

Combofix scripting

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Download the attached CFScript.txt and save it to the location where Combofix is.


CFScriptB-4.gif


Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

 

 

 

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 paolok6

paolok6
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 18 September 2013 - 07:03 AM

ComboFix 13-09-17.01 - Paolo 09/18/2013  16:18:26.4.4 - x86
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.1.1033.18.2036.1127 [GMT 8:00]
Running from: c:\users\Paolo\Desktop\ComboFix.exe
Command switches used :: c:\users\Paolo\Downloads\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Media Tools\temp\tmpE7B2.exe"
"c:\windows\system32\drivers\lpncstkd.sys"
"c:\windows\system32\drivers\nhjybiuk.sys"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_lpncstkd
-------\Service_nhjybiuk
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-18 to 2013-09-18  )))))))))))))))))))))))))))))))
.
.
2013-09-18 09:10 . 2013-09-18 09:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-18 01:00 . 2013-09-18 01:00 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2013-09-18 00:44 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E915C3BB-D8CE-411C-98DF-4290EE24E665}\mpengine.dll
2013-09-17 09:15 . 2013-09-17 09:15 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-09-17 01:33 . 2013-09-17 01:33 -------- d-----w- c:\windows\Microsoft Antimalware
2013-09-16 22:57 . 2013-09-16 22:57 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-09-16 22:42 . 2013-09-16 22:42 -------- d-----w- c:\windows\system32\MRT
2013-09-16 16:11 . 2013-09-16 16:11 144896 ----a-w- c:\programdata\Microsoft\Media Tools\temp\tmpE7B2.exe
2013-09-16 14:41 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-09-16 14:41 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-09-16 14:41 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-09-16 14:41 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-09-16 14:41 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-09-16 14:40 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-09-16 14:39 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-09-16 14:39 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-09-16 14:39 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-09-16 14:39 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-09-16 14:39 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-09-16 14:38 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2013-09-16 14:38 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2013-09-16 14:38 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2013-09-16 14:37 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-16 14:37 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll
2013-09-16 14:37 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-09-16 14:36 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-09-16 14:36 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-16 14:35 . 2013-08-05 01:56 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-16 14:35 . 2013-08-08 01:03 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-09-16 14:35 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-09-16 14:09 . 2013-09-16 14:09 718712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{595645E9-E1FD-4600-8D74-9DC4B6DF8FD7}\gapaengine.dll
2013-09-16 14:09 . 2013-08-05 16:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-16 14:02 . 2013-09-16 14:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-16 14:02 . 2013-04-04 06:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-16 13:51 . 2013-08-19 16:47 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{12EEF00A-87E9-4009-A863-7358623F9FFA}\mpengine.dll
2013-09-16 12:28 . 2013-09-16 12:28 -------- d-----w- c:\windows\TempC1A4303C-F122-1312-D7B3-9B29E88E1CBD-Signatures
2013-09-16 12:22 . 2013-09-16 12:22 -------- d-----w- C:\TDSSKiller_Quarantine
2013-09-15 16:01 . 2013-09-15 16:01 -------- d-----w- c:\program files\x264 Video Codec
2013-09-15 06:15 . 2013-09-15 06:16 -------- d-----w- c:\users\Paolo\AppData\Roaming\FireShot
2013-09-13 12:26 . 2013-09-13 12:26 238544 ----a-w- c:\windows\system32\gcp_portmon.dll
2013-09-11 10:40 . 2013-09-11 10:40 0 ----a-w- c:\windows\system32\shoD62A.tmp
2013-09-10 13:03 . 2013-09-10 13:03 -------- d-----w- c:\program files\Web Resizer
2013-09-04 05:45 . 2013-09-04 05:45 -------- d-----w- c:\users\Paolo\AppData\Roaming\Mapi2Xml
2013-09-03 11:02 . 2013-09-03 11:02 -------- d-----w- c:\users\Paolo\AppData\Local\IsolatedStorage
2013-09-03 10:49 . 2013-09-03 10:49 -------- d-----w- c:\program files\Notably Good Ltd
2013-09-03 09:47 . 2013-09-03 09:47 -------- d-----w- c:\program files\NirSoft
2013-09-03 09:25 . 2013-09-03 09:26 -------- d-----w- c:\users\Paolo\AppData\Roaming\Nitro PDF
2013-09-03 09:05 . 2013-09-03 09:05 -------- d-----w- c:\users\Paolo\AppData\Roaming\OfficeTab
2013-09-03 08:45 . 2013-09-03 08:46 -------- d-----w- c:\program files\Tracker Software
2013-09-03 08:00 . 2013-09-03 08:00 -------- d-----w- c:\users\Paolo\AppData\Roaming\Nitro
2013-09-03 08:00 . 2013-09-03 08:00 -------- d-----w- c:\users\Paolo\AppData\Roaming\FileOpen
2013-09-03 08:00 . 2013-09-03 08:00 -------- d-----w- c:\programdata\FileOpen
2013-09-03 07:59 . 2013-07-24 13:22 18440 ----a-w- c:\windows\system32\nitrolocalui2.dll
2013-09-03 07:59 . 2013-07-24 13:22 27144 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\program files\Common Files\Nitro
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\programdata\Licenses
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\program files\Nitro
2013-09-03 07:57 . 2013-09-03 07:57 -------- d-----w- c:\programdata\Nitro
2013-09-03 07:54 . 2013-09-03 07:54 -------- d-----w- c:\program files\Detong
2013-09-03 07:52 . 2013-09-03 07:52 -------- d-----w- c:\users\Paolo\AppData\Roaming\Downloaded Installations
2013-09-03 07:12 . 2013-09-03 07:13 -------- d-----w- c:\program files\LastPass
2013-09-03 00:51 . 2013-09-03 00:51 -------- d-----w- C:\found.008
2013-09-01 16:19 . 2013-09-14 14:09 -------- d-----w- C:\_acestream_cache_
2013-09-01 16:18 . 2013-09-14 14:09 -------- d-----w- c:\users\Paolo\AppData\Roaming\.ACEStream
2013-09-01 16:17 . 2013-09-01 16:18 -------- d-----w- c:\users\Paolo\AppData\Roaming\ACEStream
2013-08-29 13:28 . 2013-08-29 13:28 73880 ----a-w- c:\windows\system32\drivers\hola_net.sys
2013-08-29 13:28 . 2013-08-29 13:28 73368 ----a-w- c:\windows\system32\drivers\hola_mon_drv.sys
2013-08-29 13:28 . 2013-08-29 13:28 476056 ----a-w- c:\windows\system32\drivers\hola_drv.sys
2013-08-29 13:28 . 2013-08-29 13:29 -------- d-----w- c:\program files\Hola
2013-08-19 11:59 . 2013-09-18 01:17 -------- d-----w- c:\users\Paolo\AppData\Roaming\7 Sticky Notes
2013-08-19 11:58 . 2012-10-13 14:20 805376 ----a-w- c:\windows\system32\EditCtlsU.ocx
2013-08-19 11:58 . 2011-08-13 13:06 1031168 ----a-w- c:\windows\system32\ExLVwU.ocx
2013-08-19 11:58 . 2011-05-20 16:02 604672 ----a-w- c:\windows\system32\ExTVwU.ocx
2013-08-19 11:58 . 2004-03-08 16:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2013-08-19 11:58 . 2000-05-22 04:58 140488 ----a-w- c:\windows\system32\comdlg32.ocx
2013-08-19 11:58 . 1998-06-23 17:00 198456 ----a-w- c:\windows\system32\MCI32.OCX
2013-08-19 11:57 . 2005-04-15 07:58 1351392 ----a-w- c:\windows\system32\comctl32.ocx
2013-08-19 11:57 . 2004-03-09 06:45 212240 ----a-w- c:\windows\system32\richtx32.ocx
2013-08-19 11:57 . 2013-08-19 11:58 -------- d-----w- c:\program files\7 Sticky Notes
2013-08-19 11:57 . 2008-01-19 03:34 554008 ----a-w- c:\windows\system32\dao360.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-18 09:11 . 2013-04-29 04:57 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2013-09-13 10:02 . 2012-07-23 08:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-13 10:02 . 2012-07-23 08:33 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-18 12:54 . 2013-08-18 12:55 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-18 12:54 . 2013-03-18 02:25 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-18 12:54 . 2013-03-18 02:25 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-06 20:22 . 2013-02-24 22:33 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-07-24 13:23 . 2013-07-24 13:23 69640 ----a-w- c:\windows\system32\NLSSRV32.EXE
2013-06-26 11:23 . 2013-06-26 11:23 20136 ----a-w- c:\windows\system32\drivers\Sftvollh.sys
2013-06-26 11:23 . 2013-06-26 11:23 24232 ----a-w- c:\windows\system32\drivers\Sftredirlh.sys
2013-06-26 11:23 . 2013-06-26 11:23 197800 ----a-w- c:\windows\system32\drivers\Sftplaylh.sys
2013-06-26 11:23 . 2013-06-26 11:23 1084072 ----a-w- c:\windows\system32\sftldr.dll
2013-06-26 11:22 . 2013-06-26 11:22 583848 ----a-w- c:\windows\system32\drivers\Sftfslh.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-04-29 04:58 222808 ----a-w- c:\users\Paolo\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-04-29 04:58 222808 ----a-w- c:\users\Paolo\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-04-29 04:58 222808 ----a-w- c:\users\Paolo\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MediaIconsOverlay]
@="{1EC23CFF-4C58-458f-924C-8519AEF61B32}"
[HKEY_CLASSES_ROOT\CLSID\{1EC23CFF-4C58-458f-924C-8519AEF61B32}]
2013-09-15 16:01 225280 ----a-w- c:\programdata\Microsoft\Media Tools\MediaIconsOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{69925D1B-6A0F-4413-861A-81AB98039DB9}"
[HKEY_CLASSES_ROOT\CLSID\{69925D1B-6A0F-4413-861A-81AB98039DB9}]
2013-01-30 05:12 159488 ----a-w- c:\windows\System32\SSCbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 08:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{39D54CC2-69CF-43b4-B167-577D25E7F496}"
[HKEY_CLASSES_ROOT\CLSID\{39D54CC2-69CF-43b4-B167-577D25E7F496}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncSharedPending]
@="{F7395C2E-A5D8-4a32-9536-5C6A9F1DC450}"
[HKEY_CLASSES_ROOT\CLSID\{F7395C2E-A5D8-4a32-9536-5C6A9F1DC450}]
2013-04-23 13:48 2099552 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F.lux"="c:\users\Paolo\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2013-06-27 20097696]
"Facebook Update"="c:\users\Paolo\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-06-30 138096]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2013-03-10 2598496]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Affixa"="c:\program files\Notably Good Ltd\Affixa\AffixaTray.exe" [2013-08-09 838768]
"E7428167E15C013EAD8A642BC66E67B24899F6C5._service_run"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-09-02 829392]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-07-06 142144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-07-06 175936]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-07-06 168256]
"GfxServiceInstall"="c:\windows\system32\GfxCUIServiceInstall.vbs" [2012-06-27 131]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-10-08 1934632]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-01-10 10959464]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-08 714120]
"Everything"="c:\program files\Everything\Everything.exe" [2009-03-13 602624]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-11 253816]
"AffixaPersonalSettings"="c:\program files\Notably Good Ltd\Affixa\AffixaHandler.exe" [2013-08-09 299632]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-08-16 152392]
"MRT"="c:\windows\system32\MRT.exe" [2013-09-01 76725432]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
c:\users\Paolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
7 Sticky Notes.lnk - c:\program files\7 Sticky Notes\7StickyNotes.exe [2013-8-19 10661888]
Dropbox.lnk - c:\users\Paolo\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{C28617FD-4FE7-4043-AD51-C8132CE90106}"= "c:\windows\system32\SSCbFsMntNtf3.dll" [2013-01-30 159488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"EldosMountNotificator"= {C28617FD-4FE7-4043-AD51-C8132CE90106} - c:\windows\system32\SSCbFsMntNtf3.dll [2013-01-30 159488]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-09-16 35488]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-09-16 290976]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-09-16 97440]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-09-16 147616]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-09-16 60064]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-09-16 263968]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-09-16 440992]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2013-04-11 41584]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-07-18 295376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-23 242240]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-23 21600]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-23 16936]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-23 62240]
S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2011-09-16 84640]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2013-03-26 23552]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-08 738688]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Nitro\Pro 8\NitroPDFDriverService8.exe [2013-07-24 196616]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [2013-07-24 69640]
S2 NOBU;Norton Online Backup;c:\program files\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-09-16 25248]
S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
S3 igdkmd32;igdkmd32;c:\windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S3 SSCBFS3;SugarSync CallBack File System driver v3;c:\windows\system32\DRIVERS\sscbfs3.sys [2013-01-30 295936]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ   SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 09:16 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-23 10:02]
.
2013-09-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2104525065-2349409941-407069166-1000Core.job
- c:\users\Paolo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30 03:16]
.
2013-09-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2104525065-2349409941-407069166-1000UA.job
- c:\users\Paolo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30 03:16]
.
2013-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-24 13:51]
.
2013-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-24 13:51]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2904)
c:\users\Paolo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
c:\windows\system32\SSCbFsMntNtf3.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\BlueSprig\JetBoost\JetBoostTray.exe
c:\program files\Launch Manager\LMworker.exe
c:\program files\Launch Manager\LMutilps32.exe
c:\program files\Symantec\Norton Online Backup\NOBuAgent.exe
c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2013-09-18  17:17:02 - machine was rebooted
ComboFix-quarantined-files.txt  2013-09-18 09:17
ComboFix2.txt  2013-09-18 01:40
ComboFix3.txt  2013-09-16 13:40
.
Pre-Run: 281,055,801,344 bytes free
Post-Run: 280,805,093,376 bytes free
.
- - End Of File - - 5152E57D830CE3D0EFD3529AC76AE034
A36C5E4F47E84449FF07ED3517B43A31
 

 



#13 paolok6

paolok6
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 18 September 2013 - 07:06 AM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.16.05
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16686
Paolo :: PAOLO-PC [administrator]
 
9/18/2013 5:32:10 PM
mbam-log-2013-09-18 (17-32-10).txt
 
Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 361151
Time elapsed: 2 hour(s), 17 minute(s), 42 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 4
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATE.EXE (Rootkit.0Access) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 1
C:\Users\Paolo\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
 
Files Detected: 6
C:\ProgramData\Microsoft\Media Tools\temp\tmpE7B2.exe (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\16.09.2013_20.10.45\pmax0000\svc0000\tsk0000.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Users\Paolo\AppData\Local\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.
C:\Users\Paolo\AppData\Local\Google\Desktop\Install\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\❤≸⋙\Ⱒ☠⍨\‮ﯹ๛\{f9adf7d0-3a54-f177-71d8-163afd04ace3}\GoogleUpdate.exe (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Users\Paolo\Downloads\SoftonicDownloader_for_pdf-xchange-viewer.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Users\Paolo\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
 
(end)


#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:09 PM

Posted 18 September 2013 - 07:15 AM

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.

 

 

 

Scan with Farbar´s Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender

  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 paolok6

paolok6
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 19 September 2013 - 12:24 AM

C:\Users\Paolo\Documents\Microsoft Office Proffesional Plus 2010 Corporate Final Full Activated -NoGRp\Office 2010 Toolkit.exe a variant of MSIL/HackKMS.A application
C:\Users\Paolo\Downloads\FoxitReader603.0524_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask.D application
 
Farbar Service Scanner Version: 13-09-2013
Ran by Paolo (administrator) on 19-09-2013 at 13:22:24
Running from "C:\Users\Paolo\Downloads"
Microsoft Windows 7 Home Basic  Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall" registry value does not exist.
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist.
Checking ServiceDll of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist.
 
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-09-16 22:37] - [2013-07-06 13:05] - 1293760 ____A (Microsoft Corporation) 4E8B9BE71B807B3BAEDB7F4243F85E3C
 
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-09-16 22:41] - [2013-07-09 12:46] - 0140288 ____A (Microsoft Corporation) 7CA1BECEA5DE2643ADDAD32670E7A4C9
 
C:\Program Files\Windows Defender\MpSvc.dll
[2013-09-16 22:34] - [2013-05-27 12:57] - 0680960 ____A (Microsoft Corporation) 082CF481F659FAE0DE51AD060881EB47
 
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
 
 
**** End of log ****

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users