Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware on Work laptop? Help [Closed]


  • This topic is locked This topic is locked

#1
salam0506

salam0506

    New Member

  • Member
  • Pip
  • 3 posts
Hi Guys,

I am usually quite good at finding solutions on the web for any infestation etc but this time I am stuck. I think partly because the problem is on a work laptop that has Sophos installed that I do not have permissions to - The problem started about a week ago when google started re-directing me to other sites on google chrome. I could seach but about 70% of the time when I clicked on a search link I was forwarded to ebay or some other random sites.

I downloaded "Ad Aware" and malwarebytes and super anti malware one after another. They all found infected files and I tried removing and quarentining them but the problem did not stop. I tried deep scans etc and then removed all the anti malware software (well tried to - I can't seem to get all of Ad Aware off) and un installed google chrome and tried internet explorer. It is doing the same thing and is much slower now as well. I tried to install Firefox but IE will not download the file as it pops up in a different window and that window is re-directed to a search page of some sort.

I have tried the "F-Secure Rescue Disc" - booted it up and it scanned but found nothing.

I have posted the OTL file below - any help would be much appreciated.

OTL logfile created on: 11/22/2012 6:07:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\seenan.alam\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.16 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 54.60% Memory free
6.33 Gb Paging File | 4.59 Gb Available in Paging File | 72.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 150.55 Gb Total Space | 115.01 Gb Free Space | 76.39% Space Free | Partition Type: NTFS

Computer Name: IDPP-3046 | User Name: seenan.alam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/22 18:05:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\seenan.alam\Downloads\OTL.exe
PRC - [2012/10/19 14:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2012/10/15 11:58:24 | 002,844,608 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
PRC - [2012/10/15 11:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2012/10/08 20:18:06 | 000,692,152 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
PRC - [2012/09/20 15:03:20 | 001,236,368 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2012/09/20 15:03:16 | 018,941,832 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAware.exe
PRC - [2012/07/27 20:51:38 | 000,823,224 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012/07/27 20:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/04/16 09:14:21 | 001,543,704 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
PRC - [2012/04/11 14:43:09 | 000,232,472 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
PRC - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2011/08/26 08:39:42 | 000,097,520 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
PRC - [2011/08/26 08:39:40 | 000,163,056 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
PRC - [2011/08/26 08:39:37 | 000,806,912 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Remote Management System\RouterNT.exe
PRC - [2011/08/26 08:39:36 | 000,282,624 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
PRC - [2011/06/24 04:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/25 00:57:18 | 000,536,668 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2011/01/25 00:57:18 | 000,274,514 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe
PRC - [2011/01/04 16:48:12 | 000,488,816 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/12/23 13:04:26 | 000,936,208 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2010/12/23 13:04:10 | 001,210,640 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2010/12/23 12:55:44 | 000,577,536 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
PRC - [2010/12/23 12:48:40 | 000,481,552 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2010/11/20 12:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/09 05:55:18 | 000,054,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2010/09/30 12:08:31 | 000,439,536 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\AutoUpdate\ALMon.exe
PRC - [2010/07/06 21:59:22 | 000,054,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2010/05/30 22:17:06 | 000,054,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/02/10 16:50:50 | 000,072,296 | ---- | M] (O2Micro International) -- C:\Windows\System32\drivers\o2flash.exe
PRC - [2010/01/26 18:36:24 | 000,309,120 | ---- | M] (SonicWALL Inc.) -- C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe
PRC - [2009/03/03 01:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\IDT\WDM\AEstSrv.exe
PRC - [2008/10/15 16:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe
PRC - [2007/06/27 18:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 18:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/08 13:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/03/28 15:55:02 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2010/11/20 12:19:56 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.DLL
MOD - [2010/11/20 12:19:56 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll


========== Services (SafeList) ==========

SRV - [2012/10/19 14:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2012/10/15 11:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2012/10/08 20:18:10 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/20 15:03:20 | 001,236,368 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/07/27 20:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/16 09:14:21 | 001,543,704 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -- (swi_service)
SRV - [2012/04/11 14:43:09 | 000,232,472 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service)
SRV - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011/08/26 08:39:42 | 000,097,520 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService)
SRV - [2011/08/26 08:39:40 | 000,163,056 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService)
SRV - [2011/08/26 08:39:37 | 000,806,912 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Remote Management System\RouterNT.exe -- (Sophos Message Router)
SRV - [2011/08/26 08:39:36 | 000,282,624 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe -- (Sophos Agent)
SRV - [2011/08/25 11:07:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/08/23 06:43:40 | 000,701,288 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\seenan.alam\AppData\Local\Temp\7zS54B3\hpslpsvc32.dll -- (HPSLPSVC)
SRV - [2011/01/25 00:57:18 | 000,274,514 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2010/12/23 13:04:26 | 000,936,208 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2010/12/23 12:55:44 | 000,577,536 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe -- (ZcfgSvc7)
SRV - [2010/12/23 12:48:40 | 000,481,552 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2010/02/10 16:50:50 | 000,072,296 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\drivers\o2flash.exe -- (O2FLASH)
SRV - [2010/01/26 18:36:24 | 000,309,120 | ---- | M] (SonicWALL Inc.) [Auto | Running] -- C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe -- (SONICWALL_NetExtender)
SRV - [2009/07/14 01:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/03/03 01:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AEstSrv.exe -- (AESTFilters)
SRV - [2008/10/15 16:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\winvnc4.exe -- (WinVNC4)
SRV - [2007/02/05 09:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 09:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2006/12/14 01:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 01:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 00:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)


========== Driver Services (SafeList) ==========

DRV - [2012/07/12 07:12:00 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011/12/19 12:44:24 | 000,093,816 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbhips.sys -- (sbhips)
DRV - [2011/11/29 06:59:52 | 000,077,816 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\sbapifs.sys -- (sbapifs)
DRV - [2011/10/26 14:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011/08/26 08:39:48 | 000,122,360 | ---- | M] (Sophos Plc) [File_System | System | Running] -- C:\Windows\System32\drivers\savonaccess.sys -- (SAVOnAccess)
DRV - [2011/08/26 08:39:43 | 000,023,928 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sdcfilter.sys -- (sdcfilter)
DRV - [2011/08/26 08:39:40 | 000,022,536 | ---- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\SophosBootDriver.sys -- (SophosBootDriver)
DRV - [2011/03/23 12:51:56 | 000,063,976 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sdjxp.sys -- (O2SDJRDR)
DRV - [2011/01/25 00:57:18 | 000,435,200 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2011/01/05 19:42:14 | 000,284,792 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2011/01/04 12:44:06 | 000,060,904 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\o2mdfw7.sys -- (O2MDFRDR)
DRV - [2011/01/04 01:58:42 | 000,061,728 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2mdrxp.sys -- (O2MDRRDR)
DRV - [2010/12/21 08:07:44 | 007,434,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNs32.sys -- (NETwNs32)
DRV - [2010/11/20 12:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 12:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 12:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 10:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 09:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 09:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 09:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/19 15:33:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010/10/15 07:27:20 | 000,269,824 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2010/03/16 22:20:32 | 000,042,672 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Accelern.sys -- (Acceler)
DRV - [2010/03/16 22:20:26 | 000,059,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwhid.sys -- (btwhid)
DRV - [2010/03/16 22:20:26 | 000,047,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2010/03/16 22:20:26 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btport.sys -- (BTDriver)
DRV - [2009/10/21 09:27:38 | 000,022,600 | ---- | M] (SonicWALL Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxDrv.sys -- (NxDrv)
DRV - [2009/07/14 00:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/14 00:14:49 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2007/06/18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/05/31 04:18:42 | 000,016,384 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pmxps2m.sys -- (pmxps2m)
DRV - [2006/04/24 18:59:30 | 000,014,336 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2006/04/24 18:57:20 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\pmxmouse.SYS -- (pmxmouse)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://webmail.gard...line.co.uk/owa/
IE - HKCU\..\SearchScopes,DefaultScope = {CCEB4192-1C18-4660-86FC-867F8D31E610}
IE - HKCU\..\SearchScopes\{CCEB4192-1C18-4660-86FC-867F8D31E610}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 62.254.2.251:8080


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\seenan.alam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\seenan.alam\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\seenan.alam\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\seenan.alam\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/10/10 06:34:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/14 17:18:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/14 17:18:59 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 21:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PMX Daemon] ICO.EXE File not found
O4 - HKLM..\Run: [SonicWALLNetExtender] C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEGui.exe (SonicWALL Inc.)
O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
O4 - HKLM..\Run: [SynTPEnh] \Synaptics\SynTP\SynTPEnh.exe File not found
O4 - HKLM..\Run: [SynTPLpr] \Synaptics\SynTP\SynTPLpr.exe File not found
O4 - HKLM..\Run: [SynTPStart] \Synaptics\SynTP\SynTPStart.exe File not found
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 16000
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {483EB14D-AF1C-4951-81B0-4E2B41829FF6} https://www.select2p...bs/QOLCheck.ocx (QOLCheck Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = gardline.co.uk
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E81C2D0-F610-4188-9A2C-B8FC84FCFAE2}: DhcpNameServer = 192.168.5.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9595014C-D537-4A00-B2C1-1D31C99A8160}: DhcpNameServer = 192.168.1.254 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~3.DLL) - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/22 11:35:05 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\Desktop\f-secure-rescue-cd-3.11.23804
[2012/11/21 20:34:22 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{7D491981-9E03-4FFE-9C0F-D8880BDA2ED0}
[2012/11/18 23:38:28 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{2A77D8C6-E4E8-401A-99F9-B420ED313106}
[2012/11/17 23:23:59 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{E4B2BF81-0D5B-4E45-A90D-05EEAD69F039}
[2012/11/15 17:12:39 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{057402F4-601A-4C49-ABDA-982AA60443DD}
[2012/11/13 10:41:24 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{8B1E7B4E-B4DF-4710-8316-B335AF1114CD}
[2012/11/12 18:54:39 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{4BB2B2E7-E655-4373-B86B-3F7891F12D16}
[2012/11/12 13:22:39 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Roaming\Malwarebytes
[2012/11/12 13:22:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/12 11:59:02 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\NeoSmart_Technologies
[2012/11/12 11:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
[2012/11/12 11:52:57 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
[2012/11/12 06:25:30 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{3098C6A8-3CE5-4ECC-AB8D-F43EC0FB3052}
[2012/11/11 17:10:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2012/11/11 17:03:43 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Roaming\LavasoftStatistics
[2012/11/11 16:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2012/11/11 16:34:28 | 000,093,816 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\sbhips.sys
[2012/11/11 16:34:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\VDD
[2012/11/11 16:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/11/11 16:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2012/11/11 16:34:04 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\Downloaded Installations
[2012/11/11 16:32:51 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Roaming\Ad-Aware Antivirus
[2012/11/11 09:34:21 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{56AF6F90-AEEB-417B-856E-253319D5FB11}
[2012/11/09 13:59:09 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{9CFDFA3C-2B70-4F05-9957-D17C84CF922C}
[2012/11/09 12:44:08 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\Desktop\Movember pics
[2012/11/07 10:52:41 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012/11/06 10:23:13 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{F1B09EAA-2DC5-4BEA-95A0-D36A0AAAE5E5}
[2012/11/04 12:38:01 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{88F9B4D8-8D63-4BDA-8C6F-4B6DC146549E}
[2012/11/03 08:45:20 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{D17CAFED-B39D-4208-B96E-4FE76C71BB6B}
[2012/11/02 12:42:46 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{E12C4795-FE31-478F-BECC-5E0D4DBB426F}
[2012/11/02 10:15:48 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Roaming\Mozilla
[2012/11/02 00:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects
[2012/11/02 00:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2012/11/02 00:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PrintProjects
[2012/11/02 00:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\PrintProjects
[2012/11/01 23:15:53 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{D19AEAAD-70D9-4413-9650-75372BE89AB6}
[2012/10/25 22:49:00 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\AppData\Local\{82AB8F47-F4E5-4AA2-837E-2B90D77D410A}
[2012/10/25 22:30:00 | 000,000,000 | ---D | C] -- C:\Users\seenan.alam\Documents\Portugal Holiday

========== Files - Modified Within 30 Days ==========

[2012/11/22 17:42:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-398619831-902250365-1438872087-26165UA.job
[2012/11/22 17:35:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/22 17:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/22 16:59:06 | 000,013,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/22 16:59:06 | 000,013,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/22 16:58:57 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/22 16:55:51 | 000,664,572 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/11/22 16:55:51 | 000,125,276 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/11/22 16:51:18 | 000,355,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/11/22 16:51:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/22 16:50:41 | 2548,772,864 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/21 20:58:21 | 000,000,105 | ---- | M] () -- C:\prefs.js
[2012/11/21 12:06:04 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-398619831-902250365-1438872087-26165Core.job
[2012/11/19 13:34:12 | 000,001,188 | ---- | M] () -- C:\Windows\System32\ServiceConfig.xml
[2012/11/16 12:24:00 | 000,000,610 | ---- | M] () -- C:\Windows\tasks\Weekly Scan.job
[2012/11/16 12:24:00 | 000,000,530 | ---- | M] () -- C:\Windows\tasks\Weekly Scan [0].job
[2012/11/12 11:53:53 | 000,024,576 | ---- | M] () -- C:\Users\seenan.alam\Documents\EasyBCD Backup (2012-11-12).bcd
[2012/11/03 13:47:08 | 001,333,721 | ---- | M] () -- C:\Users\seenan.alam\Desktop\IMG_3788.JPG

========== Files Created - No Company Name ==========

[2012/11/21 20:58:21 | 000,000,105 | ---- | C] () -- C:\prefs.js
[2012/11/19 13:34:12 | 000,001,188 | ---- | C] () -- C:\Windows\System32\ServiceConfig.xml
[2012/11/12 11:53:52 | 000,024,576 | ---- | C] () -- C:\Users\seenan.alam\Documents\EasyBCD Backup (2012-11-12).bcd
[2012/11/03 13:47:07 | 001,333,721 | ---- | C] () -- C:\Users\seenan.alam\Desktop\IMG_3788.JPG
[2012/09/24 13:31:08 | 000,001,119 | ---- | C] () -- C:\Windows\System32\EKaio2WiaCoInst.ini
[2012/07/08 09:07:43 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012/05/03 22:02:37 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/05/03 22:02:37 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/11/08 00:41:57 | 000,000,600 | ---- | C] () -- C:\Users\seenan.alam\AppData\Local\PUTTY.RND
[2011/09/14 17:09:38 | 000,221,552 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011/09/14 17:09:38 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011/09/05 17:26:04 | 000,000,600 | ---- | C] () -- C:\Users\seenan.alam\AppData\Roaming\winscp.rnd
[2011/09/02 17:37:38 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2011/08/25 11:04:11 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/06/09 10:58:56 | 000,004,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/06/09 10:55:48 | 000,960,940 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2011/06/09 10:55:46 | 000,207,376 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2011/06/09 10:55:46 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011/06/09 10:55:45 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2011/06/09 10:55:45 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2011/06/09 10:55:45 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2011/06/09 10:54:17 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2011/06/09 10:20:44 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/06/09 10:18:31 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2011/06/09 02:16:17 | 000,000,051 | ---- | C] () -- C:\Windows\smsts.ini

========== ZeroAccess Check ==========

[2012/11/19 13:53:10 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB56637$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VYZJHSB9\t.cxt.ms\lso.swf\u.sol
[2009/07/14 04:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 12:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 01:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/11/21 19:11:12 | 000,000,000 | -HSD | M] -- C:\Users\seenan.alam\AppData\Roaming\6F2B0C
[2012/11/11 17:15:02 | 000,000,000 | ---D | M] -- C:\Users\seenan.alam\AppData\Roaming\Ad-Aware Antivirus
[2012/07/18 14:37:08 | 000,000,000 | ---D | M] -- C:\Users\seenan.alam\AppData\Roaming\Babylon
[2012/09/26 12:45:43 | 000,000,000 | ---D | M] -- C:\Users\seenan.alam\AppData\Roaming\DVDVideoSoft
[2012/10/22 21:33:39 | 000,000,000 | ---D | M] -- C:\Users\seenan.alam\AppData\Roaming\FileZilla
[2011/10/22 02:11:19 | 000,000,000 | ---D | M] -- C:\Users\seenan.alam\AppData\Roaming\Mp3 Editor For Free
[2012/11/12 12:01:03 | 000,000,000 | ---D | M] -- C:\Users\seenan.alam\AppData\Roaming\RCP 6
[2012/02/08 16:07:15 | 000,000,000 | ---D | M] -- C:\Users\seenan.alam\AppData\Roaming\Sports Interactive
[2011/12/01 15:00:37 | 000,000,000 | ---D | M] -- C:\Users\seenan.alam\AppData\Roaming\Spotify
[2012/05/31 11:09:35 | 000,000,000 | ---D | M] -- C:\Users\seenan.alam\AppData\Roaming\Temp
[2012/07/18 14:33:57 | 000,000,000 | ---D | M] -- C:\Users\seenan.alam\AppData\Roaming\Wondershare Video Converter Ultimate

========== Purity Check ==========



========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB56637$] -> Error: Cannot create file handle -> Unknown point type

< End of report >
  • 0

Advertisements


#2
salam0506

salam0506

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
One thing i forgot to mention is that IE now starts to "stop working" and you have to click close on the diaglog box and it just refreshes the page I was on and then does it again and again until it eventually goes to a seach page. Very annoying
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi you have zero access, you may want to discuss this with your IT section as it can steal data and they may want to re-image the system

If they do not then do the following

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

NEXT

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#4
salam0506

salam0506

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Ok I ran ComboFix and after it ran the initial screen a popup from the taskbar showed up stating "Threat Detected by Sophos - Adware or PUA' NirCmd has been detected and moved to quarantine". After the initial program ran (the one with the screenshot you have from above) a Blue Command box showed up and stated the following:

Access is denied
Please wait
ComboFix is preparing to run
Access is denied
Access is denied
Access is denied

Then it stated:
Attempting to crea a new system restor point
Access is denied
Access is denied
Access is denied

Scanning for infected files...
Access is denied
Access is denied
Access is denied

It got stuck at that point for quite a while. I tried to find the combofix.txt but instead there is just a file in the C drive that has an icon for a prog but when I click on it it just goes back to my computer.

I then ran TDSSKiller and it found a threat which I selected cure and it did so and then rebooted and it ran again and found several "medium threats" that defaulted to skip so i clicked for them to be skipped

Below is the first log from TDSSkiller:

15:02:11.0964 5712 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:02:12.0042 5712 ============================================================
15:02:12.0042 5712 Current date / time: 2012/11/23 15:02:12.0042
15:02:12.0042 5712 SystemInfo:
15:02:12.0042 5712
15:02:12.0042 5712 OS Version: 6.1.7601 ServicePack: 1.0
15:02:12.0042 5712 Product type: Workstation
15:02:12.0042 5712 ComputerName: IDPP-3046
15:02:12.0042 5712 UserName: seenan.alam
15:02:12.0042 5712 Windows directory: C:\Windows
15:02:12.0042 5712 System windows directory: C:\Windows
15:02:12.0042 5712 Processor architecture: Intel x86
15:02:12.0042 5712 Number of processors: 4
15:02:12.0042 5712 Page size: 0x1000
15:02:12.0042 5712 Boot type: Normal boot
15:02:12.0042 5712 ============================================================
15:02:15.0084 5712 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:02:15.0147 5712 Drive \Device\Harddisk1\DR1 - Size: 0x3BE400000 (14.97 Gb), SectorSize: 0x200, Cylinders: 0x7A2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:02:15.0147 5712 ============================================================
15:02:15.0147 5712 \Device\Harddisk0\DR0:
15:02:15.0147 5712 MBR partitions:
15:02:15.0147 5712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12D1A2D6
15:02:15.0193 5712 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D129800, BlocksNum 0x96000
15:02:15.0193 5712 \Device\Harddisk1\DR1:
15:02:15.0193 5712 MBR partitions:
15:02:15.0193 5712 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1DF0000
15:02:15.0193 5712 ============================================================
15:02:15.0287 5712 C: <-> \Device\Harddisk0\DR0\Partition1
15:02:15.0287 5712 ============================================================
15:02:15.0287 5712 Initialize success
15:02:15.0287 5712 ============================================================
15:02:19.0967 0828 ============================================================
15:02:19.0967 0828 Scan started
15:02:19.0967 0828 Mode: Manual;
15:02:19.0967 0828 ============================================================
15:02:23.0227 0828 ================ Scan system memory ========================
15:02:23.0227 0828 System memory - ok
15:02:23.0227 0828 ================ Scan services =============================
15:02:23.0945 0828 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:02:23.0992 0828 1394ohci - ok
15:02:24.0085 0828 [ AF1F178B0218B44876E63BF0B019E96B ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
15:02:24.0132 0828 Acceler - ok
15:02:24.0226 0828 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:02:24.0257 0828 ACPI - ok
15:02:24.0304 0828 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:02:24.0319 0828 AcpiPmi - ok
15:02:24.0787 0828 [ C59992E25F4EBAD9E5C15B0D5D225F99 ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
15:02:24.0819 0828 Ad-Aware Service - ok
15:02:25.0068 0828 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:02:25.0068 0828 AdobeARMservice - ok
15:02:25.0271 0828 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:02:25.0349 0828 AdobeFlashPlayerUpdateSvc - ok
15:02:25.0458 0828 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:02:25.0521 0828 adp94xx - ok
15:02:25.0599 0828 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:02:25.0630 0828 adpahci - ok
15:02:25.0661 0828 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:02:25.0677 0828 adpu320 - ok
15:02:25.0723 0828 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:02:25.0723 0828 AeLookupSvc - ok
15:02:25.0864 0828 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Program Files\IDT\WDM\aestsrv.exe
15:02:25.0864 0828 AESTFilters - ok
15:02:25.0989 0828 [ 85987809DC9C0C4FE6A6E8EE42552265 ] AFD C:\Windows\system32\drivers\afd.sys
15:02:26.0004 0828 Suspicious file (Forged): C:\Windows\system32\drivers\afd.sys. Real md5: 85987809DC9C0C4FE6A6E8EE42552265, Fake md5: 9EBBBA55060F786F0FCAA3893BFA2806
15:02:26.0020 0828 AFD ( Virus.Win32.ZAccess.aml ) - infected
15:02:26.0020 0828 AFD - detected Virus.Win32.ZAccess.aml (0)
15:02:26.0082 0828 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:02:26.0113 0828 agp440 - ok
15:02:26.0176 0828 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:02:26.0207 0828 aic78xx - ok
15:02:26.0269 0828 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:02:26.0301 0828 ALG - ok
15:02:26.0347 0828 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:02:26.0379 0828 aliide - ok
15:02:26.0394 0828 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:02:26.0425 0828 amdagp - ok
15:02:26.0472 0828 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:02:26.0503 0828 amdide - ok
15:02:26.0550 0828 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:02:26.0597 0828 AmdK8 - ok
15:02:26.0644 0828 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:02:26.0675 0828 AmdPPM - ok
15:02:26.0722 0828 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:02:26.0737 0828 amdsata - ok
15:02:26.0815 0828 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:02:26.0847 0828 amdsbs - ok
15:02:26.0878 0828 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:02:26.0893 0828 amdxata - ok
15:02:27.0003 0828 [ 9910A9C7D307A9E156D951248601C33E ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
15:02:27.0034 0828 ApfiltrService - ok
15:02:27.0143 0828 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:02:27.0159 0828 AppID - ok
15:02:27.0190 0828 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:02:27.0221 0828 AppIDSvc - ok
15:02:27.0252 0828 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:02:27.0252 0828 Appinfo - ok
15:02:27.0377 0828 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
15:02:27.0424 0828 AppMgmt - ok
15:02:27.0502 0828 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:02:27.0549 0828 arc - ok
15:02:27.0564 0828 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:02:27.0595 0828 arcsas - ok
15:02:27.0829 0828 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:02:27.0892 0828 aspnet_state - ok
15:02:27.0939 0828 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:02:27.0954 0828 AsyncMac - ok
15:02:28.0001 0828 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:02:28.0001 0828 atapi - ok
15:02:28.0157 0828 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:02:28.0173 0828 AudioEndpointBuilder - ok
15:02:28.0188 0828 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:02:28.0188 0828 Audiosrv - ok
15:02:28.0282 0828 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:02:28.0297 0828 AxInstSV - ok
15:02:28.0375 0828 [ 0450240A24839CB31B45538975704B9A ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:02:28.0422 0828 b06bdrv - ok
15:02:28.0531 0828 [ 958438198ED140C6EB6348CF8A35B36C ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:02:28.0563 0828 b57nd60x - ok
15:02:28.0609 0828 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:02:28.0625 0828 BDESVC - ok
15:02:28.0656 0828 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:02:28.0687 0828 Beep - ok
15:02:28.0984 0828 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:02:28.0999 0828 BFE - ok
15:02:29.0249 0828 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:02:29.0343 0828 BITS - ok
15:02:29.0358 0828 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:02:29.0389 0828 blbdrive - ok
15:02:29.0452 0828 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:02:29.0467 0828 bowser - ok
15:02:29.0514 0828 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:02:29.0530 0828 BrFiltLo - ok
15:02:29.0545 0828 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:02:29.0561 0828 BrFiltUp - ok
15:02:29.0623 0828 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:02:29.0639 0828 BridgeMP - ok
15:02:29.0717 0828 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
15:02:29.0717 0828 Browser - ok
15:02:29.0811 0828 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:02:29.0857 0828 Brserid - ok
15:02:29.0873 0828 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:02:29.0904 0828 BrSerWdm - ok
15:02:30.0013 0828 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:02:30.0076 0828 BrUsbMdm - ok
15:02:30.0091 0828 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:02:30.0154 0828 BrUsbSer - ok
15:02:30.0247 0828 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\Windows\system32\DRIVERS\btport.sys
15:02:30.0279 0828 BTDriver - ok
15:02:30.0325 0828 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:02:30.0341 0828 BTHMODEM - ok
15:02:30.0419 0828 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:02:30.0450 0828 bthserv - ok
15:02:30.0497 0828 [ 276EFF0A93014F810CF1A8BE41DF736C ] btwhid C:\Windows\system32\DRIVERS\btwhid.sys
15:02:30.0528 0828 btwhid - ok
15:02:30.0606 0828 [ F9B15CFAEF98D8117313C6C4215B9EAC ] BTWUSB C:\Windows\system32\Drivers\btwusb.sys
15:02:30.0653 0828 BTWUSB - ok
15:02:30.0684 0828 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:02:30.0700 0828 cdfs - ok
15:02:30.0793 0828 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:02:30.0825 0828 cdrom - ok
15:02:30.0918 0828 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:02:30.0934 0828 CertPropSvc - ok
15:02:30.0996 0828 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:02:31.0012 0828 circlass - ok
15:02:31.0090 0828 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:02:31.0090 0828 CLFS - ok
15:02:31.0199 0828 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:02:31.0277 0828 clr_optimization_v2.0.50727_32 - ok
15:02:31.0386 0828 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:02:31.0511 0828 clr_optimization_v4.0.30319_32 - ok
15:02:31.0527 0828 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:02:31.0558 0828 CmBatt - ok
15:02:31.0573 0828 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:02:31.0589 0828 cmdide - ok
15:02:31.0683 0828 [ 1B675691ED940766149C93E8F4488D68 ] CNG C:\Windows\system32\Drivers\cng.sys
15:02:31.0745 0828 CNG - ok
15:02:31.0776 0828 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:02:31.0792 0828 Compbatt - ok
15:02:31.0870 0828 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:02:31.0901 0828 CompositeBus - ok
15:02:31.0932 0828 COMSysApp - ok
15:02:31.0963 0828 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:02:31.0979 0828 crcdisk - ok
15:02:32.0088 0828 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:02:32.0088 0828 CryptSvc - ok
15:02:32.0182 0828 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
15:02:32.0229 0828 CSC - ok
15:02:32.0369 0828 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
15:02:32.0385 0828 CscService - ok
15:02:32.0463 0828 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:02:32.0494 0828 DcomLaunch - ok
15:02:32.0541 0828 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:02:32.0587 0828 defragsvc - ok
15:02:32.0665 0828 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:02:32.0697 0828 DfsC - ok
15:02:32.0790 0828 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:02:32.0790 0828 Dhcp - ok
15:02:32.0837 0828 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:02:32.0868 0828 discache - ok
15:02:32.0931 0828 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:02:32.0962 0828 Disk - ok
15:02:33.0040 0828 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:02:33.0040 0828 Dnscache - ok
15:02:33.0118 0828 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:02:33.0165 0828 dot3svc - ok
15:02:33.0243 0828 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:02:33.0258 0828 Dot4 - ok
15:02:33.0305 0828 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:02:33.0321 0828 Dot4Print - ok
15:02:33.0383 0828 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:02:33.0399 0828 dot4usb - ok
15:02:33.0461 0828 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:02:33.0461 0828 DPS - ok
15:02:33.0523 0828 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:02:33.0555 0828 drmkaud - ok
15:02:33.0633 0828 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:02:33.0726 0828 DXGKrnl - ok
15:02:33.0773 0828 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:02:33.0773 0828 EapHost - ok
15:02:34.0163 0828 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:02:34.0319 0828 ebdrv - ok
15:02:34.0366 0828 [ F42309C4191C506B71DB5D1126D26318 ] EFS C:\Windows\System32\lsass.exe
15:02:34.0381 0828 EFS - ok
15:02:34.0631 0828 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:02:34.0756 0828 ehRecvr - ok
15:02:34.0787 0828 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:02:34.0834 0828 ehSched - ok
15:02:34.0990 0828 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
15:02:35.0021 0828 ElbyCDIO - ok
15:02:35.0146 0828 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:02:35.0271 0828 elxstor - ok
15:02:35.0317 0828 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:02:35.0333 0828 ErrDev - ok
15:02:35.0458 0828 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:02:35.0458 0828 EventSystem - ok
15:02:35.0739 0828 [ 816025E303A1DAE89E39D3D77CCBA2FB ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:02:35.0754 0828 EvtEng - ok
15:02:35.0785 0828 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:02:35.0817 0828 exfat - ok
15:02:35.0879 0828 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:02:35.0895 0828 fastfat - ok
15:02:36.0019 0828 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:02:36.0035 0828 Fax - ok
15:02:36.0051 0828 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:02:36.0066 0828 fdc - ok
15:02:36.0113 0828 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:02:36.0113 0828 fdPHost - ok
15:02:36.0160 0828 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:02:36.0175 0828 FDResPub - ok
15:02:36.0207 0828 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:02:36.0222 0828 FileInfo - ok
15:02:36.0253 0828 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:02:36.0269 0828 Filetrace - ok
15:02:36.0285 0828 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:02:36.0300 0828 flpydisk - ok
15:02:36.0378 0828 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:02:36.0409 0828 FltMgr - ok
15:02:36.0565 0828 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:02:36.0581 0828 FontCache - ok
15:02:36.0690 0828 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:02:36.0737 0828 FontCache3.0.0.0 - ok
15:02:36.0768 0828 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:02:36.0784 0828 FsDepends - ok
15:02:36.0831 0828 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:02:36.0846 0828 Fs_Rec - ok
15:02:36.0971 0828 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:02:37.0018 0828 fvevol - ok
15:02:37.0080 0828 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:02:37.0096 0828 gagp30kx - ok
15:02:37.0236 0828 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:02:37.0267 0828 gpsvc - ok
15:02:37.0423 0828 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:02:37.0470 0828 gupdate - ok
15:02:37.0486 0828 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:02:37.0486 0828 gupdatem - ok
15:02:37.0533 0828 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:02:37.0564 0828 hcw85cir - ok
15:02:37.0626 0828 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:02:37.0657 0828 HDAudBus - ok
15:02:37.0704 0828 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:02:37.0720 0828 HidBatt - ok
15:02:37.0767 0828 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:02:37.0782 0828 HidBth - ok
15:02:37.0813 0828 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:02:37.0829 0828 HidIr - ok
15:02:37.0860 0828 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
15:02:37.0860 0828 hidserv - ok
15:02:37.0923 0828 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:02:37.0938 0828 HidUsb - ok
15:02:38.0001 0828 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:02:38.0001 0828 hkmsvc - ok
15:02:38.0047 0828 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:02:38.0094 0828 HomeGroupListener - ok
15:02:38.0172 0828 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:02:38.0172 0828 HomeGroupProvider - ok
15:02:38.0453 0828 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
15:02:38.0453 0828 hpqcxs08 - ok
15:02:38.0531 0828 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
15:02:38.0531 0828 hpqddsvc - ok
15:02:38.0687 0828 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:02:38.0718 0828 HpqKbFiltr - ok
15:02:38.0781 0828 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:02:38.0812 0828 HpSAMD - ok
15:02:39.0186 0828 [ C3B71A7EE3ADA9E9D1A30133B9D2FC74 ] HPSLPSVC C:\Users\seenan.alam\AppData\Local\Temp\7zS54B3\hpslpsvc32.dll
15:02:39.0202 0828 HPSLPSVC - ok
15:02:39.0295 0828 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:02:39.0327 0828 HTTP - ok
15:02:39.0358 0828 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:02:39.0389 0828 hwpolicy - ok
15:02:39.0467 0828 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:02:39.0498 0828 i8042prt - ok
15:02:39.0607 0828 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:02:39.0654 0828 iaStorV - ok
15:02:39.0826 0828 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:02:39.0857 0828 IDriverT - ok
15:02:39.0982 0828 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:02:40.0060 0828 idsvc - ok
15:02:41.0011 0828 [ 398B3E63A5ED485C5BEE4B575DEC4BB4 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:02:41.0401 0828 igfx - ok
15:02:41.0448 0828 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:02:41.0479 0828 iirsp - ok
15:02:41.0542 0828 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:02:41.0573 0828 IKEEXT - ok
15:02:41.0698 0828 [ 5576AD2F0039D2BCCCA3567FC0BF981C ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:02:41.0745 0828 IntcDAud - ok
15:02:41.0776 0828 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:02:41.0807 0828 intelide - ok
15:02:41.0838 0828 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:02:41.0869 0828 intelppm - ok
15:02:41.0932 0828 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:02:41.0947 0828 IPBusEnum - ok
15:02:41.0963 0828 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:02:41.0994 0828 IpFilterDriver - ok
15:02:42.0041 0828 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:02:42.0057 0828 IPMIDRV - ok
15:02:42.0088 0828 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:02:42.0103 0828 IPNAT - ok
15:02:42.0135 0828 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:02:42.0150 0828 IRENUM - ok
15:02:42.0181 0828 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:02:42.0213 0828 isapnp - ok
15:02:42.0275 0828 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:02:42.0306 0828 iScsiPrt - ok
15:02:42.0369 0828 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:02:42.0384 0828 kbdclass - ok
15:02:42.0447 0828 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:02:42.0462 0828 kbdhid - ok
15:02:42.0478 0828 [ F42309C4191C506B71DB5D1126D26318 ] KeyIso C:\Windows\system32\lsass.exe
15:02:42.0478 0828 KeyIso - ok
15:02:42.0712 0828 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
15:02:42.0727 0828 Kodak AiO Network Discovery Service - ok
15:02:42.0868 0828 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
15:02:42.0883 0828 Kodak AiO Status Monitor Service - ok
15:02:42.0930 0828 [ 412CEA1AA78CC02A447F5C9E62B32FF1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:02:42.0961 0828 KSecDD - ok
15:02:43.0024 0828 [ 26C046977E85B95036453D7B88BA1820 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:02:43.0055 0828 KSecPkg - ok
15:02:43.0149 0828 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:02:43.0195 0828 KtmRm - ok
15:02:43.0227 0828 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
15:02:43.0242 0828 LanmanServer - ok
15:02:43.0273 0828 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:02:43.0289 0828 LanmanWorkstation - ok
15:02:43.0351 0828 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:02:43.0383 0828 lltdio - ok
15:02:43.0461 0828 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:02:43.0492 0828 lltdsvc - ok
15:02:43.0507 0828 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:02:43.0507 0828 lmhosts - ok
15:02:43.0539 0828 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:02:43.0554 0828 LSI_FC - ok
15:02:43.0601 0828 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:02:43.0648 0828 LSI_SAS - ok
15:02:43.0679 0828 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:02:43.0695 0828 LSI_SAS2 - ok
15:02:43.0726 0828 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:02:43.0773 0828 LSI_SCSI - ok
15:02:43.0788 0828 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:02:43.0804 0828 luafv - ok
15:02:43.0835 0828 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:02:43.0866 0828 Mcx2Svc - ok
15:02:44.0038 0828 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
15:02:44.0038 0828 MDM - ok
15:02:44.0069 0828 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:02:44.0100 0828 megasas - ok
15:02:44.0147 0828 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:02:44.0194 0828 MegaSR - ok
15:02:44.0241 0828 [ D86AC00883B9C98B570E7643AAF8E554 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
15:02:44.0334 0828 MEI - ok
15:02:44.0365 0828 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:02:44.0365 0828 MMCSS - ok
15:02:44.0397 0828 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:02:44.0412 0828 Modem - ok
15:02:44.0443 0828 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:02:44.0459 0828 monitor - ok
15:02:44.0506 0828 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:02:44.0521 0828 mouclass - ok
15:02:44.0568 0828 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:02:44.0584 0828 mouhid - ok
15:02:44.0631 0828 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:02:44.0646 0828 mountmgr - ok
15:02:44.0693 0828 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:02:44.0724 0828 mpio - ok
15:02:44.0740 0828 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:02:44.0755 0828 mpsdrv - ok
15:02:44.0802 0828 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:02:44.0818 0828 MRxDAV - ok
15:02:44.0865 0828 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:02:44.0880 0828 mrxsmb - ok
15:02:44.0958 0828 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:02:45.0005 0828 mrxsmb10 - ok
15:02:45.0021 0828 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:02:45.0052 0828 mrxsmb20 - ok
15:02:45.0083 0828 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:02:45.0099 0828 msahci - ok
15:02:45.0239 0828 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
15:02:45.0270 0828 MSCSPTISRV - ok
15:02:45.0286 0828 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:02:45.0301 0828 msdsm - ok
15:02:45.0333 0828 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:02:45.0364 0828 MSDTC - ok
15:02:45.0395 0828 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:02:45.0411 0828 Msfs - ok
15:02:45.0442 0828 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:02:45.0457 0828 mshidkmdf - ok
15:02:45.0504 0828 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:02:45.0520 0828 msisadrv - ok
15:02:45.0598 0828 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:02:45.0629 0828 MSiSCSI - ok
15:02:45.0629 0828 msiserver - ok
15:02:45.0691 0828 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:02:45.0707 0828 MSKSSRV - ok
15:02:45.0738 0828 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:02:45.0769 0828 MSPCLOCK - ok
15:02:45.0801 0828 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:02:45.0832 0828 MSPQM - ok
15:02:45.0863 0828 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:02:45.0910 0828 MsRPC - ok
15:02:45.0941 0828 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:02:45.0957 0828 mssmbios - ok
15:02:46.0003 0828 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:02:46.0019 0828 MSTEE - ok
15:02:46.0050 0828 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:02:46.0081 0828 MTConfig - ok
15:02:46.0097 0828 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:02:46.0113 0828 Mup - ok
15:02:46.0222 0828 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:02:46.0222 0828 napagent - ok
15:02:46.0331 0828 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:02:46.0393 0828 NativeWifiP - ok
15:02:46.0659 0828 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
15:02:46.0752 0828 NBService - ok
15:02:46.0971 0828 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:02:46.0986 0828 NDIS - ok
15:02:47.0064 0828 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:02:47.0095 0828 NdisCap - ok
15:02:47.0158 0828 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:02:47.0173 0828 NdisTapi - ok
15:02:47.0205 0828 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:02:47.0236 0828 Ndisuio - ok
15:02:47.0283 0828 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:02:47.0314 0828 NdisWan - ok
15:02:47.0361 0828 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:02:47.0376 0828 NDProxy - ok
15:02:47.0454 0828 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:02:47.0454 0828 Net Driver HPZ12 - ok
15:02:47.0501 0828 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:02:47.0517 0828 NetBIOS - ok
15:02:47.0579 0828 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:02:47.0610 0828 NetBT - ok
15:02:47.0626 0828 [ F42309C4191C506B71DB5D1126D26318 ] Netlogon C:\Windows\system32\lsass.exe
15:02:47.0626 0828 Netlogon - ok
15:02:47.0735 0828 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:02:47.0735 0828 Netman - ok
15:02:47.0922 0828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:02:48.0063 0828 NetMsmqActivator - ok
15:02:48.0078 0828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:02:48.0078 0828 NetPipeActivator - ok
15:02:48.0094 0828 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:02:48.0094 0828 netprofm - ok
15:02:48.0109 0828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:02:48.0109 0828 NetTcpActivator - ok
15:02:48.0125 0828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:02:48.0125 0828 NetTcpPortSharing - ok
15:02:48.0687 0828 [ 814596469BBE40EF99CCFD582A375B83 ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
15:02:48.0905 0828 NETwNs32 - ok
15:02:49.0014 0828 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:02:49.0061 0828 nfrd960 - ok
15:02:49.0139 0828 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:02:49.0155 0828 NlaSvc - ok
15:02:49.0420 0828 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
15:02:49.0420 0828 NMIndexingService - ok
15:02:49.0467 0828 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:02:49.0498 0828 Npfs - ok
15:02:49.0545 0828 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:02:49.0560 0828 nsi - ok
15:02:49.0576 0828 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:02:49.0591 0828 nsiproxy - ok
15:02:49.0794 0828 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:02:49.0872 0828 Ntfs - ok
15:02:49.0919 0828 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:02:49.0935 0828 Null - ok
15:02:49.0997 0828 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:02:50.0028 0828 nvraid - ok
15:02:50.0091 0828 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:02:50.0137 0828 nvstor - ok
15:02:50.0169 0828 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:02:50.0200 0828 nv_agp - ok
15:02:50.0262 0828 [ CDF2A5F20509593140F8B3B965448C5B ] NxDrv C:\Windows\system32\DRIVERS\NxDrv.sys
15:02:50.0293 0828 NxDrv - ok
15:02:50.0371 0828 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
15:02:50.0371 0828 O2FLASH - ok
15:02:50.0403 0828 [ 5F63917FCC257ED11E828230BE594194 ] O2MDFRDR C:\Windows\system32\DRIVERS\O2MDFw7.sys
15:02:50.0434 0828 O2MDFRDR - ok
15:02:50.0465 0828 [ F24DC5D512FF86576F406E9C1427E8BB ] O2MDRRDR C:\Windows\system32\DRIVERS\O2MDRxp.sys
15:02:50.0496 0828 O2MDRRDR - ok
15:02:50.0527 0828 [ 3083B3D0C74B59FACDE7F0CBBF25E659 ] O2SDJRDR C:\Windows\system32\DRIVERS\o2sdjxp.sys
15:02:50.0574 0828 O2SDJRDR - ok
15:02:50.0637 0828 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:02:50.0668 0828 ohci1394 - ok
15:02:50.0746 0828 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:02:50.0793 0828 ose - ok
15:02:50.0871 0828 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:02:50.0871 0828 p2pimsvc - ok
15:02:50.0964 0828 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:02:50.0995 0828 p2psvc - ok
15:02:51.0073 0828 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
15:02:51.0151 0828 PACSPTISVR - ok
15:02:51.0198 0828 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:02:51.0214 0828 Parport - ok
15:02:51.0229 0828 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:02:51.0261 0828 partmgr - ok
15:02:51.0276 0828 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:02:51.0292 0828 Parvdm - ok
15:02:51.0323 0828 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:02:51.0323 0828 PcaSvc - ok
15:02:51.0354 0828 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:02:51.0370 0828 pci - ok
15:02:51.0417 0828 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:02:51.0432 0828 pciide - ok
15:02:51.0479 0828 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:02:51.0510 0828 pcmcia - ok
15:02:51.0541 0828 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:02:51.0557 0828 pcw - ok
15:02:51.0666 0828 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:02:51.0713 0828 PEAUTH - ok
15:02:51.0900 0828 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:02:51.0916 0828 PeerDistSvc - ok
15:02:52.0072 0828 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:02:52.0150 0828 pla - ok
15:02:52.0259 0828 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:02:52.0290 0828 PlugPlay - ok
15:02:52.0353 0828 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:02:52.0368 0828 Pml Driver HPZ12 - ok
15:02:52.0399 0828 [ C9E532AE03AE66C65F25CA527029E917 ] pmxmouse C:\Windows\system32\DRIVERS\pmxmouse.sys
15:02:52.0431 0828 pmxmouse - ok
15:02:52.0477 0828 [ 970F5F7D1A8B0E7B05743C3704133ABE ] pmxps2m C:\Windows\system32\DRIVERS\pmxps2m.sys
15:02:52.0493 0828 pmxps2m - ok
15:02:52.0524 0828 [ 1971E853B598BF9BAABFF2B652E5CD4D ] pmxusblf C:\Windows\system32\DRIVERS\pmxusblf.sys
15:02:52.0540 0828 pmxusblf - ok
15:02:52.0571 0828 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:02:52.0587 0828 PNRPAutoReg - ok
15:02:52.0618 0828 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:02:52.0618 0828 PNRPsvc - ok
15:02:52.0665 0828 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:02:52.0899 0828 PolicyAgent - ok
15:02:52.0945 0828 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:02:52.0961 0828 Power - ok
15:02:53.0008 0828 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:02:53.0023 0828 PptpMiniport - ok
15:02:53.0055 0828 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:02:53.0070 0828 Processor - ok
15:02:53.0148 0828 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
15:02:53.0148 0828 ProfSvc - ok
15:02:53.0195 0828 [ F42309C4191C506B71DB5D1126D26318 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:02:53.0195 0828 ProtectedStorage - ok
15:02:53.0226 0828 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:02:53.0226 0828 Psched - ok
15:02:53.0304 0828 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
15:02:53.0335 0828 PxHelp20 - ok
15:02:53.0523 0828 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:02:53.0585 0828 ql2300 - ok
15:02:53.0632 0828 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:02:53.0663 0828 ql40xx - ok
15:02:53.0710 0828 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:02:53.0757 0828 QWAVE - ok
15:02:53.0772 0828 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:02:53.0803 0828 QWAVEdrv - ok
15:02:53.0835 0828 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:02:53.0866 0828 RasAcd - ok
15:02:53.0928 0828 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:02:53.0944 0828 RasAgileVpn - ok
15:02:53.0959 0828 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:02:53.0991 0828 RasAuto - ok
15:02:54.0006 0828 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:02:54.0037 0828 Rasl2tp - ok
15:02:54.0147 0828 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:02:54.0162 0828 RasMan - ok
15:02:54.0193 0828 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:02:54.0209 0828 RasPppoe - ok
15:02:54.0240 0828 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:02:54.0271 0828 RasSstp - ok
15:02:54.0318 0828 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:02:54.0365 0828 rdbss - ok
15:02:54.0381 0828 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:02:54.0396 0828 rdpbus - ok
15:02:54.0443 0828 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:02:54.0474 0828 RDPCDD - ok
15:02:54.0537 0828 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:02:54.0552 0828 RDPDR - ok
15:02:54.0615 0828 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:02:54.0630 0828 RDPENCDD - ok
15:02:54.0661 0828 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:02:54.0677 0828 RDPREFMP - ok
15:02:54.0739 0828 [ 288B06960D78428FF89E811632684E20 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:02:54.0771 0828 RDPWD - ok
15:02:54.0833 0828 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:02:54.0880 0828 rdyboost - ok
15:02:55.0020 0828 [ B064FC671688A9A1C5F46AE06E87F70D ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:02:55.0036 0828 RegSrvc - ok
15:02:55.0083 0828 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:02:55.0114 0828 RemoteAccess - ok
15:02:55.0176 0828 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:02:55.0176 0828 RemoteRegistry - ok
15:02:55.0223 0828 [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
15:02:55.0254 0828 RimUsb - ok
15:02:55.0301 0828 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:02:55.0301 0828 RpcEptMapper - ok
15:02:55.0363 0828 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:02:55.0395 0828 RpcLocator - ok
15:02:55.0488 0828 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:02:55.0488 0828 RpcSs - ok
15:02:55.0519 0828 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:02:55.0535 0828 rspndr - ok
15:02:55.0582 0828 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:02:55.0613 0828 s3cap - ok
15:02:55.0644 0828 [ F42309C4191C506B71DB5D1126D26318 ] SamSs C:\Windows\system32\lsass.exe
15:02:55.0644 0828 SamSs - ok
15:02:55.0831 0828 [ BD57B12FA4C21B1CE7DA3570410BF12D ] SAVAdminService C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
15:02:55.0894 0828 SAVAdminService - ok
15:02:56.0050 0828 [ AE668D3F43FC90BC17F62E08FF82A446 ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
15:02:56.0081 0828 SAVOnAccess - ok
15:02:56.0097 0828 [ 836AEC603665F6DB83965EE57B3DCF57 ] SAVService C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
15:02:56.0097 0828 SAVService - ok
15:02:56.0377 0828 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
15:02:56.0440 0828 SBAMSvc - ok
15:02:56.0471 0828 [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
15:02:56.0502 0828 sbapifs - ok
15:02:56.0533 0828 [ 1AFD7178AB9C4FCE2D332DA7AA474FA6 ] sbhips C:\Windows\system32\drivers\sbhips.sys
15:02:56.0596 0828 sbhips - ok
15:02:56.0658 0828 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:02:56.0674 0828 sbp2port - ok
15:02:56.0721 0828 [ 1FD538C4FEB36B793D2121F20BBDC16F ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
15:02:56.0767 0828 SBRE - ok
15:02:56.0830 0828 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:02:56.0845 0828 SCardSvr - ok
15:02:56.0877 0828 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:02:56.0892 0828 scfilter - ok
15:02:56.0970 0828 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:02:57.0017 0828 Schedule - ok
15:02:57.0064 0828 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:02:57.0064 0828 SCPolicySvc - ok
15:02:57.0126 0828 [ A957FD57A6AE1597943E4590DE10669B ] sdcfilter C:\Windows\system32\DRIVERS\sdcfilter.sys
15:02:57.0157 0828 sdcfilter - ok
15:02:57.0204 0828 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:02:57.0235 0828 SDRSVC - ok
15:02:57.0313 0828 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:02:57.0345 0828 secdrv - ok
15:02:57.0376 0828 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:02:57.0391 0828 seclogon - ok
15:02:57.0423 0828 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:02:57.0438 0828 SENS - ok
15:02:57.0485 0828 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:02:57.0516 0828 SensrSvc - ok
15:02:57.0547 0828 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:02:57.0563 0828 Serenum - ok
15:02:57.0594 0828 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:02:57.0610 0828 Serial - ok
15:02:57.0625 0828 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:02:57.0641 0828 sermouse - ok
15:02:57.0688 0828 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:02:57.0688 0828 SessionEnv - ok
15:02:57.0735 0828 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:02:57.0750 0828 sffdisk - ok
15:02:57.0781 0828 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:02:57.0844 0828 sffp_mmc - ok
15:02:57.0844 0828 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:02:57.0859 0828 sffp_sd - ok
15:02:57.0875 0828 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:02:57.0891 0828 sfloppy - ok
15:02:57.0984 0828 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:02:58.0000 0828 ShellHWDetection - ok
15:02:58.0015 0828 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:02:58.0062 0828 sisagp - ok
15:02:58.0093 0828 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:02:58.0125 0828 SiSRaid2 - ok
15:02:58.0140 0828 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:02:58.0171 0828 SiSRaid4 - ok
15:02:58.0343 0828 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:02:58.0671 0828 SkypeUpdate - ok
15:02:58.0717 0828 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:02:58.0733 0828 Smb - ok
15:02:58.0795 0828 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:02:58.0842 0828 SNMPTRAP - ok
15:02:58.0920 0828 [ 977AAA4398D7D6FA65D973F5B3F54E40 ] SonicStage Back-End Service C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
15:02:58.0951 0828 SonicStage Back-End Service - ok
15:02:59.0107 0828 [ 7F8D776BAF0F0A2CC3FA3BEDE9507413 ] SONICWALL_NetExtender C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe
15:02:59.0107 0828 SONICWALL_NetExtender - ok
15:02:59.0263 0828 [ 85DD2D3A8E67AA75D03B74DEFFE4BC87 ] Sophos Agent C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
15:02:59.0263 0828 Sophos Agent - ok
15:02:59.0419 0828 [ B5774835A13B5ED31378AABD07746262 ] Sophos AutoUpdate Service C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
15:02:59.0419 0828 Sophos AutoUpdate Service - ok
15:02:59.0607 0828 [ FE03582DE80740D22FE428F3351ADB16 ] Sophos Message Router C:\Program Files\Sophos\Remote Management System\RouterNT.exe
15:02:59.0622 0828 Sophos Message Router - ok
15:02:59.0669 0828 [ F2B7BD04146B3E6A895A1919E1F5DA89 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
15:02:59.0685 0828 SophosBootDriver - ok
15:02:59.0716 0828 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:02:59.0731 0828 spldr - ok
15:02:59.0794 0828 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
15:02:59.0809 0828 Spooler - ok
15:03:00.0153 0828 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:03:00.0589 0828 sppsvc - ok
15:03:00.0636 0828 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:03:00.0652 0828 sppuinotify - ok
15:03:00.0839 0828 [ D390675B8CE45E5FB359338E5E649329 ] sptd C:\Windows\system32\Drivers\sptd.sys
15:03:00.0933 0828 sptd - ok
15:03:00.0995 0828 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
15:03:01.0011 0828 SPTISRV - ok
15:03:01.0120 0828 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:03:01.0151 0828 srv - ok
15:03:01.0245 0828 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:03:01.0307 0828 srv2 - ok
15:03:01.0354 0828 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:03:01.0369 0828 srvnet - ok
15:03:01.0416 0828 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:03:01.0416 0828 SSDPSRV - ok
15:03:01.0463 0828 [ 756E371B3B86A3D3039926D32EAC0E8D ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
15:03:01.0510 0828 SSScsiSV - ok
15:03:01.0525 0828 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:03:01.0541 0828 SstpSvc - ok
15:03:01.0713 0828 [ A97FCA92BE4E62BC589371058CBC769E ] STacSV C:\Program Files\IDT\WDM\STacSV.exe
15:03:01.0713 0828 STacSV - ok
15:03:01.0791 0828 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:03:01.0822 0828 stexstor - ok
15:03:01.0947 0828 [ D5D73B49D53FCC47E2828D6805DFA0F6 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
15:03:01.0993 0828 STHDA - ok
15:03:02.0040 0828 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:03:02.0056 0828 StillCam - ok
15:03:02.0181 0828 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:03:02.0196 0828 StiSvc - ok
15:03:02.0243 0828 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:03:02.0259 0828 storflt - ok
15:03:02.0305 0828 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
15:03:02.0337 0828 StorSvc - ok
15:03:02.0368 0828 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:03:02.0399 0828 storvsc - ok
15:03:02.0446 0828 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:03:02.0461 0828 swenum - ok
15:03:02.0586 0828 [ AA5CA4A5F87C1576FF550A0372B3ED84 ] swi_service C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
15:03:02.0633 0828 swi_service - ok
15:03:02.0711 0828 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:03:02.0727 0828 swprv - ok
15:03:02.0805 0828 [ FA2DAA32BED908023272A0F77D625DAE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:03:02.0851 0828 SynTP - ok
15:03:02.0914 0828 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:03:02.0945 0828 SysMain - ok
15:03:02.0992 0828 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:03:03.0007 0828 TabletInputService - ok
15:03:03.0085 0828 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:03:03.0101 0828 TapiSrv - ok
15:03:03.0132 0828 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:03:03.0132 0828 TBS - ok
15:03:03.0195 0828 [ 04E4A7D53A7ACE02E8C55B17A498F631 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:03:03.0288 0828 Tcpip - ok
15:03:03.0351 0828 [ 04E4A7D53A7ACE02E8C55B17A498F631 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:03:03.0366 0828 TCPIP6 - ok
15:03:03.0413 0828 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:03:03.0429 0828 tcpipreg - ok
15:03:03.0475 0828 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:03:03.0491 0828 TDPIPE - ok
15:03:03.0538 0828 [ 2C10395BAA4847F83042813C515CC289 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:03:03.0553 0828 TDTCP - ok
15:03:03.0600 0828 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:03:03.0616 0828 tdx - ok
15:03:03.0663 0828 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:03:03.0678 0828 TermDD - ok
15:03:03.0756 0828 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:03:03.0772 0828 TermService - ok
15:03:03.0803 0828 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:03:03.0803 0828 Themes - ok
15:03:03.0865 0828 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:03:03.0865 0828 THREADORDER - ok
15:03:03.0912 0828 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:03:03.0928 0828 TrkWks - ok
15:03:03.0990 0828 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:03:04.0053 0828 TrustedInstaller - ok
15:03:04.0099 0828 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:03:04.0115 0828 tssecsrv - ok
15:03:04.0177 0828 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:03:04.0209 0828 TsUsbFlt - ok
15:03:04.0255 0828 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:03:04.0271 0828 tunnel - ok
15:03:04.0318 0828 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:03:04.0333 0828 uagp35 - ok
15:03:04.0411 0828 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:03:04.0443 0828 udfs - ok
15:03:04.0489 0828 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:03:04.0505 0828 UI0Detect - ok
15:03:04.0567 0828 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:03:04.0599 0828 uliagpkx - ok
15:03:04.0630 0828 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:03:04.0645 0828 umbus - ok
15:03:04.0708 0828 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:03:04.0739 0828 UmPass - ok
15:03:04.0801 0828 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
15:03:04.0801 0828 UmRdpService - ok
15:03:04.0879 0828 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:03:04.0926 0828 upnphost - ok
15:03:05.0035 0828 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:03:05.0067 0828 usbaudio - ok
15:03:05.0098 0828 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:03:05.0129 0828 usbccgp - ok
15:03:05.0176 0828 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:03:05.0191 0828 usbcir - ok
15:03:05.0223 0828 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:03:05.0238 0828 usbehci - ok
15:03:05.0316 0828 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:03:05.0347 0828 usbhub - ok
15:03:05.0363 0828 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:03:05.0379 0828 usbohci - ok
15:03:05.0425 0828 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:03:05.0457 0828 usbprint - ok
15:03:05.0503 0828 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:03:05.0519 0828 usbscan - ok
15:03:05.0550 0828 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:03:05.0566 0828 USBSTOR - ok
15:03:05.0597 0828 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:03:05.0613 0828 usbuhci - ok
15:03:05.0691 0828 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:03:05.0737 0828 usbvideo - ok
15:03:05.0784 0828 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:03:05.0784 0828 UxSms - ok
15:03:05.0800 0828 [ F42309C4191C506B71DB5D1126D26318 ] VaultSvc C:\Windows\system32\lsass.exe
15:03:05.0800 0828 VaultSvc - ok
15:03:05.0878 0828 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
15:03:05.0893 0828 VClone - ok
15:03:05.0925 0828 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:03:05.0940 0828 vdrvroot - ok
15:03:06.0049 0828 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:03:06.0096 0828 vds - ok
15:03:06.0159 0828 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:03:06.0174 0828 vga - ok
15:03:06.0205 0828 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:03:06.0221 0828 VgaSave - ok
15:03:06.0252 0828 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:03:06.0283 0828 vhdmp - ok
15:03:06.0299 0828 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:03:06.0315 0828 viaagp - ok
15:03:06.0377 0828 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:03:06.0408 0828 ViaC7 - ok
15:03:06.0455 0828 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:03:06.0486 0828 viaide - ok
15:03:06.0549 0828 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:03:06.0611 0828 vmbus - ok
15:03:06.0642 0828 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:03:06.0658 0828 VMBusHID - ok
15:03:06.0689 0828 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:03:06.0705 0828 volmgr - ok
15:03:06.0783 0828 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:03:06.0829 0828 volmgrx - ok
15:03:06.0907 0828 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:03:06.0939 0828 volsnap - ok
15:03:07.0001 0828 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:03:07.0017 0828 vsmraid - ok
15:03:07.0188 0828 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:03:07.0204 0828 VSS - ok
15:03:07.0219 0828 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:03:07.0235 0828 vwifibus - ok
15:03:07.0266 0828 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:03:07.0297 0828 vwififlt - ok
15:03:07.0391 0828 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:03:07.0407 0828 W32Time - ok
15:03:07.0453 0828 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:03:07.0485 0828 WacomPen - ok
15:03:07.0531 0828 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:03:07.0563 0828 WANARP - ok
15:03:07.0563 0828 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:03:07.0578 0828 Wanarpv6 - ok
15:03:07.0828 0828 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:03:07.0921 0828 WatAdminSvc - ok
15:03:08.0093 0828 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:03:08.0171 0828 wbengine - ok
15:03:08.0233 0828 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:03:08.0265 0828 WbioSrvc - ok
15:03:08.0389 0828 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:03:08.0436 0828 wcncsvc - ok
15:03:08.0483 0828 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:03:08.0499 0828 WcsPlugInService - ok
15:03:08.0545 0828 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:03:08.0561 0828 Wd - ok
15:03:08.0639 0828 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:03:08.0686 0828 Wdf01000 - ok
15:03:08.0748 0828 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:03:08.0748 0828 WdiServiceHost - ok
15:03:08.0748 0828 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:03:08.0764 0828 WdiSystemHost - ok
15:03:08.0826 0828 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:03:08.0873 0828 WebClient - ok
15:03:08.0920 0828 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:03:08.0951 0828 Wecsvc - ok
15:03:08.0967 0828 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:03:08.0967 0828 wercplsupport - ok
15:03:09.0013 0828 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:03:09.0013 0828 WerSvc - ok
15:03:09.0045 0828 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:03:09.0060 0828 WfpLwf - ok
15:03:09.0107 0828 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:03:09.0138 0828 WIMMount - ok
15:03:09.0372 0828 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:03:09.0435 0828 WinDefend - ok
15:03:09.0435 0828 WinHttpAutoProxySvc - ok
15:03:09.0559 0828 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:03:09.0559 0828 Winmgmt - ok
15:03:09.0700 0828 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:03:09.0731 0828 WinRM - ok
15:03:09.0825 0828 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:03:09.0840 0828 WinUsb - ok
15:03:09.0934 0828 [ F3EDC9909A02E6BCA863EB702D37B505 ] WinVNC4 C:\Program Files\RealVNC\VNC4\WinVNC4.exe
15:03:09.0949 0828 WinVNC4 - ok
15:03:10.0059 0828 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:03:10.0090 0828 Wlansvc - ok
15:03:10.0293 0828 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:03:10.0324 0828 wlidsvc - ok
15:03:10.0386 0828 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:03:10.0402 0828 WmiAcpi - ok
15:03:10.0449 0828 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:03:10.0480 0828 wmiApSrv - ok
15:03:10.0714 0828 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:03:10.0729 0828 WMPNetworkSvc - ok
15:03:10.0776 0828 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:03:10.0792 0828 WPCSvc - ok
15:03:10.0854 0828 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:03:10.0854 0828 WPDBusEnum - ok
15:03:10.0901 0828 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:03:10.0932 0828 ws2ifsl - ok
15:03:11.0041 0828 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
15:03:11.0041 0828 wscsvc - ok
15:03:11.0119 0828 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:03:11.0151 0828 WSDPrintDevice - ok
15:03:11.0213 0828 [ 7DC0270CFD4A05B4112E3EBBF083B595 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
15:03:11.0229 0828 WSDScan - ok
15:03:11.0244 0828 WSearch - ok
15:03:11.0650 0828 [ 3026418A50C5B4761BEFA632CEDB7406 ] wuauserv C:\Windows\system32\wuaueng.dll
15:03:11.0728 0828 wuauserv - ok
15:03:11.0775 0828 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:03:11.0806 0828 WudfPf - ok
15:03:11.0884 0828 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:03:11.0915 0828 WUDFRd - ok
15:03:11.0962 0828 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:03:11.0962 0828 wudfsvc - ok
15:03:12.0024 0828 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:03:12.0055 0828 WwanSvc - ok
15:03:12.0227 0828 [ 4F5D56FF81B8C0294E22DCC62136F253 ] ZcfgSvc7 C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
15:03:12.0243 0828 ZcfgSvc7 - ok
15:03:12.0243 0828 ================ Scan global ===============================
15:03:12.0289 0828 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:03:12.0321 0828 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
15:03:12.0336 0828 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
15:03:12.0383 0828 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:03:12.0445 0828 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:03:12.0445 0828 [Global] - ok
15:03:12.0461 0828 ================ Scan MBR ==================================
15:03:12.0477 0828 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:03:14.0832 0828 \Device\Harddisk0\DR0 - ok
15:03:14.0832 0828 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR1
15:03:27.0562 0828 \Device\Harddisk1\DR1 - ok
15:03:27.0562 0828 ================ Scan VBR ==================================
15:03:27.0577 0828 [ CD6E45A0B83A09B4F0E068CA22BCFE59 ] \Device\Harddisk0\DR0\Partition1
15:03:27.0577 0828 \Device\Harddisk0\DR0\Partition1 - ok
15:03:27.0624 0828 [ D10D8C18C666356A24A23CFB512A204B ] \Device\Harddisk0\DR0\Partition2
15:03:27.0624 0828 \Device\Harddisk0\DR0\Partition2 - ok
15:03:27.0640 0828 [ 68C18D9F2390617F8A13D71109E03EC6 ] \Device\Harddisk1\DR1\Partition1
15:03:27.0640 0828 \Device\Harddisk1\DR1\Partition1 - ok
15:03:27.0640 0828 ============================================================
15:03:27.0640 0828 Scan finished
15:03:27.0640 0828 ============================================================
15:03:27.0655 7956 Detected object count: 1
15:03:27.0655 7956 Actual detected object count: 1
15:04:01.0710 7956 C:\Windows\system32\drivers\afd.sys - copied to quarantine
15:04:05.0938 7956 C:\Windows\$NtUninstallKB56637$\3702784393\@ - copied to quarantine
15:04:05.0954 7956 C:\Windows\$NtUninstallKB56637$\3702784393\Desktop.ini - copied to quarantine
15:04:05.0969 7956 C:\Windows\$NtUninstallKB56637$\3702784393\L\[email protected] - copied to quarantine
15:04:05.0969 7956 C:\Windows\$NtUninstallKB56637$\3702784393\L\201d3dde - copied to quarantine
15:04:06.0063 7956 C:\Windows\$NtUninstallKB56637$\3702784393\L\xadqgnnk - copied to quarantine
15:04:06.0078 7956 C:\Windows\$NtUninstallKB56637$\3702784393\U\[email protected] - copied to quarantine
15:04:06.0141 7956 C:\Windows\$NtUninstallKB56637$\3702784393\U\[email protected] - copied to quarantine
15:04:06.0172 7956 C:\Windows\$NtUninstallKB56637$\3702784393\U\[email protected] - copied to quarantine
15:04:06.0188 7956 C:\Windows\$NtUninstallKB56637$\3702784393\U\[email protected] - copied to quarantine
15:04:06.0219 7956 C:\Windows\$NtUninstallKB56637$\3702784393\U\[email protected] - copied to quarantine
15:04:07.0092 7956 Backup copy found, using it..
15:04:07.0170 7956 C:\Windows\system32\drivers\afd.sys - will be cured on reboot
15:04:10.0821 7956 C:\Windows\$NtUninstallKB56637$\1997804134 - will be deleted on reboot
15:04:10.0821 7956 C:\Windows\$NtUninstallKB56637$\3702784393\@ - will be deleted on reboot
15:04:10.0821 7956 C:\Windows\$NtUninstallKB56637$\3702784393\Desktop.ini - will be deleted on reboot
15:04:10.0852 7956 C:\Windows\$NtUninstallKB56637$\3702784393\U\[email protected] - will be deleted on reboot
15:04:10.0852 7956 C:\Windows\$NtUninstallKB56637$\3702784393\U\[email protected] - will be deleted on reboot
15:04:10.0852 7956 C:\Windows\$NtUninstallKB56637$\3702784393\U\[email protected] - will be deleted on reboot
15:04:10.0852 7956 C:\Windows\$NtUninstallKB56637$\3702784393\U\[email protected] - will be deleted on reboot
15:04:10.0852 7956 C:\Windows\$NtUninstallKB56637$\3702784393\U\[email protected] - will be deleted on reboot
15:04:10.0914 7956 AFD ( Virus.Win32.ZAccess.aml ) - User select action: Cure
15:05:25.0404 7528 Deinitialize success


Then once i rebooted and it ran again the second log:

15:14:54.0758 2496 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:14:54.0898 2496 ============================================================
15:14:54.0898 2496 Current date / time: 2012/11/23 15:14:54.0898
15:14:54.0898 2496 SystemInfo:
15:14:54.0898 2496
15:14:54.0898 2496 OS Version: 6.1.7601 ServicePack: 1.0
15:14:54.0898 2496 Product type: Workstation
15:14:54.0898 2496 ComputerName: IDPP-3046
15:14:54.0898 2496 UserName: seenan.alam
15:14:54.0898 2496 Windows directory: C:\Windows
15:14:54.0898 2496 System windows directory: C:\Windows
15:14:54.0898 2496 Processor architecture: Intel x86
15:14:54.0898 2496 Number of processors: 4
15:14:54.0898 2496 Page size: 0x1000
15:14:54.0898 2496 Boot type: Normal boot
15:14:54.0898 2496 ============================================================
15:15:00.0062 2496 BG loaded
15:15:05.0020 2496 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:15:05.0036 2496 Drive \Device\Harddisk1\DR1 - Size: 0x3BE400000 (14.97 Gb), SectorSize: 0x200, Cylinders: 0x7A2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:15:05.0036 2496 ============================================================
15:15:05.0036 2496 \Device\Harddisk0\DR0:
15:15:05.0036 2496 MBR partitions:
15:15:05.0036 2496 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12D1A2D6
15:15:05.0130 2496 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D129800, BlocksNum 0x96000
15:15:05.0130 2496 \Device\Harddisk1\DR1:
15:15:05.0130 2496 MBR partitions:
15:15:05.0130 2496 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1DF0000
15:15:05.0130 2496 ============================================================
15:15:05.0301 2496 C: <-> \Device\Harddisk0\DR0\Partition1
15:15:05.0301 2496 ============================================================
15:15:05.0301 2496 Initialize success
15:15:05.0301 2496 ============================================================
15:17:38.0311 5808 ============================================================
15:17:38.0311 5808 Scan started
15:17:38.0311 5808 Mode: Manual; SigCheck; TDLFS;
15:17:38.0311 5808 ============================================================
15:17:39.0707 5808 ================ Scan system memory ========================
15:17:39.0708 5808 System memory - ok
15:17:39.0708 5808 ================ Scan services =============================
15:17:40.0443 5808 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:17:40.0522 5808 1394ohci - ok
15:17:40.0569 5808 [ AF1F178B0218B44876E63BF0B019E96B ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
15:17:40.0610 5808 Acceler - ok
15:17:40.0634 5808 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:17:40.0648 5808 ACPI - ok
15:17:40.0680 5808 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:17:40.0812 5808 AcpiPmi - ok
15:17:40.0921 5808 [ C59992E25F4EBAD9E5C15B0D5D225F99 ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
15:17:40.0947 5808 Ad-Aware Service - ok
15:17:41.0034 5808 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:17:41.0042 5808 AdobeARMservice - ok
15:17:41.0131 5808 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:17:41.0206 5808 AdobeFlashPlayerUpdateSvc - ok
15:17:41.0255 5808 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:17:41.0304 5808 adp94xx - ok
15:17:41.0327 5808 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:17:41.0370 5808 adpahci - ok
15:17:41.0385 5808 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:17:41.0421 5808 adpu320 - ok
15:17:41.0446 5808 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:17:41.0478 5808 AeLookupSvc - ok
15:17:41.0518 5808 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Program Files\IDT\WDM\aestsrv.exe
15:17:41.0544 5808 AESTFilters - ok
15:17:41.0599 5808 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:17:41.0667 5808 AFD - ok
15:17:41.0695 5808 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:17:41.0721 5808 agp440 - ok
15:17:41.0766 5808 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:17:41.0796 5808 aic78xx - ok
15:17:41.0824 5808 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:17:41.0882 5808 ALG - ok
15:17:41.0898 5808 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:17:41.0930 5808 aliide - ok
15:17:41.0942 5808 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:17:41.0970 5808 amdagp - ok
15:17:41.0983 5808 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:17:42.0012 5808 amdide - ok
15:17:42.0042 5808 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:17:42.0097 5808 AmdK8 - ok
15:17:42.0107 5808 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:17:42.0161 5808 AmdPPM - ok
15:17:42.0200 5808 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:17:42.0228 5808 amdsata - ok
15:17:42.0250 5808 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:17:42.0281 5808 amdsbs - ok
15:17:42.0295 5808 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:17:42.0318 5808 amdxata - ok
15:17:42.0367 5808 [ 9910A9C7D307A9E156D951248601C33E ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
15:17:42.0401 5808 ApfiltrService - ok
15:17:42.0437 5808 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:17:42.0597 5808 AppID - ok
15:17:42.0615 5808 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:17:42.0666 5808 AppIDSvc - ok
15:17:42.0713 5808 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:17:42.0743 5808 Appinfo - ok
15:17:42.0803 5808 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
15:17:42.0836 5808 AppMgmt - ok
15:17:42.0864 5808 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:17:42.0904 5808 arc - ok
15:17:42.0915 5808 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:17:42.0945 5808 arcsas - ok
15:17:43.0052 5808 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:17:43.0109 5808 aspnet_state - ok
15:17:43.0132 5808 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:17:43.0281 5808 AsyncMac - ok
15:17:43.0310 5808 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:17:43.0320 5808 atapi - ok
15:17:43.0369 5808 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:17:43.0411 5808 AudioEndpointBuilder - ok
15:17:43.0431 5808 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:17:43.0462 5808 Audiosrv - ok
15:17:43.0502 5808 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:17:43.0540 5808 AxInstSV - ok
15:17:43.0664 5808 [ 0450240A24839CB31B45538975704B9A ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:17:43.0725 5808 b06bdrv - ok
15:17:43.0792 5808 [ 958438198ED140C6EB6348CF8A35B36C ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:17:43.0829 5808 b57nd60x - ok
15:17:43.0853 5808 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:17:43.0908 5808 BDESVC - ok
15:17:43.0985 5808 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:17:44.0043 5808 Beep - ok
15:17:44.0150 5808 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:17:44.0212 5808 BFE - ok
15:17:44.0314 5808 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:17:44.0403 5808 BITS - ok
15:17:44.0416 5808 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:17:44.0446 5808 blbdrive - ok
15:17:44.0471 5808 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:17:44.0494 5808 bowser - ok
15:17:44.0516 5808 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:17:44.0593 5808 BrFiltLo - ok
15:17:44.0598 5808 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:17:44.0647 5808 BrFiltUp - ok
15:17:44.0666 5808 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:17:44.0705 5808 BridgeMP - ok
15:17:44.0743 5808 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
15:17:44.0776 5808 Browser - ok
15:17:44.0801 5808 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:17:44.0853 5808 Brserid - ok
15:17:44.0859 5808 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:17:44.0908 5808 BrSerWdm - ok
15:17:44.0914 5808 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:17:44.0951 5808 BrUsbMdm - ok
15:17:44.0956 5808 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:17:45.0086 5808 BrUsbSer - ok
15:17:45.0142 5808 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\Windows\system32\DRIVERS\btport.sys
15:17:45.0167 5808 BTDriver - ok
15:17:45.0185 5808 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:17:45.0282 5808 BTHMODEM - ok
15:17:45.0339 5808 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:17:45.0398 5808 bthserv - ok
15:17:45.0412 5808 [ 276EFF0A93014F810CF1A8BE41DF736C ] btwhid C:\Windows\system32\DRIVERS\btwhid.sys
15:17:45.0458 5808 btwhid - ok
15:17:45.0501 5808 [ F9B15CFAEF98D8117313C6C4215B9EAC ] BTWUSB C:\Windows\system32\Drivers\btwusb.sys
15:17:45.0536 5808 BTWUSB - ok
15:17:45.0575 5808 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:17:45.0631 5808 cdfs - ok
15:17:45.0684 5808 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:17:45.0718 5808 cdrom - ok
15:17:45.0772 5808 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:17:45.0812 5808 CertPropSvc - ok
15:17:45.0866 5808 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:17:45.0915 5808 circlass - ok
15:17:45.0947 5808 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:17:45.0960 5808 CLFS - ok
15:17:46.0008 5808 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:17:46.0072 5808 clr_optimization_v2.0.50727_32 - ok
15:17:46.0114 5808 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:17:46.0200 5808 clr_optimization_v4.0.30319_32 - ok
15:17:46.0222 5808 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:17:46.0254 5808 CmBatt - ok
15:17:46.0270 5808 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:17:46.0301 5808 cmdide - ok
15:17:46.0334 5808 [ 1B675691ED940766149C93E8F4488D68 ] CNG C:\Windows\system32\Drivers\cng.sys
15:17:46.0387 5808 CNG - ok
15:17:46.0404 5808 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:17:46.0425 5808 Compbatt - ok
15:17:46.0464 5808 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:17:46.0495 5808 CompositeBus - ok
15:17:46.0514 5808 COMSysApp - ok
15:17:46.0529 5808 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:17:46.0551 5808 crcdisk - ok
15:17:46.0586 5808 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:17:46.0609 5808 CryptSvc - ok
15:17:46.0643 5808 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
15:17:46.0693 5808 CSC - ok
15:17:46.0727 5808 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
15:17:46.0752 5808 CscService - ok
15:17:46.0768 5808 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:17:46.0808 5808 DcomLaunch - ok
15:17:46.0830 5808 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:17:46.0878 5808 defragsvc - ok
15:17:46.0906 5808 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:17:46.0942 5808 DfsC - ok
15:17:46.0987 5808 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:17:47.0022 5808 Dhcp - ok
15:17:47.0044 5808 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:17:47.0093 5808 discache - ok
15:17:47.0139 5808 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:17:47.0163 5808 Disk - ok
15:17:47.0189 5808 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:17:47.0214 5808 Dnscache - ok
15:17:47.0252 5808 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:17:47.0319 5808 dot3svc - ok
15:17:47.0365 5808 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:17:47.0407 5808 Dot4 - ok
15:17:47.0436 5808 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:17:47.0466 5808 Dot4Print - ok
15:17:47.0488 5808 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:17:47.0529 5808 dot4usb - ok
15:17:47.0553 5808 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:17:47.0599 5808 DPS - ok
15:17:47.0619 5808 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:17:47.0662 5808 drmkaud - ok
15:17:47.0695 5808 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:17:47.0742 5808 DXGKrnl - ok
15:17:47.0773 5808 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:17:47.0805 5808 EapHost - ok
15:17:47.0891 5808 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:17:48.0039 5808 ebdrv - ok
15:17:48.0064 5808 [ F42309C4191C506B71DB5D1126D26318 ] EFS C:\Windows\System32\lsass.exe
15:17:48.0096 5808 EFS - ok
15:17:48.0159 5808 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:17:48.0283 5808 ehRecvr - ok
15:17:48.0304 5808 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:17:48.0350 5808 ehSched - ok
15:17:48.0418 5808 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
15:17:48.0437 5808 ElbyCDIO - ok
15:17:48.0475 5808 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:17:48.0519 5808 elxstor - ok
15:17:48.0546 5808 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:17:48.0578 5808 ErrDev - ok
15:17:48.0618 5808 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:17:48.0653 5808 EventSystem - ok
15:17:48.0768 5808 [ 816025E303A1DAE89E39D3D77CCBA2FB ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:17:48.0799 5808 EvtEng - ok
15:17:48.0813 5808 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:17:48.0854 5808 exfat - ok
15:17:48.0884 5808 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:17:48.0920 5808 fastfat - ok
15:17:48.0972 5808 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:17:49.0011 5808 Fax - ok
15:17:49.0016 5808 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:17:49.0051 5808 fdc - ok
15:17:49.0067 5808 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:17:49.0107 5808 fdPHost - ok
15:17:49.0122 5808 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:17:49.0159 5808 FDResPub - ok
15:17:49.0171 5808 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:17:49.0194 5808 FileInfo - ok
15:17:49.0207 5808 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:17:49.0242 5808 Filetrace - ok
15:17:49.0248 5808 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:17:49.0278 5808 flpydisk - ok
15:17:49.0296 5808 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:17:49.0322 5808 FltMgr - ok
15:17:49.0357 5808 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:17:49.0385 5808 FontCache - ok
15:17:49.0451 5808 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:17:49.0511 5808 FontCache3.0.0.0 - ok
15:17:49.0520 5808 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:17:49.0540 5808 FsDepends - ok
15:17:49.0553 5808 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:17:49.0574 5808 Fs_Rec - ok
15:17:49.0608 5808 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:17:49.0636 5808 fvevol - ok
15:17:49.0660 5808 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:17:49.0685 5808 gagp30kx - ok
15:17:49.0730 5808 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:17:49.0793 5808 gpsvc - ok
15:17:49.0871 5808 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:17:49.0888 5808 gupdate - ok
15:17:49.0896 5808 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:17:49.0905 5808 gupdatem - ok
15:17:49.0918 5808 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:17:49.0953 5808 hcw85cir - ok
15:17:49.0973 5808 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:17:50.0004 5808 HDAudBus - ok
15:17:50.0009 5808 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:17:50.0034 5808 HidBatt - ok
15:17:50.0039 5808 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:17:50.0078 5808 HidBth - ok
15:17:50.0101 5808 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:17:50.0142 5808 HidIr - ok
15:17:50.0174 5808 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
15:17:50.0227 5808 hidserv - ok
15:17:50.0274 5808 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:17:50.0308 5808 HidUsb - ok
15:17:50.0334 5808 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:17:50.0381 5808 hkmsvc - ok
15:17:50.0408 5808 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:17:50.0431 5808 HomeGroupListener - ok
15:17:50.0470 5808 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:17:50.0505 5808 HomeGroupProvider - ok
15:17:50.0627 5808 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
15:17:50.0652 5808 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
15:17:50.0653 5808 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
15:17:50.0672 5808 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
15:17:50.0689 5808 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
15:17:50.0689 5808 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
15:17:50.0738 5808 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:17:50.0785 5808 HpqKbFiltr - ok
15:17:50.0828 5808 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:17:50.0863 5808 HpSAMD - ok
15:17:51.0047 5808 [ C3B71A7EE3ADA9E9D1A30133B9D2FC74 ] HPSLPSVC C:\Users\seenan.alam\AppData\Local\Temp\7zS54B3\hpslpsvc32.dll
15:17:51.0074 5808 HPSLPSVC - ok
15:17:51.0104 5808 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:17:51.0132 5808 HTTP - ok
15:17:51.0172 5808 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:17:51.0194 5808 hwpolicy - ok
15:17:51.0222 5808 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:17:51.0268 5808 i8042prt - ok
15:17:51.0297 5808 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:17:51.0337 5808 iaStorV - ok
15:17:51.0419 5808 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:17:51.0459 5808 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:17:51.0459 5808 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:17:51.0531 5808 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:17:51.0671 5808 idsvc - ok
15:17:51.0915 5808 [ 398B3E63A5ED485C5BEE4B575DEC4BB4 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:17:52.0079 5808 igfx - ok
15:17:52.0108 5808 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:17:52.0133 5808 iirsp - ok
15:17:52.0190 5808 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:17:52.0258 5808 IKEEXT - ok
15:17:52.0294 5808 [ 5576AD2F0039D2BCCCA3567FC0BF981C ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:17:52.0334 5808 IntcDAud - ok
15:17:52.0358 5808 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:17:52.0385 5808 intelide - ok
15:17:52.0405 5808 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:17:52.0423 5808 intelppm - ok
15:17:52.0468 5808 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:17:52.0518 5808 IPBusEnum - ok
15:17:52.0544 5808 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:17:52.0590 5808 IpFilterDriver - ok
15:17:52.0623 5808 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:17:52.0661 5808 IPMIDRV - ok
15:17:52.0670 5808 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:17:52.0723 5808 IPNAT - ok
15:17:52.0753 5808 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:17:52.0799 5808 IRENUM - ok
15:17:52.0813 5808 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:17:52.0837 5808 isapnp - ok
15:17:52.0863 5808 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:17:52.0911 5808 iScsiPrt - ok
15:17:52.0926 5808 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:17:52.0947 5808 kbdclass - ok
15:17:52.0983 5808 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:17:53.0022 5808 kbdhid - ok
15:17:53.0026 5808 [ F42309C4191C506B71DB5D1126D26318 ] KeyIso C:\Windows\system32\lsass.exe
15:17:53.0040 5808 KeyIso - ok
15:17:53.0143 5808 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
15:17:53.0156 5808 Kodak AiO Network Discovery Service - ok
15:17:53.0200 5808 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
15:17:53.0220 5808 Kodak AiO Status Monitor Service - ok
15:17:53.0251 5808 [ 412CEA1AA78CC02A447F5C9E62B32FF1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:17:53.0273 5808 KSecDD - ok
15:17:53.0302 5808 [ 26C046977E85B95036453D7B88BA1820 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:17:53.0330 5808 KSecPkg - ok
15:17:53.0366 5808 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:17:53.0445 5808 KtmRm - ok
15:17:53.0467 5808 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
15:17:53.0504 5808 LanmanServer - ok
15:17:53.0529 5808 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:17:53.0568 5808 LanmanWorkstation - ok
15:17:53.0605 5808 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:17:53.0644 5808 lltdio - ok
15:17:53.0671 5808 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:17:53.0755 5808 lltdsvc - ok
15:17:53.0768 5808 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:17:53.0792 5808 lmhosts - ok
15:17:53.0812 5808 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:17:53.0837 5808 LSI_FC - ok
15:17:53.0851 5808 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:17:53.0883 5808 LSI_SAS - ok
15:17:53.0891 5808 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:17:53.0920 5808 LSI_SAS2 - ok
15:17:53.0932 5808 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:17:53.0965 5808 LSI_SCSI - ok
15:17:53.0975 5808 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:17:54.0021 5808 luafv - ok
15:17:54.0055 5808 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:17:54.0084 5808 Mcx2Svc - ok
15:17:54.0148 5808 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
15:17:54.0165 5808 MDM - ok
15:17:54.0182 5808 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:17:54.0206 5808 megasas - ok
15:17:54.0225 5808 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:17:54.0268 5808 MegaSR - ok
15:17:54.0307 5808 [ D86AC00883B9C98B570E7643AAF8E554 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
15:17:54.0432 5808 MEI - ok
15:17:54.0459 5808 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:17:54.0511 5808 MMCSS - ok
15:17:54.0521 5808 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:17:54.0557 5808 Modem - ok
15:17:54.0581 5808 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:17:54.0606 5808 monitor - ok
15:17:54.0632 5808 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:17:54.0654 5808 mouclass - ok
15:17:54.0665 5808 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:17:54.0695 5808 mouhid - ok
15:17:54.0720 5808 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:17:54.0742 5808 mountmgr - ok
15:17:54.0779 5808 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:17:54.0805 5808 mpio - ok
15:17:54.0833 5808 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:17:54.0880 5808 mpsdrv - ok
15:17:54.0901 5808 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:17:54.0941 5808 MRxDAV - ok
15:17:54.0970 5808 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:17:54.0994 5808 mrxsmb - ok
15:17:55.0027 5808 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:17:55.0052 5808 mrxsmb10 - ok
15:17:55.0074 5808 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:17:55.0098 5808 mrxsmb20 - ok
15:17:55.0138 5808 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:17:55.0169 5808 msahci - ok
15:17:55.0222 5808 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
15:17:55.0263 5808 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
15:17:55.0263 5808 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
15:17:55.0277 5808 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:17:55.0300 5808 msdsm - ok
15:17:55.0315 5808 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:17:55.0359 5808 MSDTC - ok
15:17:55.0394 5808 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:17:55.0429 5808 Msfs - ok
15:17:55.0435 5808 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:17:55.0481 5808 mshidkmdf - ok
15:17:55.0504 5808 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:17:55.0527 5808 msisadrv - ok
15:17:55.0558 5808 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:17:55.0609 5808 MSiSCSI - ok
15:17:55.0612 5808 msiserver - ok
15:17:55.0635 5808 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:17:55.0687 5808 MSKSSRV - ok
15:17:55.0697 5808 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:17:55.0748 5808 MSPCLOCK - ok
15:17:55.0758 5808 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:17:55.0808 5808 MSPQM - ok
15:17:55.0822 5808 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:17:55.0854 5808 MsRPC - ok
15:17:55.0888 5808 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:17:55.0896 5808 mssmbios - ok
15:17:55.0906 5808 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:17:55.0946 5808 MSTEE - ok
15:17:55.0955 5808 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:17:55.0988 5808 MTConfig - ok
15:17:56.0004 5808 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:17:56.0025 5808 Mup - ok
15:17:56.0058 5808 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:17:56.0085 5808 napagent - ok
15:17:56.0111 5808 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:17:56.0137 5808 NativeWifiP - ok
15:17:56.0248 5808 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
15:17:56.0324 5808 NBService - ok
15:17:56.0352 5808 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:17:56.0370 5808 NDIS - ok
15:17:56.0382 5808 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:17:56.0433 5808 NdisCap - ok
15:17:56.0457 5808 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:17:56.0502 5808 NdisTapi - ok
15:17:56.0537 5808 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:17:56.0560 5808 Ndisuio - ok
15:17:56.0599 5808 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:17:56.0645 5808 NdisWan - ok
15:17:56.0683 5808 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:17:56.0719 5808 NDProxy - ok
15:17:56.0754 5808 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:17:56.0759 5808 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:17:56.0759 5808 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:17:56.0788 5808 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:17:56.0853 5808 NetBIOS - ok
15:17:56.0882 5808 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:17:56.0923 5808 NetBT - ok
15:17:56.0930 5808 [ F42309C4191C506B71DB5D1126D26318 ] Netlogon C:\Windows\system32\lsass.exe
15:17:56.0941 5808 Netlogon - ok
15:17:56.0981 5808 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:17:57.0036 5808 Netman - ok
15:17:57.0108 5808 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:17:57.0241 5808 NetMsmqActivator - ok
15:17:57.0246 5808 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:17:57.0254 5808 NetPipeActivator - ok
15:17:57.0264 5808 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:17:57.0292 5808 netprofm - ok
15:17:57.0297 5808 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:17:57.0304 5808 NetTcpActivator - ok
15:17:57.0309 5808 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:17:57.0316 5808 NetTcpPortSharing - ok
15:17:57.0484 5808 [ 814596469BBE40EF99CCFD582A375B83 ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
15:17:57.0603 5808 NETwNs32 - ok
15:17:57.0639 5808 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:17:57.0670 5808 nfrd960 - ok
15:17:57.0704 5808 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:17:57.0742 5808 NlaSvc - ok
15:17:57.0834 5808 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
15:17:57.0853 5808 NMIndexingService - ok
15:17:57.0877 5808 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:17:57.0919 5808 Npfs - ok
15:17:57.0949 5808 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:17:57.0975 5808 nsi - ok
15:17:57.0987 5808 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:17:58.0034 5808 nsiproxy - ok
15:17:58.0084 5808 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:17:58.0159 5808 Ntfs - ok
15:17:58.0178 5808 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:17:58.0222 5808 Null - ok
15:17:58.0254 5808 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:17:58.0277 5808 nvraid - ok
15:17:58.0298 5808 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:17:58.0337 5808 nvstor - ok
15:17:58.0361 5808 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:17:58.0387 5808 nv_agp - ok
15:17:58.0422 5808 [ CDF2A5F20509593140F8B3B965448C5B ] NxDrv C:\Windows\system32\DRIVERS\NxDrv.sys
15:17:58.0432 5808 NxDrv - ok
15:17:58.0474 5808 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
15:17:58.0482 5808 O2FLASH - ok
15:17:58.0498 5808 [ 5F63917FCC257ED11E828230BE594194 ] O2MDFRDR C:\Windows\system32\DRIVERS\O2MDFw7.sys
15:17:58.0530 5808 O2MDFRDR - ok
15:17:58.0550 5808 [ F24DC5D512FF86576F406E9C1427E8BB ] O2MDRRDR C:\Windows\system32\DRIVERS\O2MDRxp.sys
15:17:58.0578 5808 O2MDRRDR - ok
15:17:58.0589 5808 [ 3083B3D0C74B59FACDE7F0CBBF25E659 ] O2SDJRDR C:\Windows\system32\DRIVERS\o2sdjxp.sys
15:17:58.0626 5808 O2SDJRDR - ok
15:17:58.0656 5808 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:17:58.0701 5808 ohci1394 - ok
15:17:58.0731 5808 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:17:58.0767 5808 ose - ok
15:17:58.0795 5808 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:17:58.0828 5808 p2pimsvc - ok
15:17:58.0856 5808 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:17:58.0883 5808 p2psvc - ok
15:17:58.0922 5808 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
15:17:58.0975 5808 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
15:17:58.0975 5808 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
15:17:58.0994 5808 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:17:59.0015 5808 Parport - ok
15:17:59.0021 5808 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:17:59.0042 5808 partmgr - ok
15:17:59.0055 5808 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:17:59.0072 5808 Parvdm - ok
15:17:59.0089 5808 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:17:59.0104 5808 PcaSvc - ok
15:17:59.0114 5808 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:17:59.0142 5808 pci - ok
15:17:59.0171 5808 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:17:59.0198 5808 pciide - ok
15:17:59.0215 5808 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:17:59.0257 5808 pcmcia - ok
15:17:59.0265 5808 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:17:59.0288 5808 pcw - ok
15:17:59.0312 5808 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:17:59.0355 5808 PEAUTH - ok
15:17:59.0399 5808 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:17:59.0433 5808 PeerDistSvc - ok
15:17:59.0504 5808 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:17:59.0566 5808 pla - ok
15:17:59.0616 5808 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:17:59.0656 5808 PlugPlay - ok
15:17:59.0691 5808 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:17:59.0707 5808 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:17:59.0707 5808 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:17:59.0727 5808 [ C9E532AE03AE66C65F25CA527029E917 ] pmxmouse C:\Windows\system32\DRIVERS\pmxmouse.sys
15:17:59.0764 5808 pmxmouse - ok
15:17:59.0781 5808 [ 970F5F7D1A8B0E7B05743C3704133ABE ] pmxps2m C:\Windows\system32\DRIVERS\pmxps2m.sys
15:17:59.0810 5808 pmxps2m - ok
15:17:59.0819 5808 [ 1971E853B598BF9BAABFF2B652E5CD4D ] pmxusblf C:\Windows\system32\DRIVERS\pmxusblf.sys
15:17:59.0857 5808 pmxusblf - ok
15:17:59.0900 5808 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:17:59.0934 5808 PNRPAutoReg - ok
15:17:59.0954 5808 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:17:59.0971 5808 PNRPsvc - ok
15:18:00.0040 5808 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:18:00.0114 5808 PolicyAgent - ok
15:18:00.0143 5808 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:18:00.0186 5808 Power - ok
15:18:00.0212 5808 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:18:00.0259 5808 PptpMiniport - ok
15:18:00.0274 5808 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:18:00.0309 5808 Processor - ok
15:18:00.0359 5808 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
15:18:00.0401 5808 ProfSvc - ok
15:18:00.0412 5808 [ F42309C4191C506B71DB5D1126D26318 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:18:00.0423 5808 ProtectedStorage - ok
15:18:00.0449 5808 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:18:00.0482 5808 Psched - ok
15:18:00.0516 5808 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
15:18:00.0551 5808 PxHelp20 - ok
15:18:00.0593 5808 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:18:00.0688 5808 ql2300 - ok
15:18:00.0713 5808 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:18:00.0747 5808 ql40xx - ok
15:18:00.0777 5808 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:18:00.0805 5808 QWAVE - ok
15:18:00.0815 5808 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:18:00.0838 5808 QWAVEdrv - ok
15:18:00.0854 5808 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:18:00.0888 5808 RasAcd - ok
15:18:00.0922 5808 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:18:00.0965 5808 RasAgileVpn - ok
15:18:00.0978 5808 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:18:01.0029 5808 RasAuto - ok
15:18:01.0050 5808 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:18:01.0093 5808 Rasl2tp - ok
15:18:01.0130 5808 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:18:01.0156 5808 RasMan - ok
15:18:01.0168 5808 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:18:01.0203 5808 RasPppoe - ok
15:18:01.0213 5808 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:18:01.0250 5808 RasSstp - ok
15:18:01.0270 5808 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:18:01.0314 5808 rdbss - ok
15:18:01.0330 5808 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:18:01.0358 5808 rdpbus - ok
15:18:01.0390 5808 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:18:01.0446 5808 RDPCDD - ok
15:18:01.0468 5808 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:18:01.0494 5808 RDPDR - ok
15:18:01.0519 5808 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:18:01.0562 5808 RDPENCDD - ok
15:18:01.0569 5808 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:18:01.0608 5808 RDPREFMP - ok
15:18:01.0633 5808 [ 288B06960D78428FF89E811632684E20 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:18:01.0675 5808 RDPWD - ok
15:18:01.0706 5808 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:18:01.0738 5808 rdyboost - ok
15:18:01.0787 5808 [ B064FC671688A9A1C5F46AE06E87F70D ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:18:01.0807 5808 RegSrvc - ok
15:18:01.0831 5808 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:18:01.0883 5808 RemoteAccess - ok
15:18:01.0903 5808 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:18:01.0931 5808 RemoteRegistry - ok
15:18:01.0962 5808 [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
15:18:02.0002 5808 RimUsb - ok
15:18:02.0032 5808 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:18:02.0079 5808 RpcEptMapper - ok
15:18:02.0102 5808 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:18:02.0124 5808 RpcLocator - ok
15:18:02.0179 5808 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:18:02.0224 5808 RpcSs - ok
15:18:02.0268 5808 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:18:02.0307 5808 rspndr - ok
15:18:02.0336 5808 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:18:02.0371 5808 s3cap - ok
15:18:02.0383 5808 [ F42309C4191C506B71DB5D1126D26318 ] SamSs C:\Windows\system32\lsass.exe
15:18:02.0394 5808 SamSs - ok
15:18:02.0491 5808 [ BD57B12FA4C21B1CE7DA3570410BF12D ] SAVAdminService C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
15:18:02.0501 5808 SAVAdminService - ok
15:18:02.0566 5808 [ AE668D3F43FC90BC17F62E08FF82A446 ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
15:18:02.0595 5808 SAVOnAccess - ok
15:18:02.0613 5808 [ 836AEC603665F6DB83965EE57B3DCF57 ] SAVService C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
15:18:02.0622 5808 SAVService - ok
15:18:02.0747 5808 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
15:18:02.0807 5808 SBAMSvc - ok
15:18:02.0838 5808 [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
15:18:02.0864 5808 sbapifs - ok
15:18:02.0897 5808 [ 1AFD7178AB9C4FCE2D332DA7AA474FA6 ] sbhips C:\Windows\system32\drivers\sbhips.sys
15:18:02.0946 5808 sbhips - ok
15:18:02.0985 5808 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:18:03.0013 5808 sbp2port - ok
15:18:03.0035 5808 [ 1FD538C4FEB36B793D2121F20BBDC16F ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
15:18:03.0084 5808 SBRE - ok
15:18:03.0109 5808 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:18:03.0143 5808 SCardSvr - ok
15:18:03.0152 5808 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:18:03.0186 5808 scfilter - ok
15:18:03.0234 5808 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:18:03.0275 5808 Schedule - ok
15:18:03.0310 5808 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:18:03.0343 5808 SCPolicySvc - ok
15:18:03.0368 5808 [ A957FD57A6AE1597943E4590DE10669B ] sdcfilter C:\Windows\system32\DRIVERS\sdcfilter.sys
15:18:03.0403 5808 sdcfilter - ok
15:18:03.0431 5808 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:18:03.0471 5808 SDRSVC - ok
15:18:03.0503 5808 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:18:03.0548 5808 secdrv - ok
15:18:03.0566 5808 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:18:03.0602 5808 seclogon - ok
15:18:03.0613 5808 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:18:03.0651 5808 SENS - ok
15:18:03.0685 5808 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:18:03.0713 5808 SensrSvc - ok
15:18:03.0723 5808 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:18:03.0746 5808 Serenum - ok
15:18:03.0760 5808 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:18:03.0784 5808 Serial - ok
15:18:03.0798 5808 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:18:03.0833 5808 sermouse - ok
15:18:03.0863 5808 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:18:03.0889 5808 SessionEnv - ok
15:18:03.0914 5808 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:18:03.0938 5808 sffdisk - ok
15:18:03.0942 5808 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:18:03.0981 5808 sffp_mmc - ok
15:18:03.0985 5808 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:18:04.0019 5808 sffp_sd - ok
15:18:04.0033 5808 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:18:04.0071 5808 sfloppy - ok
15:18:04.0127 5808 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:18:04.0172 5808 ShellHWDetection - ok
15:18:04.0193 5808 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:18:04.0215 5808 sisagp - ok
15:18:04.0232 5808 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:18:04.0255 5808 SiSRaid2 - ok
15:18:04.0268 5808 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:18:04.0291 5808 SiSRaid4 - ok
15:18:04.0362 5808 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:18:04.0378 5808 SkypeUpdate - ok
15:18:04.0407 5808 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:18:04.0458 5808 Smb - ok
15:18:04.0489 5808 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:18:04.0515 5808 SNMPTRAP - ok
15:18:04.0551 5808 [ 977AAA4398D7D6FA65D973F5B3F54E40 ] SonicStage Back-End Service C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
15:18:04.0582 5808 SonicStage Back-End Service - ok
15:18:04.0666 5808 [ 7F8D776BAF0F0A2CC3FA3BEDE9507413 ] SONICWALL_NetExtender C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe
15:18:04.0682 5808 SONICWALL_NetExtender - ok
15:18:04.0734 5808 [ 85DD2D3A8E67AA75D03B74DEFFE4BC87 ] Sophos Agent C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
15:18:04.0754 5808 Sophos Agent ( UnsignedFile.Multi.Generic ) - warning
15:18:04.0754 5808 Sophos Agent - detected UnsignedFile.Multi.Generic (1)
15:18:04.0805 5808 [ B5774835A13B5ED31378AABD07746262 ] Sophos AutoUpdate Service C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
15:18:04.0817 5808 Sophos AutoUpdate Service - ok
15:18:04.0840 5808 [ FE03582DE80740D22FE428F3351ADB16 ] Sophos Message Router C:\Program Files\Sophos\Remote Management System\RouterNT.exe
15:18:04.0863 5808 Sophos Message Router ( UnsignedFile.Multi.Generic ) - warning
15:18:04.0863 5808 Sophos Message Router - detected UnsignedFile.Multi.Generic (1)
15:18:04.0876 5808 [ F2B7BD04146B3E6A895A1919E1F5DA89 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
15:18:04.0900 5808 SophosBootDriver - ok
15:18:04.0909 5808 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:18:04.0932 5808 spldr - ok
15:18:04.0965 5808 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
15:18:04.0991 5808 Spooler - ok
15:18:05.0085 5808 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:18:05.0158 5808 sppsvc - ok
15:18:05.0194 5808 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:18:05.0230 5808 sppuinotify - ok
15:18:05.0296 5808 [ D390675B8CE45E5FB359338E5E649329 ] sptd C:\Windows\system32\Drivers\sptd.sys
15:18:05.0381 5808 sptd - ok
15:18:05.0412 5808 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
15:18:05.0443 5808 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
15:18:05.0443 5808 SPTISRV - detected UnsignedFile.Multi.Generic (1)
15:18:05.0480 5808 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:18:05.0520 5808 srv - ok
15:18:05.0553 5808 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:18:05.0577 5808 srv2 - ok
15:18:05.0605 5808 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:18:05.0617 5808 srvnet - ok
15:18:05.0654 5808 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:18:05.0689 5808 SSDPSRV - ok
15:18:05.0723 5808 [ 756E371B3B86A3D3039926D32EAC0E8D ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
15:18:05.0761 5808 SSScsiSV - ok
15:18:05.0780 5808 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:18:05.0817 5808 SstpSvc - ok
15:18:05.0865 5808 [ A97FCA92BE4E62BC589371058CBC769E ] STacSV C:\Program Files\IDT\WDM\STacSV.exe
15:18:05.0886 5808 STacSV - ok
15:18:05.0921 5808 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:18:05.0951 5808 stexstor - ok
15:18:05.0973 5808 [ D5D73B49D53FCC47E2828D6805DFA0F6 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
15:18:06.0006 5808 STHDA - ok
15:18:06.0030 5808 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:18:06.0060 5808 StillCam - ok
15:18:06.0095 5808 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:18:06.0137 5808 StiSvc - ok
15:18:06.0170 5808 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:18:06.0199 5808 storflt - ok
15:18:06.0222 5808 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
15:18:06.0245 5808 StorSvc - ok
15:18:06.0262 5808 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:18:06.0284 5808 storvsc - ok
15:18:06.0298 5808 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:18:06.0321 5808 swenum - ok
15:18:06.0399 5808 [ AA5CA4A5F87C1576FF550A0372B3ED84 ] swi_service C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
15:18:06.0434 5808 swi_service - ok
15:18:06.0466 5808 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:18:06.0518 5808 swprv - ok
15:18:06.0547 5808 [ FA2DAA32BED908023272A0F77D625DAE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:18:06.0585 5808 SynTP - ok
15:18:06.0636 5808 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:18:06.0663 5808 SysMain - ok
15:18:06.0694 5808 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:18:06.0742 5808 TabletInputService - ok
15:18:06.0770 5808 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:18:06.0808 5808 TapiSrv - ok
15:18:06.0819 5808 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:18:06.0845 5808 TBS - ok
15:18:06.0899 5808 [ 04E4A7D53A7ACE02E8C55B17A498F631 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:18:06.0973 5808 Tcpip - ok
15:18:07.0018 5808 [ 04E4A7D53A7ACE02E8C55B17A498F631 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:18:07.0045 5808 TCPIP6 - ok
15:18:07.0080 5808 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:18:07.0103 5808 tcpipreg - ok
15:18:07.0134 5808 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:18:07.0171 5808 TDPIPE - ok
15:18:07.0189 5808 [ 2C10395BAA4847F83042813C515CC289 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:18:07.0225 5808 TDTCP - ok
15:18:07.0269 5808 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:18:07.0329 5808 tdx - ok
15:18:07.0362 5808 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:18:07.0389 5808 TermDD - ok
15:18:07.0426 5808 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:18:07.0468 5808 TermService - ok
15:18:07.0486 5808 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:18:07.0523 5808 Themes - ok
15:18:07.0552 5808 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:18:07.0578 5808 THREADORDER - ok
15:18:07.0592 5808 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:18:07.0625 5808 TrkWks - ok
15:18:07.0676 5808 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:18:07.0747 5808 TrustedInstaller - ok
15:18:07.0767 5808 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:18:07.0802 5808 tssecsrv - ok
15:18:07.0855 5808 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:18:07.0904 5808 TsUsbFlt - ok
15:18:07.0942 5808 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:18:07.0997 5808 tunnel - ok
15:18:08.0016 5808 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:18:08.0041 5808 uagp35 - ok
15:18:08.0075 5808 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:18:08.0140 5808 udfs - ok
15:18:08.0171 5808 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:18:08.0207 5808 UI0Detect - ok
15:18:08.0243 5808 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:18:08.0268 5808 uliagpkx - ok
15:18:08.0308 5808 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:18:08.0333 5808 umbus - ok
15:18:08.0362 5808 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:18:08.0400 5808 UmPass - ok
15:18:08.0426 5808 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
15:18:08.0451 5808 UmRdpService - ok
15:18:08.0469 5808 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:18:08.0525 5808 upnphost - ok
15:18:08.0567 5808 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:18:08.0600 5808 usbaudio - ok
15:18:08.0629 5808 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:18:08.0670 5808 usbccgp - ok
15:18:08.0713 5808 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:18:08.0747 5808 usbcir - ok
15:18:08.0761 5808 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:18:08.0781 5808 usbehci - ok
15:18:08.0814 5808 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:18:08.0848 5808 usbhub - ok
15:18:08.0863 5808 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:18:08.0894 5808 usbohci - ok
15:18:08.0924 5808 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:18:08.0952 5808 usbprint - ok
15:18:08.0986 5808 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:18:09.0022 5808 usbscan - ok
15:18:09.0037 5808 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:18:09.0070 5808 USBSTOR - ok
15:18:09.0073 5808 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:18:09.0096 5808 usbuhci - ok
15:18:09.0120 5808 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:18:09.0148 5808 usbvideo - ok
15:18:09.0176 5808 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:18:09.0211 5808 UxSms - ok
15:18:09.0222 5808 [ F42309C4191C506B71DB5D1126D26318 ] VaultSvc C:\Windows\system32\lsass.exe
15:18:09.0235 5808 VaultSvc - ok
15:18:09.0277 5808 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
15:18:09.0307 5808 VClone - ok
15:18:09.0317 5808 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:18:09.0340 5808 vdrvroot - ok
15:18:09.0383 5808 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:18:09.0440 5808 vds - ok
15:18:09.0490 5808 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:18:09.0532 5808 vga - ok
15:18:09.0547 5808 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:18:09.0587 5808 VgaSave - ok
15:18:09.0616 5808 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:18:09.0650 5808 vhdmp - ok
15:18:09.0668 5808 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:18:09.0690 5808 viaagp - ok
15:18:09.0697 5808 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:18:09.0743 5808 ViaC7 - ok
15:18:09.0754 5808 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:18:09.0774 5808 viaide - ok
15:18:09.0789 5808 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:18:09.0828 5808 vmbus - ok
15:18:09.0846 5808 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:18:09.0886 5808 VMBusHID - ok
15:18:09.0904 5808 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:18:09.0927 5808 volmgr - ok
15:18:09.0944 5808 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:18:09.0973 5808 volmgrx - ok
15:18:09.0989 5808 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:18:10.0021 5808 volsnap - ok
15:18:10.0046 5808 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:18:10.0074 5808 vsmraid - ok
15:18:10.0127 5808 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:18:10.0203 5808 VSS - ok
15:18:10.0216 5808 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:18:10.0251 5808 vwifibus - ok
15:18:10.0269 5808 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:18:10.0293 5808 vwififlt - ok
15:18:10.0321 5808 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:18:10.0350 5808 W32Time - ok
15:18:10.0363 5808 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:18:10.0401 5808 WacomPen - ok
15:18:10.0443 5808 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:18:10.0487 5808 WANARP - ok
15:18:10.0490 5808 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:18:10.0512 5808 Wanarpv6 - ok
15:18:10.0588 5808 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:18:10.0719 5808 WatAdminSvc - ok
15:18:10.0794 5808 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:18:10.0870 5808 wbengine - ok
15:18:10.0897 5808 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:18:10.0933 5808 WbioSrvc - ok
15:18:10.0975 5808 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:18:11.0006 5808 wcncsvc - ok
15:18:11.0020 5808 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:18:11.0057 5808 WcsPlugInService - ok
15:18:11.0074 5808 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:18:11.0096 5808 Wd - ok
15:18:11.0114 5808 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:18:11.0156 5808 Wdf01000 - ok
15:18:11.0168 5808 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:18:11.0182 5808 WdiServiceHost - ok
15:18:11.0186 5808 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:18:11.0200 5808 WdiSystemHost - ok
15:18:11.0236 5808 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:18:11.0277 5808 WebClient - ok
15:18:11.0294 5808 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:18:11.0335 5808 Wecsvc - ok
15:18:11.0348 5808 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:18:11.0387 5808 wercplsupport - ok
15:18:11.0419 5808 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:18:11.0456 5808 WerSvc - ok
15:18:11.0477 5808 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:18:11.0511 5808 WfpLwf - ok
15:18:11.0545 5808 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:18:11.0568 5808 WIMMount - ok
15:18:11.0657 5808 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:18:11.0690 5808 WinDefend - ok
15:18:11.0695 5808 WinHttpAutoProxySvc - ok
15:18:11.0752 5808 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:18:11.0785 5808 Winmgmt - ok
15:18:11.0840 5808 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:18:11.0891 5808 WinRM - ok
15:18:11.0924 5808 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:18:11.0963 5808 WinUsb - ok
15:18:12.0003 5808 [ F3EDC9909A02E6BCA863EB702D37B505 ] WinVNC4 C:\Program Files\RealVNC\VNC4\WinVNC4.exe
15:18:12.0017 5808 WinVNC4 - ok
15:18:12.0055 5808 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:18:12.0095 5808 Wlansvc - ok
15:18:12.0193 5808 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:18:12.0232 5808 wlidsvc - ok
15:18:12.0273 5808 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:18:12.0283 5808 WmiAcpi - ok
15:18:12.0312 5808 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:18:12.0335 5808 wmiApSrv - ok
15:18:12.0416 5808 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:18:12.0451 5808 WMPNetworkSvc - ok
15:18:12.0475 5808 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:18:12.0497 5808 WPCSvc - ok
15:18:12.0530 5808 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:18:12.0553 5808 WPDBusEnum - ok
15:18:12.0578 5808 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:18:12.0624 5808 ws2ifsl - ok
15:18:12.0677 5808 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
15:18:12.0691 5808 wscsvc - ok
15:18:12.0734 5808 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:18:12.0764 5808 WSDPrintDevice - ok
15:18:12.0772 5808 [ 7DC0270CFD4A05B4112E3EBBF083B595 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
15:18:12.0796 5808 WSDScan - ok
15:18:12.0799 5808 WSearch - ok
15:18:12.0860 5808 [ 3026418A50C5B4761BEFA632CEDB7406 ] wuauserv C:\Windows\system32\wuaueng.dll
15:18:12.0905 5808 wuauserv - ok
15:18:12.0937 5808 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:18:12.0978 5808 WudfPf - ok
15:18:13.0008 5808 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:18:13.0043 5808 WUDFRd - ok
15:18:13.0073 5808 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:18:13.0123 5808 wudfsvc - ok
15:18:13.0157 5808 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:18:13.0200 5808 WwanSvc - ok
15:18:13.0285 5808 [ 4F5D56FF81B8C0294E22DCC62136F253 ] ZcfgSvc7 C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
15:18:13.0305 5808 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - warning
15:18:13.0305 5808 ZcfgSvc7 - detected UnsignedFile.Multi.Generic (1)
15:18:13.0324 5808 ================ Scan global ===============================
15:18:13.0355 5808 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:18:13.0387 5808 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
15:18:13.0411 5808 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
15:18:13.0435 5808 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:18:13.0473 5808 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:18:13.0547 5808 [Global] - ok
15:18:13.0548 5808 ================ Scan MBR ==================================
15:18:13.0554 5808 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:18:13.0943 5808 \Device\Harddisk0\DR0 - ok
15:18:13.0953 5808 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR1
15:18:23.0896 5808 \Device\Harddisk1\DR1 - ok
15:18:23.0896 5808 ================ Scan VBR ==================================
15:18:23.0905 5808 [ CD6E45A0B83A09B4F0E068CA22BCFE59 ] \Device\Harddisk0\DR0\Partition1
15:18:23.0910 5808 \Device\Harddisk0\DR0\Partition1 - ok
15:18:23.0914 5808 [ D10D8C18C666356A24A23CFB512A204B ] \Device\Harddisk0\DR0\Partition2
15:18:23.0922 5808 \Device\Harddisk0\DR0\Partition2 - ok
15:18:23.0925 5808 [ 68C18D9F2390617F8A13D71109E03EC6 ] \Device\Harddisk1\DR1\Partition1
15:18:23.0927 5808 \Device\Harddisk1\DR1\Partition1 - ok
15:18:23.0927 5808 ============================================================
15:18:23.0927 5808 Scan finished
15:18:23.0927 5808 ============================================================
15:18:23.0937 0996 Detected object count: 11
15:18:23.0937 0996 Actual detected object count: 11
15:19:02.0135 0996 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0135 0996 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:02.0135 0996 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0135 0996 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:02.0137 0996 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0137 0996 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:02.0139 0996 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0139 0996 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:02.0140 0996 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0140 0996 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:02.0141 0996 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0141 0996 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:02.0142 0996 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0142 0996 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:02.0143 0996 Sophos Agent ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0144 0996 Sophos Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:02.0145 0996 Sophos Message Router ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0145 0996 Sophos Message Router ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:02.0146 0996 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0146 0996 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:02.0148 0996 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:02.0148 0996 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:25.0832 1696 Deinitialize success
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You need to disable Sophos as it is preventing Combofix from running

If necessary run combofix from safe mode
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP