Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan:JS/medfos.B [Solved]


  • This topic is locked This topic is locked

#1
bwing

bwing

    Member

  • Member
  • PipPip
  • 17 posts
Eradict, saved photos to the wrong file. Win32sys blue screen reboot - Updated Windows 7 and found the Medfos trojan.

Started the process from another post. I don't use this computer, but my wife is frustrated and afraid to do anything with it since we started having Virus.

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java™ 6 Update 31
Java™ 6 Update 7
Java version out of Date!
Adobe Flash Player 11.5.502.146
Adobe Reader 10.1.5 Adobe Reader out of Date!
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

# AdwCleaner v2.105 - Logfile created 01/10/2013 at 22:11:06
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Cool Lisa - WINGGATEWAY
# Boot Mode : Normal
# Running from : C:\Users\Cool Lisa\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : DefaultTabSearch
Stopped & Deleted : DefaultTabUpdate

***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\Yontoo Layers Runtime
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\Cool Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\Cool Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\cjalh8z9.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Winghome II\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Brian wk\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Cool Lisa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4597 octets] - [10/01/2013 22:11:06]

########## EOF - C:\AdwCleaner[S1].txt - [4657 octets] ##########

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Cool Lisa [Admin rights]
Mode : Remove -- Date : 01/10/2013 22:15:15

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 11 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\Run : Nuance PDF Converter Professional 7-reminder ("C:\Program Files (x86)\Nuance\PDF Professional 7\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 7\Ereg\Ereg.ini") -> DELETED
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe -> DELETED
[TASK][ROGUE ST] 4813 : wscript.exe C:\Users\LISAWI~1\AppData\Local\Temp\launchie.vbs //B -> DELETED
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{22357AE5-5D76-4A79-ABA6-40E51A151E4B} : NameServer (65.182.224.40,65.182.224.50) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{52C853F1-0F4C-4993-AAA7-D5D4EC1A9817} : NameServer (65.182.224.40,65.182.224.50) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{22357AE5-5D76-4A79-ABA6-40E51A151E4B} : NameServer (65.182.224.40,65.182.224.50) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{52C853F1-0F4C-4993-AAA7-D5D4EC1A9817} : NameServer (65.182.224.40,65.182.224.50) -> NOT REMOVED, USE DNSFIX
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDS721010CLA332 +++++
--- User ---
[MBR] 5fc853d86f774b2af9218aea80a181b0
[BSP] 906702baa917c01e7ba22ddcd2f830e9 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18432 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 37750784 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 37955584 | Size: 468742 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 997939200 | Size: 466593 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_01102013_02d2215.txt >>
RKreport[1]_S_01102013_02d2215.txt ; RKreport[2]_D_01102013_02d2215.txt
  • 0

Advertisements


#2
bwing

bwing

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
OTL logfile created on: 1/10/2013 10:29:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cool Lisa\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 6.21 Gb Available Physical Memory | 77.78% Memory free
15.96 Gb Paging File | 13.96 Gb Available in Paging File | 87.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.76 Gb Total Space | 317.45 Gb Free Space | 69.35% Space Free | Partition Type: NTFS
Drive M: | 100.00 Mb Total Space | 70.35 Mb Free Space | 70.35% Space Free | Partition Type: NTFS
Drive O: | 455.66 Gb Total Space | 407.24 Gb Free Space | 89.37% Space Free | Partition Type: NTFS

Computer Name: WINGGATEWAY | User Name: Cool Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/10 22:29:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cool Lisa\Downloads\OTL.exe
PRC - [2013/01/09 09:48:46 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
PRC - [2012/12/18 06:28:12 | 001,431,256 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/07 20:09:47 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/11/28 16:28:22 | 000,548,264 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2012/11/28 16:28:20 | 002,670,496 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
PRC - [2012/11/28 16:28:16 | 006,655,912 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
PRC - [2012/10/16 17:22:28 | 000,386,920 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2012/10/10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/07/25 14:12:04 | 001,155,472 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2012/07/25 13:03:12 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/06/11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/06/11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2011/11/12 11:04:12 | 000,268,640 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2011/11/12 10:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/11/03 10:21:00 | 001,787,752 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
PRC - [2011/09/09 01:13:50 | 000,135,016 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe
PRC - [2010/11/09 18:50:50 | 000,613,992 | ---- | M] () -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
PRC - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/10/05 05:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 05:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/08/06 13:57:50 | 001,370,624 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
PRC - [2010/02/03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/01/28 15:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
PRC - [2010/01/15 04:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/08 05:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
PRC - [2009/11/17 14:18:20 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
PRC - [2009/11/17 14:18:16 | 000,244,480 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
PRC - [2009/09/25 14:57:30 | 000,537,968 | ---- | M] (PIXELA CORPORATION) -- C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe
PRC - [2009/06/30 21:24:46 | 000,762,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/09 22:33:17 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\Microsoft.VisualBasic.ni.dll
MOD - [2013/01/09 22:32:47 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\30a8c29a4e9807d25f7148ba4adbe7b9\IAStorUtil.ni.dll
MOD - [2013/01/09 22:32:47 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\3956b6af532aee63d53f0c15d071b14b\IAStorCommon.ni.dll
MOD - [2013/01/09 22:11:35 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bfaf8f86e69928fb2f67987c0203f603\PresentationFramework.ni.dll
MOD - [2013/01/09 22:11:24 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll
MOD - [2013/01/09 22:11:17 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2013/01/09 22:11:06 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2013/01/09 22:10:55 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2013/01/09 22:10:50 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 22:10:47 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2013/01/09 22:10:46 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2013/01/09 22:10:44 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2013/01/09 22:10:35 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2013/01/09 09:48:45 | 014,586,888 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2012/12/18 06:28:12 | 000,305,880 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2012/12/07 20:09:47 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/14 08:19:06 | 008,500,224 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2011/09/14 08:19:06 | 002,348,544 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2010/11/09 18:51:28 | 000,151,656 | ---- | M] () -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyHook.dll
MOD - [2010/11/09 18:50:50 | 000,613,992 | ---- | M] () -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
MOD - [2009/11/17 14:16:40 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll
MOD - [2009/07/21 13:42:50 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\pxl_m17n_tool.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/28 15:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe -- (Updater Service)
SRV - [2013/01/09 09:48:46 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/07 20:09:47 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/28 16:28:22 | 000,548,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2012/10/16 17:22:28 | 000,386,920 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2012/10/10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/25 13:03:12 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/11/12 10:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/09/09 01:13:50 | 000,135,016 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe -- (PDFProFiltSrv)
SRV - [2011/01/25 00:32:15 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/01/25 00:32:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/05 05:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/05 05:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/04/03 15:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 13:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010/01/15 04:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/08 05:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/11/17 14:18:20 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/30 23:09:34 | 000,358,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/08/10 19:40:06 | 001,014,624 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/06/21 14:07:36 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/11/17 15:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/30 21:24:50 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX3000.sys -- (VX3000)
DRV:64bit: - [2009/06/10 13:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AGERESoftModem)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/05 15:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 15:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com/?pc=MAGW
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=MAGW
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com/?pc=MAGW
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=MAGW
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com/?pc=MAGW
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=MAGW
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7Bd347fc45-6646-43ca-adf7-03f3c49fc9b4%7D:3.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/07 20:09:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/01/06 19:14:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cool Lisa\AppData\Roaming\Mozilla\Extensions
[2013/01/10 22:12:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cool Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\cjalh8z9.default\Extensions
[2013/01/09 21:19:43 | 000,002,367 | ---- | M] () (No name found) -- C:\Users\Cool Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\cjalh8z9.default\Extensions\{d347fc45-6646-43ca-adf7-03f3c49fc9b4}.xpi
[2012/05/02 20:02:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/07 20:09:48 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/12/07 20:09:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/12/07 20:09:46 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: npDefaultTabSearch plugin (Enabled) = C:\Users\Cool Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.14_0\plugins/npDefaultTabSearch.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: DocuCom PDF Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Cool Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Cool Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: ChromeUpdateManager = C:\Users\Cool Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdjbnddbclciabnckgeahmneohjlahdm\1.0_0\
CHR - Extension: Google Search = C:\Users\Cool Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: We-Care.com Reminder = C:\Users\Cool Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.28_0\
CHR - Extension: Gmail = C:\Users\Cool Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDF Professional 7\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (DocuCom PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [PDF7 Registry Controller] C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFProHook] C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Open with Nuance PDF Converter 7 - C:\Program Files (x86)\Nuance\PDF Professional 7\cnvres_eng.dll (Nuance Communications, Inc.)
O8:64bit: - Extra context menu item: Open with PDF Professional 7 - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O8 - Extra context menu item: Open with Nuance PDF Converter 7 - C:\Program Files (x86)\Nuance\PDF Professional 7\cnvres_eng.dll (Nuance Communications, Inc.)
O8 - Extra context menu item: Open with PDF Professional 7 - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFECAFE-0013-0001-0026-ABCDEFABCDEF} Reg Error: Value error. (JInitiator 1.3.1.26)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.182.224.40 65.182.224.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22357AE5-5D76-4A79-ABA6-40E51A151E4B}: NameServer = 65.182.224.40,65.182.224.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52C853F1-0F4C-4993-AAA7-D5D4EC1A9817}: NameServer = 65.182.224.40,65.182.224.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE3DD191-6101-46E4-B114-DFDA51EE1DD0}: DhcpNameServer = 65.182.224.40 65.182.224.50
O18:64bit: - Protocol\Handler\intu-help-qb3 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/10 22:14:34 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\Desktop\RK_Quarantine
[2013/01/10 22:07:54 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\Desktop\Virus
[2013/01/10 05:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/01/10 05:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/01/09 21:47:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013/01/09 21:46:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013/01/09 21:19:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/01/09 21:15:23 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013/01/08 21:25:42 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Local\Google
[2013/01/08 10:55:13 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/01/07 20:01:29 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Local\Intuit
[2013/01/07 14:39:46 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Local\HP
[2013/01/07 13:31:10 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Zeon
[2013/01/07 08:46:06 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\Documents\Quicken
[2013/01/07 08:44:58 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Intuit
[2013/01/06 20:11:16 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Local\Macromedia
[2013/01/06 20:11:16 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Adobe
[2013/01/06 19:22:00 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Malwarebytes
[2013/01/06 19:14:11 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Mozilla
[2013/01/06 19:14:11 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Local\Mozilla
[2013/01/06 19:12:12 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Intel Corporation
[2013/01/06 19:12:08 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\OEM
[2013/01/06 19:12:08 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Apple Computer
[2013/01/06 19:12:08 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Local\Adobe
[2013/01/06 19:11:56 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/01/06 19:11:56 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Searches
[2013/01/06 19:11:56 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/01/06 19:11:56 | 000,000,000 | -H-D | C] -- C:\Users\Cool Lisa\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/01/06 19:11:49 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Identities
[2013/01/06 19:11:48 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Contacts
[2013/01/06 19:11:42 | 000,000,000 | --SD | C] -- C:\Users\Cool Lisa\AppData\Roaming\Microsoft
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Videos
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Saved Games
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Pictures
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Music
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Links
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Favorites
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Downloads
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Documents
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\Desktop
[2013/01/06 19:11:42 | 000,000,000 | R--D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\AppData\Local\Temporary Internet Files
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\Templates
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\Start Menu
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\SendTo
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\Recent
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\PrintHood
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\NetHood
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\Documents\My Videos
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\Documents\My Pictures
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\Documents\My Music
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\My Documents
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\Local Settings
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\AppData\Local\History
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\Cookies
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\Application Data
[2013/01/06 19:11:42 | 000,000,000 | -HSD | C] -- C:\Users\Cool Lisa\AppData\Local\Application Data
[2013/01/06 19:11:42 | 000,000,000 | -H-D | C] -- C:\Users\Cool Lisa\AppData
[2013/01/06 19:11:42 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Local\Temp
[2013/01/06 19:11:42 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Local\Microsoft Help
[2013/01/06 19:11:42 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Local\Microsoft
[2013/01/06 19:11:42 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Media Center Programs
[2013/01/06 19:11:42 | 000,000,000 | ---D | C] -- C:\Users\Cool Lisa\AppData\Roaming\Macromedia
[2012/12/23 19:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Utility Kit
[2012/12/23 18:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\02DA25A187AA3EFB000002DA22CE45DC
[2012/12/23 18:26:14 | 000,000,000 | ---D | C] -- C:\ProgramData\D0E39D000C4E1A490000D0E2CC24212A
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/10 22:19:51 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/10 22:19:51 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/10 22:16:58 | 000,730,532 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/10 22:16:58 | 000,627,104 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/10 22:16:58 | 000,107,420 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/10 22:12:43 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/10 22:12:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/10 22:12:09 | 2133,352,447 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/10 21:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/10 21:40:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/10 17:16:30 | 000,540,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/10 07:19:01 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\Install Microsoft LifeCam.lnk
[2013/01/10 05:33:46 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/01/09 21:26:07 | 567,671,976 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/01/09 05:56:20 | 000,001,134 | ---- | M] () -- C:\Users\Cool Lisa\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/07 14:37:05 | 000,723,376 | ---- | M] () -- C:\Users\Cool Lisa\Desktop\ADDRESSDATABASE.3.5.11.cwk
[2013/01/07 14:20:21 | 000,001,232 | ---- | M] () -- C:\Users\Public\Desktop\ClarisWorks 5.0.lnk
[2013/01/06 19:21:20 | 000,001,736 | ---- | M] () -- C:\Users\Cool Lisa\Desktop\Katelyn - Shortcut.lnk
[2013/01/06 19:21:09 | 000,001,828 | ---- | M] () -- C:\Users\Cool Lisa\Desktop\Lisa's Everything - Shortcut.lnk
[2013/01/06 19:20:45 | 000,001,465 | ---- | M] () -- C:\Users\Cool Lisa\Desktop\Lisa - Shortcut.lnk
[2013/01/06 19:12:08 | 000,001,444 | ---- | M] () -- C:\Users\Cool Lisa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/05 08:51:54 | 000,743,538 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/12/24 05:54:44 | 000,000,292 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{153EBBDB-0E99-472E-BCD6-271BD75A9048}.job
[2012/12/21 16:01:04 | 000,000,620 | ---- | M] () -- C:\Windows\wininit.ini
[2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/13 09:41:19 | 000,002,381 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/12/13 09:41:19 | 000,002,280 | ---- | M] () -- C:\Users\Cool Lisa\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/10 07:19:01 | 000,001,152 | ---- | C] () -- C:\Users\Public\Desktop\Install Microsoft LifeCam.lnk
[2013/01/10 05:33:46 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/01/10 05:33:31 | 000,002,124 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/01/09 05:56:20 | 000,001,134 | ---- | C] () -- C:\Users\Cool Lisa\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/08 10:55:05 | 567,671,976 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/01/07 14:20:21 | 000,001,232 | ---- | C] () -- C:\Users\Public\Desktop\ClarisWorks 5.0.lnk
[2013/01/06 19:21:20 | 000,001,736 | ---- | C] () -- C:\Users\Cool Lisa\Desktop\Katelyn - Shortcut.lnk
[2013/01/06 19:21:09 | 000,001,828 | ---- | C] () -- C:\Users\Cool Lisa\Desktop\Lisa's Everything - Shortcut.lnk
[2013/01/06 19:20:45 | 000,001,465 | ---- | C] () -- C:\Users\Cool Lisa\Desktop\Lisa - Shortcut.lnk
[2013/01/06 19:12:08 | 000,001,444 | ---- | C] () -- C:\Users\Cool Lisa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/06 19:12:04 | 000,001,416 | ---- | C] () -- C:\Users\Cool Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/01/06 19:12:01 | 000,001,450 | ---- | C] () -- C:\Users\Cool Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/01/06 19:11:42 | 000,002,280 | ---- | C] () -- C:\Users\Cool Lisa\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/06 19:11:42 | 000,000,290 | ---- | C] () -- C:\Users\Cool Lisa\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/01/06 19:11:42 | 000,000,272 | ---- | C] () -- C:\Users\Cool Lisa\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/01/05 08:51:54 | 000,743,538 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/12/24 05:54:44 | 000,000,292 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{153EBBDB-0E99-472E-BCD6-271BD75A9048}.job
[2012/06/27 15:39:33 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/04/26 05:10:29 | 000,036,962 | ---- | C] () -- C:\Windows\SysWow64\ActPanel.dll
[2012/02/02 15:09:00 | 000,000,620 | ---- | C] () -- C:\Windows\wininit.ini
[2011/04/14 21:09:22 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2011/04/14 20:58:45 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2011/01/25 00:32:17 | 000,001,886 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011/01/25 00:32:17 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011/01/25 00:32:17 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011/01/25 00:32:16 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/01/25 00:32:16 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/06 19:12:08 | 000,000,000 | ---D | M] -- C:\Users\Cool Lisa\AppData\Roaming\OEM
[2013/01/07 13:31:10 | 000,000,000 | ---D | M] -- C:\Users\Cool Lisa\AppData\Roaming\Zeon

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 239 bytes -> C:\ProgramData\Temp:0574215C
@Alternate Data Stream - 179 bytes -> C:\ProgramData\Temp:D95ACC7D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:6DFF1A8A

< End of report >

Edited by bwing, 11 January 2013 - 12:59 AM.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi as it stands I can see no medfos infection, however I will confirm that next. What problems are you experiencing ?

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#4
bwing

bwing

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
09:43:11.0310 1256 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:43:11.0902 1256 ============================================================
09:43:11.0902 1256 Current date / time: 2013/01/11 09:43:11.0902
09:43:11.0902 1256 SystemInfo:
09:43:11.0902 1256
09:43:11.0902 1256 OS Version: 6.1.7601 ServicePack: 1.0
09:43:11.0902 1256 Product type: Workstation
09:43:11.0902 1256 ComputerName: WINGGATEWAY
09:43:11.0902 1256 UserName: Cool Lisa
09:43:11.0902 1256 Windows directory: C:\Windows
09:43:11.0902 1256 System windows directory: C:\Windows
09:43:11.0902 1256 Running under WOW64
09:43:11.0902 1256 Processor architecture: Intel x64
09:43:11.0902 1256 Number of processors: 8
09:43:11.0902 1256 Page size: 0x1000
09:43:11.0902 1256 Boot type: Normal boot
09:43:11.0902 1256 ============================================================
09:43:12.0370 1256 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:43:12.0448 1256 ============================================================
09:43:12.0448 1256 \Device\Harddisk0\DR0:
09:43:12.0448 1256 MBR partitions:
09:43:12.0448 1256 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
09:43:12.0448 1256 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x39383000
09:43:12.0464 1256 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B7B6000, BlocksNum 0x38F50000
09:43:12.0464 1256 ============================================================
09:43:12.0495 1256 C: <-> \Device\Harddisk0\DR0\Partition2
09:43:12.0511 1256 M: <-> \Device\Harddisk0\DR0\Partition1
09:43:12.0558 1256 O: <-> \Device\Harddisk0\DR0\Partition3
09:43:12.0558 1256 ============================================================
09:43:12.0558 1256 Initialize success
09:43:12.0558 1256 ============================================================
09:43:24.0585 4768 ============================================================
09:43:24.0585 4768 Scan started
09:43:24.0585 4768 Mode: Manual;
09:43:24.0585 4768 ============================================================
09:43:24.0991 4768 ================ Scan system memory ========================
09:43:24.0991 4768 System memory - ok
09:43:24.0991 4768 ================ Scan services =============================
09:43:25.0147 4768 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:43:25.0147 4768 1394ohci - ok
09:43:25.0178 4768 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:43:25.0178 4768 ACPI - ok
09:43:25.0209 4768 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:43:25.0209 4768 AcpiPmi - ok
09:43:25.0303 4768 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
09:43:25.0303 4768 AdobeActiveFileMonitor9.0 - ok
09:43:25.0459 4768 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:43:25.0459 4768 AdobeARMservice - ok
09:43:25.0568 4768 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:43:25.0568 4768 AdobeFlashPlayerUpdateSvc - ok
09:43:25.0615 4768 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:43:25.0615 4768 adp94xx - ok
09:43:25.0630 4768 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:43:25.0646 4768 adpahci - ok
09:43:25.0662 4768 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:43:25.0662 4768 adpu320 - ok
09:43:25.0677 4768 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:43:25.0677 4768 AeLookupSvc - ok
09:43:25.0724 4768 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:43:25.0724 4768 AFD - ok
09:43:25.0771 4768 [ 98022774D9930ECBB292E70DB7601DF6 ] AGERESoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
09:43:25.0786 4768 AGERESoftModem - ok
09:43:25.0818 4768 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:43:25.0818 4768 agp440 - ok
09:43:25.0833 4768 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:43:25.0833 4768 ALG - ok
09:43:25.0864 4768 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:43:25.0864 4768 aliide - ok
09:43:25.0880 4768 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:43:25.0880 4768 amdide - ok
09:43:25.0896 4768 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:43:25.0896 4768 AmdK8 - ok
09:43:25.0896 4768 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:43:25.0896 4768 AmdPPM - ok
09:43:25.0911 4768 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:43:25.0927 4768 amdsata - ok
09:43:25.0942 4768 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:43:25.0942 4768 amdsbs - ok
09:43:25.0958 4768 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:43:25.0958 4768 amdxata - ok
09:43:26.0005 4768 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:43:26.0005 4768 AppID - ok
09:43:26.0020 4768 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:43:26.0020 4768 AppIDSvc - ok
09:43:26.0036 4768 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:43:26.0052 4768 Appinfo - ok
09:43:26.0083 4768 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:43:26.0083 4768 Apple Mobile Device - ok
09:43:26.0098 4768 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:43:26.0114 4768 arc - ok
09:43:26.0114 4768 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:43:26.0114 4768 arcsas - ok
09:43:26.0145 4768 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:43:26.0145 4768 AsyncMac - ok
09:43:26.0176 4768 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:43:26.0176 4768 atapi - ok
09:43:26.0208 4768 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:43:26.0208 4768 AudioEndpointBuilder - ok
09:43:26.0223 4768 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:43:26.0223 4768 AudioSrv - ok
09:43:26.0254 4768 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:43:26.0254 4768 AxInstSV - ok
09:43:26.0286 4768 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:43:26.0301 4768 b06bdrv - ok
09:43:26.0317 4768 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:43:26.0317 4768 b57nd60a - ok
09:43:26.0410 4768 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
09:43:26.0410 4768 BBSvc - ok
09:43:26.0442 4768 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
09:43:26.0442 4768 BBUpdate - ok
09:43:26.0473 4768 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:43:26.0473 4768 BDESVC - ok
09:43:26.0473 4768 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:43:26.0473 4768 Beep - ok
09:43:26.0504 4768 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:43:26.0520 4768 BITS - ok
09:43:26.0535 4768 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:43:26.0535 4768 blbdrive - ok
09:43:26.0598 4768 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:43:26.0598 4768 Bonjour Service - ok
09:43:26.0644 4768 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:43:26.0644 4768 bowser - ok
09:43:26.0676 4768 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:43:26.0676 4768 BrFiltLo - ok
09:43:26.0676 4768 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:43:26.0676 4768 BrFiltUp - ok
09:43:26.0707 4768 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:43:26.0722 4768 Browser - ok
09:43:26.0722 4768 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:43:26.0738 4768 Brserid - ok
09:43:26.0754 4768 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:43:26.0754 4768 BrSerWdm - ok
09:43:26.0769 4768 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:43:26.0769 4768 BrUsbMdm - ok
09:43:26.0769 4768 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:43:26.0769 4768 BrUsbSer - ok
09:43:26.0785 4768 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:43:26.0785 4768 BTHMODEM - ok
09:43:26.0816 4768 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:43:26.0816 4768 bthserv - ok
09:43:26.0832 4768 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:43:26.0832 4768 cdfs - ok
09:43:26.0863 4768 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:43:26.0863 4768 cdrom - ok
09:43:26.0910 4768 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:43:26.0910 4768 CertPropSvc - ok
09:43:26.0941 4768 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:43:26.0941 4768 circlass - ok
09:43:26.0956 4768 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:43:26.0956 4768 CLFS - ok
09:43:27.0019 4768 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:43:27.0019 4768 clr_optimization_v2.0.50727_32 - ok
09:43:27.0050 4768 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:43:27.0050 4768 clr_optimization_v2.0.50727_64 - ok
09:43:27.0112 4768 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:43:27.0112 4768 clr_optimization_v4.0.30319_32 - ok
09:43:27.0144 4768 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:43:27.0144 4768 clr_optimization_v4.0.30319_64 - ok
09:43:27.0175 4768 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:43:27.0190 4768 CmBatt - ok
09:43:27.0222 4768 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:43:27.0222 4768 cmdide - ok
09:43:27.0315 4768 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:43:27.0315 4768 CNG - ok
09:43:27.0331 4768 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:43:27.0331 4768 Compbatt - ok
09:43:27.0378 4768 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:43:27.0378 4768 CompositeBus - ok
09:43:27.0378 4768 COMSysApp - ok
09:43:27.0378 4768 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:43:27.0378 4768 crcdisk - ok
09:43:27.0424 4768 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:43:27.0440 4768 Creative ALchemy AL6 Licensing Service - ok
09:43:27.0440 4768 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:43:27.0440 4768 Creative Audio Engine Licensing Service - ok
09:43:27.0471 4768 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:43:27.0471 4768 CryptSvc - ok
09:43:27.0502 4768 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:43:27.0518 4768 DcomLaunch - ok
09:43:27.0549 4768 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:43:27.0549 4768 defragsvc - ok
09:43:27.0580 4768 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:43:27.0580 4768 DfsC - ok
09:43:27.0612 4768 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:43:27.0627 4768 Dhcp - ok
09:43:27.0643 4768 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:43:27.0643 4768 discache - ok
09:43:27.0674 4768 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:43:27.0674 4768 Disk - ok
09:43:27.0705 4768 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:43:27.0705 4768 Dnscache - ok
09:43:27.0721 4768 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:43:27.0736 4768 dot3svc - ok
09:43:27.0752 4768 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:43:27.0752 4768 DPS - ok
09:43:27.0768 4768 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:43:27.0768 4768 drmkaud - ok
09:43:27.0799 4768 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:43:27.0814 4768 DXGKrnl - ok
09:43:27.0846 4768 [ 5DB7CEB8FB44ABF01614E33BAD2056E0 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
09:43:27.0861 4768 e1cexpress - ok
09:43:27.0877 4768 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:43:27.0877 4768 EapHost - ok
09:43:27.0955 4768 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:43:27.0986 4768 ebdrv - ok
09:43:28.0002 4768 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:43:28.0002 4768 EFS - ok
09:43:28.0064 4768 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:43:28.0064 4768 ehRecvr - ok
09:43:28.0080 4768 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:43:28.0095 4768 ehSched - ok
09:43:28.0111 4768 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:43:28.0126 4768 elxstor - ok
09:43:28.0126 4768 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:43:28.0142 4768 ErrDev - ok
09:43:28.0173 4768 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:43:28.0173 4768 EventSystem - ok
09:43:28.0189 4768 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:43:28.0189 4768 exfat - ok
09:43:28.0220 4768 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:43:28.0220 4768 fastfat - ok
09:43:28.0251 4768 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:43:28.0267 4768 Fax - ok
09:43:28.0267 4768 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:43:28.0267 4768 fdc - ok
09:43:28.0298 4768 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:43:28.0298 4768 fdPHost - ok
09:43:28.0314 4768 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:43:28.0314 4768 FDResPub - ok
09:43:28.0314 4768 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:43:28.0329 4768 FileInfo - ok
09:43:28.0329 4768 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:43:28.0329 4768 Filetrace - ok
09:43:28.0345 4768 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:43:28.0345 4768 flpydisk - ok
09:43:28.0360 4768 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:43:28.0360 4768 FltMgr - ok
09:43:28.0407 4768 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:43:28.0423 4768 FontCache - ok
09:43:28.0454 4768 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:43:28.0454 4768 FontCache3.0.0.0 - ok
09:43:28.0485 4768 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:43:28.0485 4768 FsDepends - ok
09:43:28.0516 4768 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:43:28.0516 4768 Fs_Rec - ok
09:43:28.0548 4768 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:43:28.0548 4768 fvevol - ok
09:43:28.0563 4768 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:43:28.0563 4768 gagp30kx - ok
09:43:28.0610 4768 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
09:43:28.0626 4768 GameConsoleService - ok
09:43:28.0641 4768 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:43:28.0641 4768 GEARAspiWDM - ok
09:43:28.0672 4768 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:43:28.0688 4768 gpsvc - ok
09:43:28.0719 4768 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
09:43:28.0719 4768 GREGService - ok
09:43:28.0782 4768 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:43:28.0797 4768 gupdate - ok
09:43:28.0813 4768 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:43:28.0813 4768 gupdatem - ok
09:43:28.0829 4768 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:43:28.0844 4768 hcw85cir - ok
09:43:28.0875 4768 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:43:28.0875 4768 HdAudAddService - ok
09:43:28.0907 4768 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:43:28.0907 4768 HDAudBus - ok
09:43:28.0922 4768 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:43:28.0938 4768 HidBatt - ok
09:43:28.0938 4768 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:43:28.0938 4768 HidBth - ok
09:43:28.0953 4768 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:43:28.0953 4768 HidIr - ok
09:43:28.0969 4768 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:43:28.0985 4768 hidserv - ok
09:43:29.0000 4768 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:43:29.0000 4768 HidUsb - ok
09:43:29.0016 4768 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:43:29.0016 4768 hkmsvc - ok
09:43:29.0047 4768 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:43:29.0047 4768 HomeGroupListener - ok
09:43:29.0078 4768 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:43:29.0078 4768 HomeGroupProvider - ok
09:43:29.0094 4768 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:43:29.0109 4768 HpSAMD - ok
09:43:29.0141 4768 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:43:29.0156 4768 HTTP - ok
09:43:29.0172 4768 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:43:29.0172 4768 hwpolicy - ok
09:43:29.0234 4768 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:43:29.0234 4768 i8042prt - ok
09:43:29.0265 4768 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:43:29.0265 4768 iaStor - ok
09:43:29.0312 4768 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:43:29.0312 4768 IAStorDataMgrSvc - ok
09:43:29.0343 4768 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:43:29.0359 4768 iaStorV - ok
09:43:29.0375 4768 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:43:29.0390 4768 idsvc - ok
09:43:29.0406 4768 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:43:29.0421 4768 iirsp - ok
09:43:29.0468 4768 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:43:29.0468 4768 IKEEXT - ok
09:43:29.0546 4768 [ 8BC7EB3BF3FA1C434AA830A50456DD02 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:43:29.0562 4768 IntcAzAudAddService - ok
09:43:29.0562 4768 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:43:29.0562 4768 intelide - ok
09:43:29.0593 4768 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:43:29.0593 4768 intelppm - ok
09:43:29.0624 4768 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:43:29.0624 4768 IPBusEnum - ok
09:43:29.0640 4768 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:43:29.0640 4768 IpFilterDriver - ok
09:43:29.0671 4768 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:43:29.0671 4768 IPMIDRV - ok
09:43:29.0702 4768 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:43:29.0718 4768 IPNAT - ok
09:43:29.0749 4768 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:43:29.0765 4768 iPod Service - ok
09:43:29.0796 4768 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:43:29.0796 4768 IRENUM - ok
09:43:29.0811 4768 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:43:29.0811 4768 isapnp - ok
09:43:29.0811 4768 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:43:29.0827 4768 iScsiPrt - ok
09:43:29.0827 4768 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:43:29.0827 4768 kbdclass - ok
09:43:29.0858 4768 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:43:29.0858 4768 kbdhid - ok
09:43:29.0874 4768 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:43:29.0874 4768 KeyIso - ok
09:43:29.0905 4768 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:43:29.0905 4768 KSecDD - ok
09:43:29.0936 4768 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:43:29.0936 4768 KSecPkg - ok
09:43:29.0967 4768 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:43:29.0967 4768 ksthunk - ok
09:43:29.0999 4768 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:43:30.0014 4768 KtmRm - ok
09:43:30.0030 4768 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:43:30.0045 4768 LanmanServer - ok
09:43:30.0061 4768 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:43:30.0061 4768 LanmanWorkstation - ok
09:43:30.0217 4768 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
09:43:30.0264 4768 LeapFrog Connect Device Service - ok
09:43:30.0311 4768 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:43:30.0311 4768 lltdio - ok
09:43:30.0342 4768 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:43:30.0342 4768 lltdsvc - ok
09:43:30.0373 4768 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:43:30.0373 4768 lmhosts - ok
09:43:30.0420 4768 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:43:30.0420 4768 LMS - ok
09:43:30.0451 4768 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:43:30.0451 4768 LSI_FC - ok
09:43:30.0451 4768 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:43:30.0467 4768 LSI_SAS - ok
09:43:30.0467 4768 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:43:30.0467 4768 LSI_SAS2 - ok
09:43:30.0467 4768 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:43:30.0467 4768 LSI_SCSI - ok
09:43:30.0482 4768 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:43:30.0482 4768 luafv - ok
09:43:30.0513 4768 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:43:30.0513 4768 MBAMProtector - ok
09:43:30.0560 4768 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:43:30.0560 4768 MBAMScheduler - ok
09:43:30.0591 4768 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:43:30.0591 4768 MBAMService - ok
09:43:30.0623 4768 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
09:43:30.0623 4768 MBfilt - ok
09:43:30.0685 4768 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
09:43:30.0701 4768 McComponentHostService - ok
09:43:30.0716 4768 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:43:30.0716 4768 Mcx2Svc - ok
09:43:30.0732 4768 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:43:30.0732 4768 megasas - ok
09:43:30.0763 4768 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:43:30.0779 4768 MegaSR - ok
09:43:30.0810 4768 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:43:30.0810 4768 MEIx64 - ok
09:43:30.0841 4768 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:43:30.0841 4768 MMCSS - ok
09:43:30.0857 4768 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:43:30.0857 4768 Modem - ok
09:43:30.0872 4768 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:43:30.0872 4768 monitor - ok
09:43:30.0903 4768 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
09:43:30.0903 4768 mouclass - ok
09:43:30.0935 4768 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:43:30.0935 4768 mouhid - ok
09:43:30.0950 4768 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:43:30.0950 4768 mountmgr - ok
09:43:31.0044 4768 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:43:31.0044 4768 MozillaMaintenance - ok
09:43:31.0091 4768 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:43:31.0091 4768 MpFilter - ok
09:43:31.0122 4768 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:43:31.0122 4768 mpio - ok
09:43:31.0153 4768 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:43:31.0153 4768 mpsdrv - ok
09:43:31.0184 4768 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:43:31.0184 4768 MRxDAV - ok
09:43:31.0215 4768 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:43:31.0215 4768 mrxsmb - ok
09:43:31.0247 4768 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:43:31.0247 4768 mrxsmb10 - ok
09:43:31.0262 4768 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:43:31.0262 4768 mrxsmb20 - ok
09:43:31.0278 4768 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:43:31.0278 4768 msahci - ok
09:43:31.0293 4768 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:43:31.0293 4768 msdsm - ok
09:43:31.0309 4768 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:43:31.0309 4768 MSDTC - ok
09:43:31.0325 4768 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:43:31.0325 4768 Msfs - ok
09:43:31.0356 4768 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:43:31.0356 4768 mshidkmdf - ok
09:43:31.0356 4768 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:43:31.0356 4768 msisadrv - ok
09:43:31.0387 4768 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:43:31.0387 4768 MSiSCSI - ok
09:43:31.0387 4768 msiserver - ok
09:43:31.0403 4768 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:43:31.0418 4768 MSKSSRV - ok
09:43:31.0449 4768 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:43:31.0449 4768 MsMpSvc - ok
09:43:31.0481 4768 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:43:31.0481 4768 MSPCLOCK - ok
09:43:31.0481 4768 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:43:31.0481 4768 MSPQM - ok
09:43:31.0512 4768 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:43:31.0527 4768 MsRPC - ok
09:43:31.0543 4768 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:43:31.0543 4768 mssmbios - ok
09:43:31.0543 4768 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:43:31.0543 4768 MSTEE - ok
09:43:31.0559 4768 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:43:31.0559 4768 MTConfig - ok
09:43:31.0574 4768 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:43:31.0574 4768 Mup - ok
09:43:31.0605 4768 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:43:31.0605 4768 napagent - ok
09:43:31.0637 4768 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:43:31.0637 4768 NativeWifiP - ok
09:43:31.0683 4768 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:43:31.0699 4768 NDIS - ok
09:43:31.0715 4768 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:43:31.0715 4768 NdisCap - ok
09:43:31.0730 4768 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:43:31.0730 4768 NdisTapi - ok
09:43:31.0761 4768 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:43:31.0761 4768 Ndisuio - ok
09:43:31.0777 4768 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:43:31.0777 4768 NdisWan - ok
09:43:31.0808 4768 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:43:31.0808 4768 NDProxy - ok
09:43:31.0871 4768 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
09:43:31.0886 4768 Nero BackItUp Scheduler 4.0 - ok
09:43:31.0902 4768 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:43:31.0902 4768 NetBIOS - ok
09:43:31.0933 4768 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:43:31.0933 4768 NetBT - ok
09:43:31.0949 4768 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:43:31.0964 4768 Netlogon - ok
09:43:31.0995 4768 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:43:31.0995 4768 Netman - ok
09:43:32.0011 4768 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:43:32.0027 4768 netprofm - ok
09:43:32.0073 4768 [ AF5F224A600F50B7D2B77F4AE59C1ABE ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
09:43:32.0089 4768 netr28x - ok
09:43:32.0120 4768 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:43:32.0120 4768 NetTcpPortSharing - ok
09:43:32.0151 4768 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:43:32.0151 4768 nfrd960 - ok
09:43:32.0229 4768 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:43:32.0229 4768 NisDrv - ok
09:43:32.0261 4768 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
09:43:32.0261 4768 NisSrv - ok
09:43:32.0307 4768 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:43:32.0307 4768 NlaSvc - ok
09:43:32.0323 4768 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:43:32.0323 4768 Npfs - ok
09:43:32.0339 4768 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:43:32.0339 4768 nsi - ok
09:43:32.0354 4768 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:43:32.0354 4768 nsiproxy - ok
09:43:32.0401 4768 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:43:32.0417 4768 Ntfs - ok
09:43:32.0463 4768 [ 070EC05D5B1447E9BBF4167980AD7518 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
09:43:32.0463 4768 NTI IScheduleSvc - ok
09:43:32.0479 4768 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
09:43:32.0479 4768 NTIDrvr - ok
09:43:32.0495 4768 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:43:32.0495 4768 Null - ok
09:43:32.0541 4768 [ E20ABD5B229760158F753CA90B97E090 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:43:32.0541 4768 NVHDA - ok
09:43:32.0729 4768 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:43:32.0760 4768 nvlddmkm - ok
09:43:32.0791 4768 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:43:32.0791 4768 nvraid - ok
09:43:32.0822 4768 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:43:32.0822 4768 nvstor - ok
09:43:32.0853 4768 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
09:43:32.0869 4768 nvsvc - ok
09:43:32.0931 4768 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:43:32.0947 4768 nvUpdatusService - ok
09:43:32.0978 4768 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:43:32.0978 4768 nv_agp - ok
09:43:32.0994 4768 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:43:32.0994 4768 ohci1394 - ok
09:43:33.0056 4768 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:43:33.0056 4768 ose - ok
09:43:33.0181 4768 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:43:33.0228 4768 osppsvc - ok
09:43:33.0259 4768 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:43:33.0259 4768 p2pimsvc - ok
09:43:33.0290 4768 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:43:33.0290 4768 p2psvc - ok
09:43:33.0337 4768 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:43:33.0337 4768 Parport - ok
09:43:33.0353 4768 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:43:33.0353 4768 partmgr - ok
09:43:33.0368 4768 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:43:33.0384 4768 PcaSvc - ok
09:43:33.0415 4768 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:43:33.0415 4768 pci - ok
09:43:33.0446 4768 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:43:33.0446 4768 pciide - ok
09:43:33.0462 4768 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:43:33.0462 4768 pcmcia - ok
09:43:33.0477 4768 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:43:33.0477 4768 pcw - ok
09:43:33.0540 4768 [ 3F87885CB3767BFD27811B3CA3CC608D ] PDFProFiltSrv C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe
09:43:33.0555 4768 PDFProFiltSrv - ok
09:43:33.0571 4768 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:43:33.0571 4768 PEAUTH - ok
09:43:33.0649 4768 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:43:33.0649 4768 PerfHost - ok
09:43:33.0711 4768 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:43:33.0727 4768 pla - ok
09:43:33.0774 4768 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:43:33.0774 4768 PlugPlay - ok
09:43:33.0805 4768 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:43:33.0805 4768 PNRPAutoReg - ok
09:43:33.0821 4768 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:43:33.0836 4768 PNRPsvc - ok
09:43:33.0852 4768 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:43:33.0867 4768 PolicyAgent - ok
09:43:33.0899 4768 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:43:33.0899 4768 Power - ok
09:43:33.0930 4768 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:43:33.0930 4768 PptpMiniport - ok
09:43:33.0961 4768 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:43:33.0977 4768 Processor - ok
09:43:34.0008 4768 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:43:34.0008 4768 ProfSvc - ok
09:43:34.0023 4768 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:43:34.0023 4768 ProtectedStorage - ok
09:43:34.0055 4768 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:43:34.0055 4768 Psched - ok
09:43:34.0101 4768 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:43:34.0101 4768 PxHlpa64 - ok
09:43:34.0164 4768 [ 2631FC0676CC310B2E85FDE46B1560D9 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
09:43:34.0164 4768 QBCFMonitorService - ok
09:43:34.0211 4768 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
09:43:34.0211 4768 QBFCService - ok
09:43:34.0242 4768 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:43:34.0257 4768 ql2300 - ok
09:43:34.0257 4768 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:43:34.0273 4768 ql40xx - ok
09:43:34.0289 4768 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:43:34.0289 4768 QWAVE - ok
09:43:34.0304 4768 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:43:34.0304 4768 QWAVEdrv - ok
09:43:34.0320 4768 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:43:34.0320 4768 RasAcd - ok
09:43:34.0335 4768 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:43:34.0351 4768 RasAgileVpn - ok
09:43:34.0351 4768 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:43:34.0351 4768 RasAuto - ok
09:43:34.0382 4768 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:43:34.0382 4768 Rasl2tp - ok
09:43:34.0398 4768 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:43:34.0413 4768 RasMan - ok
09:43:34.0429 4768 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:43:34.0429 4768 RasPppoe - ok
09:43:34.0445 4768 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:43:34.0445 4768 RasSstp - ok
09:43:34.0460 4768 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:43:34.0460 4768 rdbss - ok
09:43:34.0476 4768 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:43:34.0476 4768 rdpbus - ok
09:43:34.0491 4768 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:43:34.0491 4768 RDPCDD - ok
09:43:34.0507 4768 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:43:34.0507 4768 RDPENCDD - ok
09:43:34.0523 4768 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:43:34.0523 4768 RDPREFMP - ok
09:43:34.0538 4768 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:43:34.0554 4768 RDPWD - ok
09:43:34.0585 4768 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:43:34.0585 4768 rdyboost - ok
09:43:34.0616 4768 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:43:34.0632 4768 RemoteAccess - ok
09:43:34.0647 4768 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:43:34.0647 4768 RemoteRegistry - ok
09:43:34.0663 4768 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:43:34.0663 4768 RpcEptMapper - ok
09:43:34.0679 4768 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:43:34.0679 4768 RpcLocator - ok
09:43:34.0710 4768 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:43:34.0725 4768 RpcSs - ok
09:43:34.0741 4768 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:43:34.0741 4768 rspndr - ok
09:43:34.0757 4768 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:43:34.0757 4768 SamSs - ok
09:43:34.0788 4768 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:43:34.0788 4768 sbp2port - ok
09:43:34.0803 4768 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:43:34.0803 4768 SCardSvr - ok
09:43:34.0835 4768 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:43:34.0835 4768 scfilter - ok
09:43:34.0866 4768 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:43:34.0881 4768 Schedule - ok
09:43:34.0913 4768 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:43:34.0913 4768 SCPolicySvc - ok
09:43:34.0928 4768 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:43:34.0944 4768 SDRSVC - ok
09:43:34.0959 4768 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:43:34.0959 4768 secdrv - ok
09:43:34.0959 4768 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:43:34.0975 4768 seclogon - ok
09:43:34.0991 4768 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:43:34.0991 4768 SENS - ok
09:43:35.0006 4768 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:43:35.0006 4768 SensrSvc - ok
09:43:35.0037 4768 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:43:35.0037 4768 Serenum - ok
09:43:35.0053 4768 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:43:35.0053 4768 Serial - ok
09:43:35.0069 4768 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:43:35.0069 4768 sermouse - ok
09:43:35.0100 4768 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:43:35.0115 4768 SessionEnv - ok
09:43:35.0115 4768 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:43:35.0115 4768 sffdisk - ok
09:43:35.0131 4768 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:43:35.0131 4768 sffp_mmc - ok
09:43:35.0131 4768 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:43:35.0131 4768 sffp_sd - ok
09:43:35.0147 4768 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:43:35.0147 4768 sfloppy - ok
09:43:35.0162 4768 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:43:35.0178 4768 ShellHWDetection - ok
09:43:35.0209 4768 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:43:35.0209 4768 SiSRaid2 - ok
09:43:35.0225 4768 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:43:35.0225 4768 SiSRaid4 - ok
09:43:35.0303 4768 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:43:35.0303 4768 SkypeUpdate - ok
09:43:35.0334 4768 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:43:35.0334 4768 Smb - ok
09:43:35.0349 4768 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:43:35.0365 4768 SNMPTRAP - ok
09:43:35.0443 4768 [ 98435A6DDFCE219BB6400F96F22BDF04 ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
09:43:35.0459 4768 SplashtopRemoteService - ok
09:43:35.0474 4768 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:43:35.0474 4768 spldr - ok
09:43:35.0505 4768 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:43:35.0521 4768 Spooler - ok
09:43:35.0599 4768 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:43:35.0646 4768 sppsvc - ok
09:43:35.0646 4768 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:43:35.0661 4768 sppuinotify - ok
09:43:35.0693 4768 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:43:35.0693 4768 srv - ok
09:43:35.0708 4768 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:43:35.0708 4768 srv2 - ok
09:43:35.0739 4768 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:43:35.0739 4768 srvnet - ok
09:43:35.0771 4768 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:43:35.0771 4768 SSDPSRV - ok
09:43:35.0786 4768 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:43:35.0786 4768 SstpSvc - ok
09:43:35.0833 4768 [ DF1E19954C59876C5610D385DA313AC4 ] SSUService C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
09:43:35.0833 4768 SSUService - ok
09:43:35.0880 4768 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:43:35.0880 4768 Stereo Service - ok
09:43:35.0895 4768 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:43:35.0895 4768 stexstor - ok
09:43:35.0927 4768 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
09:43:35.0927 4768 StillCam - ok
09:43:35.0958 4768 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:43:35.0973 4768 stisvc - ok
09:43:35.0989 4768 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:43:35.0989 4768 swenum - ok
09:43:36.0020 4768 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:43:36.0036 4768 swprv - ok
09:43:36.0083 4768 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:43:36.0114 4768 SysMain - ok
09:43:36.0129 4768 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:43:36.0129 4768 TabletInputService - ok
09:43:36.0145 4768 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:43:36.0161 4768 TapiSrv - ok
09:43:36.0176 4768 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:43:36.0176 4768 TBS - ok
09:43:36.0239 4768 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:43:36.0254 4768 Tcpip - ok
09:43:36.0285 4768 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:43:36.0285 4768 TCPIP6 - ok
09:43:36.0317 4768 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:43:36.0317 4768 tcpipreg - ok
09:43:36.0348 4768 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:43:36.0348 4768 TDPIPE - ok
09:43:36.0379 4768 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:43:36.0379 4768 TDTCP - ok
09:43:36.0410 4768 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:43:36.0410 4768 tdx - ok
09:43:36.0441 4768 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:43:36.0441 4768 TermDD - ok
09:43:36.0457 4768 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:43:36.0473 4768 TermService - ok
09:43:36.0488 4768 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:43:36.0504 4768 Themes - ok
09:43:36.0519 4768 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:43:36.0519 4768 THREADORDER - ok
09:43:36.0535 4768 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:43:36.0535 4768 TrkWks - ok
09:43:36.0582 4768 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:43:36.0582 4768 TrustedInstaller - ok
09:43:36.0613 4768 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:43:36.0613 4768 tssecsrv - ok
09:43:36.0629 4768 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:43:36.0644 4768 TsUsbFlt - ok
09:43:36.0675 4768 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:43:36.0675 4768 tunnel - ok
09:43:36.0691 4768 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:43:36.0707 4768 uagp35 - ok
09:43:36.0707 4768 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:43:36.0707 4768 UBHelper - ok
09:43:36.0738 4768 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:43:36.0738 4768 udfs - ok
09:43:36.0753 4768 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:43:36.0769 4768 UI0Detect - ok
09:43:36.0785 4768 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:43:36.0785 4768 uliagpkx - ok
09:43:36.0816 4768 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:43:36.0831 4768 umbus - ok
09:43:36.0863 4768 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:43:36.0863 4768 UmPass - ok
09:43:36.0956 4768 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:43:36.0972 4768 UNS - ok
09:43:37.0019 4768 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
09:43:37.0019 4768 Updater Service - ok
09:43:37.0050 4768 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:43:37.0050 4768 upnphost - ok
09:43:37.0081 4768 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:43:37.0081 4768 USBAAPL64 - ok
09:43:37.0128 4768 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:43:37.0128 4768 usbaudio - ok
09:43:37.0159 4768 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:43:37.0175 4768 usbccgp - ok
09:43:37.0206 4768 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:43:37.0206 4768 usbcir - ok
09:43:37.0268 4768 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:43:37.0268 4768 usbehci - ok
09:43:37.0299 4768 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:43:37.0299 4768 usbhub - ok
09:43:37.0315 4768 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:43:37.0315 4768 usbohci - ok
09:43:37.0346 4768 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:43:37.0346 4768 usbprint - ok
09:43:37.0377 4768 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:43:37.0377 4768 usbscan - ok
09:43:37.0393 4768 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
09:43:37.0393 4768 USBSTOR - ok
09:43:37.0409 4768 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:43:37.0409 4768 usbuhci - ok
09:43:37.0424 4768 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:43:37.0440 4768 UxSms - ok
09:43:37.0440 4768 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:43:37.0455 4768 VaultSvc - ok
09:43:37.0455 4768 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:43:37.0455 4768 vdrvroot - ok
09:43:37.0487 4768 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:43:37.0502 4768 vds - ok
09:43:37.0518 4768 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:43:37.0518 4768 vga - ok
09:43:37.0533 4768 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:43:37.0533 4768 VgaSave - ok
09:43:37.0565 4768 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:43:37.0565 4768 vhdmp - ok
09:43:37.0596 4768 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:43:37.0596 4768 viaide - ok
09:43:37.0611 4768 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:43:37.0611 4768 volmgr - ok
09:43:37.0643 4768 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:43:37.0643 4768 volmgrx - ok
09:43:37.0658 4768 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:43:37.0674 4768 volsnap - ok
09:43:37.0705 4768 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:43:37.0705 4768 vsmraid - ok
09:43:37.0752 4768 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:43:37.0767 4768 VSS - ok
09:43:37.0783 4768 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:43:37.0783 4768 vwifibus - ok
09:43:37.0814 4768 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:43:37.0814 4768 vwififlt - ok
09:43:37.0830 4768 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:43:37.0830 4768 vwifimp - ok
09:43:37.0908 4768 [ E13B31E0ADA64CF1513D993F436CA39D ] VX3000 C:\Windows\system32\DRIVERS\VX3000.sys
09:43:37.0923 4768 VX3000 - ok
09:43:37.0955 4768 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:43:37.0955 4768 W32Time - ok
09:43:37.0970 4768 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:43:37.0970 4768 WacomPen - ok
09:43:38.0017 4768 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:43:38.0017 4768 WANARP - ok
09:43:38.0033 4768 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:43:38.0033 4768 Wanarpv6 - ok
09:43:38.0079 4768 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:43:38.0095 4768 WatAdminSvc - ok
09:43:38.0142 4768 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:43:38.0157 4768 wbengine - ok
09:43:38.0173 4768 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:43:38.0173 4768 WbioSrvc - ok
09:43:38.0204 4768 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:43:38.0204 4768 wcncsvc - ok
09:43:38.0220 4768 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:43:38.0235 4768 WcsPlugInService - ok
09:43:38.0251 4768 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:43:38.0251 4768 Wd - ok
09:43:38.0282 4768 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:43:38.0298 4768 Wdf01000 - ok
09:43:38.0298 4768 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:43:38.0298 4768 WdiServiceHost - ok
09:43:38.0313 4768 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:43:38.0313 4768 WdiSystemHost - ok
09:43:38.0329 4768 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:43:38.0345 4768 WebClient - ok
09:43:38.0345 4768 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:43:38.0360 4768 Wecsvc - ok
09:43:38.0360 4768 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:43:38.0360 4768 wercplsupport - ok
09:43:38.0391 4768 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:43:38.0391 4768 WerSvc - ok
09:43:38.0407 4768 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:43:38.0407 4768 WfpLwf - ok
09:43:38.0423 4768 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:43:38.0423 4768 WIMMount - ok
09:43:38.0423 4768 WinHttpAutoProxySvc - ok
09:43:38.0469 4768 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:43:38.0469 4768 Winmgmt - ok
09:43:38.0532 4768 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:43:38.0547 4768 WinRM - ok
09:43:38.0610 4768 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:43:38.0610 4768 WinUsb - ok
09:43:38.0641 4768 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:43:38.0657 4768 Wlansvc - ok
09:43:38.0672 4768 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:43:38.0688 4768 wlcrasvc - ok
09:43:38.0750 4768 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:43:38.0781 4768 wlidsvc - ok
09:43:38.0797 4768 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:43:38.0797 4768 WmiAcpi - ok
09:43:38.0828 4768 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:43:38.0828 4768 wmiApSrv - ok
09:43:38.0828 4768 WMPNetworkSvc - ok
09:43:38.0859 4768 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:43:38.0859 4768 WPCSvc - ok
09:43:38.0891 4768 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:43:38.0891 4768 WPDBusEnum - ok
09:43:38.0906 4768 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:43:38.0922 4768 ws2ifsl - ok
09:43:38.0937 4768 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:43:38.0937 4768 WSDPrintDevice - ok
09:43:38.0953 4768 WSearch - ok
09:43:39.0015 4768 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:43:39.0047 4768 wuauserv - ok
09:43:39.0078 4768 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:43:39.0078 4768 WudfPf - ok
09:43:39.0093 4768 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:43:39.0109 4768 WUDFRd - ok
09:43:39.0125 4768 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:43:39.0125 4768 wudfsvc - ok
09:43:39.0140 4768 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:43:39.0140 4768 WwanSvc - ok
09:43:39.0171 4768 ================ Scan global ===============================
09:43:39.0218 4768 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:43:39.0265 4768 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:43:39.0265 4768 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:43:39.0312 4768 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:43:39.0343 4768 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:43:39.0359 4768 [Global] - ok
09:43:39.0359 4768 ================ Scan MBR ==================================
09:43:39.0374 4768 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:43:39.0624 4768 \Device\Harddisk0\DR0 - ok
09:43:39.0624 4768 ================ Scan VBR ==================================
09:43:39.0624 4768 [ 3352F7F6CD35C9478CC0574AEC72C33D ] \Device\Harddisk0\DR0\Partition1
09:43:39.0624 4768 \Device\Harddisk0\DR0\Partition1 - ok
09:43:39.0639 4768 [ 9399D58DA116849BA06F93275A22C6BB ] \Device\Harddisk0\DR0\Partition2
09:43:39.0655 4768 \Device\Harddisk0\DR0\Partition2 - ok
09:43:39.0686 4768 [ 20C0DE91B778C6BF9182D88FE8DB01D2 ] \Device\Harddisk0\DR0\Partition3
09:43:39.0702 4768 \Device\Harddisk0\DR0\Partition3 - ok
09:43:39.0702 4768 ============================================================
09:43:39.0702 4768 Scan finished
09:43:39.0702 4768 ============================================================
09:43:39.0717 3020 Detected object count: 0
09:43:39.0717 3020 Actual detected object count: 0
09:44:00.0153 3836 ============================================================
09:44:00.0153 3836 Scan started
09:44:00.0153 3836 Mode: Manual; SigCheck; TDLFS;
09:44:00.0153 3836 ============================================================
09:44:01.0214 3836 ================ Scan system memory ========================
09:44:01.0214 3836 System memory - ok
09:44:01.0214 3836 ================ Scan services =============================
09:44:01.0417 3836 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:44:01.0511 3836 1394ohci - ok
09:44:01.0542 3836 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:44:01.0573 3836 ACPI - ok
09:44:01.0589 3836 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:44:01.0620 3836 AcpiPmi - ok
09:44:01.0729 3836 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
09:44:01.0745 3836 AdobeActiveFileMonitor9.0 - ok
09:44:01.0823 3836 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:44:01.0838 3836 AdobeARMservice - ok
09:44:01.0947 3836 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:44:01.0947 3836 AdobeFlashPlayerUpdateSvc - ok
09:44:01.0994 3836 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:44:02.0010 3836 adp94xx - ok
09:44:02.0041 3836 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:44:02.0041 3836 adpahci - ok
09:44:02.0088 3836 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:44:02.0103 3836 adpu320 - ok
09:44:02.0119 3836 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:44:02.0150 3836 AeLookupSvc - ok
09:44:02.0181 3836 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:44:02.0197 3836 AFD - ok
09:44:02.0228 3836 [ 98022774D9930ECBB292E70DB7601DF6 ] AGERESoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
09:44:02.0259 3836 AGERESoftModem - ok
09:44:02.0291 3836 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:44:02.0291 3836 agp440 - ok
09:44:02.0306 3836 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:44:02.0337 3836 ALG - ok
09:44:02.0369 3836 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:44:02.0369 3836 aliide - ok
09:44:02.0369 3836 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:44:02.0384 3836 amdide - ok
09:44:02.0400 3836 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:44:02.0415 3836 AmdK8 - ok
09:44:02.0415 3836 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:44:02.0447 3836 AmdPPM - ok
09:44:02.0462 3836 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:44:02.0478 3836 amdsata - ok
09:44:02.0509 3836 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:44:02.0509 3836 amdsbs - ok
09:44:02.0525 3836 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:44:02.0525 3836 amdxata - ok
09:44:02.0556 3836 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:44:02.0587 3836 AppID - ok
09:44:02.0603 3836 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:44:02.0649 3836 AppIDSvc - ok
09:44:02.0665 3836 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:44:02.0681 3836 Appinfo - ok
09:44:02.0727 3836 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:44:02.0727 3836 Apple Mobile Device - ok
09:44:02.0743 3836 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:44:02.0759 3836 arc - ok
09:44:02.0759 3836 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:44:02.0759 3836 arcsas - ok
09:44:02.0774 3836 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:44:02.0805 3836 AsyncMac - ok
09:44:02.0821 3836 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:44:02.0837 3836 atapi - ok
09:44:02.0852 3836 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:44:02.0915 3836 AudioEndpointBuilder - ok
09:44:02.0915 3836 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:44:02.0946 3836 AudioSrv - ok
09:44:02.0961 3836 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:44:02.0977 3836 AxInstSV - ok
09:44:02.0993 3836 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:44:03.0024 3836 b06bdrv - ok
09:44:03.0055 3836 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:44:03.0071 3836 b57nd60a - ok
09:44:03.0211 3836 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
09:44:03.0227 3836 BBSvc - ok
09:44:03.0320 3836 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
09:44:03.0320 3836 BBUpdate - ok
09:44:03.0492 3836 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:44:03.0523 3836 BDESVC - ok
09:44:03.0570 3836 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:44:03.0601 3836 Beep - ok
09:44:03.0632 3836 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:44:03.0695 3836 BITS - ok
09:44:03.0710 3836 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:44:03.0757 3836 blbdrive - ok
09:44:03.0788 3836 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:44:03.0804 3836 Bonjour Service - ok
09:44:03.0819 3836 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:44:03.0851 3836 bowser - ok
09:44:03.0866 3836 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:44:03.0913 3836 BrFiltLo - ok
09:44:03.0929 3836 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:44:03.0944 3836 BrFiltUp - ok
09:44:03.0960 3836 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:44:03.0975 3836 Browser - ok
09:44:03.0991 3836 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:44:04.0007 3836 Brserid - ok
09:44:04.0022 3836 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:44:04.0022 3836 BrSerWdm - ok
09:44:04.0038 3836 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:44:04.0069 3836 BrUsbMdm - ok
09:44:04.0085 3836 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:44:04.0100 3836 BrUsbSer - ok
09:44:04.0100 3836 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:44:04.0131 3836 BTHMODEM - ok
09:44:04.0147 3836 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:44:04.0209 3836 bthserv - ok
09:44:04.0225 3836 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:44:04.0256 3836 cdfs - ok
09:44:04.0287 3836 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:44:04.0303 3836 cdrom - ok
09:44:04.0350 3836 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:44:04.0412 3836 CertPropSvc - ok
09:44:04.0428 3836 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:44:04.0428 3836 circlass - ok
09:44:04.0443 3836 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:44:04.0459 3836 CLFS - ok
09:44:04.0506 3836 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:04.0506 3836 clr_optimization_v2.0.50727_32 - ok
09:44:04.0568 3836 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:44:04.0584 3836 clr_optimization_v2.0.50727_64 - ok
09:44:04.0631 3836 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:44:04.0631 3836 clr_optimization_v4.0.30319_32 - ok
09:44:04.0662 3836 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:44:04.0677 3836 clr_optimization_v4.0.30319_64 - ok
09:44:04.0693 3836 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:44:04.0724 3836 CmBatt - ok
09:44:04.0740 3836 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:44:04.0755 3836 cmdide - ok
09:44:04.0771 3836 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:44:04.0787 3836 CNG - ok
09:44:04.0802 3836 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:44:04.0802 3836 Compbatt - ok
09:44:04.0833 3836 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:44:04.0849 3836 CompositeBus - ok
09:44:04.0849 3836 COMSysApp - ok
09:44:04.0865 3836 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:44:04.0865 3836 crcdisk - ok
09:44:04.0896 3836 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:44:04.0896 3836 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
09:44:04.0896 3836 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
09:44:04.0911 3836 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:44:04.0927 3836 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
09:44:04.0927 3836 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
09:44:04.0958 3836 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:44:04.0974 3836 CryptSvc - ok
09:44:05.0005 3836 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:44:05.0052 3836 DcomLaunch - ok
09:44:05.0083 3836 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:44:05.0114 3836 defragsvc - ok
09:44:05.0130 3836 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:44:05.0177 3836 DfsC - ok
09:44:05.0239 3836 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:44:05.0333 3836 Dhcp - ok
09:44:05.0629 3836 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:44:05.0801 3836 discache - ok
09:44:05.0816 3836 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:44:05.0832 3836 Disk - ok
09:44:05.0863 3836 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:44:05.0879 3836 Dnscache - ok
09:44:05.0941 3836 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:44:05.0957 3836 dot3svc - ok
09:44:06.0019 3836 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:44:06.0066 3836 DPS - ok
09:44:06.0097 3836 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:44:06.0128 3836 drmkaud - ok
09:44:06.0159 3836 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:44:06.0175 3836 DXGKrnl - ok
09:44:06.0206 3836 [ 5DB7CEB8FB44ABF01614E33BAD2056E0 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
09:44:06.0206 3836 e1cexpress - ok
09:44:06.0222 3836 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:44:06.0253 3836 EapHost - ok
09:44:06.0300 3836 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:44:06.0347 3836 ebdrv - ok
09:44:06.0378 3836 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:44:06.0409 3836 EFS - ok
09:44:06.0456 3836 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:44:06.0487 3836 ehRecvr - ok
09:44:06.0503 3836 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:44:06.0518 3836 ehSched - ok
09:44:06.0534 3836 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:44:06.0549 3836 elxstor - ok
09:44:06.0565 3836 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:44:06.0565 3836 ErrDev - ok
09:44:06.0596 3836 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:44:06.0627 3836 EventSystem - ok
09:44:06.0627 3836 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:44:06.0659 3836 exfat - ok
09:44:06.0659 3836 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:44:06.0705 3836 fastfat - ok
09:44:06.0737 3836 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:44:06.0752 3836 Fax - ok
09:44:06.0752 3836 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:44:06.0768 3836 fdc - ok
09:44:06.0783 3836 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:44:06.0799 3836 fdPHost - ok
09:44:06.0815 3836 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:44:06.0846 3836 FDResPub - ok
09:44:06.0877 3836 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:44:06.0877 3836 FileInfo - ok
09:44:06.0893 3836 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:44:06.0924 3836 Filetrace - ok
09:44:06.0955 3836 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:44:06.0955 3836 flpydisk - ok
09:44:06.0971 3836 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:44:06.0986 3836 FltMgr - ok
09:44:07.0002 3836 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:44:07.0017 3836 FontCache - ok
09:44:07.0064 3836 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:44:07.0064 3836 FontCache3.0.0.0 - ok
09:44:07.0064 3836 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:44:07.0080 3836 FsDepends - ok
09:44:07.0095 3836 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:44:07.0111 3836 Fs_Rec - ok
09:44:07.0127 3836 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:44:07.0142 3836 fvevol - ok
09:44:07.0158 3836 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:44:07.0173 3836 gagp30kx - ok
09:44:07.0345 3836 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
09:44:07.0345 3836 GameConsoleService - ok
09:44:07.0376 3836 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:44:07.0392 3836 GEARAspiWDM - ok
09:44:07.0423 3836 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:44:07.0470 3836 gpsvc - ok
09:44:07.0532 3836 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
09:44:07.0548 3836 GREGService - ok
09:44:07.0579 3836 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:44:07.0579 3836 gupdate - ok
09:44:07.0579 3836 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:44:07.0595 3836 gupdatem - ok
09:44:07.0610 3836 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:44:07.0641 3836 hcw85cir - ok
09:44:07.0673 3836 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:44:07.0673 3836 HdAudAddService - ok
09:44:07.0688 3836 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:44:07.0719 3836 HDAudBus - ok
09:44:07.0735 3836 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:44:07.0766 3836 HidBatt - ok
09:44:07.0766 3836 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:44:07.0782 3836 HidBth - ok
09:44:07.0797 3836 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:44:07.0813 3836 HidIr - ok
09:44:07.0829 3836 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:44:07.0860 3836 hidserv - ok
09:44:07.0875 3836 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:44:07.0875 3836 HidUsb - ok
09:44:07.0891 3836 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:44:07.0922 3836 hkmsvc - ok
09:44:07.0953 3836 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:44:07.0953 3836 HomeGroupListener - ok
09:44:07.0985 3836 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:44:07.0985 3836 HomeGroupProvider - ok
09:44:08.0000 3836 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:44:08.0000 3836 HpSAMD - ok
09:44:08.0031 3836 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:44:08.0078 3836 HTTP - ok
09:44:08.0094 3836 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:44:08.0109 3836 hwpolicy - ok
09:44:08.0125 3836 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:44:08.0141 3836 i8042prt - ok
09:44:08.0156 3836 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:44:08.0172 3836 iaStor - ok
09:44:08.0203 3836 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:44:08.0203 3836 IAStorDataMgrSvc - ok
09:44:08.0234 3836 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:44:08.0234 3836 iaStorV - ok
09:44:08.0250 3836 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:44:08.0265 3836 idsvc - ok
09:44:08.0281 3836 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:44:08.0297 3836 iirsp - ok
09:44:08.0328 3836 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:44:08.0359 3836 IKEEXT - ok
09:44:08.0406 3836 [ 8BC7EB3BF3FA1C434AA830A50456DD02 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:44:08.0421 3836 IntcAzAudAddService - ok
09:44:08.0437 3836 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:44:08.0453 3836 intelide - ok
09:44:08.0453 3836 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:44:08.0468 3836 intelppm - ok
09:44:08.0499 3836 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:44:08.0515 3836 IPBusEnum - ok
09:44:08.0531 3836 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:44:08.0577 3836 IpFilterDriver - ok
09:44:08.0609 3836 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:44:08.0624 3836 IPMIDRV - ok
09:44:08.0655 3836 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:44:08.0687 3836 IPNAT - ok
09:44:08.0718 3836 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:44:08.0718 3836 iPod Service - ok
09:44:08.0733 3836 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:44:08.0749 3836 IRENUM - ok
09:44:08.0765 3836 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:44:08.0765 3836 isapnp - ok
09:44:08.0765 3836 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:44:08.0780 3836 iScsiPrt - ok
09:44:08.0780 3836 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:44:08.0796 3836 kbdclass - ok
09:44:08.0796 3836 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:44:08.0811 3836 kbdhid - ok
09:44:08.0827 3836 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:44:08.0843 3836 KeyIso - ok
09:44:08.0858 3836 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:44:08.0858 3836 KSecDD - ok
09:44:08.0889 3836 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:44:08.0889 3836 KSecPkg - ok
09:44:08.0921 3836 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:44:08.0936 3836 ksthunk - ok
09:44:08.0967 3836 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:44:08.0999 3836 KtmRm - ok
09:44:09.0030 3836 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:44:09.0061 3836 LanmanServer - ok
09:44:09.0077 3836 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:44:09.0108 3836 LanmanWorkstation - ok
09:44:09.0217 3836 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
09:44:09.0279 3836 LeapFrog Connect Device Service - ok
09:44:09.0295 3836 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:44:09.0326 3836 lltdio - ok
09:44:09.0342 3836 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:44:09.0373 3836 lltdsvc - ok
09:44:09.0389 3836 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:44:09.0404 3836 lmhosts - ok
09:44:09.0435 3836 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:44:09.0451 3836 LMS - ok
09:44:09.0467 3836 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:44:09.0467 3836 LSI_FC - ok
09:44:09.0482 3836 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:44:09.0482 3836 LSI_SAS - ok
09:44:09.0498 3836 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:44:09.0498 3836 LSI_SAS2 - ok
09:44:09.0498 3836 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:44:09.0498 3836 LSI_SCSI - ok
09:44:09.0513 3836 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:44:09.0560 3836 luafv - ok
09:44:09.0576 3836 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:44:09.0576 3836 MBAMProtector - ok
09:44:09.0607 3836 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:44:09.0623 3836 MBAMScheduler - ok
09:44:09.0623 3836 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:44:09.0638 3836 MBAMService - ok
09:44:09.0654 3836 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
09:44:09.0654 3836 MBfilt - ok
09:44:09.0701 3836 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
09:44:09.0701 3836 McComponentHostService - ok
09:44:09.0732 3836 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:44:09.0747 3836 Mcx2Svc - ok
09:44:09.0763 3836 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:44:09.0763 3836 megasas - ok
09:44:09.0779 3836 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:44:09.0794 3836 MegaSR - ok
09:44:09.0810 3836 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:44:09.0810 3836 MEIx64 - ok
09:44:09.0841 3836 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:44:09.0872 3836 MMCSS - ok
09:44:09.0888 3836 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:44:09.0919 3836 Modem - ok
09:44:09.0935 3836 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:44:09.0966 3836 monitor - ok
09:44:09.0981 3836 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
09:44:09.0981 3836 mouclass - ok
09:44:09.0997 3836 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:44:10.0028 3836 mouhid - ok
09:44:10.0059 3836 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:44:10.0059 3836 mountmgr - ok
09:44:10.0106 3836 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:44:10.0106 3836 MozillaMaintenance - ok
09:44:10.0137 3836 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:44:10.0137 3836 MpFilter - ok
09:44:10.0153 3836 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:44:10.0169 3836 mpio - ok
09:44:10.0184 3836 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:44:10.0200 3836 mpsdrv - ok
09:44:10.0231 3836 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:44:10.0247 3836 MRxDAV - ok
09:44:10.0247 3836 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:44:10.0262 3836 mrxsmb - ok
09:44:10.0293 3836 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:44:10.0309 3836 mrxsmb10 - ok
09:44:10.0340 3836 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:44:10.0340 3836 mrxsmb20 - ok
09:44:10.0371 3836 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:44:10.0371 3836 msahci - ok
09:44:10.0403 3836 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:44:10.0403 3836 msdsm - ok
09:44:10.0418 3836 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:44:10.0434 3836 MSDTC - ok
09:44:10.0449 3836 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:44:10.0465 3836 Msfs - ok
09:44:10.0481 3836 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:44:10.0512 3836 mshidkmdf - ok
09:44:10.0512 3836 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:44:10.0527 3836 msisadrv - ok
09:44:10.0543 3836 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:44:10.0574 3836 MSiSCSI - ok
09:44:10.0590 3836 msiserver - ok
09:44:10.0621 3836 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:44:10.0668 3836 MSKSSRV - ok
09:44:10.0715 3836 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:44:10.0730 3836 MsMpSvc - ok
09:44:10.0761 3836 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:44:10.0793 3836 MSPCLOCK - ok
09:44:10.0793 3836 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:44:10.0824 3836 MSPQM - ok
09:44:10.0855 3836 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:44:10.0871 3836 MsRPC - ok
09:44:10.0871 3836 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:44:10.0886 3836 mssmbios - ok
09:44:10.0886 3836 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:44:10.0917 3836 MSTEE - ok
09:44:10.0917 3836 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:44:10.0933 3836 MTConfig - ok
09:44:10.0933 3836 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:44:10.0949 3836 Mup - ok
09:44:10.0964 3836 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:44:10.0995 3836 napagent - ok
09:44:11.0011 3836 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:44:11.0027 3836 NativeWifiP - ok
09:44:11.0058 3836 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:44:11.0073 3836 NDIS - ok
09:44:11.0089 3836 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:44:11.0105 3836 NdisCap - ok
09:44:11.0120 3836 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:44:11.0151 3836 NdisTapi - ok
09:44:11.0167 3836 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:44:11.0183 3836 Ndisuio - ok
09:44:11.0261 3836 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:44:11.0323 3836 NdisWan - ok
09:44:11.0339 3836 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:44:11.0385 3836 NDProxy - ok
09:44:11.0448 3836 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
09:44:11.0448 3836 Nero BackItUp Scheduler 4.0 - ok
09:44:11.0463 3836 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:44:11.0510 3836 NetBIOS - ok
09:44:11.0541 3836 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:44:11.0588 3836 NetBT - ok
09:44:11.0604 3836 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:44:11.0604 3836 Netlogon - ok
09:44:11.0619 3836 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:44:11.0651 3836 Netman - ok
09:44:11.0666 3836 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:44:11.0713 3836 netprofm - ok
09:44:11.0744 3836 [ AF5F224A600F50B7D2B77F4AE59C1ABE ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
09:44:11.0760 3836 netr28x - ok
09:44:11.0775 3836 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:44:11.0775 3836 NetTcpPortSharing - ok
09:44:11.0791 3836 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:44:11.0807 3836 nfrd960 - ok
09:44:11.0838 3836 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:44:11.0838 3836 NisDrv - ok
09:44:11.0853 3836 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
09:44:11.0869 3836 NisSrv - ok
09:44:11.0900 3836 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:44:11.0931 3836 NlaSvc - ok
09:44:11.0931 3836 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:44:11.0947 3836 Npfs - ok
09:44:11.0978 3836 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:44:11.0994 3836 nsi - ok
09:44:11.0994 3836 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:44:12.0041 3836 nsiproxy - ok
09:44:12.0087 3836 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:44:12.0103 3836 Ntfs - ok
09:44:12.0134 3836 [ 070EC05D5B1447E9BBF4167980AD7518 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
09:44:12.0150 3836 NTI IScheduleSvc - ok
09:44:12.0165 3836 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
09:44:12.0165 3836 NTIDrvr - ok
09:44:12.0181 3836 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:44:12.0228 3836 Null - ok
09:44:12.0259 3836 [ E20ABD5B229760158F753CA90B97E090 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:44:12.0259 3836 NVHDA - ok
09:44:12.0415 3836 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:44:12.0540 3836 nvlddmkm - ok
09:44:12.0571 3836 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:44:12.0571 3836 nvraid - ok
09:44:12.0587 3836 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:44:12.0602 3836 nvstor - ok
09:44:12.0618 3836 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
09:44:12.0633 3836 nvsvc - ok
09:44:12.0680 3836 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:44:12.0696 3836 nvUpdatusService - ok
09:44:12.0727 3836 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:44:12.0727 3836 nv_agp - ok
09:44:12.0743 3836 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:44:12.0743 3836 ohci1394 - ok
09:44:12.0774 3836 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:44:12.0789 3836 ose - ok
09:44:12.0883 3836 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:44:12.0930 3836 osppsvc - ok
09:44:12.0945 3836 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:44:12.0977 3836 p2pimsvc - ok
09:44:12.0992 3836 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:44:12.0992 3836 p2psvc - ok
09:44:13.0023 3836 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:44:13.0023 3836 Parport - ok
09:44:13.0055 3836 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:44:13.0055 3836 partmgr - ok
09:44:13.0070 3836 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:44:13.0086 3836 PcaSvc - ok
09:44:13.0117 3836 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:44:13.0117 3836 pci - ok
09:44:13.0133 3836 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:44:13.0148 3836 pciide - ok
09:44:13.0148 3836 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:44:13.0148 3836 pcmcia - ok
09:44:13.0164 3836 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:44:13.0164 3836 pcw - ok
09:44:13.0523 3836 [ 3F87885CB3767BFD27811B3CA3CC608D ] PDFProFiltSrv C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe
09:44:13.0523 3836 PDFProFiltSrv - ok
09:44:13.0554 3836 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:44:13.0585 3836 PEAUTH - ok
09:44:13.0663 3836 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:44:13.0710 3836 PerfHost - ok
09:44:13.0772 3836 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:44:13.0819 3836 pla - ok
09:44:13.0850 3836 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:44:13.0866 3836 PlugPlay - ok
09:44:13.0881 3836 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:44:13.0897 3836 PNRPAutoReg - ok
09:44:13.0913 3836 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:44:13.0913 3836 PNRPsvc - ok
09:44:13.0944 3836 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:44:13.0975 3836 PolicyAgent - ok
09:44:13.0991 3836 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:44:14.0022 3836 Power - ok
09:44:14.0053 3836 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:44:14.0084 3836 PptpMiniport - ok
09:44:14.0115 3836 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:44:14.0131 3836 Processor - ok
09:44:14.0147 3836 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:44:14.0162 3836 ProfSvc - ok
09:44:14.0178 3836 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:44:14.0178 3836 ProtectedStorage - ok
09:44:14.0193 3836 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:44:14.0240 3836 Psched - ok
09:44:14.0256 3836 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:44:14.0256 3836 PxHlpa64 - ok
09:44:14.0318 3836 [ 2631FC0676CC310B2E85FDE46B1560D9 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
09:44:14.0334 3836 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
09:44:14.0334 3836 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
09:44:14.0396 3836 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
09:44:14.0396 3836 QBFCService ( UnsignedFile.Multi.Generic ) - warning
09:44:14.0396 3836 QBFCService - detected UnsignedFile.Multi.Generic (1)
09:44:14.0427 3836 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:44:14.0459 3836 ql2300 - ok
09:44:14.0459 3836 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:44:14.0459 3836 ql40xx - ok
09:44:14.0490 3836 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:44:14.0505 3836 QWAVE - ok
09:44:14.0505 3836 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:44:14.0521 3836 QWAVEdrv - ok
09:44:14.0521 3836 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:44:14.0552 3836 RasAcd - ok
09:44:14.0568 3836 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:44:14.0583 3836 RasAgileVpn - ok
09:44:14.0599 3836 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:44:14.0630 3836 RasAuto - ok
09:44:14.0661 3836 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:44:14.0677 3836 Rasl2tp - ok
09:44:14.0693 3836 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:44:14.0708 3836 RasMan - ok
09:44:14.0739 3836 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:44:14.0755 3836 RasPppoe - ok
09:44:14.0771 3836 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:44:14.0802 3836 RasSstp - ok
09:44:14.0802 3836 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:44:14.0833 3836 rdbss - ok
09:44:14.0849 3836 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:44:14.0849 3836 rdpbus - ok
09:44:14.0864 3836 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:44:14.0880 3836 RDPCDD - ok
09:44:14.0880 3836 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:44:14.0927 3836 RDPENCDD - ok
09:44:14.0927 3836 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:44:14.0958 3836 RDPREFMP - ok
09:44:14.0973 3836 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:44:14.0989 3836 RDPWD - ok
09:44:15.0005 3836 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:44:15.0020 3836 rdyboost - ok
09:44:15.0036 3836 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:44:15.0083 3836 RemoteAccess - ok
09:44:15.0083 3836 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:44:15.0114 3836 RemoteRegistry - ok
09:44:15.0114 3836 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:44:15.0161 3836 RpcEptMapper - ok
09:44:15.0207 3836 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:44:15.0285 3836 RpcLocator - ok
09:44:15.0332 3836 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:44:15.0363 3836 RpcSs - ok
09:44:15.0379 3836 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:44:15.0410 3836 rspndr - ok
09:44:15.0426 3836 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:44:15.0441 3836 SamSs - ok
09:44:15.0457 3836 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:44:15.0457 3836 sbp2port - ok
09:44:15.0473 3836 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:44:15.0504 3836 SCardSvr - ok
09:44:15.0519 3836 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:44:15.0551 3836 scfilter - ok
09:44:15.0582 3836 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:44:15.0629 3836 Schedule - ok
09:44:15.0644 3836 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:44:15.0660 3836 SCPolicySvc - ok
09:44:15.0675 3836 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:44:15.0691 3836 SDRSVC - ok
09:44:15.0691 3836 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:44:15.0722 3836 secdrv - ok
09:44:15.0738 3836 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:44:15.0769 3836 seclogon - ok
09:44:15.0800 3836 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:44:15.0831 3836 SENS - ok
09:44:15.0831 3836 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:44:15.0831 3836 SensrSvc - ok
09:44:15.0863 3836 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:44:15.0863 3836 Serenum - ok
09:44:15.0878 3836 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:44:15.0878 3836 Serial - ok
09:44:15.0894 3836 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:44:15.0925 3836 sermouse - ok
09:44:15.0956 3836 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:44:15.0987 3836 SessionEnv - ok
09:44:15.0987 3836 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:44:16.0019 3836 sffdisk - ok
09:44:16.0019 3836 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:44:16.0034 3836 sffp_mmc - ok
09:44:16.0050 3836 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:44:16.0050 3836 sffp_sd - ok
09:44:16.0065 3836 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:44:16.0065 3836 sfloppy - ok
09:44:16.0081 3836 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:44:16.0097 3836 ShellHWDetection - ok
09:44:16.0112 3836 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:44:16.0128 3836 SiSRaid2 - ok
09:44:16.0128 3836 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:44:16.0128 3836 SiSRaid4 - ok
09:44:16.0159 3836 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:44:16.0175 3836 SkypeUpdate - ok
09:44:16.0175 3836 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:44:16.0206 3836 Smb - ok
09:44:16.0237 3836 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:44:16.0253 3836 SNMPTRAP - ok
09:44:16.0299 3836 [ 98435A6DDFCE219BB6400F96F22BDF04 ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
09:44:16.0315 3836 SplashtopRemoteService - ok
09:44:16.0331 3836 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:44:16.0331 3836 spldr - ok
09:44:16.0346 3836 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:44:16.0362 3836 Spooler - ok
09:44:16.0409 3836 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:44:16.0471 3836 sppsvc - ok
09:44:16.0487 3836 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:44:16.0518 3836 sppuinotify - ok
09:44:16.0549 3836 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:44:16.0549 3836 srv - ok
09:44:16.0565 3836 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:44:16.0596 3836 srv2 - ok
09:44:16.0611 3836 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:44:16.0627 3836 srvnet - ok
09:44:16.0643 3836 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:44:16.0674 3836 SSDPSRV - ok
09:44:16.0689 3836 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:44:16.0705 3836 SstpSvc - ok
09:44:16.0736 3836 [ DF1E19954C59876C5610D385DA313AC4 ] SSUService C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
09:44:16.0752 3836 SSUService - ok
09:44:16.0799 3836 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:44:16.0799 3836 Stereo Service - ok
09:44:16.0814 3836 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:44:16.0814 3836 stexstor - ok
09:44:16.0845 3836 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
09:44:16.0861 3836 StillCam - ok
09:44:16.0877 3836 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:44:16.0908 3836 stisvc - ok
09:44:16.0939 3836 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:44:16.0939 3836 swenum - ok
09:44:16.0955 3836 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:44:16.0986 3836 swprv - ok
09:44:17.0033 3836 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:44:17.0064 3836 SysMain - ok
09:44:17.0079 3836 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:44:17.0095 3836 TabletInputService - ok
09:44:17.0111 3836 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:44:17.0142 3836 TapiSrv - ok
09:44:17.0157 3836 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:44:17.0189 3836 TBS - ok
09:44:17.0251 3836 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:44:17.0267 3836 Tcpip - ok
09:44:17.0282 3836 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:44:17.0313 3836 TCPIP6 - ok
09:44:17.0329 3836 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:44:17.0329 3836 tcpipreg - ok
09:44:17.0360 3836 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:44:17.0407 3836 TDPIPE - ok
09:44:17.0423 3836 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:44:17.0438 3836 TDTCP - ok
09:44:17.0485 3836 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:44:17.0501 3836 tdx - ok
09:44:17.0532 3836 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:44:17.0532 3836 TermDD - ok
09:44:17.0563 3836 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:44:17.0610 3836 TermService - ok
09:44:17.0641 3836 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:44:17.0672 3836 Themes - ok
09:44:17.0703 3836 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:44:17.0719 3836 THREADORDER - ok
09:44:17.0735 3836 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:44:17.0766 3836 TrkWks - ok
09:44:17.0813 3836 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:44:17.0844 3836 TrustedInstaller - ok
09:44:17.0875 3836 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:44:17.0906 3836 tssecsrv - ok
09:44:17.0922 3836 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:44:17.0922 3836 TsUsbFlt - ok
09:44:17.0937 3836 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:44:17.0969 3836 tunnel - ok
09:44:18.0000 3836 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:44:18.0000 3836 uagp35 - ok
09:44:18.0015 3836 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:44:18.0015 3836 UBHelper - ok
09:44:18.0031 3836 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:44:18.0062 3836 udfs - ok
09:44:18.0078 3836 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:44:18.0093 3836 UI0Detect - ok
09:44:18.0109 3836 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:44:18.0125 3836 uliagpkx - ok
09:44:18.0140 3836 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:44:18.0140 3836 umbus - ok
09:44:18.0156 3836 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:44:18.0156 3836 UmPass - ok
09:44:18.0234 3836 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:44:18.0265 3836 UNS - ok
09:44:18.0296 3836 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
09:44:18.0296 3836 Updater Service - ok
09:44:18.0312 3836 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:44:18.0359 3836 upnphost - ok
09:44:18.0390 3836 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:44:18.0405 3836 USBAAPL64 - ok
09:44:18.0421 3836 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:44:18.0437 3836 usbaudio - ok
09:44:18.0468 3836 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:44:18.0483 3836 usbccgp - ok
09:44:18.0499 3836 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:44:18.0515 3836 usbcir - ok
09:44:18.0530 3836 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:44:18.0530 3836 usbehci - ok
09:44:18.0546 3836 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:44:18.0546 3836 usbhub - ok
09:44:18.0561 3836 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:44:18.0561 3836 usbohci - ok
09:44:18.0593 3836 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:44:18.0608 3836 usbprint - ok
09:44:18.0624 3836 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:44:18.0639 3836 usbscan - ok
09:44:18.0655 3836 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
09:44:18.0686 3836 USBSTOR - ok
09:44:18.0702 3836 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:44:18.0717 3836 usbuhci - ok
09:44:18.0733 3836 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:44:18.0780 3836 UxSms - ok
09:44:18.0795 3836 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:44:18.0795 3836 VaultSvc - ok
09:44:18.0811 3836 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:44:18.0827 3836 vdrvroot - ok
09:44:18.0858 3836 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:44:18.0873 3836 vds - ok
09:44:18.0889 3836 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:44:18.0905 3836 vga - ok
09:44:18.0905 3836 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:44:18.0936 3836 VgaSave - ok
09:44:18.0951 3836 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:44:18.0951 3836 vhdmp - ok
09:44:18.0967 3836 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:44:18.0967 3836 viaide - ok
09:44:18.0983 3836 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:44:18.0998 3836 volmgr - ok
09:44:19.0014 3836 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:44:19.0029 3836 volmgrx - ok
09:44:19.0045 3836 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:44:19.0061 3836 volsnap - ok
09:44:19.0076 3836 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:44:19.0092 3836 vsmraid - ok
09:44:19.0123 3836 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:44:19.0170 3836 VSS - ok
09:44:19.0185 3836 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:44:19.0201 3836 vwifibus - ok
09:44:19.0217 3836 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:44:19.0232 3836 vwififlt - ok
09:44:19.0248 3836 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:44:19.0263 3836 vwifimp - ok
09:44:19.0310 3836 [ E13B31E0ADA64CF1513D993F436CA39D ] VX3000 C:\Windows\system32\DRIVERS\VX3000.sys
09:44:19.0326 3836 VX3000 - ok
09:44:19.0357 3836 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:44:19.0404 3836 W32Time - ok
09:44:19.0435 3836 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:44:19.0435 3836 WacomPen - ok
09:44:19.0466 3836 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:44:19.0497 3836 WANARP - ok
09:44:19.0497 3836 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:44:19.0513 3836 Wanarpv6 - ok
09:44:19.0560 3836 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:44:19.0591 3836 WatAdminSvc - ok
09:44:19.0622 3836 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:44:19.0638 3836 wbengine - ok
09:44:19.0653 3836 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:44:19.0669 3836 WbioSrvc - ok
09:44:19.0700 3836 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:44:19.0731 3836 wcncsvc - ok
09:44:19.0747 3836 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:44:19.0747 3836 WcsPlugInService - ok
09:44:19.0763 3836 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:44:19.0778 3836 Wd - ok
09:44:19.0809 3836 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:44:19.0825 3836 Wdf01000 - ok
09:44:19.0825 3836 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:44:19.0856 3836 WdiServiceHost - ok
09:44:19.0872 3836 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:44:19.0872 3836 WdiSystemHost - ok
09:44:19.0903 3836 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:44:19.0919 3836 WebClient - ok
09:44:19.0950 3836 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:44:19.0981 3836 Wecsvc - ok
09:44:19.0997 3836 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:44:20.0043 3836 wercplsupport - ok
09:44:20.0059 3836 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:44:20.0090 3836 WerSvc - ok
09:44:20.0106 3836 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:44:20.0137 3836 WfpLwf - ok
09:44:20.0153 3836 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:44:20.0168 3836 WIMMount - ok
09:44:20.0168 3836 WinHttpAutoProxySvc - ok
09:44:20.0215 3836 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:44:20.0246 3836 Winmgmt - ok
09:44:20.0293 3836 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:44:20.0340 3836 WinRM - ok
09:44:20.0371 3836 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:44:20.0371 3836 WinUsb - ok
09:44:20.0418 3836 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:44:20.0449 3836 Wlansvc - ok
09:44:20.0496 3836 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:44:20.0511 3836 wlcrasvc - ok
09:44:20.0605 3836 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:44:20.0636 3836 wlidsvc - ok
09:44:20.0652 3836 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:44:20.0667 3836 WmiAcpi - ok
09:44:20.0683 3836 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:44:20.0714 3836 wmiApSrv - ok
09:44:20.0730 3836 WMPNetworkSvc - ok
09:44:20.0745 3836 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:44:20.0761 3836 WPCSvc - ok
09:44:20.0777 3836 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:44:20.0792 3836 WPDBusEnum - ok
09:44:20.0823 3836 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:44:20.0855 3836 ws2ifsl - ok
09:44:20.0870 3836 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:44:20.0901 3836 WSDPrintDevice - ok
09:44:20.0901 3836 WSearch - ok
09:44:20.0964 3836 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:44:20.0995 3836 wuauserv - ok
09:44:21.0026 3836 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:44:21.0042 3836 WudfPf - ok
09:44:21.0057 3836 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:44:21.0073 3836 WUDFRd - ok
09:44:21.0073 3836 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:44:21.0089 3836 wudfsvc - ok
09:44:21.0104 3836 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:44:21.0120 3836 WwanSvc - ok
09:44:21.0135 3836 ================ Scan global ===============================
09:44:21.0151 3836 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:44:21.0245 3836 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:44:21.0260 3836 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:44:21.0323 3836 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:44:21.0354 3836 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:44:21.0354 3836 [Global] - ok
09:44:21.0354 3836 ================ Scan MBR ==================================
09:44:21.0369 3836 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:44:21.0791 3836 \Device\Harddisk0\DR0 - ok
09:44:21.0806 3836 ================ Scan VBR ==================================
09:44:21.0806 3836 [ 3352F7F6CD35C9478CC0574AEC72C33D ] \Device\Harddisk0\DR0\Partition1
09:44:21.0806 3836 \Device\Harddisk0\DR0\Partition1 - ok
09:44:21.0822 3836 [ 9399D58DA116849BA06F93275A22C6BB ] \Device\Harddisk0\DR0\Partition2
09:44:21.0822 3836 \Device\Harddisk0\DR0\Partition2 - ok
09:44:21.0853 3836 [ 20C0DE91B778C6BF9182D88FE8DB01D2 ] \Device\Harddisk0\DR0\Partition3
09:44:21.0853 3836 \Device\Harddisk0\DR0\Partition3 - ok
09:44:21.0853 3836 ============================================================
09:44:21.0853 3836 Scan finished
09:44:21.0853 3836 ============================================================
09:44:21.0853 4524 Detected object count: 4
09:44:21.0853 4524 Actual detected object count: 4
09:44:38.0358 4524 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:44:38.0358 4524 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:44:38.0358 4524 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:44:38.0358 4524 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:44:38.0358 4524 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
09:44:38.0358 4524 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:44:38.0358 4524 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
09:44:38.0358 4524 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What problems are you experiencing with the computer
  • 0

#6
bwing

bwing

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
This is Lisa typing now. I'm Brian's wife -- the primary user of the sick computer...
The problems seem to change from day to day and I'm not exactly sure what to attribute to the virus problem and what to attribute to the changes Brian has made trying to get rid of the virus.

Yesterday, every time I tried to access the internet - either through Internet Explorer or Firefox, the machine crashed showing a blue screen with lots of plain type on it (kind of reminded me of the black & green DOS screens back in the day. :-) Each time the screen said something about a Win 32 problem and then the computer restarted.

A few days ago I was downloading photos off an SD card. The photos went into the folder I'd indicated, but strangely the photos I'd downloaded the day before all copied to the desktop. I realize this thing is usually user error, but I'm pretty certain I didn't do anything that could have caused them to accidentally copy.

Today, the data is all gone from my Quicken program. I see that my husband has unplugged our external hard drive and I'm not sure if that's where the data is stored. If so, that would explain it.

Another new thing today is when I click some of the shortcuts on the desktop, I get this message: "The item referred to by this shortcut cannot be accessed. You may not have the appropriate permissions."

I restarted the computer to see if that would allow me to access the shortcuts. It didn't, and in the process, I lost the little green box from the program you had me run. Do I need to run it again to find the 4 detected objects? I assume there is something I need to do to get rid of them.

Thanks!
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No need to re-run TDSSKiller as it showed clean

Do you have any dmp files in the following folder C:\Windows\mindump ?
If so could you zip two or three and attach them to the next post

OK lets look at the other parts of the computer

  • Download RogueKiller and save it on your desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
    Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.
  • 0

#8
bwing

bwing

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
here are the reports. I'm working on the dmp files...

Attached Files


  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are the shortcuts working now ?
  • 0

#10
bwing

bwing

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Shortcuts still aren't working.

I'm having a hard time zipping the dmp files. It says I don't have access, even though I'm logged in as the administrator. Still working on it...
  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Copy the dump files to the desktop and zip them there
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Download the attached reg file by right clicking and selecting save as..

Save to the desktop
Double click the reg file and allow it to merge
Accept the warnings and try the shortcuts again
  • 0

#13
bwing

bwing

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Copied the dump files to the desktop. Still tells me I don't have access when I try to zip them. Now what?
  • 0

#14
bwing

bwing

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Ran Inkfix. Still no shortcuts.
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK download the attached zip folder
https://dl.dropbox.c...keOwnership.zip
Inside are two reg files
Extract Installtakeownership.reg to the desktop
Double click and allow to merge
Now navigate to C:\windows\minidump folder
Right click the folder and select Take Ownership

After a moment or two you should now be able to zip the files in the folder
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP