Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cloudfront.net [Solved]

Started by khphoto1 , Jun 30 2013 01:39 PM

  • This topic is locked This topic is locked

#1
khphoto1
Posted 30 June 2013 - 01:39 PM

khphoto1

    Member

  • Member
  • PipPipPip
  • 102 posts
Hello, this is my first time using Geeks to Go. I'm sending this first request from my uninfected laptop since the effected one is running so slow and I'm afraid things will get worse. I switched service providers and was trying to clean up some of the email stuff left on the infected laptop. When you need detailed logs I'll use my infected computer to reply. I've been trying to clean-up other viruses and other issues and have probably picked up this virus in doing so. I've downloaded and used: Process Explorer, HitmanPro, Msert, TDSSKiller, iExplore.exe, RKILL, and Microsoft Security Essentials. I think I had/have the 'File Restore Virus'.

Current symptoms:
1. Computer running very very slow.
2. Pop-ups that say: 'Your PC performance is Poor - Fix Now' or 'Your PC is about to crash - Click OK to fix' and other various ads.
3. A tab (don't really know what it's called) hxxp://dllvdn9ox0j18d.cloudfront.net
4. Window stating: "Logon Process has failed to create the security options dialog" and "Failure Security Options"
5. On 'status bar'? a note indicating 'Internet Protect Mode' is off and every time I go into IE8 it is back off.

Computer Info:
Dell Vostro 1000, Processor: AMD Semperon 3600 + 2ghz, 1GB Ram, Vista Home Basic SP2, 31.9 GB free of 64.4; and 6.63GB free of 9.99 GB Backup.

Software originally installed included Malwarebytes and SUPERAntiSpyware.

Things found: TDSS found Alureon & Harbinger. Msert found and fixed 11 problems, SUPERANTI found 1316 items Hitman found nothing.

Waiting for your next suggestion. Thanks, Kathy
  • 0

Advertisements

#2
Buddierdl
Posted 01 July 2013 - 07:52 AM

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hello Kathy and welcome to Geeks to Go. I am sorry that you are having troubles with your computer and will try my best to help you. I know that being infected is very frustrating, but I will be here to help you through the whole process of cleaning. Removing malware can be difficult and complicated and will most likely take many steps, so please stick with me until I have declared your computer clean. I always recommend printing my instructions before following them in case you cannot keep this webpage open. Please be sure to alway follow all steps exactly as they are written and let me know what happens each time. Stop and ask if something unexpected happens or if you are unsure of how to proceed.

Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.

Could you please post the logs for all tools that you have run, especially TDSSKiller and ComboFix (renamed iexplore.exe) and also please run the scans below.

Now that I am helping you, please do not run any tools other than the ones I indicate, to avoid confusing my efforts.


Open OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    dir "%systemdrive%\*" /S /A:L /C
  • Select the Scan All Users box in the middle on the top of the window
  • Click the Run Scan button. Post the log it produces in your next reply.




Download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#3
khphoto1
Posted 01 July 2013 - 11:28 AM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Buddierd, to respect your time, will some blocks be overnight for long scans? I am leaving the house NOW 1:30 pm for the rest of the day (returning 9pm). I'll post your request results later tonight. Is there a specific time I should get back online to connect with you tomorrow?

To work on your requests:
1. I'll have to find the log files for TDSS and Combo - where they are stored.
2. What is OTL?
3. Should I paste the results as a paste into this response or as attachments (Text Files for logs) and I do have Microsoft word if that helps.

Kathy
  • 0

#4
Buddierdl
Posted 01 July 2013 - 11:42 AM

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts

Buddierd, to respect your time, will some blocks be overnight for long scans? I am leaving the house NOW 1:30 pm for the rest of the day (returning 9pm). I'll post your request results later tonight. Is there a specific time I should get back online to connect with you tomorrow?


You can do the scans whenever you have time. I just ask that you let me know if you are going to be gone for more than a day or so. I try to reply at least once a day, more if I can.

To work on your requests:
1. I'll have to find the log files for TDSS and Combo - where they are stored.


TDSSKiller should be at C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

ComboFix should be at C:\ComboFix.txt

2. What is OTL?


Posted Image What you need a download link! (just kidding). Download it here to your desktop and then run it. You should be able to follow the directions from there.

3. Should I paste the results as a paste into this response or as attachments (Text Files for logs) and I do have Microsoft word if that helps.



Please copy/paste the logs. You can put each one into a separate post if you wish.


  • 0

#5
khphoto1
Posted 01 July 2013 - 06:48 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
First log of TDSS: Two more will come in two more messages.

19:46:40.0256 25860 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:46:41.0006 25860 ============================================================
19:46:41.0006 25860 Current date / time: 2013/06/27 19:46:41.0006
19:46:41.0006 25860 SystemInfo:
19:46:41.0006 25860
19:46:41.0006 25860 OS Version: 6.0.6001 ServicePack: 1.0
19:46:41.0006 25860 Product type: Workstation
19:46:41.0006 25860 ComputerName: USER-PC
19:46:41.0022 25860 UserName: User
19:46:41.0022 25860 Windows directory: C:\Windows
19:46:41.0022 25860 System windows directory: C:\Windows
19:46:41.0022 25860 Processor architecture: Intel x86
19:46:41.0022 25860 Number of processors: 1
19:46:41.0022 25860 Page size: 0x1000
19:46:41.0022 25860 Boot type: Normal boot
19:46:41.0022 25860 ============================================================
19:46:44.0506 25860 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:46:44.0600 25860 ============================================================
19:46:44.0600 25860 \Device\Harddisk0\DR0:
19:46:44.0616 25860 MBR partitions:
19:46:44.0647 25860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x1400000
19:46:44.0647 25860 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x142F800, BlocksNum 0x80DF800
19:46:44.0647 25860 ============================================================
19:46:44.0850 25860 C: <-> \Device\Harddisk0\DR0\Partition2
19:46:45.0084 25860 D: <-> \Device\Harddisk0\DR0\Partition1
19:46:45.0084 25860 ============================================================
19:46:45.0084 25860 Initialize success
19:46:45.0084 25860 ============================================================
19:47:09.0850 25172 ============================================================
19:47:09.0850 25172 Scan started
19:47:09.0850 25172 Mode: Manual;
19:47:09.0850 25172 ============================================================
19:47:13.0287 25172 ================ Scan system memory ========================
19:47:13.0287 25172 System memory - ok
19:47:13.0287 25172 ================ Scan services =============================
19:47:13.0506 25172 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
19:47:13.0522 25172 ACPI - ok
19:47:13.0616 25172 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:47:13.0631 25172 adp94xx - ok
19:47:13.0662 25172 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:47:13.0662 25172 adpahci - ok
19:47:13.0694 25172 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:47:13.0694 25172 adpu160m - ok
19:47:13.0709 25172 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:47:13.0709 25172 adpu320 - ok
19:47:13.0772 25172 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:47:13.0772 25172 AeLookupSvc - ok
19:47:13.0834 25172 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
19:47:13.0850 25172 AFD - ok
19:47:13.0897 25172 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:47:13.0944 25172 agp440 - ok
19:47:14.0084 25172 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:47:14.0084 25172 aic78xx - ok
19:47:14.0162 25172 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:47:14.0162 25172 ALG - ok
19:47:14.0209 25172 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
19:47:14.0209 25172 aliide - ok
19:47:14.0319 25172 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:47:14.0319 25172 amdagp - ok
19:47:14.0350 25172 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
19:47:14.0350 25172 amdide - ok
19:47:14.0459 25172 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:47:14.0459 25172 AmdK7 - ok
19:47:14.0506 25172 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:47:14.0522 25172 AmdK8 - ok
19:47:14.0741 25172 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:47:14.0741 25172 Appinfo - ok
19:47:14.0850 25172 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
19:47:14.0850 25172 arc - ok
19:47:14.0944 25172 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:47:14.0944 25172 arcsas - ok
19:47:15.0022 25172 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:47:15.0022 25172 AsyncMac - ok
19:47:15.0084 25172 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
19:47:15.0084 25172 atapi - ok
19:47:15.0225 25172 [ CDAB1FB2AC6160EF35B44D6337A04DD4 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
19:47:15.0225 25172 Ati External Event Utility - ok
19:47:15.0444 25172 [ 4AA1EB65481C392955939E735D27118B ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:47:15.0444 25172 AtiPcie - ok
19:47:15.0616 25172 [ 1F50C6D8585F7639182DE7D8BC36C2C2 ] ATTRcAppSvc C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
19:47:15.0631 25172 ATTRcAppSvc - ok
19:47:15.0756 25172 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:47:15.0772 25172 AudioEndpointBuilder - ok
19:47:15.0803 25172 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:47:15.0819 25172 Audiosrv - ok
19:47:15.0975 25172 BCM42RLY - ok
19:47:16.0037 25172 [ CDF7F28FFD693B1B4137845DD1EF1CCC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
19:47:16.0100 25172 BCM43XX - ok
19:47:16.0241 25172 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
19:47:16.0256 25172 bcm4sbxp - ok
19:47:16.0381 25172 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:47:16.0381 25172 Beep - ok
19:47:16.0491 25172 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
19:47:16.0506 25172 BFE - ok
19:47:16.0709 25172 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
19:47:16.0725 25172 BITS - ok
19:47:16.0834 25172 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:47:16.0834 25172 blbdrive - ok
19:47:16.0959 25172 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:47:16.0959 25172 bowser - ok
19:47:17.0131 25172 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:47:17.0131 25172 BrFiltLo - ok
19:47:17.0241 25172 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:47:17.0241 25172 BrFiltUp - ok
19:47:17.0459 25172 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:47:17.0459 25172 Browser - ok
19:47:17.0709 25172 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:47:17.0709 25172 Brserid - ok
19:47:17.0787 25172 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:47:17.0787 25172 BrSerWdm - ok
19:47:17.0866 25172 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:47:17.0866 25172 BrUsbMdm - ok
19:47:17.0912 25172 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:47:17.0912 25172 BrUsbSer - ok
19:47:18.0022 25172 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:47:18.0022 25172 BTHMODEM - ok
19:47:18.0131 25172 [ 6D6778608453BA40DDB1A737957697BC ] CAATT C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe
19:47:18.0131 25172 CAATT - ok
19:47:18.0241 25172 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:47:18.0256 25172 cdfs - ok
19:47:18.0350 25172 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:47:18.0397 25172 cdrom - ok
19:47:18.0506 25172 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
19:47:18.0506 25172 CertPropSvc - ok
19:47:18.0553 25172 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
19:47:18.0553 25172 circlass - ok
19:47:18.0631 25172 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
19:47:18.0647 25172 CLFS - ok
19:47:18.0756 25172 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:47:18.0756 25172 clr_optimization_v2.0.50727_32 - ok
19:47:18.0881 25172 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:47:18.0881 25172 CmBatt - ok
19:47:18.0928 25172 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:47:18.0928 25172 cmdide - ok
19:47:18.0991 25172 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:47:18.0991 25172 Compbatt - ok
19:47:19.0037 25172 COMSysApp - ok
19:47:19.0053 25172 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:47:19.0053 25172 crcdisk - ok
19:47:19.0147 25172 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:47:19.0147 25172 Crusoe - ok
19:47:19.0272 25172 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:47:19.0287 25172 CryptSvc - ok
19:47:19.0428 25172 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:47:19.0444 25172 DcomLaunch - ok
19:47:19.0506 25172 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:47:19.0506 25172 DfsC - ok
19:47:19.0662 25172 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
19:47:19.0741 25172 DFSR - ok
19:47:19.0850 25172 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:47:19.0850 25172 Dhcp - ok
19:47:19.0944 25172 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
19:47:19.0944 25172 disk - ok
19:47:20.0037 25172 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:47:20.0037 25172 Dnscache - ok
19:47:20.0084 25172 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
19:47:20.0084 25172 dot3svc - ok
19:47:20.0209 25172 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:47:20.0225 25172 Dot4 - ok
19:47:20.0319 25172 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:47:20.0319 25172 Dot4Print - ok
19:47:20.0381 25172 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:47:20.0381 25172 dot4usb - ok
19:47:20.0506 25172 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:47:20.0506 25172 DPS - ok
19:47:20.0600 25172 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:47:20.0600 25172 drmkaud - ok
19:47:20.0662 25172 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:47:20.0678 25172 DXGKrnl - ok
19:47:20.0756 25172 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
19:47:20.0756 25172 e1express - ok
19:47:20.0881 25172 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:47:20.0881 25172 E1G60 - ok
19:47:20.0959 25172 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:47:20.0959 25172 EapHost - ok
19:47:21.0100 25172 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:47:21.0100 25172 Ecache - ok
19:47:21.0209 25172 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:47:21.0209 25172 elxstor - ok
19:47:21.0287 25172 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:47:21.0303 25172 EMDMgmt - ok
19:47:21.0381 25172 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:47:21.0381 25172 ErrDev - ok
19:47:21.0475 25172 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
19:47:21.0475 25172 EventSystem - ok
19:47:21.0569 25172 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
19:47:21.0569 25172 exfat - ok
19:47:21.0662 25172 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:47:21.0662 25172 fastfat - ok
19:47:21.0787 25172 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:47:21.0787 25172 fdc - ok
19:47:21.0834 25172 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:47:21.0834 25172 fdPHost - ok
19:47:21.0881 25172 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:47:21.0881 25172 FDResPub - ok
19:47:21.0944 25172 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:47:21.0944 25172 FileInfo - ok
19:47:22.0022 25172 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:47:22.0022 25172 Filetrace - ok
19:47:22.0069 25172 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:47:22.0084 25172 flpydisk - ok
19:47:22.0131 25172 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:47:22.0194 25172 FltMgr - ok
19:47:22.0334 25172 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:47:22.0334 25172 FontCache3.0.0.0 - ok
19:47:22.0366 25172 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:47:22.0366 25172 Fs_Rec - ok
19:47:22.0428 25172 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:47:22.0444 25172 gagp30kx - ok
19:47:22.0522 25172 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
19:47:22.0522 25172 gpsvc - ok
19:47:22.0694 25172 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9b89a511223e2 C:\Program Files\Google\Update\GoogleUpdate.exe
19:47:22.0709 25172 gupdate1c9b89a511223e2 - ok
19:47:22.0881 25172 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:47:22.0881 25172 gupdatem - ok
19:47:23.0100 25172 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:47:23.0116 25172 gusvc - ok
19:47:23.0272 25172 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:47:23.0272 25172 HdAudAddService - ok
19:47:23.0366 25172 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:47:23.0366 25172 HDAudBus - ok
19:47:23.0475 25172 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:47:23.0475 25172 HidBth - ok
19:47:23.0647 25172 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:47:23.0647 25172 HidIr - ok
19:47:23.0756 25172 [ 53D5A2F9CE6AE47D7507727DF1DA79F8 ] hidserv C:\Windows\system32\hidserv.dll
19:47:23.0756 25172 hidserv - ok
19:47:23.0834 25172 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:47:23.0834 25172 HidUsb - ok
19:47:23.0912 25172 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:47:23.0912 25172 hkmsvc - ok
19:47:23.0944 25172 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:47:23.0959 25172 HpCISSs - ok
19:47:24.0100 25172 [ ED377B3C83FDEA8D906109A085D219BA ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:47:24.0116 25172 hpqcxs08 - ok
19:47:24.0178 25172 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:47:24.0178 25172 hpqddsvc - ok
19:47:24.0303 25172 [ 99F85640054BA65190B860D878A7C9AE ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:47:24.0334 25172 HSF_DPV - ok
19:47:24.0366 25172 [ CFBC2B81972E298F0E19EE68FA9E73DA ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:47:24.0366 25172 HSXHWAZL - ok
19:47:24.0459 25172 [ 33B02459E86D0A2B86A6B9FE19139390 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:47:24.0475 25172 HTTP - ok
19:47:24.0616 25172 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:47:24.0616 25172 i2omp - ok
19:47:24.0694 25172 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:47:24.0694 25172 i8042prt - ok
19:47:24.0756 25172 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:47:24.0756 25172 iaStorV - ok
19:47:24.0866 25172 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:47:24.0912 25172 idsvc - ok
19:47:24.0975 25172 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:47:24.0991 25172 iirsp - ok
19:47:25.0084 25172 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
19:47:25.0084 25172 IKEEXT - ok
19:47:25.0178 25172 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:47:25.0178 25172 intelide - ok
19:47:25.0225 25172 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:47:25.0256 25172 intelppm - ok
19:47:25.0303 25172 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:47:25.0303 25172 IPBusEnum - ok
19:47:25.0334 25172 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:47:25.0334 25172 IpFilterDriver - ok
19:47:25.0428 25172 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:47:25.0444 25172 iphlpsvc - ok
19:47:25.0491 25172 IpInIp - ok
19:47:25.0522 25172 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:47:25.0522 25172 IPMIDRV - ok
19:47:25.0569 25172 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:47:25.0569 25172 IPNAT - ok
19:47:25.0631 25172 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:47:25.0631 25172 IRENUM - ok
19:47:25.0694 25172 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:47:25.0694 25172 isapnp - ok
19:47:25.0787 25172 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:47:25.0803 25172 iScsiPrt - ok
19:47:25.0912 25172 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:47:25.0912 25172 iteatapi - ok
19:47:25.0959 25172 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:47:25.0975 25172 iteraid - ok
19:47:26.0037 25172 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:47:26.0037 25172 kbdclass - ok
19:47:26.0131 25172 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:47:26.0147 25172 kbdhid - ok
19:47:26.0209 25172 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
19:47:26.0209 25172 KeyIso - ok
19:47:26.0287 25172 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:47:26.0287 25172 KSecDD - ok
19:47:26.0459 25172 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:47:26.0475 25172 KtmRm - ok
19:47:26.0522 25172 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:47:26.0522 25172 LanmanServer - ok
19:47:26.0600 25172 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:47:26.0600 25172 LanmanWorkstation - ok
19:47:26.0709 25172 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:47:26.0709 25172 lltdio - ok
19:47:26.0819 25172 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:47:26.0819 25172 lltdsvc - ok
19:47:26.0866 25172 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:47:26.0866 25172 lmhosts - ok
19:47:26.0928 25172 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:47:26.0944 25172 LSI_FC - ok
19:47:26.0991 25172 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:47:26.0991 25172 LSI_SAS - ok
19:47:27.0037 25172 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:47:27.0037 25172 LSI_SCSI - ok
19:47:27.0116 25172 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:47:27.0147 25172 luafv - ok
19:47:27.0225 25172 [ 5F001FCF8166464B850ECA3A6A4187D7 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
19:47:27.0225 25172 MBAMSwissArmy - ok
19:47:27.0272 25172 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:47:27.0272 25172 mdmxsdk - ok
19:47:27.0350 25172 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
19:47:27.0350 25172 megasas - ok
19:47:27.0397 25172 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:47:27.0412 25172 MegaSR - ok
19:47:27.0475 25172 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:47:27.0475 25172 MMCSS - ok
19:47:27.0522 25172 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:47:27.0553 25172 Modem - ok
19:47:27.0631 25172 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:47:27.0631 25172 monitor - ok
19:47:27.0694 25172 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:47:27.0694 25172 mouclass - ok
19:47:27.0756 25172 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:47:27.0756 25172 mouhid - ok
19:47:27.0803 25172 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:47:27.0819 25172 MountMgr - ok
19:47:27.0881 25172 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
19:47:27.0897 25172 mpio - ok
19:47:27.0928 25172 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:47:27.0944 25172 mpsdrv - ok
19:47:28.0022 25172 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
19:47:28.0037 25172 MpsSvc - ok
19:47:28.0084 25172 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:47:28.0100 25172 Mraid35x - ok
19:47:28.0147 25172 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:47:28.0178 25172 MRxDAV - ok
19:47:28.0241 25172 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:47:28.0241 25172 mrxsmb - ok
19:47:28.0334 25172 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:47:28.0334 25172 mrxsmb10 - ok
19:47:28.0397 25172 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:47:28.0397 25172 mrxsmb20 - ok
19:47:28.0506 25172 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
19:47:28.0537 25172 msahci - ok
19:47:28.0631 25172 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:47:28.0647 25172 msdsm - ok
19:47:28.0709 25172 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:47:28.0709 25172 MSDTC - ok
19:47:28.0787 25172 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:47:28.0787 25172 Msfs - ok
19:47:28.0959 25172 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:47:28.0959 25172 msisadrv - ok
19:47:29.0100 25172 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:47:29.0116 25172 MSiSCSI - ok
19:47:29.0162 25172 msiserver - ok
19:47:29.0256 25172 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:47:29.0256 25172 MSKSSRV - ok
19:47:29.0459 25172 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:47:29.0459 25172 MSPCLOCK - ok
19:47:29.0522 25172 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:47:29.0522 25172 MSPQM - ok
19:47:29.0741 25172 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:47:29.0756 25172 MsRPC - ok
19:47:29.0866 25172 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:47:29.0866 25172 mssmbios - ok
19:47:29.0928 25172 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:47:29.0928 25172 MSTEE - ok
19:47:29.0991 25172 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
19:47:30.0022 25172 Mup - ok
19:47:30.0131 25172 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
19:47:30.0131 25172 napagent - ok
19:47:30.0209 25172 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:47:30.0225 25172 NativeWifiP - ok
19:47:30.0334 25172 [ C8560010A542B5DCA94C62468DC20784 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:47:30.0334 25172 NDIS - ok
19:47:30.0428 25172 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:47:30.0444 25172 NdisTapi - ok
19:47:30.0459 25172 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:47:30.0475 25172 Ndisuio - ok
19:47:30.0522 25172 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:47:30.0522 25172 NdisWan - ok
19:47:30.0600 25172 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:47:30.0600 25172 NDProxy - ok
19:47:30.0725 25172 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:47:30.0725 25172 Net Driver HPZ12 - ok
19:47:30.0772 25172 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:47:30.0772 25172 NetBIOS - ok
19:47:30.0850 25172 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:47:30.0850 25172 netbt - ok
19:47:30.0912 25172 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
19:47:30.0912 25172 Netlogon - ok
19:47:30.0991 25172 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:47:31.0006 25172 Netman - ok
19:47:31.0053 25172 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:47:31.0053 25172 netprofm - ok
19:47:31.0147 25172 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:47:31.0147 25172 NetTcpPortSharing - ok
19:47:31.0225 25172 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:47:31.0241 25172 nfrd960 - ok
19:47:31.0272 25172 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:47:31.0287 25172 NlaSvc - ok
19:47:31.0334 25172 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:47:31.0334 25172 Npfs - ok
19:47:31.0412 25172 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:47:31.0428 25172 nsi - ok
19:47:31.0506 25172 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:47:31.0506 25172 nsiproxy - ok
19:47:31.0647 25172 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:47:31.0662 25172 Ntfs - ok
19:47:31.0741 25172 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:47:31.0741 25172 ntrigdigi - ok
19:47:31.0787 25172 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:47:31.0819 25172 Null - ok
19:47:31.0897 25172 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:47:31.0897 25172 nvraid - ok
19:47:31.0975 25172 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:47:31.0975 25172 nvstor - ok
19:47:32.0053 25172 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:47:32.0084 25172 nv_agp - ok
19:47:32.0131 25172 NwlnkFlt - ok
19:47:32.0147 25172 NwlnkFwd - ok
19:47:32.0178 25172 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:47:32.0178 25172 ohci1394 - ok
19:47:32.0319 25172 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:47:32.0319 25172 ose - ok
19:47:32.0412 25172 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:47:32.0475 25172 p2pimsvc - ok
19:47:32.0491 25172 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
19:47:32.0506 25172 p2psvc - ok
19:47:32.0584 25172 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:47:32.0584 25172 Parport - ok
19:47:32.0662 25172 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:47:32.0662 25172 partmgr - ok
19:47:32.0709 25172 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:47:32.0709 25172 Parvdm - ok
19:47:32.0803 25172 [ 1961590AA191B6B7DCF18A6A693AF7B8 ] PCASp50 C:\Windows\system32\Drivers\PCASp50.sys
19:47:32.0819 25172 PCASp50 - ok
19:47:32.0897 25172 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:47:32.0897 25172 PcaSvc - ok
19:47:32.0959 25172 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
19:47:32.0991 25172 pci - ok
19:47:33.0069 25172 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
19:47:33.0069 25172 pciide - ok
19:47:33.0116 25172 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:47:33.0131 25172 pcmcia - ok
19:47:33.0241 25172 [ 351BD8C80B2C411EA5A122FCFED4D7C8 ] PCTINDIS5 C:\Windows\system32\PCTINDIS5.SYS
19:47:33.0241 25172 PCTINDIS5 - ok
19:47:33.0381 25172 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:47:33.0397 25172 PEAUTH - ok
19:47:33.0522 25172 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:47:33.0584 25172 pla - ok
19:47:33.0678 25172 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:47:33.0787 25172 PlugPlay - ok
19:47:33.0834 25172 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:47:33.0834 25172 Pml Driver HPZ12 - ok
19:47:33.0912 25172 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:47:33.0912 25172 PNRPAutoReg - ok
19:47:33.0975 25172 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:47:33.0975 25172 PNRPsvc - ok
19:47:34.0116 25172 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:47:34.0131 25172 PolicyAgent - ok
19:47:34.0194 25172 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:47:34.0209 25172 PptpMiniport - ok
19:47:34.0241 25172 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
19:47:34.0241 25172 Processor - ok
19:47:34.0319 25172 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
19:47:34.0334 25172 ProfSvc - ok
19:47:34.0412 25172 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:47:34.0412 25172 ProtectedStorage - ok
19:47:34.0506 25172 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:47:34.0506 25172 PSched - ok
19:47:34.0647 25172 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
19:47:34.0647 25172 PxHelp20 - ok
19:47:34.0787 25172 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:47:34.0803 25172 ql2300 - ok
19:47:34.0928 25172 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:47:34.0944 25172 ql40xx - ok
19:47:35.0116 25172 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:47:35.0131 25172 QWAVE - ok
19:47:35.0241 25172 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:47:35.0241 25172 QWAVEdrv - ok
19:47:35.0522 25172 [ 554685122B4F973E21D66C2BAAF29543 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
19:47:35.0647 25172 R300 - ok
19:47:35.0787 25172 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:47:35.0787 25172 RasAcd - ok
19:47:35.0881 25172 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:47:35.0881 25172 RasAuto - ok
19:47:35.0991 25172 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:47:35.0991 25172 Rasl2tp - ok
19:47:36.0053 25172 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
19:47:36.0069 25172 RasMan - ok
19:47:36.0116 25172 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:47:36.0116 25172 RasPppoe - ok
19:47:36.0162 25172 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:47:36.0209 25172 RasSstp - ok
19:47:36.0272 25172 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:47:36.0287 25172 rdbss - ok
19:47:36.0334 25172 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:47:36.0350 25172 RDPCDD - ok
19:47:36.0428 25172 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:47:36.0444 25172 rdpdr - ok
19:47:36.0459 25172 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:47:36.0491 25172 RDPENCDD - ok
19:47:36.0569 25172 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:47:36.0584 25172 RDPWD - ok
19:47:36.0694 25172 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:47:36.0709 25172 RemoteAccess - ok
19:47:36.0772 25172 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:47:36.0803 25172 RemoteRegistry - ok
19:47:36.0912 25172 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
19:47:36.0912 25172 rimmptsk - ok
19:47:36.0975 25172 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\Windows\system32\drivers\rimsptsk.sys
19:47:36.0975 25172 rimsptsk - ok
19:47:37.0037 25172 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
19:47:37.0053 25172 RimVSerPort - ok
19:47:37.0100 25172 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\drivers\rixdptsk.sys
19:47:37.0100 25172 rismxdp - ok
19:47:37.0209 25172 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
19:47:37.0209 25172 ROOTMODEM - ok
19:47:37.0287 25172 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:47:37.0303 25172 RpcLocator - ok
19:47:37.0381 25172 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
19:47:37.0381 25172 RpcSs - ok
19:47:37.0459 25172 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:47:37.0459 25172 rspndr - ok
19:47:37.0506 25172 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
19:47:37.0506 25172 SamSs - ok
19:47:37.0709 25172 [ BFBC4BE8D6AC6D33AD93F3F5F2E11499 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:47:37.0709 25172 SASDIFSV - ok
19:47:37.0819 25172 [ E9C2D75C748C3F0A4C34D6CF2AE1D754 ] SASENUM C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
19:47:37.0834 25172 SASENUM - ok
19:47:37.0928 25172 [ 4731A1B8A79B19CAD8E2CFDC7B7D82D4 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
19:47:37.0928 25172 SASKUTIL - ok
19:47:37.0975 25172 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:47:37.0975 25172 sbp2port - ok
19:47:38.0116 25172 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:47:38.0116 25172 SCardSvr - ok
19:47:38.0178 25172 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
19:47:38.0209 25172 Schedule - ok
19:47:38.0225 25172 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
19:47:38.0225 25172 SCPolicySvc - ok
19:47:38.0350 25172 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:47:38.0350 25172 sdbus - ok
19:47:38.0381 25172 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:47:38.0381 25172 SDRSVC - ok
19:47:38.0475 25172 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:47:38.0491 25172 secdrv - ok
19:47:38.0584 25172 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:47:38.0584 25172 seclogon - ok
19:47:38.0647 25172 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:47:38.0647 25172 SENS - ok
19:47:38.0678 25172 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:47:38.0678 25172 Serenum - ok
19:47:38.0741 25172 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:47:38.0772 25172 Serial - ok
19:47:38.0850 25172 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:47:38.0850 25172 sermouse - ok
19:47:38.0928 25172 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:47:38.0928 25172 SessionEnv - ok
19:47:39.0037 25172 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:47:39.0053 25172 sffdisk - ok
19:47:39.0100 25172 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:47:39.0100 25172 sffp_mmc - ok
19:47:39.0147 25172 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:47:39.0147 25172 sffp_sd - ok
19:47:39.0225 25172 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:47:39.0256 25172 sfloppy - ok
19:47:39.0319 25172 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:47:39.0334 25172 SharedAccess - ok
19:47:39.0397 25172 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:47:39.0412 25172 ShellHWDetection - ok
19:47:39.0475 25172 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:47:39.0506 25172 sisagp - ok
19:47:39.0631 25172 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:47:39.0631 25172 SiSRaid2 - ok
19:47:39.0694 25172 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:47:39.0694 25172 SiSRaid4 - ok
19:47:39.0850 25172 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
19:47:39.0912 25172 slsvc - ok
19:47:39.0975 25172 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:47:39.0991 25172 SLUINotify - ok
19:47:40.0037 25172 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:47:40.0069 25172 Smb - ok
19:47:40.0147 25172 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:47:40.0178 25172 SNMPTRAP - ok
19:47:40.0256 25172 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:47:40.0272 25172 spldr - ok
19:47:40.0319 25172 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
19:47:40.0319 25172 Spooler - ok
19:47:40.0381 25172 sprtsvc_dellsupportcenter - ok
19:47:40.0459 25172 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:47:40.0491 25172 srv - ok
19:47:40.0569 25172 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:47:40.0569 25172 srv2 - ok
19:47:40.0647 25172 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:47:40.0662 25172 srvnet - ok
19:47:40.0741 25172 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:47:40.0741 25172 SSDPSRV - ok
19:47:40.0866 25172 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:47:40.0866 25172 SstpSvc - ok
19:47:41.0053 25172 [ D294949451D2DBB3FF22BA352978D99D ] STacSV C:\Windows\system32\STacSV.exe
19:47:41.0053 25172 STacSV - ok
19:47:41.0209 25172 [ 3CFEA727795243364BB6A7F9A091FAA3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
19:47:41.0209 25172 STHDA - ok
19:47:41.0319 25172 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
19:47:41.0350 25172 stisvc - ok
19:47:41.0475 25172 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
19:47:41.0475 25172 stllssvr - ok
19:47:41.0616 25172 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:47:41.0647 25172 swenum - ok
19:47:41.0834 25172 [ 851681F7D3200E2A646C5EE4D4E9883D ] swmsflt C:\Windows\System32\drivers\swmsflt.sys
19:47:41.0834 25172 swmsflt - ok
19:47:41.0944 25172 [ 2F6F8B7F821C994DE3D1CAF399BF9CD3 ] SWNC8U56 C:\Windows\system32\DRIVERS\swnc8u56.sys
19:47:41.0944 25172 SWNC8U56 - ok
19:47:42.0037 25172 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
19:47:42.0037 25172 swprv - ok
19:47:42.0162 25172 [ 903A5E596A3910CEBFA33F3BD7D9C174 ] SWUMX56 C:\Windows\system32\DRIVERS\swumx56.sys
19:47:42.0162 25172 SWUMX56 - ok
19:47:42.0225 25172 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:47:42.0225 25172 Symc8xx - ok
19:47:42.0319 25172 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:47:42.0319 25172 Sym_hi - ok
19:47:42.0350 25172 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:47:42.0350 25172 Sym_u3 - ok
19:47:42.0491 25172 [ 451E8037E2EB6DA6BDF0A66F65D1810B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:47:42.0491 25172 SynTP - ok
19:47:42.0584 25172 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
19:47:42.0616 25172 SysMain - ok
19:47:42.0678 25172 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:47:42.0678 25172 TabletInputService - ok
19:47:42.0725 25172 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:47:42.0741 25172 TapiSrv - ok
19:47:42.0787 25172 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:47:42.0834 25172 TBS - ok
19:47:42.0897 25172 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:47:42.0912 25172 Tcpip - ok
19:47:42.0991 25172 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:47:43.0037 25172 Tcpip6 - ok
19:47:43.0069 25172 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:47:43.0069 25172 tcpipreg - ok
19:47:43.0116 25172 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:47:43.0116 25172 TDPIPE - ok
19:47:43.0162 25172 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:47:43.0194 25172 TDTCP - ok
19:47:43.0241 25172 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:47:43.0256 25172 tdx - ok
19:47:43.0303 25172 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:47:43.0303 25172 TermDD - ok
19:47:43.0397 25172 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
19:47:43.0428 25172 TermService - ok
19:47:43.0475 25172 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
19:47:43.0475 25172 Themes - ok
19:47:43.0553 25172 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:47:43.0553 25172 THREADORDER - ok
19:47:43.0631 25172 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:47:43.0631 25172 TrkWks - ok
19:47:43.0725 25172 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:47:43.0741 25172 TrustedInstaller - ok
19:47:43.0787 25172 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:47:43.0787 25172 tssecsrv - ok
19:47:43.0881 25172 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:47:43.0928 25172 tunmp - ok
19:47:43.0959 25172 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:47:43.0975 25172 tunnel - ok
19:47:44.0037 25172 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:47:44.0053 25172 uagp35 - ok
19:47:44.0116 25172 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:47:44.0131 25172 udfs - ok
19:47:44.0209 25172 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:47:44.0225 25172 UI0Detect - ok
19:47:44.0272 25172 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:47:44.0272 25172 uliagpkx - ok
19:47:44.0334 25172 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:47:44.0381 25172 uliahci - ok
19:47:44.0444 25172 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:47:44.0444 25172 UlSata - ok
19:47:44.0522 25172 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:47:44.0522 25172 ulsata2 - ok
19:47:44.0647 25172 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:47:44.0647 25172 umbus - ok
19:47:44.0709 25172 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:47:44.0741 25172 upnphost - ok
19:47:44.0881 25172 [ A7CD5B4ADEA26765CAB06BDAB7B07B13 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:47:44.0881 25172 usbccgp - ok
19:47:44.0928 25172 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:47:44.0928 25172 usbcir - ok
19:47:45.0053 25172 [ 686D4188AE36254C3008B71FEDACADF3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:47:45.0053 25172 usbehci - ok
19:47:45.0100 25172 [ 4E42F665A658F08D153F7FFFE7C83806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:47:45.0100 25172 usbhub - ok
19:47:45.0178 25172 [ D16C39CF6C1EC57614FBD8BD3EF2682D ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:47:45.0178 25172 usbohci - ok
19:47:45.0225 25172 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:47:45.0241 25172 usbprint - ok
19:47:45.0334 25172 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:47:45.0334 25172 usbscan - ok
19:47:45.0397 25172 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:47:45.0397 25172 USBSTOR - ok
19:47:45.0459 25172 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:47:45.0459 25172 usbuhci - ok
19:47:45.0553 25172 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
19:47:45.0553 25172 UxSms - ok
19:47:45.0616 25172 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
19:47:45.0631 25172 vds - ok
19:47:45.0756 25172 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:47:45.0756 25172 vga - ok
19:47:45.0819 25172 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:47:45.0819 25172 VgaSave - ok
19:47:45.0881 25172 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:47:45.0881 25172 viaagp - ok
19:47:45.0928 25172 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:47:45.0944 25172 ViaC7 - ok
19:47:46.0006 25172 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
19:47:46.0006 25172 viaide - ok
19:47:46.0069 25172 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:47:46.0084 25172 volmgr - ok
19:47:46.0147 25172 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:47:46.0178 25172 volmgrx - ok
19:47:46.0241 25172 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:47:46.0256 25172 volsnap - ok
19:47:46.0303 25172 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:47:46.0303 25172 vsmraid - ok
19:47:46.0428 25172 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
19:47:46.0459 25172 VSS - ok
19:47:46.0522 25172 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
19:47:46.0537 25172 W32Time - ok
19:47:46.0616 25172 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:47:46.0616 25172 WacomPen - ok
19:47:46.0694 25172 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:47:46.0694 25172 Wanarp - ok
19:47:46.0725 25172 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:47:46.0725 25172 Wanarpv6 - ok
19:47:46.0819 25172 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:47:46.0819 25172 wcncsvc - ok
19:47:46.0897 25172 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:47:46.0897 25172 WcsPlugInService - ok
19:47:47.0006 25172 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
19:47:47.0006 25172 Wd - ok
19:47:47.0241 25172 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:47:47.0256 25172 Wdf01000 - ok
19:47:47.0350 25172 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:47:47.0366 25172 WdiServiceHost - ok
19:47:47.0428 25172 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:47:47.0444 25172 WdiSystemHost - ok
19:47:47.0553 25172 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
19:47:47.0553 25172 WebClient - ok
19:47:47.0678 25172 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:47:47.0694 25172 Wecsvc - ok
19:47:47.0772 25172 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:47:47.0772 25172 wercplsupport - ok
19:47:47.0897 25172 [ 4081288554294F144E5A7D4EE20E3CE6 ] WerSvc C:\Windows\System32\WerSvc.dll
19:47:47.0912 25172 WerSvc - ok
19:47:48.0037 25172 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:47:48.0053 25172 winachsf - ok
19:47:48.0178 25172 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:47:48.0178 25172 WinDefend - ok
19:47:48.0241 25172 WinHttpAutoProxySvc - ok
19:47:48.0319 25172 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:47:48.0319 25172 Winmgmt - ok
19:47:48.0412 25172 [ 20FC93FDC916843CFDFCAA7A1B0DB16F ] WinRM C:\Windows\system32\WsmSvc.dll
19:47:48.0428 25172 WinRM - ok
19:47:48.0584 25172 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:47:48.0584 25172 Wlansvc - ok
19:47:48.0616 25172 wltrysvc - ok
19:47:48.0662 25172 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:47:48.0662 25172 WmiAcpi - ok
19:47:48.0709 25172 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:47:48.0725 25172 wmiApSrv - ok
19:47:48.0866 25172 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:47:48.0881 25172 WMPNetworkSvc - ok
19:47:48.0944 25172 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:47:48.0944 25172 WPCSvc - ok
19:47:48.0991 25172 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:47:48.0991 25172 WPDBusEnum - ok
19:47:49.0131 25172 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:47:49.0147 25172 WpdUsb - ok
19:47:49.0209 25172 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:47:49.0209 25172 ws2ifsl - ok
19:47:49.0256 25172 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
19:47:49.0272 25172 wscsvc - ok
19:47:49.0319 25172 WSearch - ok
19:47:49.0412 25172 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
19:47:49.0506 25172 wuauserv - ok
19:47:49.0662 25172 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:47:49.0662 25172 WUDFRd - ok
19:47:49.0741 25172 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:47:49.0741 25172 wudfsvc - ok
19:47:49.0834 25172 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
19:47:49.0834 25172 XAudio - ok
19:47:49.0912 25172 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
19:47:49.0912 25172 XAudioService - ok
19:47:50.0069 25172 ================ Scan global ===============================
19:47:50.0131 25172 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:47:50.0194 25172 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
19:47:50.0287 25172 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
19:47:50.0381 25172 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
19:47:50.0381 25172 [Global] - ok
19:47:50.0412 25172 ================ Scan MBR ==================================
19:47:50.0428 25172 [ 9711BF5A8929C6DBE3455A72C790BEF0 ] \Device\Harddisk0\DR0
19:47:50.0428 25172 Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:47:50.0491 25172 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
19:47:50.0491 25172 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
19:47:50.0506 25172 ================ Scan VBR ==================================
19:47:50.0522 25172 [ 8E06258498D1CC19212F2D57D3E0357A ] \Device\Harddisk0\DR0\Partition1
19:47:50.0522 25172 \Device\Harddisk0\DR0\Partition1 - ok
19:47:50.0569 25172 [ 586058479EC84E17A6024CC5BC95A7FD ] \Device\Harddisk0\DR0\Partition2
19:47:50.0569 25172 \Device\Harddisk0\DR0\Partition2 - ok
19:47:50.0616 25172 ============================================================
19:47:50.0616 25172 Scan finished
19:47:50.0616 25172 ============================================================
19:47:50.0616 25920 Detected object count: 1
19:47:50.0616 25920 Actual detected object count: 1
19:48:43.0287 25920 \Device\Harddisk0\DR0\# - copied to quarantine
19:48:43.0287 25920 \Device\Harddisk0\DR0 - copied to quarantine
19:48:43.0397 25920 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Quarantine
19:48:54.0662 14264 ============================================================
19:48:54.0662 14264 Scan started
19:48:54.0662 14264 Mode: Manual;
19:48:54.0662 14264 ============================================================
19:48:54.0881 14264 ================ Scan system memory ========================
19:48:54.0881 14264 System memory - ok
19:48:54.0881 14264 ================ Scan services =============================
19:48:55.0006 14264 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
19:48:55.0006 14264 ACPI - ok
19:48:55.0037 14264 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:48:55.0037 14264 adp94xx - ok
19:48:55.0069 14264 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:48:55.0069 14264 adpahci - ok
19:48:55.0100 14264 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:48:55.0100 14264 adpu160m - ok
19:48:55.0116 14264 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:48:55.0116 14264 adpu320 - ok
19:48:55.0162 14264 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:48:55.0162 14264 AeLookupSvc - ok
19:48:55.0209 14264 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
19:48:55.0209 14264 AFD - ok
19:48:55.0241 14264 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:48:55.0241 14264 agp440 - ok
19:48:55.0256 14264 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:48:55.0256 14264 aic78xx - ok
19:48:55.0272 14264 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:48:55.0272 14264 ALG - ok
19:48:55.0287 14264 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
19:48:55.0303 14264 aliide - ok
19:48:55.0303 14264 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:48:55.0303 14264 amdagp - ok
19:48:55.0319 14264 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
19:48:55.0319 14264 amdide - ok
19:48:55.0350 14264 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:48:55.0350 14264 AmdK7 - ok
19:48:55.0366 14264 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:48:55.0366 14264 AmdK8 - ok
19:48:55.0412 14264 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:48:55.0412 14264 Appinfo - ok
19:48:55.0444 14264 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
19:48:55.0444 14264 arc - ok
19:48:55.0459 14264 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:48:55.0459 14264 arcsas - ok
19:48:55.0475 14264 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:48:55.0475 14264 AsyncMac - ok
19:48:55.0491 14264 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
19:48:55.0491 14264 atapi - ok
19:48:55.0537 14264 [ CDAB1FB2AC6160EF35B44D6337A04DD4 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
19:48:55.0537 14264 Ati External Event Utility - ok
19:48:55.0569 14264 [ 4AA1EB65481C392955939E735D27118B ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:48:55.0569 14264 AtiPcie - ok
19:48:55.0741 14264 [ 1F50C6D8585F7639182DE7D8BC36C2C2 ] ATTRcAppSvc C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
19:48:55.0741 14264 ATTRcAppSvc - ok
19:48:55.0803 14264 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:48:55.0803 14264 AudioEndpointBuilder - ok
19:48:55.0819 14264 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:48:55.0819 14264 Audiosrv - ok
19:48:55.0834 14264 BCM42RLY - ok
19:48:55.0912 14264 [ CDF7F28FFD693B1B4137845DD1EF1CCC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
19:48:55.0912 14264 BCM43XX - ok
19:48:55.0944 14264 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
19:48:55.0944 14264 bcm4sbxp - ok
19:48:56.0006 14264 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:48:56.0006 14264 Beep - ok
19:48:56.0069 14264 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
19:48:56.0069 14264 BFE - ok
19:48:56.0178 14264 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
19:48:56.0178 14264 BITS - ok
19:48:56.0287 14264 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:48:56.0287 14264 blbdrive - ok
19:48:56.0366 14264 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:48:56.0381 14264 bowser - ok
19:48:56.0412 14264 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:48:56.0412 14264 BrFiltLo - ok
19:48:56.0475 14264 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:48:56.0475 14264 BrFiltUp - ok
19:48:56.0616 14264 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:48:56.0616 14264 Browser - ok
19:48:56.0694 14264 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:48:56.0694 14264 Brserid - ok
19:48:56.0803 14264 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:48:56.0803 14264 BrSerWdm - ok
19:48:56.0881 14264 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:48:56.0881 14264 BrUsbMdm - ok
19:48:56.0928 14264 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:48:56.0928 14264 BrUsbSer - ok
19:48:57.0006 14264 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:48:57.0006 14264 BTHMODEM - ok
19:48:57.0069 14264 [ 6D6778608453BA40DDB1A737957697BC ] CAATT C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe
19:48:57.0084 14264 CAATT - ok
19:48:57.0147 14264 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:48:57.0147 14264 cdfs - ok
19:48:57.0225 14264 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:48:57.0225 14264 cdrom - ok
19:48:57.0319 14264 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
19:48:57.0319 14264 CertPropSvc - ok
19:48:57.0366 14264 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
19:48:57.0366 14264 circlass - ok
19:48:57.0428 14264 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
19:48:57.0428 14264 CLFS - ok
19:48:57.0569 14264 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:48:57.0569 14264 clr_optimization_v2.0.50727_32 - ok
19:48:57.0647 14264 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:48:57.0756 14264 CmBatt - ok
19:48:57.0787 14264 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:48:57.0787 14264 cmdide - ok
19:48:57.0834 14264 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:48:57.0834 14264 Compbatt - ok
19:48:57.0881 14264 COMSysApp - ok
19:48:57.0897 14264 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:48:57.0897 14264 crcdisk - ok
19:48:57.0975 14264 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:48:57.0975 14264 Crusoe - ok
19:48:58.0053 14264 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:48:58.0053 14264 CryptSvc - ok
19:48:58.0131 14264 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:48:58.0131 14264 DcomLaunch - ok
19:48:58.0241 14264 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:48:58.0241 14264 DfsC - ok
19:48:58.0350 14264 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
19:48:58.0366 14264 DFSR - ok
19:48:58.0475 14264 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:48:58.0475 14264 Dhcp - ok
19:48:58.0522 14264 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
19:48:58.0522 14264 disk - ok
19:48:58.0600 14264 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:48:58.0600 14264 Dnscache - ok
19:48:58.0662 14264 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
19:48:58.0662 14264 dot3svc - ok
19:48:58.0725 14264 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:48:58.0741 14264 Dot4 - ok
19:48:58.0756 14264 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:48:58.0756 14264 Dot4Print - ok
19:48:58.0834 14264 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:48:58.0834 14264 dot4usb - ok
19:48:58.0944 14264 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:48:58.0944 14264 DPS - ok
19:48:59.0006 14264 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:48:59.0006 14264 drmkaud - ok
19:48:59.0100 14264 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:48:59.0100 14264 DXGKrnl - ok
19:48:59.0209 14264 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
19:48:59.0209 14264 e1express - ok
19:48:59.0319 14264 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:48:59.0319 14264 E1G60 - ok
19:48:59.0475 14264 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:48:59.0475 14264 EapHost - ok
19:48:59.0600 14264 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:48:59.0600 14264 Ecache - ok
19:48:59.0709 14264 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:48:59.0709 14264 elxstor - ok
19:48:59.0850 14264 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:48:59.0850 14264 EMDMgmt - ok
19:48:59.0944 14264 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:48:59.0944 14264 ErrDev - ok
19:49:00.0147 14264 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
19:49:00.0147 14264 EventSystem - ok
19:49:00.0209 14264 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
19:49:00.0209 14264 exfat - ok
19:49:00.0272 14264 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:49:00.0287 14264 fastfat - ok
19:49:00.0334 14264 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:49:00.0334 14264 fdc - ok
19:49:00.0412 14264 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:49:00.0412 14264 fdPHost - ok
19:49:00.0444 14264 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:49:00.0444 14264 FDResPub - ok
19:49:00.0506 14264 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:49:00.0506 14264 FileInfo - ok
19:49:00.0647 14264 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:49:00.0725 14264 Filetrace - ok
19:49:00.0756 14264 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:49:00.0756 14264 flpydisk - ok
19:49:00.0787 14264 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:49:00.0787 14264 FltMgr - ok
19:49:00.0928 14264 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:49:00.0944 14264 FontCache3.0.0.0 - ok
19:49:00.0975 14264 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:49:00.0975 14264 Fs_Rec - ok
19:49:01.0037 14264 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:49:01.0037 14264 gagp30kx - ok
19:49:01.0131 14264 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
19:49:01.0194 14264 gpsvc - ok
19:49:01.0272 14264 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9b89a511223e2 C:\Program Files\Google\Update\GoogleUpdate.exe
19:49:01.0287 14264 gupdate1c9b89a511223e2 - ok
19:49:01.0303 14264 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:49:01.0303 14264 gupdatem - ok
19:49:01.0397 14264 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:49:01.0397 14264 gusvc - ok
19:49:01.0459 14264 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:49:01.0459 14264 HdAudAddService - ok
19:49:01.0522 14264 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:49:01.0522 14264 HDAudBus - ok
19:49:01.0600 14264 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:49:01.0600 14264 HidBth - ok
19:49:01.0694 14264 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:49:01.0694 14264 HidIr - ok
19:49:01.0803 14264 [ 53D5A2F9CE6AE47D7507727DF1DA79F8 ] hidserv C:\Windows\system32\hidserv.dll
19:49:01.0803 14264 hidserv - ok
19:49:01.0834 14264 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:49:01.0834 14264 HidUsb - ok
19:49:01.0944 14264 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:49:01.0944 14264 hkmsvc - ok
19:49:01.0991 14264 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:49:01.0991 14264 HpCISSs - ok
19:49:02.0147 14264 [ ED377B3C83FDEA8D906109A085D219BA ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:49:02.0147 14264 hpqcxs08 - ok
19:49:02.0241 14264 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:49:02.0241 14264 hpqddsvc - ok
19:49:02.0319 14264 [ 99F85640054BA65190B860D878A7C9AE ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:49:02.0319 14264 HSF_DPV - ok
19:49:02.0412 14264 [ CFBC2B81972E298F0E19EE68FA9E73DA ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:49:02.0412 14264 HSXHWAZL - ok
19:49:02.0506 14264 [ 33B02459E86D0A2B86A6B9FE19139390 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:49:02.0506 14264 HTTP - ok
19:49:02.0553 14264 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:49:02.0553 14264 i2omp - ok
19:49:02.0631 14264 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:49:02.0678 14264 i8042prt - ok
19:49:02.0709 14264 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:49:02.0709 14264 iaStorV - ok
19:49:02.0834 14264 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:49:02.0850 14264 idsvc - ok
19:49:02.0928 14264 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:49:02.0928 14264 iirsp - ok
19:49:03.0053 14264 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
19:49:03.0053 14264 IKEEXT - ok
19:49:03.0131 14264 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:49:03.0131 14264 intelide - ok
19:49:03.0194 14264 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:49:03.0194 14264 intelppm - ok
19:49:03.0287 14264 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:49:03.0287 14264 IPBusEnum - ok
19:49:03.0319 14264 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:49:03.0319 14264 IpFilterDriver - ok
19:49:03.0412 14264 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:49:03.0412 14264 iphlpsvc - ok
19:49:03.0459 14264 IpInIp - ok
19:49:03.0506 14264 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:49:03.0506 14264 IPMIDRV - ok
19:49:03.0584 14264 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:49:03.0584 14264 IPNAT - ok
19:49:03.0662 14264 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:49:03.0662 14264 IRENUM - ok
19:49:03.0741 14264 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:49:03.0741 14264 isapnp - ok
19:49:03.0787 14264 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:49:03.0787 14264 iScsiPrt - ok
19:49:03.0897 14264 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:49:03.0897 14264 iteatapi - ok
19:49:03.0928 14264 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:49:03.0928 14264 iteraid - ok
19:49:03.0991 14264 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:49:03.0991 14264 kbdclass - ok
19:49:04.0053 14264 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:49:04.0053 14264 kbdhid - ok
19:49:04.0131 14264 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
19:49:04.0131 14264 KeyIso - ok
19:49:04.0194 14264 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:49:04.0209 14264 KSecDD - ok
19:49:04.0287 14264 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:49:04.0287 14264 KtmRm - ok
19:49:04.0381 14264 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:49:04.0397 14264 LanmanServer - ok
19:49:04.0444 14264 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:49:04.0444 14264 LanmanWorkstation - ok
19:49:04.0506 14264 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:49:04.0506 14264 lltdio - ok
19:49:04.0616 14264 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:49:04.0616 14264 lltdsvc - ok
19:49:04.0709 14264 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:49:04.0709 14264 lmhosts - ok
19:49:04.0772 14264 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:49:04.0772 14264 LSI_FC - ok
19:49:04.0819 14264 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:49:04.0819 14264 LSI_SAS - ok
19:49:04.0897 14264 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:49:04.0897 14264 LSI_SCSI - ok
19:49:04.0975 14264 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:49:04.0975 14264 luafv - ok
19:49:05.0053 14264 [ 5F001FCF8166464B850ECA3A6A4187D7 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
19:49:05.0053 14264 MBAMSwissArmy - ok
19:49:05.0116 14264 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:49:05.0116 14264 mdmxsdk - ok
19:49:05.0225 14264 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
19:49:05.0225 14264 megasas - ok
19:49:05.0381 14264 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:49:05.0397 14264 MegaSR - ok
19:49:05.0522 14264 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:49:05.0522 14264 MMCSS - ok
19:49:05.0616 14264 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:49:05.0616 14264 Modem - ok
19:49:05.0709 14264 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:49:05.0709 14264 monitor - ok
19:49:05.0881 14264 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:49:05.0881 14264 mouclass - ok
19:49:05.0959 14264 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:49:05.0959 14264 mouhid - ok
19:49:06.0069 14264 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:49:06.0069 14264 MountMgr - ok
19:49:06.0209 14264 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
19:49:06.0209 14264 mpio - ok
19:49:06.0256 14264 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:49:06.0256 14264 mpsdrv - ok
19:49:06.0366 14264 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
19:49:06.0366 14264 MpsSvc - ok
19:49:06.0412 14264 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:49:06.0412 14264 Mraid35x - ok
19:49:06.0475 14264 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:49:06.0475 14264 MRxDAV - ok
19:49:06.0569 14264 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:49:06.0569 14264 mrxsmb - ok
19:49:06.0678 14264 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:49:06.0803 14264 mrxsmb10 - ok
19:49:06.0866 14264 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:49:06.0866 14264 mrxsmb20 - ok
19:49:06.0944 14264 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
19:49:06.0944 14264 msahci - ok
19:49:06.0991 14264 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:49:06.0991 14264 msdsm - ok
19:49:07.0069 14264 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:49:07.0069 14264 MSDTC - ok
19:49:07.0116 14264 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:49:07.0116 14264 Msfs - ok
19:49:07.0162 14264 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:49:07.0162 14264 msisadrv - ok
19:49:07.0256 14264 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:49:07.0256 14264 MSiSCSI - ok
19:49:07.0303 14264 msiserver - ok
19:49:07.0334 14264 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:49:07.0334 14264 MSKSSRV - ok
19:49:07.0397 14264 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:49:07.0397 14264 MSPCLOCK - ok
19:49:07.0459 14264 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:49:07.0459 14264 MSPQM - ok
19:49:07.0537 14264 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:49:07.0537 14264 MsRPC - ok
19:49:07.0584 14264 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:49:07.0584 14264 mssmbios - ok
19:49:07.0647 14264 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:49:07.0647 14264 MSTEE - ok
19:49:07.0741 14264 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
19:49:07.0741 14264 Mup - ok
19:49:07.0819 14264 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
19:49:07.0834 14264 napagent - ok
19:49:07.0897 14264 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:49:07.0897 14264 NativeWifiP - ok
19:49:07.0975 14264 [ C8560010A542B5DCA94C62468DC20784 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:49:07.0991 14264 NDIS - ok
19:49:08.0069 14264 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:49:08.0069 14264 NdisTapi - ok
19:49:08.0100 14264 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:49:08.0100 14264 Ndisuio - ok
19:49:08.0178 14264 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:49:08.0178 14264 NdisWan - ok
19:49:08.0241 14264 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:49:08.0241 14264 NDProxy - ok
19:49:08.0334 14264 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:49:08.0334 14264 Net Driver HPZ12 - ok
19:49:08.0428 14264 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:49:08.0428 14264 NetBIOS - ok
19:49:08.0444 14264 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:49:08.0459 14264 netbt - ok
19:49:08.0522 14264 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
19:49:08.0522 14264 Netlogon - ok
19:49:08.0600 14264 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:49:08.0600 14264 Netman - ok
19:49:08.0678 14264 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:49:08.0678 14264 netprofm - ok
19:49:08.0787 14264 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:49:08.0787 14264 NetTcpPortSharing - ok
19:49:08.0850 14264 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:49:08.0850 14264 nfrd960 - ok
19:49:08.0928 14264 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:49:08.0928 14264 NlaSvc - ok
19:49:08.0991 14264 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:49:08.0991 14264 Npfs - ok
19:49:09.0053 14264 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:49:09.0053 14264 nsi - ok
19:49:09.0116 14264 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:49:09.0116 14264 nsiproxy - ok
19:49:09.0241 14264 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:49:09.0256 14264 Ntfs - ok
19:49:09.0303 14264 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:49:09.0303 14264 ntrigdigi - ok
19:49:09.0381 14264 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:49:09.0381 14264 Null - ok
19:49:09.0459 14264 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:49:09.0459 14264 nvraid - ok
19:49:09.0491 14264 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:49:09.0491 14264 nvstor - ok
19:49:09.0662 14264 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:49:09.0741 14264 nv_agp - ok
19:49:09.0741 14264 NwlnkFlt - ok
19:49:09.0756 14264 NwlnkFwd - ok
19:49:09.0803 14264 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:49:09.0803 14264 ohci1394 - ok
19:49:09.0881 14264 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:49:09.0881 14264 ose - ok
19:49:09.0975 14264 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:49:09.0991 14264 p2pimsvc - ok
19:49:10.0069 14264 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
19:49:10.0084 14264 p2psvc - ok
19:49:10.0147 14264 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:49:10.0147 14264 Parport - ok
19:49:10.0209 14264 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:49:10.0209 14264 partmgr - ok
19:49:10.0272 14264 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:49:10.0272 14264 Parvdm - ok
19:49:10.0350 14264 [ 1961590AA191B6B7DCF18A6A693AF7B8 ] PCASp50 C:\Windows\system32\Drivers\PCASp50.sys
19:49:10.0350 14264 PCASp50 - ok
19:49:10.0381 14264 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:49:10.0397 14264 PcaSvc - ok
19:49:10.0491 14264 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
19:49:10.0491 14264 pci - ok
19:49:10.0553 14264 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
19:49:10.0569 14264 pciide - ok
19:49:10.0631 14264 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:49:10.0647 14264 pcmcia - ok
19:49:10.0694 14264 [ 351BD8C80B2C411EA5A122FCFED4D7C8 ] PCTINDIS5 C:\Windows\system32\PCTINDIS5.SYS
19:49:10.0694 14264 PCTINDIS5 - ok
19:49:10.0787 14264 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:49:10.0819 14264 PEAUTH - ok
19:49:10.0912 14264 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:49:10.0928 14264 pla - ok
19:49:11.0053 14264 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:49:11.0053 14264 PlugPlay - ok
19:49:11.0131 14264 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:49:11.0131 14264 Pml Driver HPZ12 - ok
19:49:11.0241 14264 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:49:11.0256 14264 PNRPAutoReg - ok
19:49:11.0366 14264 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:49:11.0366 14264 PNRPsvc - ok
19:49:11.0553 14264 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:49:11.0553 14264 PolicyAgent - ok
19:49:11.0662 14264 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:49:11.0662 14264 PptpMiniport - ok
19:49:11.0741 14264 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
19:49:11.0741 14264 Processor - ok
19:49:11.0866 14264 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
19:49:11.0881 14264 ProfSvc - ok
19:49:11.0959 14264 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:49:11.0959 14264 ProtectedStorage - ok
19:49:12.0069 14264 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:49:12.0069 14264 PSched - ok
19:49:12.0241 14264 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
19:49:12.0241 14264 PxHelp20 - ok
19:49:12.0444 14264 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:49:12.0459 14264 ql2300 - ok
19:49:12.0491 14264 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:49:12.0491 14264 ql40xx - ok
19:49:12.0584 14264 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:49:12.0584 14264 QWAVE - ok
19:49:12.0709 14264 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:49:12.0709 14264 QWAVEdrv - ok
19:49:12.0803 14264 [ 554685122B4F973E21D66C2BAAF29543 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
19:49:12.0834 14264 R300 - ok
19:49:12.0850 14264 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:49:12.0850 14264 RasAcd - ok
19:49:12.0912 14264 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:49:12.0928 14264 RasAuto - ok
19:49:12.0991 14264 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:49:12.0991 14264 Rasl2tp - ok
19:49:13.0037 14264 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
19:49:13.0053 14264 RasMan - ok
19:49:13.0147 14264 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:49:13.0147 14264 RasPppoe - ok
19:49:13.0178 14264 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:49:13.0178 14264 RasSstp - ok
19:49:13.0241 14264 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:49:13.0241 14264 rdbss - ok
19:49:13.0319 14264 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:49:13.0319 14264 RDPCDD - ok
19:49:13.0381 14264 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:49:13.0381 14264 rdpdr - ok
19:49:13.0428 14264 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:49:13.0428 14264 RDPENCDD - ok
19:49:13.0522 14264 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:49:13.0522 14264 RDPWD - ok
19:49:13.0616 14264 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:49:13.0616 14264 RemoteAccess - ok
19:49:13.0694 14264 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:49:13.0694 14264 RemoteRegistry - ok
19:49:13.0803 14264 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
19:49:13.0803 14264 rimmptsk - ok
19:49:13.0866 14264 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\Windows\system32\drivers\rimsptsk.sys
19:49:13.0866 14264 rimsptsk - ok
19:49:13.0944 14264 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
19:49:13.0944 14264 RimVSerPort - ok
19:49:13.0991 14264 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\drivers\rixdptsk.sys
19:49:13.0991 14264 rismxdp - ok
19:49:14.0069 14264 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
19:49:14.0069 14264 ROOTMODEM - ok
19:49:14.0131 14264 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:49:14.0131 14264 RpcLocator - ok
19:49:14.0194 14264 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
19:49:14.0194 14264 RpcSs - ok
19:49:14.0303 14264 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:49:14.0303 14264 rspndr - ok
19:49:14.0350 14264 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
19:49:14.0350 14264 SamSs - ok
19:49:14.0428 14264 [ BFBC4BE8D6AC6D33AD93F3F5F2E11499 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:49:14.0444 14264 SASDIFSV - ok
19:49:14.0475 14264 [ E9C2D75C748C3F0A4C34D6CF2AE1D754 ] SASENUM C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
19:49:14.0475 14264 SASENUM - ok
19:49:14.0569 14264 [ 4731A1B8A79B19CAD8E2CFDC7B7D82D4 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
19:49:14.0584 14264 SASKUTIL - ok
19:49:14.0647 14264 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:49:14.0647 14264 sbp2port - ok
19:49:14.0725 14264 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:49:14.0725 14264 SCardSvr - ok
19:49:14.0803 14264 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
19:49:14.0803 14264 Schedule - ok
19:49:14.0912 14264 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
19:49:14.0912 14264 SCPolicySvc - ok
19:49:14.0944 14264 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:49:14.0944 14264 sdbus - ok
19:49:14.0975 14264 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:49:14.0975 14264 SDRSVC - ok
19:49:15.0069 14264 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:49:15.0069 14264 secdrv - ok
19:49:15.0116 14264 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:49:15.0116 14264 seclogon - ok
19:49:15.0194 14264 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:49:15.0194 14264 SENS - ok
19:49:15.0225 14264 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:49:15.0241 14264 Serenum - ok
19:49:15.0334 14264 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:49:15.0334 14264 Serial - ok
19:49:15.0366 14264 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:49:15.0366 14264 sermouse - ok
19:49:15.0444 14264 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:49:15.0444 14264 SessionEnv - ok
19:49:15.0522 14264 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:49:15.0522 14264 sffdisk - ok
19:49:15.0569 14264 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:49:15.0584 14264 sffp_mmc - ok
19:49:15.0647 14264 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:49:15.0647 14264 sffp_sd - ok
19:49:15.0741 14264 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:49:15.0756 14264 sfloppy - ok
19:49:15.0834 14264 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:49:15.0850 14264 SharedAccess - ok
19:49:15.0897 14264 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:49:15.0912 14264 ShellHWDetection - ok
19:49:15.0944 14264 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:49:15.0944 14264 sisagp - ok
19:49:16.0022 14264 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:49:16.0022 14264 SiSRaid2 - ok
19:49:16.0116 14264 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:49:16.0116 14264 SiSRaid4 - ok
19:49:16.0256 14264 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
19:49:16.0319 14264 slsvc - ok
19:49:16.0350 14264 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:49:16.0350 14264 SLUINotify - ok
19:49:16.0412 14264 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:49:16.0412 14264 Smb - ok
19:49:16.0491 14264 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:49:16.0491 14264 SNMPTRAP - ok
19:49:16.0553 14264 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:49:16.0553 14264 spldr - ok
19:49:16.0647 14264 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
19:49:16.0647 14264 Spooler - ok
19:49:16.0709 14264 sprtsvc_dellsupportcenter - ok
19:49:16.0803 14264 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:49:16.0803 14264 srv - ok
19:49:16.0866 14264 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:49:16.0866 14264 srv2 - ok
19:49:16.0897 14264 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:49:16.0897 14264 srvnet - ok
19:49:16.0991 14264 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:49:16.0991 14264 SSDPSRV - ok
19:49:17.0084 14264 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:49:17.0100 14264 SstpSvc - ok
19:49:17.0194 14264 [ D294949451D2DBB3FF22BA352978D99D ] STacSV C:\Windows\system32\STacSV.exe
19:49:17.0209 14264 STacSV - ok
19:49:17.0287 14264 [ 3CFEA727795243364BB6A7F9A091FAA3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
19:49:17.0303 14264 STHDA - ok
19:49:17.0428 14264 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
19:49:17.0444 14264 stisvc - ok
19:49:17.0569 14264 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
19:49:17.0584 14264 stllssvr - ok
19:49:17.0678 14264 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:49:17.0678 14264 swenum - ok
19:49:17.0787 14264 [ 851681F7D3200E2A646C5EE4D4E9883D ] swmsflt C:\Windows\System32\drivers\swmsflt.sys
19:49:17.0787 14264 swmsflt - ok
19:49:17.0897 14264 [ 2F6F8B7F821C994DE3D1CAF399BF9CD3 ] SWNC8U56 C:\Windows\system32\DRIVERS\swnc8u56.sys
19:49:17.0897 14264 SWNC8U56 - ok
19:49:18.0022 14264 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
19:49:18.0022 14264 swprv - ok
19:49:18.0100 14264 [ 903A5E596A3910CEBFA33F3BD7D9C174 ] SWUMX56 C:\Windows\system32\DRIVERS\swumx56.sys
19:49:18.0100 14264 SWUMX56 - ok
19:49:18.0272 14264 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:49:18.0272 14264 Symc8xx - ok
19:49:18.0287 14264 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:49:18.0287 14264 Sym_hi - ok
19:49:18.0366 14264 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:49:18.0366 14264 Sym_u3 - ok
19:49:18.0459 14264 [ 451E8037E2EB6DA6BDF0A66F65D1810B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:49:18.0475 14264 SynTP - ok
19:49:18.0522 14264 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
19:49:18.0537 14264 SysMain - ok
19:49:18.0631 14264 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:49:18.0631 14264 TabletInputService - ok
19:49:18.0694 14264 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:49:18.0694 14264 TapiSrv - ok
19:49:18.0756 14264 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:49:18.0756 14264 TBS - ok
19:49:18.0850 14264 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:49:18.0912 14264 Tcpip - ok
19:49:18.0944 14264 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:49:18.0944 14264 Tcpip6 - ok
19:49:19.0022 14264 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:49:19.0022 14264 tcpipreg - ok
19:49:19.0069 14264 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:49:19.0069 14264 TDPIPE - ok
19:49:19.0178 14264 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:49:19.0178 14264 TDTCP - ok
19:49:19.0225 14264 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:49:19.0241 14264 tdx - ok
19:49:19.0287 14264 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:49:19.0287 14264 TermDD - ok
19:49:19.0381 14264 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
19:49:19.0397 14264 TermService - ok
19:49:19.0444 14264 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
19:49:19.0444 14264 Themes - ok
19:49:19.0569 14264 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:49:19.0569 14264 THREADORDER - ok
19:49:19.0600 14264 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:49:19.0600 14264 TrkWks - ok
19:49:19.0694 14264 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:49:19.0694 14264 TrustedInstaller - ok
19:49:19.0756 14264 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:49:19.0756 14264 tssecsrv - ok
19:49:19.0834 14264 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:49:19.0834 14264 tunmp - ok
19:49:19.0897 14264 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:49:19.0897 14264 tunnel - ok
19:49:19.0959 14264 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:49:19.0975 14264 uagp35 - ok
19:49:20.0053 14264 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:49:20.0053 14264 udfs - ok
19:49:20.0147 14264 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:49:20.0147 14264 UI0Detect - ok
19:49:20.0194 14264 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:49:20.0194 14264 uliagpkx - ok
19:49:20.0256 14264 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:49:20.0256 14264 uliahci - ok
19:49:20.0319 14264 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:49:20.0319 14264 UlSata - ok
19:49:20.0428 14264 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:49:20.0428 14264 ulsata2 - ok
19:49:20.0491 14264 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:49:20.0491 14264 umbus - ok
19:49:20.0537 14264 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:49:20.0553 14264 upnphost - ok
19:49:20.0616 14264 [ A7CD5B4ADEA26765CAB06BDAB7B07B13 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:49:20.0616 14264 usbccgp - ok
19:49:20.0662 14264 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:49:20.0662 14264 usbcir - ok
19:49:20.0725 14264 [ 686D4188AE36254C3008B71FEDACADF3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:49:20.0725 14264 usbehci - ok
19:49:20.0850 14264 [ 4E42F665A658F08D153F7FFFE7C83806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:49:20.0850 14264 usbhub - ok
19:49:20.0897 14264 [ D16C39CF6C1EC57614FBD8BD3EF2682D ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:49:20.0897 14264 usbohci - ok
19:49:20.0959 14264 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:49:20.0959 14264 usbprint - ok
19:49:21.0022 14264 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:49:21.0022 14264 usbscan - ok
19:49:21.0084 14264 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:49:21.0100 14264 USBSTOR - ok
19:49:21.0162 14264 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:49:21.0162 14264 usbuhci - ok
19:49:21.0225 14264 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
19:49:21.0225 14264 UxSms - ok
19:49:21.0334 14264 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
19:49:21.0350 14264 vds - ok
19:49:21.0397 14264 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:49:21.0397 14264 vga - ok
19:49:21.0475 14264 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:49:21.0475 14264 VgaSave - ok
19:49:21.0537 14264 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:49:21.0537 14264 viaagp - ok
19:49:21.0600 14264 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:49:21.0600 14264 ViaC7 - ok
19:49:21.0694 14264 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
19:49:21.0694 14264 viaide - ok
19:49:21.0819 14264 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:49:21.0819 14264 volmgr - ok
19:49:21.0866 14264 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:49:21.0866 14264 volmgrx - ok
19:49:21.0928 14264 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:49:21.0944 14264 volsnap - ok
19:49:22.0022 14264 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:49:22.0022 14264 vsmraid - ok
19:49:22.0131 14264 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
19:49:22.0162 14264 VSS - ok
19:49:22.0194 14264 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
19:49:22.0194 14264 W32Time - ok
19:49:22.0272 14264 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:49:22.0272 14264 WacomPen - ok
19:49:22.0334 14264 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:49:22.0334 14264 Wanarp - ok
19:49:22.0381 14264 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:49:22.0381 14264 Wanarpv6 - ok
19:49:22.0491 14264 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:49:22.0491 14264 wcncsvc - ok
19:49:22.0616 14264 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:49:22.0616 14264 WcsPlugInService - ok
19:49:22.0678 14264 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
19:49:22.0678 14264 Wd - ok
19:49:22.0756 14264 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:49:22.0756 14264 Wdf01000 - ok
19:49:22.0819 14264 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:49:22.0819 14264 WdiServiceHost - ok
19:49:22.0881 14264 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:49:22.0881 14264 WdiSystemHost - ok
19:49:22.0991 14264 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
19:49:22.0991 14264 WebClient - ok
19:49:23.0069 14264 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:49:23.0069 14264 Wecsvc - ok
19:49:23.0131 14264 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:49:23.0131 14264 wercplsupport - ok
19:49:23.0272 14264 [ 4081288554294F144E5A7D4EE20E3CE6 ] WerSvc C:\Windows\System32\WerSvc.dll
19:49:23.0287 14264 WerSvc - ok
19:49:23.0459 14264 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:49:23.0475 14264 winachsf - ok
19:49:23.0631 14264 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:49:23.0631 14264 WinDefend - ok
19:49:23.0709 14264 WinHttpAutoProxySvc - ok
19:49:23.0803 14264 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:49:23.0803 14264 Winmgmt - ok
19:49:23.0928 14264 [ 20FC93FDC916843CFDFCAA7A1B0DB16F ] WinRM C:\Windows\system32\WsmSvc.dll
19:49:23.0944 14264 WinRM - ok
19:49:24.0100 14264 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:49:24.0100 14264 Wlansvc - ok
19:49:24.0178 14264 wltrysvc - ok
19:49:24.0287 14264 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:49:24.0287 14264 WmiAcpi - ok
19:49:24.0350 14264 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:49:24.0350 14264 wmiApSrv - ok
19:49:24.0491 14264 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:49:24.0506 14264 WMPNetworkSvc - ok
19:49:24.0616 14264 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:49:24.0616 14264 WPCSvc - ok
19:49:24.0694 14264 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:49:24.0694 14264 WPDBusEnum - ok
19:49:24.0725 14264 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:49:24.0725 14264 WpdUsb - ok
19:49:24.0803 14264 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:49:24.0803 14264 ws2ifsl - ok
19:49:24.0850 14264 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
19:49:24.0850 14264 wscsvc - ok
19:49:24.0897 14264 WSearch - ok
19:49:25.0053 14264 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
19:49:25.0069 14264 wuauserv - ok
19:49:25.0100 14264 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:49:25.0100 14264 WUDFRd - ok
19:49:25.0194 14264 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:49:25.0194 14264 wudfsvc - ok
19:49:25.0225 14264 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
19:49:25.0225 14264 XAudio - ok
19:49:25.0287 14264 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
19:49:25.0287 14264 XAudioService - ok
19:49:25.0366 14264 ================ Scan global ===============================
19:49:25.0428 14264 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:49:25.0553 14264 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
19:49:25.0600 14264 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
19:49:25.0694 14264 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
19:49:25.0694 14264 [Global] - ok
19:49:25.0756 14264 ================ Scan MBR ==================================
19:49:25.0772 14264 [ 9711BF5A8929C6DBE3455A72C790BEF0 ] \Device\Harddisk0\DR0
19:49:25.0772 14264 Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:49:25.0819 14264 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
19:49:25.0834 14264 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
19:49:25.0850 14264 ================ Scan VBR ==================================
19:49:25.0866 14264 [ 8E06258498D1CC19212F2D57D3E0357A ] \Device\Harddisk0\DR0\Partition1
19:49:25.0866 14264 \Device\Harddisk0\DR0\Partition1 - ok
19:49:25.0912 14264 [ 586058479EC84E17A6024CC5BC95A7FD ] \Device\Harddisk0\DR0\Partition2
19:49:25.0959 14264 \Device\Harddisk0\DR0\Partition2 - ok
19:49:25.0959 14264 ============================================================
19:49:25.0959 14264 Scan finished
19:49:25.0959 14264 ============================================================
19:49:25.0991 22480 Detected object count: 1
19:49:25.0991 22480 Actual detected object count: 1
19:49:43.0600 22480 \Device\Harddisk0\DR0\# - copied to quarantine
19:49:43.0600 22480 \Device\Harddisk0\DR0 - copied to quarantine
19:49:43.0678 22480 \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Quarantine
19:50:27.0241 25352 Deinitialize success
  • 0

#6
khphoto1
Posted 01 July 2013 - 06:50 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Second TDSS:

01:13:18.0777 3388 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
01:13:19.0309 3388 ============================================================
01:13:19.0309 3388 Current date / time: 2013/06/29 01:13:19.0309
01:13:19.0309 3388 SystemInfo:
01:13:19.0309 3388
01:13:19.0309 3388 OS Version: 6.0.6001 ServicePack: 1.0
01:13:19.0309 3388 Product type: Workstation
01:13:19.0309 3388 ComputerName: USER-PC
01:13:19.0309 3388 UserName: User
01:13:19.0309 3388 Windows directory: C:\Windows
01:13:19.0309 3388 System windows directory: C:\Windows
01:13:19.0309 3388 Processor architecture: Intel x86
01:13:19.0309 3388 Number of processors: 1
01:13:19.0309 3388 Page size: 0x1000
01:13:19.0309 3388 Boot type: Normal boot
01:13:19.0309 3388 ============================================================
01:13:24.0012 3388 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
01:13:24.0012 3388 ============================================================
01:13:24.0012 3388 \Device\Harddisk0\DR0:
01:13:24.0012 3388 MBR partitions:
01:13:24.0012 3388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x1400000
01:13:24.0012 3388 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x142F800, BlocksNum 0x80DF800
01:13:24.0012 3388 ============================================================
01:13:24.0059 3388 C: <-> \Device\Harddisk0\DR0\Partition2
01:13:24.0199 3388 D: <-> \Device\Harddisk0\DR0\Partition1
01:13:24.0199 3388 ============================================================
01:13:24.0199 3388 Initialize success
01:13:24.0199 3388 ============================================================
01:13:56.0231 4840 ============================================================
01:13:56.0231 4840 Scan started
01:13:56.0231 4840 Mode: Manual;
01:13:56.0231 4840 ============================================================
01:13:56.0668 4840 ================ Scan system memory ========================
01:13:56.0668 4840 System memory - ok
01:13:56.0668 4840 ================ Scan services =============================
01:13:57.0027 4840 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
01:13:57.0027 4840 ACPI - ok
01:13:57.0090 4840 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:13:57.0106 4840 adp94xx - ok
01:13:57.0137 4840 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:13:57.0152 4840 adpahci - ok
01:13:57.0168 4840 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
01:13:57.0168 4840 adpu160m - ok
01:13:57.0199 4840 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:13:57.0199 4840 adpu320 - ok
01:13:57.0262 4840 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:13:57.0262 4840 AeLookupSvc - ok
01:13:57.0387 4840 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
01:13:57.0402 4840 AFD - ok
01:13:57.0496 4840 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:13:57.0496 4840 agp440 - ok
01:13:57.0543 4840 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
01:13:57.0543 4840 aic78xx - ok
01:13:57.0590 4840 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
01:13:57.0590 4840 ALG - ok
01:13:57.0621 4840 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
01:13:57.0621 4840 aliide - ok
01:13:57.0652 4840 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
01:13:57.0652 4840 amdagp - ok
01:13:57.0668 4840 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
01:13:57.0668 4840 amdide - ok
01:13:57.0699 4840 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
01:13:57.0699 4840 AmdK7 - ok
01:13:57.0715 4840 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:13:57.0715 4840 AmdK8 - ok
01:13:57.0762 4840 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
01:13:57.0762 4840 Appinfo - ok
01:13:57.0809 4840 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
01:13:57.0809 4840 arc - ok
01:13:57.0840 4840 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:13:57.0856 4840 arcsas - ok
01:13:57.0902 4840 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:13:57.0918 4840 AsyncMac - ok
01:13:57.0949 4840 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
01:13:57.0949 4840 atapi - ok
01:13:58.0121 4840 [ CDAB1FB2AC6160EF35B44D6337A04DD4 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
01:13:58.0137 4840 Ati External Event Utility - ok
01:13:58.0277 4840 [ 4AA1EB65481C392955939E735D27118B ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
01:13:58.0277 4840 AtiPcie - ok
01:13:58.0512 4840 [ 1F50C6D8585F7639182DE7D8BC36C2C2 ] ATTRcAppSvc C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
01:13:58.0699 4840 ATTRcAppSvc - ok
01:13:58.0777 4840 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:13:58.0777 4840 AudioEndpointBuilder - ok
01:13:58.0793 4840 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
01:13:58.0809 4840 Audiosrv - ok
01:13:58.0840 4840 BCM42RLY - ok
01:13:58.0902 4840 [ CDF7F28FFD693B1B4137845DD1EF1CCC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
01:13:58.0918 4840 BCM43XX - ok
01:13:58.0965 4840 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
01:13:58.0965 4840 bcm4sbxp - ok
01:13:59.0012 4840 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
01:13:59.0027 4840 Beep - ok
01:13:59.0090 4840 [ D3E6D78285529962349A7F1617035938 ] BFE C:\Windows\System32\bfe.dll
01:13:59.0090 4840 BFE - ok
01:13:59.0293 4840 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
01:13:59.0324 4840 BITS - ok
01:13:59.0402 4840 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
01:13:59.0434 4840 blbdrive - ok
01:13:59.0465 4840 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:13:59.0465 4840 bowser - ok
01:13:59.0512 4840 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
01:13:59.0512 4840 BrFiltLo - ok
01:13:59.0543 4840 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
01:13:59.0543 4840 BrFiltUp - ok
01:13:59.0590 4840 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
01:13:59.0606 4840 Browser - ok
01:13:59.0684 4840 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
01:13:59.0684 4840 Brserid - ok
01:13:59.0731 4840 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
01:13:59.0746 4840 BrSerWdm - ok
01:13:59.0777 4840 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
01:13:59.0793 4840 BrUsbMdm - ok
01:13:59.0809 4840 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
01:13:59.0809 4840 BrUsbSer - ok
01:13:59.0824 4840 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
01:13:59.0840 4840 BTHMODEM - ok
01:13:59.0887 4840 [ 6D6778608453BA40DDB1A737957697BC ] CAATT C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe
01:14:00.0043 4840 CAATT - ok
01:14:00.0168 4840 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:14:00.0168 4840 cdfs - ok
01:14:00.0215 4840 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:14:00.0215 4840 cdrom - ok
01:14:00.0277 4840 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
01:14:00.0277 4840 CertPropSvc - ok
01:14:00.0309 4840 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
01:14:00.0309 4840 circlass - ok
01:14:00.0340 4840 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
01:14:00.0340 4840 CLFS - ok
01:14:00.0496 4840 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:14:00.0512 4840 clr_optimization_v2.0.50727_32 - ok
01:14:00.0621 4840 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:14:00.0652 4840 CmBatt - ok
01:14:00.0684 4840 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:14:00.0684 4840 cmdide - ok
01:14:00.0699 4840 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:14:00.0699 4840 Compbatt - ok
01:14:00.0731 4840 COMSysApp - ok
01:14:00.0746 4840 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:14:00.0746 4840 crcdisk - ok
01:14:00.0809 4840 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
01:14:00.0809 4840 Crusoe - ok
01:14:00.0949 4840 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:14:00.0949 4840 CryptSvc - ok
01:14:01.0059 4840 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:14:01.0074 4840 DcomLaunch - ok
01:14:01.0106 4840 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:14:01.0121 4840 DfsC - ok
01:14:01.0356 4840 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
01:14:01.0434 4840 DFSR - ok
01:14:01.0527 4840 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
01:14:01.0527 4840 Dhcp - ok
01:14:01.0574 4840 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
01:14:01.0574 4840 disk - ok
01:14:01.0621 4840 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:14:01.0637 4840 Dnscache - ok
01:14:01.0668 4840 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
01:14:01.0668 4840 dot3svc - ok
01:14:01.0715 4840 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
01:14:01.0715 4840 Dot4 - ok
01:14:01.0746 4840 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
01:14:01.0746 4840 Dot4Print - ok
01:14:01.0777 4840 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
01:14:01.0777 4840 dot4usb - ok
01:14:01.0840 4840 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
01:14:01.0856 4840 DPS - ok
01:14:01.0871 4840 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:14:01.0871 4840 drmkaud - ok
01:14:01.0996 4840 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:14:02.0012 4840 DXGKrnl - ok
01:14:02.0090 4840 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
01:14:02.0106 4840 e1express - ok
01:14:02.0152 4840 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
01:14:02.0152 4840 E1G60 - ok
01:14:02.0184 4840 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
01:14:02.0199 4840 EapHost - ok
01:14:02.0246 4840 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
01:14:02.0246 4840 Ecache - ok
01:14:02.0293 4840 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:14:02.0309 4840 elxstor - ok
01:14:02.0402 4840 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
01:14:02.0418 4840 EMDMgmt - ok
01:14:02.0449 4840 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:14:02.0449 4840 ErrDev - ok
01:14:02.0496 4840 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
01:14:02.0512 4840 EventSystem - ok
01:14:02.0543 4840 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
01:14:02.0559 4840 exfat - ok
01:14:02.0574 4840 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:14:02.0574 4840 fastfat - ok
01:14:02.0637 4840 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:14:02.0637 4840 fdc - ok
01:14:02.0684 4840 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
01:14:02.0684 4840 fdPHost - ok
01:14:02.0715 4840 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
01:14:02.0715 4840 FDResPub - ok
01:14:02.0731 4840 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:14:02.0731 4840 FileInfo - ok
01:14:02.0762 4840 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:14:02.0762 4840 Filetrace - ok
01:14:02.0793 4840 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:14:02.0793 4840 flpydisk - ok
01:14:02.0809 4840 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:14:02.0824 4840 FltMgr - ok
01:14:02.0918 4840 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
01:14:02.0918 4840 FontCache3.0.0.0 - ok
01:14:02.0949 4840 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:14:02.0949 4840 Fs_Rec - ok
01:14:02.0996 4840 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:14:02.0996 4840 gagp30kx - ok
01:14:03.0106 4840 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
01:14:03.0137 4840 gpsvc - ok
01:14:03.0262 4840 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9b89a511223e2 C:\Program Files\Google\Update\GoogleUpdate.exe
01:14:03.0527 4840 gupdate1c9b89a511223e2 - ok
01:14:03.0559 4840 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
01:14:03.0574 4840 gupdatem - ok
01:14:03.0637 4840 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
01:14:03.0652 4840 gusvc - ok
01:14:03.0699 4840 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:14:03.0699 4840 HdAudAddService - ok
01:14:03.0731 4840 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:14:03.0731 4840 HDAudBus - ok
01:14:03.0762 4840 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
01:14:03.0762 4840 HidBth - ok
01:14:03.0793 4840 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
01:14:03.0793 4840 HidIr - ok
01:14:03.0840 4840 [ 53D5A2F9CE6AE47D7507727DF1DA79F8 ] hidserv C:\Windows\system32\hidserv.dll
01:14:03.0856 4840 hidserv - ok
01:14:03.0887 4840 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:14:03.0887 4840 HidUsb - ok
01:14:03.0949 4840 [ 05E0D8EE7D6FAB5CB672FEC3AAD93AA0 ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys
01:14:03.0949 4840 hitmanpro37 - ok
01:14:03.0996 4840 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:14:04.0012 4840 hkmsvc - ok
01:14:04.0059 4840 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
01:14:04.0074 4840 HpCISSs - ok
01:14:04.0246 4840 [ ED377B3C83FDEA8D906109A085D219BA ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
01:14:04.0262 4840 hpqcxs08 - ok
01:14:04.0309 4840 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
01:14:04.0527 4840 hpqddsvc - ok
01:14:04.0606 4840 [ 99F85640054BA65190B860D878A7C9AE ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
01:14:04.0621 4840 HSF_DPV - ok
01:14:04.0652 4840 [ CFBC2B81972E298F0E19EE68FA9E73DA ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
01:14:04.0684 4840 HSXHWAZL - ok
01:14:04.0731 4840 [ 33B02459E86D0A2B86A6B9FE19139390 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:14:04.0746 4840 HTTP - ok
01:14:04.0777 4840 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
01:14:04.0809 4840 i2omp - ok
01:14:04.0856 4840 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:14:04.0856 4840 i8042prt - ok
01:14:04.0918 4840 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
01:14:04.0918 4840 iaStorV - ok
01:14:05.0027 4840 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:14:05.0293 4840 idsvc - ok
01:14:05.0340 4840 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:14:05.0340 4840 iirsp - ok
01:14:05.0449 4840 [ 68E8C415E102E5D79FD7E4A765B8CBA4 ] IKEEXT C:\Windows\System32\ikeext.dll
01:14:05.0465 4840 IKEEXT - ok
01:14:05.0512 4840 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
01:14:05.0527 4840 intelide - ok
01:14:05.0559 4840 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:14:05.0559 4840 intelppm - ok
01:14:05.0606 4840 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:14:05.0621 4840 IPBusEnum - ok
01:14:05.0637 4840 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:14:05.0652 4840 IpFilterDriver - ok
01:14:05.0699 4840 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:14:05.0699 4840 iphlpsvc - ok
01:14:05.0715 4840 IpInIp - ok
01:14:05.0762 4840 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
01:14:05.0762 4840 IPMIDRV - ok
01:14:05.0809 4840 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
01:14:05.0809 4840 IPNAT - ok
01:14:05.0840 4840 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:14:05.0840 4840 IRENUM - ok
01:14:05.0887 4840 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:14:05.0887 4840 isapnp - ok
01:14:05.0934 4840 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
01:14:05.0934 4840 iScsiPrt - ok
01:14:05.0965 4840 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
01:14:05.0965 4840 iteatapi - ok
01:14:05.0996 4840 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
01:14:05.0996 4840 iteraid - ok
01:14:06.0012 4840 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:14:06.0027 4840 kbdclass - ok
01:14:06.0059 4840 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:14:06.0059 4840 kbdhid - ok
01:14:06.0106 4840 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
01:14:06.0106 4840 KeyIso - ok
01:14:06.0168 4840 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:14:06.0184 4840 KSecDD - ok
01:14:06.0277 4840 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
01:14:06.0293 4840 KtmRm - ok
01:14:06.0371 4840 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:14:06.0371 4840 LanmanServer - ok
01:14:06.0434 4840 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:14:06.0434 4840 LanmanWorkstation - ok
01:14:06.0512 4840 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:14:06.0512 4840 lltdio - ok
01:14:06.0559 4840 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:14:06.0559 4840 lltdsvc - ok
01:14:06.0590 4840 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:14:06.0590 4840 lmhosts - ok
01:14:06.0621 4840 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:14:06.0637 4840 LSI_FC - ok
01:14:06.0652 4840 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:14:06.0652 4840 LSI_SAS - ok
01:14:06.0684 4840 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:14:06.0684 4840 LSI_SCSI - ok
01:14:06.0715 4840 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
01:14:06.0731 4840 luafv - ok
01:14:06.0777 4840 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
01:14:06.0793 4840 mdmxsdk - ok
01:14:06.0824 4840 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
01:14:06.0824 4840 megasas - ok
01:14:06.0856 4840 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
01:14:06.0871 4840 MegaSR - ok
01:14:06.0918 4840 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
01:14:06.0934 4840 MMCSS - ok
01:14:06.0965 4840 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
01:14:06.0965 4840 Modem - ok
01:14:06.0996 4840 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:14:06.0996 4840 monitor - ok
01:14:07.0012 4840 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:14:07.0012 4840 mouclass - ok
01:14:07.0059 4840 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:14:07.0059 4840 mouhid - ok
01:14:07.0090 4840 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
01:14:07.0090 4840 MountMgr - ok
01:14:07.0137 4840 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
01:14:07.0152 4840 MpFilter - ok
01:14:07.0184 4840 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
01:14:07.0199 4840 mpio - ok
01:14:07.0402 4840 [ A69630D039C38018689190234F866D77 ] MpKsl128f1958 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B412FCC-8A46-40DB-85C6-A1E6EC3C7F36}\MpKsl128f1958.sys
01:14:07.0402 4840 MpKsl128f1958 - ok
01:14:07.0481 4840 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:14:07.0481 4840 mpsdrv - ok
01:14:07.0543 4840 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
01:14:07.0559 4840 MpsSvc - ok
01:14:07.0637 4840 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
01:14:07.0637 4840 Mraid35x - ok
01:14:07.0684 4840 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:14:07.0684 4840 MRxDAV - ok
01:14:07.0777 4840 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:14:07.0824 4840 mrxsmb - ok
01:14:07.0871 4840 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:14:07.0871 4840 mrxsmb10 - ok
01:14:07.0918 4840 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:14:07.0918 4840 mrxsmb20 - ok
01:14:07.0965 4840 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
01:14:07.0965 4840 msahci - ok
01:14:08.0012 4840 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:14:08.0012 4840 msdsm - ok
01:14:08.0043 4840 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
01:14:08.0074 4840 MSDTC - ok
01:14:08.0090 4840 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:14:08.0106 4840 Msfs - ok
01:14:08.0152 4840 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:14:08.0152 4840 msisadrv - ok
01:14:08.0184 4840 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:14:08.0199 4840 MSiSCSI - ok
01:14:08.0215 4840 msiserver - ok
01:14:08.0246 4840 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:14:08.0262 4840 MSKSSRV - ok
01:14:08.0371 4840 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
01:14:08.0387 4840 MsMpSvc - ok
01:14:08.0449 4840 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:14:08.0449 4840 MSPCLOCK - ok
01:14:08.0496 4840 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:14:08.0512 4840 MSPQM - ok
01:14:08.0559 4840 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:14:08.0559 4840 MsRPC - ok
01:14:08.0590 4840 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:14:08.0590 4840 mssmbios - ok
01:14:08.0621 4840 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:14:08.0621 4840 MSTEE - ok
01:14:08.0652 4840 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
01:14:08.0652 4840 Mup - ok
01:14:08.0762 4840 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
01:14:08.0777 4840 napagent - ok
01:14:08.0871 4840 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:14:08.0902 4840 NativeWifiP - ok
01:14:09.0012 4840 [ C8560010A542B5DCA94C62468DC20784 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:14:09.0027 4840 NDIS - ok
01:14:09.0090 4840 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:14:09.0090 4840 NdisTapi - ok
01:14:09.0137 4840 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:14:09.0137 4840 Ndisuio - ok
01:14:09.0168 4840 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:14:09.0168 4840 NdisWan - ok
01:14:09.0199 4840 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:14:09.0199 4840 NDProxy - ok
01:14:09.0246 4840 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
01:14:09.0246 4840 Net Driver HPZ12 - ok
01:14:09.0277 4840 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:14:09.0277 4840 NetBIOS - ok
01:14:09.0324 4840 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
01:14:09.0324 4840 netbt - ok
01:14:09.0356 4840 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
01:14:09.0356 4840 Netlogon - ok
01:14:09.0496 4840 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
01:14:09.0512 4840 Netman - ok
01:14:09.0559 4840 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
01:14:09.0559 4840 netprofm - ok
01:14:09.0621 4840 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:14:09.0637 4840 NetTcpPortSharing - ok
01:14:09.0668 4840 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:14:09.0668 4840 nfrd960 - ok
01:14:09.0715 4840 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
01:14:09.0731 4840 NisDrv - ok
01:14:09.0871 4840 [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
01:14:09.0871 4840 NisSrv - ok
01:14:09.0934 4840 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:14:09.0934 4840 NlaSvc - ok
01:14:09.0965 4840 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:14:09.0981 4840 Npfs - ok
01:14:09.0996 4840 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
01:14:09.0996 4840 nsi - ok
01:14:10.0043 4840 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:14:10.0059 4840 nsiproxy - ok
01:14:10.0152 4840 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:14:10.0168 4840 Ntfs - ok
01:14:10.0215 4840 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
01:14:10.0215 4840 ntrigdigi - ok
01:14:10.0262 4840 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
01:14:10.0277 4840 Null - ok
01:14:10.0324 4840 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:14:10.0340 4840 nvraid - ok
01:14:10.0371 4840 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:14:10.0371 4840 nvstor - ok
01:14:10.0402 4840 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:14:10.0402 4840 nv_agp - ok
01:14:10.0402 4840 NwlnkFlt - ok
01:14:10.0418 4840 NwlnkFwd - ok
01:14:10.0449 4840 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:14:10.0449 4840 ohci1394 - ok
01:14:10.0574 4840 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:14:10.0606 4840 ose - ok
01:14:10.0699 4840 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
01:14:10.0715 4840 p2pimsvc - ok
01:14:10.0731 4840 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
01:14:10.0746 4840 p2psvc - ok
01:14:10.0793 4840 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
01:14:10.0793 4840 Parport - ok
01:14:10.0824 4840 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:14:10.0824 4840 partmgr - ok
01:14:10.0856 4840 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
01:14:10.0856 4840 Parvdm - ok
01:14:10.0902 4840 [ 1961590AA191B6B7DCF18A6A693AF7B8 ] PCASp50 C:\Windows\system32\Drivers\PCASp50.sys
01:14:10.0902 4840 PCASp50 - ok
01:14:10.0949 4840 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
01:14:10.0949 4840 PcaSvc - ok
01:14:11.0027 4840 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
01:14:11.0043 4840 pci - ok
01:14:11.0090 4840 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
01:14:11.0090 4840 pciide - ok
01:14:11.0121 4840 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:14:11.0137 4840 pcmcia - ok
01:14:11.0184 4840 [ 351BD8C80B2C411EA5A122FCFED4D7C8 ] PCTINDIS5 C:\Windows\system32\PCTINDIS5.SYS
01:14:11.0199 4840 PCTINDIS5 - ok
01:14:11.0246 4840 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:14:11.0262 4840 PEAUTH - ok
01:14:11.0449 4840 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
01:14:11.0496 4840 pla - ok
01:14:11.0574 4840 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:14:11.0590 4840 PlugPlay - ok
01:14:11.0637 4840 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
01:14:11.0637 4840 Pml Driver HPZ12 - ok
01:14:11.0731 4840 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
01:14:11.0746 4840 PNRPAutoReg - ok
01:14:11.0777 4840 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
01:14:11.0777 4840 PNRPsvc - ok
01:14:11.0887 4840 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:14:11.0918 4840 PolicyAgent - ok
01:14:11.0981 4840 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:14:11.0981 4840 PptpMiniport - ok
01:14:12.0027 4840 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
01:14:12.0027 4840 Processor - ok
01:14:12.0074 4840 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
01:14:12.0074 4840 ProfSvc - ok
01:14:12.0121 4840 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:14:12.0121 4840 ProtectedStorage - ok
01:14:12.0215 4840 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
01:14:12.0215 4840 PSched - ok
01:14:12.0277 4840 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
01:14:12.0293 4840 PxHelp20 - ok
01:14:12.0418 4840 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:14:12.0449 4840 ql2300 - ok
01:14:12.0481 4840 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:14:12.0481 4840 ql40xx - ok
01:14:12.0543 4840 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
01:14:12.0543 4840 QWAVE - ok
01:14:12.0574 4840 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:14:12.0590 4840 QWAVEdrv - ok
01:14:12.0777 4840 [ 554685122B4F973E21D66C2BAAF29543 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
01:14:12.0840 4840 R300 - ok
01:14:12.0902 4840 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:14:12.0902 4840 RasAcd - ok
01:14:12.0996 4840 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
01:14:12.0996 4840 RasAuto - ok
01:14:13.0043 4840 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:14:13.0059 4840 Rasl2tp - ok
01:14:13.0090 4840 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
01:14:13.0090 4840 RasMan - ok
01:14:13.0137 4840 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:14:13.0137 4840 RasPppoe - ok
01:14:13.0168 4840 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:14:13.0168 4840 RasSstp - ok
01:14:13.0199 4840 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:14:13.0199 4840 rdbss - ok
01:14:13.0231 4840 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:14:13.0231 4840 RDPCDD - ok
01:14:13.0277 4840 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
01:14:13.0277 4840 rdpdr - ok
01:14:13.0293 4840 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:14:13.0309 4840 RDPENCDD - ok
01:14:13.0340 4840 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:14:13.0340 4840 RDPWD - ok
01:14:13.0449 4840 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
01:14:13.0465 4840 RealNetworks Downloader Resolver Service - ok
01:14:13.0512 4840 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:14:13.0512 4840 RemoteAccess - ok
01:14:13.0559 4840 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:14:13.0559 4840 RemoteRegistry - ok
01:14:13.0668 4840 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
01:14:13.0684 4840 rimmptsk - ok
01:14:13.0715 4840 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\Windows\system32\drivers\rimsptsk.sys
01:14:13.0715 4840 rimsptsk - ok
01:14:13.0746 4840 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
01:14:13.0746 4840 RimVSerPort - ok
01:14:13.0777 4840 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\drivers\rixdptsk.sys
01:14:13.0777 4840 rismxdp - ok
01:14:13.0824 4840 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
01:14:13.0824 4840 ROOTMODEM - ok
01:14:13.0856 4840 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
01:14:13.0856 4840 RpcLocator - ok
01:14:13.0902 4840 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
01:14:13.0918 4840 RpcSs - ok
01:14:13.0949 4840 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:14:13.0949 4840 rspndr - ok
01:14:13.0965 4840 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
01:14:13.0965 4840 SamSs - ok
01:14:14.0012 4840 [ BFBC4BE8D6AC6D33AD93F3F5F2E11499 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
01:14:14.0106 4840 SASDIFSV - ok
01:14:14.0168 4840 [ E9C2D75C748C3F0A4C34D6CF2AE1D754 ] SASENUM C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
01:14:14.0168 4840 SASENUM - ok
01:14:14.0199 4840 [ 4731A1B8A79B19CAD8E2CFDC7B7D82D4 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
01:14:14.0324 4840 SASKUTIL - ok
01:14:14.0371 4840 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:14:14.0371 4840 sbp2port - ok
01:14:14.0434 4840 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:14:14.0449 4840 SCardSvr - ok
01:14:14.0527 4840 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
01:14:14.0543 4840 Schedule - ok
01:14:14.0574 4840 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
01:14:14.0574 4840 SCPolicySvc - ok
01:14:14.0652 4840 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
01:14:14.0652 4840 sdbus - ok
01:14:14.0699 4840 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:14:14.0699 4840 SDRSVC - ok
01:14:14.0746 4840 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:14:14.0762 4840 secdrv - ok
01:14:14.0777 4840 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
01:14:14.0777 4840 seclogon - ok
01:14:14.0824 4840 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
01:14:14.0824 4840 SENS - ok
01:14:14.0840 4840 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
01:14:14.0840 4840 Serenum - ok
01:14:14.0871 4840 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
01:14:14.0871 4840 Serial - ok
01:14:14.0902 4840 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:14:14.0902 4840 sermouse - ok
01:14:14.0965 4840 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
01:14:14.0965 4840 SessionEnv - ok
01:14:15.0012 4840 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
01:14:15.0027 4840 sffdisk - ok
01:14:15.0059 4840 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:14:15.0074 4840 sffp_mmc - ok
01:14:15.0106 4840 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
01:14:15.0121 4840 sffp_sd - ok
01:14:15.0184 4840 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:14:15.0184 4840 sfloppy - ok
01:14:15.0277 4840 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:14:15.0277 4840 SharedAccess - ok
01:14:15.0356 4840 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:14:15.0356 4840 ShellHWDetection - ok
01:14:15.0402 4840 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
01:14:15.0402 4840 sisagp - ok
01:14:15.0434 4840 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
01:14:15.0434 4840 SiSRaid2 - ok
01:14:15.0465 4840 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:14:15.0465 4840 SiSRaid4 - ok
01:14:15.0731 4840 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
01:14:15.0887 4840 slsvc - ok
01:14:15.0949 4840 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
01:14:15.0965 4840 SLUINotify - ok
01:14:16.0043 4840 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:14:16.0059 4840 Smb - ok
01:14:16.0090 4840 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:14:16.0090 4840 SNMPTRAP - ok
01:14:16.0137 4840 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
01:14:16.0137 4840 spldr - ok
01:14:16.0184 4840 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
01:14:16.0199 4840 Spooler - ok
01:14:16.0231 4840 sprtsvc_dellsupportcenter - ok
01:14:16.0356 4840 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
01:14:16.0371 4840 srv - ok
01:14:16.0434 4840 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:14:16.0496 4840 srv2 - ok
01:14:16.0543 4840 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:14:16.0543 4840 srvnet - ok
01:14:16.0590 4840 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:14:16.0606 4840 SSDPSRV - ok
01:14:16.0699 4840 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:14:16.0699 4840 SstpSvc - ok
01:14:16.0762 4840 [ D294949451D2DBB3FF22BA352978D99D ] STacSV C:\Windows\system32\STacSV.exe
01:14:16.0762 4840 STacSV - ok
01:14:16.0793 4840 [ 3CFEA727795243364BB6A7F9A091FAA3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
01:14:16.0809 4840 STHDA - ok
01:14:16.0856 4840 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
01:14:16.0902 4840 stisvc - ok
01:14:16.0981 4840 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
01:14:17.0106 4840 stllssvr - ok
01:14:17.0184 4840 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:14:17.0184 4840 swenum - ok
01:14:17.0231 4840 [ 851681F7D3200E2A646C5EE4D4E9883D ] swmsflt C:\Windows\System32\drivers\swmsflt.sys
01:14:17.0324 4840 swmsflt - ok
01:14:17.0371 4840 [ 2F6F8B7F821C994DE3D1CAF399BF9CD3 ] SWNC8U56 C:\Windows\system32\DRIVERS\swnc8u56.sys
01:14:17.0387 4840 SWNC8U56 - ok
01:14:17.0434 4840 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
01:14:17.0449 4840 swprv - ok
01:14:17.0496 4840 [ 903A5E596A3910CEBFA33F3BD7D9C174 ] SWUMX56 C:\Windows\system32\DRIVERS\swumx56.sys
01:14:17.0496 4840 SWUMX56 - ok
01:14:17.0543 4840 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
01:14:17.0543 4840 Symc8xx - ok
01:14:17.0590 4840 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
01:14:17.0590 4840 Sym_hi - ok
01:14:17.0637 4840 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
01:14:17.0637 4840 Sym_u3 - ok
01:14:17.0762 4840 [ 451E8037E2EB6DA6BDF0A66F65D1810B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
01:14:17.0777 4840 SynTP - ok
01:14:17.0856 4840 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
01:14:17.0871 4840 SysMain - ok
01:14:17.0918 4840 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:14:17.0918 4840 TabletInputService - ok
01:14:17.0965 4840 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
01:14:17.0981 4840 TapiSrv - ok
01:14:18.0027 4840 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
01:14:18.0043 4840 TBS - ok
01:14:18.0137 4840 [ 6216A954ED7045B62880A92D6C9B9FC7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:14:18.0152 4840 Tcpip - ok
01:14:18.0184 4840 [ 6216A954ED7045B62880A92D6C9B9FC7 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
01:14:18.0184 4840 Tcpip6 - ok
01:14:18.0293 4840 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:14:18.0309 4840 tcpipreg - ok
01:14:18.0340 4840 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:14:18.0340 4840 TDPIPE - ok
01:14:18.0371 4840 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:14:18.0371 4840 TDTCP - ok
01:14:18.0402 4840 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:14:18.0402 4840 tdx - ok
01:14:18.0434 4840 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:14:18.0434 4840 TermDD - ok
01:14:18.0559 4840 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
01:14:18.0559 4840 TermService - ok
01:14:18.0606 4840 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
01:14:18.0621 4840 Themes - ok
01:14:18.0637 4840 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
01:14:18.0637 4840 THREADORDER - ok
01:14:18.0684 4840 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
01:14:18.0684 4840 TrkWks - ok
01:14:18.0793 4840 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:14:18.0793 4840 TrustedInstaller - ok
01:14:18.0840 4840 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:14:18.0871 4840 tssecsrv - ok
01:14:18.0918 4840 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
01:14:18.0934 4840 tunmp - ok
01:14:18.0996 4840 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:14:18.0996 4840 tunnel - ok
01:14:19.0059 4840 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:14:19.0074 4840 uagp35 - ok
01:14:19.0121 4840 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:14:19.0137 4840 udfs - ok
01:14:19.0215 4840 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:14:19.0231 4840 UI0Detect - ok
01:14:19.0277 4840 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:14:19.0277 4840 uliagpkx - ok
01:14:19.0324 4840 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
01:14:19.0340 4840 uliahci - ok
01:14:19.0371 4840 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
01:14:19.0371 4840 UlSata - ok
01:14:19.0402 4840 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
01:14:19.0402 4840 ulsata2 - ok
01:14:19.0449 4840 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:14:19.0449 4840 umbus - ok
01:14:19.0496 4840 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
01:14:19.0496 4840 upnphost - ok
01:14:19.0574 4840 [ A7CD5B4ADEA26765CAB06BDAB7B07B13 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:14:19.0590 4840 usbccgp - ok
01:14:19.0621 4840 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:14:19.0637 4840 usbcir - ok
01:14:19.0684 4840 [ 686D4188AE36254C3008B71FEDACADF3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:14:19.0684 4840 usbehci - ok
01:14:19.0731 4840 [ 4E42F665A658F08D153F7FFFE7C83806 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:14:19.0746 4840 usbhub - ok
01:14:19.0809 4840 [ D16C39CF6C1EC57614FBD8BD3EF2682D ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
01:14:19.0824 4840 usbohci - ok
01:14:19.0856 4840 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:14:19.0856 4840 usbprint - ok
01:14:19.0887 4840 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:14:19.0887 4840 usbscan - ok
01:14:19.0918 4840 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:14:19.0918 4840 USBSTOR - ok
01:14:19.0965 4840 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:14:19.0965 4840 usbuhci - ok
01:14:20.0012 4840 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
01:14:20.0012 4840 UxSms - ok
01:14:20.0059 4840 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
01:14:20.0074 4840 vds - ok
01:14:20.0152 4840 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:14:20.0184 4840 vga - ok
01:14:20.0215 4840 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
01:14:20.0215 4840 VgaSave - ok
01:14:20.0246 4840 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
01:14:20.0246 4840 viaagp - ok
01:14:20.0277 4840 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
01:14:20.0293 4840 ViaC7 - ok
01:14:20.0309 4840 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
01:14:20.0309 4840 viaide - ok
01:14:20.0356 4840 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:14:20.0356 4840 volmgr - ok
01:14:20.0387 4840 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:14:20.0402 4840 volmgrx - ok
01:14:20.0434 4840 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:14:20.0434 4840 volsnap - ok
01:14:20.0481 4840 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:14:20.0481 4840 vsmraid - ok
01:14:20.0668 4840 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
01:14:20.0684 4840 VSS - ok
01:14:20.0746 4840 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
01:14:20.0762 4840 W32Time - ok
01:14:20.0824 4840 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:14:20.0824 4840 WacomPen - ok
01:14:20.0856 4840 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
01:14:20.0856 4840 Wanarp - ok
01:14:20.0871 4840 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:14:20.0871 4840 Wanarpv6 - ok
01:14:20.0934 4840 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:14:20.0949 4840 wcncsvc - ok
01:14:20.0996 4840 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:14:20.0996 4840 WcsPlugInService - ok
01:14:21.0043 4840 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
01:14:21.0074 4840 Wd - ok
01:14:21.0121 4840 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:14:21.0121 4840 Wdf01000 - ok
01:14:21.0152 4840 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:14:21.0168 4840 WdiServiceHost - ok
01:14:21.0184 4840 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:14:21.0184 4840 WdiSystemHost - ok
01:14:21.0231 4840 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
01:14:21.0246 4840 WebClient - ok
01:14:21.0277 4840 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:14:21.0277 4840 Wecsvc - ok
01:14:21.0340 4840 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:14:21.0371 4840 wercplsupport - ok
01:14:21.0402 4840 [ 4081288554294F144E5A7D4EE20E3CE6 ] WerSvc C:\Windows\System32\WerSvc.dll
01:14:21.0418 4840 WerSvc - ok
01:14:21.0481 4840 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
01:14:21.0481 4840 winachsf - ok
01:14:21.0637 4840 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
01:14:21.0637 4840 WinDefend - ok
01:14:21.0668 4840 WinHttpAutoProxySvc - ok
01:14:21.0777 4840 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:14:21.0777 4840 Winmgmt - ok
01:14:21.0918 4840 [ 20FC93FDC916843CFDFCAA7A1B0DB16F ] WinRM C:\Windows\system32\WsmSvc.dll
01:14:21.0949 4840 WinRM - ok
01:14:22.0059 4840 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
01:14:22.0074 4840 Wlansvc - ok
01:14:22.0074 4840 wltrysvc - ok
01:14:22.0184 4840 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
01:14:22.0184 4840 WmiAcpi - ok
01:14:22.0215 4840 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:14:22.0231 4840 wmiApSrv - ok
01:14:22.0340 4840 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
01:14:22.0356 4840 WMPNetworkSvc - ok
01:14:22.0434 4840 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:14:22.0449 4840 WPCSvc - ok
01:14:22.0481 4840 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:14:22.0496 4840 WPDBusEnum - ok
01:14:22.0559 4840 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
01:14:22.0559 4840 WpdUsb - ok
01:14:22.0606 4840 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:14:22.0606 4840 ws2ifsl - ok
01:14:22.0621 4840 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
01:14:22.0621 4840 wscsvc - ok
01:14:22.0637 4840 WSearch - ok
01:14:22.0856 4840 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
01:14:22.0902 4840 wuauserv - ok
01:14:22.0949 4840 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:14:22.0949 4840 WUDFRd - ok
01:14:23.0012 4840 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:14:23.0012 4840 wudfsvc - ok
01:14:23.0059 4840 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
01:14:23.0059 4840 XAudio - ok
01:14:23.0090 4840 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
01:14:23.0090 4840 XAudioService - ok
01:14:23.0168 4840 ================ Scan global ===============================
01:14:23.0231 4840 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
01:14:23.0356 4840 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
01:14:23.0402 4840 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
01:14:23.0465 4840 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
01:14:23.0481 4840 [Global] - ok
01:14:23.0496 4840 ================ Scan MBR ==================================
01:14:23.0527 4840 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
01:14:24.0387 4840 \Device\Harddisk0\DR0 - ok
01:14:24.0387 4840 ================ Scan VBR ==================================
01:14:24.0418 4840 [ 8E06258498D1CC19212F2D57D3E0357A ] \Device\Harddisk0\DR0\Partition1
01:14:24.0418 4840 \Device\Harddisk0\DR0\Partition1 - ok
01:14:24.0465 4840 [ 586058479EC84E17A6024CC5BC95A7FD ] \Device\Harddisk0\DR0\Partition2
01:14:24.0496 4840 \Device\Harddisk0\DR0\Partition2 - ok
01:14:24.0512 4840 ============================================================
01:14:24.0512 4840 Scan finished
01:14:24.0512 4840 ============================================================
01:14:24.0543 3832 Detected object count: 0
01:14:24.0543 3832 Actual detected object count: 0
01:15:07.0090 5504 Deinitialize success
  • 0

#7
khphoto1
Posted 01 July 2013 - 06:52 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Last TDSS

01:48:51.0441 1544 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
01:48:51.0863 1544 ============================================================
01:48:51.0863 1544 Current date / time: 2013/06/30 01:48:51.0863
01:48:51.0863 1544 SystemInfo:
01:48:51.0863 1544
01:48:51.0863 1544 OS Version: 6.0.6002 ServicePack: 2.0
01:48:51.0863 1544 Product type: Workstation
01:48:51.0863 1544 ComputerName: USER-PC
01:48:51.0863 1544 UserName: User
01:48:51.0863 1544 Windows directory: C:\Windows
01:48:51.0863 1544 System windows directory: C:\Windows
01:48:51.0863 1544 Processor architecture: Intel x86
01:48:51.0863 1544 Number of processors: 1
01:48:51.0863 1544 Page size: 0x1000
01:48:51.0863 1544 Boot type: Safe boot with network
01:48:51.0863 1544 ============================================================
01:48:54.0128 1544 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
01:48:54.0128 1544 ============================================================
01:48:54.0128 1544 \Device\Harddisk0\DR0:
01:48:54.0128 1544 MBR partitions:
01:48:54.0128 1544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x1400000
01:48:54.0128 1544 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x142F800, BlocksNum 0x80DF800
01:48:54.0128 1544 ============================================================
01:48:54.0269 1544 C: <-> \Device\Harddisk0\DR0\Partition2
01:48:54.0316 1544 D: <-> \Device\Harddisk0\DR0\Partition1
01:48:54.0316 1544 ============================================================
01:48:54.0316 1544 Initialize success
01:48:54.0316 1544 ============================================================
01:49:05.0644 1744 ============================================================
01:49:05.0644 1744 Scan started
01:49:05.0644 1744 Mode: Manual;
01:49:05.0644 1744 ============================================================
01:49:06.0831 1744 ================ Scan system memory ========================
01:49:06.0831 1744 System memory - ok
01:49:06.0831 1744 ================ Scan services =============================
01:49:07.0269 1744 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
01:49:07.0269 1744 ACPI - ok
01:49:07.0363 1744 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:49:07.0363 1744 adp94xx - ok
01:49:07.0425 1744 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:49:07.0441 1744 adpahci - ok
01:49:07.0488 1744 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
01:49:07.0488 1744 adpu160m - ok
01:49:07.0519 1744 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:49:07.0550 1744 adpu320 - ok
01:49:07.0597 1744 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:49:07.0597 1744 AeLookupSvc - ok
01:49:07.0675 1744 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
01:49:07.0675 1744 AFD - ok
01:49:07.0738 1744 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:49:07.0738 1744 agp440 - ok
01:49:07.0800 1744 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
01:49:07.0816 1744 aic78xx - ok
01:49:07.0831 1744 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
01:49:07.0831 1744 ALG - ok
01:49:07.0878 1744 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
01:49:07.0878 1744 aliide - ok
01:49:07.0910 1744 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
01:49:07.0910 1744 amdagp - ok
01:49:07.0941 1744 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
01:49:07.0941 1744 amdide - ok
01:49:07.0988 1744 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
01:49:07.0988 1744 AmdK7 - ok
01:49:08.0035 1744 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:49:08.0035 1744 AmdK8 - ok
01:49:08.0097 1744 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
01:49:08.0097 1744 Appinfo - ok
01:49:08.0191 1744 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
01:49:08.0191 1744 arc - ok
01:49:08.0253 1744 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:49:08.0253 1744 arcsas - ok
01:49:08.0331 1744 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:49:08.0331 1744 AsyncMac - ok
01:49:08.0378 1744 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
01:49:08.0378 1744 atapi - ok
01:49:08.0456 1744 [ CDAB1FB2AC6160EF35B44D6337A04DD4 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
01:49:08.0488 1744 Ati External Event Utility - ok
01:49:08.0597 1744 [ 4AA1EB65481C392955939E735D27118B ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
01:49:08.0597 1744 AtiPcie - ok
01:49:08.0691 1744 [ 1F50C6D8585F7639182DE7D8BC36C2C2 ] ATTRcAppSvc C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
01:49:08.0722 1744 ATTRcAppSvc - ok
01:49:08.0800 1744 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:49:08.0816 1744 AudioEndpointBuilder - ok
01:49:08.0816 1744 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
01:49:08.0831 1744 Audiosrv - ok
01:49:08.0894 1744 BCM42RLY - ok
01:49:08.0941 1744 [ CDF7F28FFD693B1B4137845DD1EF1CCC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
01:49:08.0988 1744 BCM43XX - ok
01:49:09.0066 1744 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
01:49:09.0066 1744 bcm4sbxp - ok
01:49:09.0144 1744 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
01:49:09.0144 1744 Beep - ok
01:49:09.0300 1744 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
01:49:09.0316 1744 BFE - ok
01:49:09.0394 1744 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
01:49:09.0410 1744 BITS - ok
01:49:09.0456 1744 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
01:49:09.0456 1744 blbdrive - ok
01:49:09.0488 1744 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:49:09.0519 1744 bowser - ok
01:49:09.0566 1744 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
01:49:09.0566 1744 BrFiltLo - ok
01:49:09.0613 1744 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
01:49:09.0613 1744 BrFiltUp - ok
01:49:09.0644 1744 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
01:49:09.0644 1744 Browser - ok
01:49:09.0691 1744 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
01:49:09.0691 1744 Brserid - ok
01:49:09.0753 1744 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
01:49:09.0753 1744 BrSerWdm - ok
01:49:09.0769 1744 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
01:49:09.0769 1744 BrUsbMdm - ok
01:49:09.0785 1744 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
01:49:09.0785 1744 BrUsbSer - ok
01:49:09.0831 1744 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
01:49:09.0831 1744 BTHMODEM - ok
01:49:09.0910 1744 [ 6D6778608453BA40DDB1A737957697BC ] CAATT C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe
01:49:09.0941 1744 CAATT - ok
01:49:10.0003 1744 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:49:10.0003 1744 cdfs - ok
01:49:10.0066 1744 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:49:10.0066 1744 cdrom - ok
01:49:10.0144 1744 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
01:49:10.0144 1744 CertPropSvc - ok
01:49:10.0191 1744 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
01:49:10.0191 1744 circlass - ok
01:49:10.0253 1744 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
01:49:10.0269 1744 CLFS - ok
01:49:10.0347 1744 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:49:10.0347 1744 clr_optimization_v2.0.50727_32 - ok
01:49:10.0410 1744 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:49:10.0410 1744 CmBatt - ok
01:49:10.0456 1744 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:49:10.0472 1744 cmdide - ok
01:49:10.0488 1744 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:49:10.0503 1744 Compbatt - ok
01:49:10.0503 1744 COMSysApp - ok
01:49:10.0535 1744 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:49:10.0535 1744 crcdisk - ok
01:49:10.0566 1744 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
01:49:10.0566 1744 Crusoe - ok
01:49:10.0644 1744 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:49:10.0644 1744 CryptSvc - ok
01:49:10.0738 1744 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:49:10.0738 1744 DcomLaunch - ok
01:49:10.0816 1744 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:49:10.0816 1744 DfsC - ok
01:49:10.0925 1744 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
01:49:10.0956 1744 DFSR - ok
01:49:11.0066 1744 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
01:49:11.0066 1744 Dhcp - ok
01:49:11.0144 1744 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
01:49:11.0144 1744 disk - ok
01:49:11.0222 1744 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:49:11.0222 1744 Dnscache - ok
01:49:11.0300 1744 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:49:11.0300 1744 dot3svc - ok
01:49:11.0378 1744 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
01:49:11.0378 1744 Dot4 - ok
01:49:11.0410 1744 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
01:49:11.0410 1744 Dot4Print - ok
01:49:11.0425 1744 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
01:49:11.0425 1744 dot4usb - ok
01:49:11.0503 1744 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
01:49:11.0503 1744 DPS - ok
01:49:11.0550 1744 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:49:11.0550 1744 drmkaud - ok
01:49:11.0628 1744 [ FB85F7F69E9B109820409243F578CC4D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:49:11.0644 1744 DXGKrnl - ok
01:49:11.0722 1744 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
01:49:11.0722 1744 e1express - ok
01:49:11.0785 1744 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
01:49:11.0800 1744 E1G60 - ok
01:49:11.0847 1744 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
01:49:11.0847 1744 EapHost - ok
01:49:11.0925 1744 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
01:49:11.0925 1744 Ecache - ok
01:49:12.0035 1744 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:49:12.0035 1744 elxstor - ok
01:49:12.0113 1744 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
01:49:12.0128 1744 EMDMgmt - ok
01:49:12.0206 1744 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:49:12.0206 1744 ErrDev - ok
01:49:12.0285 1744 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
01:49:12.0285 1744 EventSystem - ok
01:49:12.0347 1744 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
01:49:12.0363 1744 exfat - ok
01:49:12.0410 1744 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:49:12.0425 1744 fastfat - ok
01:49:12.0566 1744 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:49:12.0566 1744 fdc - ok
01:49:12.0628 1744 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
01:49:12.0628 1744 fdPHost - ok
01:49:12.0644 1744 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
01:49:12.0644 1744 FDResPub - ok
01:49:12.0660 1744 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:49:12.0675 1744 FileInfo - ok
01:49:12.0706 1744 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:49:12.0706 1744 Filetrace - ok
01:49:12.0722 1744 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:49:12.0722 1744 flpydisk - ok
01:49:12.0785 1744 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:49:12.0785 1744 FltMgr - ok
01:49:12.0894 1744 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
01:49:12.0910 1744 FontCache3.0.0.0 - ok
01:49:12.0941 1744 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:49:12.0941 1744 Fs_Rec - ok
01:49:12.0988 1744 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:49:12.0988 1744 gagp30kx - ok
01:49:13.0066 1744 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
01:49:13.0097 1744 gpsvc - ok
01:49:13.0206 1744 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9b89a511223e2 C:\Program Files\Google\Update\GoogleUpdate.exe
01:49:13.0222 1744 gupdate1c9b89a511223e2 - ok
01:49:13.0269 1744 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
01:49:13.0269 1744 gupdatem - ok
01:49:13.0300 1744 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
01:49:13.0300 1744 gusvc - ok
01:49:13.0378 1744 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:49:13.0378 1744 HdAudAddService - ok
01:49:13.0456 1744 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:49:13.0488 1744 HDAudBus - ok
01:49:13.0519 1744 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
01:49:13.0519 1744 HidBth - ok
01:49:13.0535 1744 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
01:49:13.0535 1744 HidIr - ok
01:49:13.0613 1744 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
01:49:13.0613 1744 hidserv - ok
01:49:13.0660 1744 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:49:13.0660 1744 HidUsb - ok
01:49:13.0738 1744 [ 05E0D8EE7D6FAB5CB672FEC3AAD93AA0 ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys
01:49:13.0738 1744 hitmanpro37 - ok
01:49:13.0800 1744 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:49:13.0816 1744 hkmsvc - ok
01:49:13.0847 1744 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
01:49:13.0847 1744 HpCISSs - ok
01:49:13.0972 1744 [ ED377B3C83FDEA8D906109A085D219BA ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
01:49:13.0972 1744 hpqcxs08 - ok
01:49:14.0035 1744 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
01:49:14.0035 1744 hpqddsvc - ok
01:49:14.0128 1744 [ 99F85640054BA65190B860D878A7C9AE ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
01:49:14.0144 1744 HSF_DPV - ok
01:49:14.0175 1744 [ CFBC2B81972E298F0E19EE68FA9E73DA ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
01:49:14.0191 1744 HSXHWAZL - ok
01:49:14.0285 1744 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:49:14.0285 1744 HTTP - ok
01:49:14.0347 1744 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
01:49:14.0347 1744 i2omp - ok
01:49:14.0410 1744 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:49:14.0410 1744 i8042prt - ok
01:49:14.0441 1744 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
01:49:14.0441 1744 iaStorV - ok
01:49:14.0535 1744 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:49:14.0550 1744 idsvc - ok
01:49:14.0581 1744 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:49:14.0581 1744 iirsp - ok
01:49:14.0628 1744 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
01:49:14.0644 1744 IKEEXT - ok
01:49:14.0706 1744 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
01:49:14.0706 1744 intelide - ok
01:49:14.0722 1744 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:49:14.0722 1744 intelppm - ok
01:49:14.0785 1744 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:49:14.0785 1744 IPBusEnum - ok
01:49:14.0800 1744 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:49:14.0800 1744 IpFilterDriver - ok
01:49:14.0863 1744 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:49:14.0878 1744 iphlpsvc - ok
01:49:14.0878 1744 IpInIp - ok
01:49:14.0925 1744 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
01:49:14.0925 1744 IPMIDRV - ok
01:49:14.0956 1744 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
01:49:14.0956 1744 IPNAT - ok
01:49:14.0972 1744 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:49:14.0972 1744 IRENUM - ok
01:49:15.0035 1744 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:49:15.0035 1744 isapnp - ok
01:49:15.0081 1744 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
01:49:15.0081 1744 iScsiPrt - ok
01:49:15.0128 1744 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
01:49:15.0128 1744 iteatapi - ok
01:49:15.0160 1744 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
01:49:15.0160 1744 iteraid - ok
01:49:15.0191 1744 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:49:15.0191 1744 kbdclass - ok
01:49:15.0238 1744 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:49:15.0238 1744 kbdhid - ok
01:49:15.0285 1744 [ 3978F3540329E16C0AC3BCF677E5669F ] KeyIso C:\Windows\system32\lsass.exe
01:49:15.0285 1744 KeyIso - ok
01:49:15.0363 1744 [ 86165728AF9BF72D6442A894FDFB4F8B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:49:15.0363 1744 KSecDD - ok
01:49:15.0472 1744 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
01:49:15.0488 1744 KtmRm - ok
01:49:15.0519 1744 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
01:49:15.0519 1744 LanmanServer - ok
01:49:15.0597 1744 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:49:15.0628 1744 LanmanWorkstation - ok
01:49:15.0706 1744 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:49:15.0706 1744 lltdio - ok
01:49:15.0753 1744 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:49:15.0753 1744 lltdsvc - ok
01:49:15.0816 1744 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:49:15.0816 1744 lmhosts - ok
01:49:15.0863 1744 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:49:15.0878 1744 LSI_FC - ok
01:49:15.0894 1744 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:49:15.0894 1744 LSI_SAS - ok
01:49:15.0910 1744 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:49:15.0910 1744 LSI_SCSI - ok
01:49:15.0972 1744 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
01:49:15.0972 1744 luafv - ok
01:49:16.0019 1744 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
01:49:16.0019 1744 mdmxsdk - ok
01:49:16.0066 1744 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
01:49:16.0066 1744 megasas - ok
01:49:16.0097 1744 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
01:49:16.0113 1744 MegaSR - ok
01:49:16.0175 1744 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
01:49:16.0175 1744 MMCSS - ok
01:49:16.0222 1744 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
01:49:16.0222 1744 Modem - ok
01:49:16.0285 1744 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:49:16.0285 1744 monitor - ok
01:49:16.0300 1744 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:49:16.0300 1744 mouclass - ok
01:49:16.0363 1744 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:49:16.0363 1744 mouhid - ok
01:49:16.0378 1744 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
01:49:16.0378 1744 MountMgr - ok
01:49:16.0441 1744 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
01:49:16.0456 1744 MpFilter - ok
01:49:16.0519 1744 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
01:49:16.0519 1744 mpio - ok
01:49:16.0535 1744 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:49:16.0535 1744 mpsdrv - ok
01:49:16.0644 1744 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
01:49:16.0660 1744 MpsSvc - ok
01:49:16.0691 1744 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
01:49:16.0691 1744 Mraid35x - ok
01:49:16.0738 1744 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:49:16.0738 1744 MRxDAV - ok
01:49:16.0800 1744 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:49:16.0800 1744 mrxsmb - ok
01:49:16.0847 1744 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:49:16.0847 1744 mrxsmb10 - ok
01:49:16.0925 1744 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:49:16.0925 1744 mrxsmb20 - ok
01:49:16.0988 1744 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
01:49:16.0988 1744 msahci - ok
01:49:17.0003 1744 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:49:17.0035 1744 msdsm - ok
01:49:17.0050 1744 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
01:49:17.0066 1744 MSDTC - ok
01:49:17.0113 1744 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:49:17.0113 1744 Msfs - ok
01:49:17.0144 1744 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:49:17.0144 1744 msisadrv - ok
01:49:17.0206 1744 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:49:17.0206 1744 MSiSCSI - ok
01:49:17.0222 1744 msiserver - ok
01:49:17.0285 1744 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:49:17.0285 1744 MSKSSRV - ok
01:49:17.0363 1744 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
01:49:17.0363 1744 MsMpSvc - ok
01:49:17.0410 1744 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:49:17.0410 1744 MSPCLOCK - ok
01:49:17.0425 1744 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:49:17.0425 1744 MSPQM - ok
01:49:17.0488 1744 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:49:17.0488 1744 MsRPC - ok
01:49:17.0519 1744 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:49:17.0519 1744 mssmbios - ok
01:49:17.0566 1744 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:49:17.0566 1744 MSTEE - ok
01:49:17.0597 1744 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
01:49:17.0597 1744 Mup - ok
01:49:17.0675 1744 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
01:49:17.0675 1744 napagent - ok
01:49:17.0738 1744 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:49:17.0738 1744 NativeWifiP - ok
01:49:17.0816 1744 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:49:17.0831 1744 NDIS - ok
01:49:17.0878 1744 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:49:17.0878 1744 NdisTapi - ok
01:49:17.0894 1744 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:49:17.0894 1744 Ndisuio - ok
01:49:17.0925 1744 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:49:17.0925 1744 NdisWan - ok
01:49:17.0988 1744 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:49:17.0988 1744 NDProxy - ok
01:49:18.0050 1744 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
01:49:18.0066 1744 Net Driver HPZ12 - ok
01:49:18.0081 1744 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:49:18.0081 1744 NetBIOS - ok
01:49:18.0160 1744 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
01:49:18.0160 1744 netbt - ok
01:49:18.0222 1744 [ 3978F3540329E16C0AC3BCF677E5669F ] Netlogon C:\Windows\system32\lsass.exe
01:49:18.0222 1744 Netlogon - ok
01:49:18.0300 1744 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
01:49:18.0300 1744 Netman - ok
01:49:18.0347 1744 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
01:49:18.0363 1744 netprofm - ok
01:49:18.0394 1744 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:49:18.0394 1744 NetTcpPortSharing - ok
01:49:18.0472 1744 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:49:18.0472 1744 nfrd960 - ok
01:49:18.0535 1744 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
01:49:18.0535 1744 NisDrv - ok
01:49:18.0613 1744 [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
01:49:18.0613 1744 NisSrv - ok
01:49:18.0660 1744 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:49:18.0675 1744 NlaSvc - ok
01:49:18.0706 1744 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:49:18.0706 1744 Npfs - ok
01:49:18.0769 1744 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
01:49:18.0769 1744 nsi - ok
01:49:18.0831 1744 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:49:18.0831 1744 nsiproxy - ok
01:49:18.0972 1744 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:49:18.0988 1744 Ntfs - ok
01:49:19.0019 1744 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
01:49:19.0019 1744 ntrigdigi - ok
01:49:19.0066 1744 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
01:49:19.0066 1744 Null - ok
01:49:19.0097 1744 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:49:19.0097 1744 nvraid - ok
01:49:19.0160 1744 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:49:19.0160 1744 nvstor - ok
01:49:19.0206 1744 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:49:19.0206 1744 nv_agp - ok
01:49:19.0222 1744 NwlnkFlt - ok
01:49:19.0238 1744 NwlnkFwd - ok
01:49:19.0285 1744 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:49:19.0285 1744 ohci1394 - ok
01:49:19.0378 1744 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:49:19.0378 1744 ose - ok
01:49:19.0456 1744 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
01:49:19.0472 1744 p2pimsvc - ok
01:49:19.0488 1744 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
01:49:19.0519 1744 p2psvc - ok
01:49:19.0566 1744 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
01:49:19.0566 1744 Parport - ok
01:49:19.0628 1744 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:49:19.0628 1744 partmgr - ok
01:49:19.0644 1744 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
01:49:19.0644 1744 Parvdm - ok
01:49:19.0706 1744 [ 1961590AA191B6B7DCF18A6A693AF7B8 ] PCASp50 C:\Windows\system32\Drivers\PCASp50.sys
01:49:19.0706 1744 PCASp50 - ok
01:49:19.0753 1744 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
01:49:19.0753 1744 PcaSvc - ok
01:49:19.0800 1744 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
01:49:19.0800 1744 pci - ok
01:49:19.0863 1744 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
01:49:19.0863 1744 pciide - ok
01:49:19.0925 1744 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:49:19.0925 1744 pcmcia - ok
01:49:19.0988 1744 [ 351BD8C80B2C411EA5A122FCFED4D7C8 ] PCTINDIS5 C:\Windows\system32\PCTINDIS5.SYS
01:49:19.0988 1744 PCTINDIS5 - ok
01:49:20.0035 1744 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:49:20.0081 1744 PEAUTH - ok
01:49:20.0206 1744 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
01:49:20.0222 1744 pla - ok
01:49:20.0285 1744 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:49:20.0300 1744 PlugPlay - ok
01:49:20.0331 1744 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
01:49:20.0331 1744 Pml Driver HPZ12 - ok
01:49:20.0410 1744 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
01:49:20.0410 1744 PNRPAutoReg - ok
01:49:20.0456 1744 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
01:49:20.0456 1744 PNRPsvc - ok
01:49:20.0519 1744 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:49:20.0535 1744 PolicyAgent - ok
01:49:20.0597 1744 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:49:20.0597 1744 PptpMiniport - ok
01:49:20.0628 1744 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
01:49:20.0628 1744 Processor - ok
01:49:20.0675 1744 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
01:49:20.0691 1744 ProfSvc - ok
01:49:20.0706 1744 [ 3978F3540329E16C0AC3BCF677E5669F ] ProtectedStorage C:\Windows\system32\lsass.exe
01:49:20.0706 1744 ProtectedStorage - ok
01:49:20.0785 1744 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
01:49:20.0785 1744 PSched - ok
01:49:20.0847 1744 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
01:49:20.0847 1744 PxHelp20 - ok
01:49:20.0956 1744 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:49:20.0972 1744 ql2300 - ok
01:49:20.0988 1744 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:49:21.0003 1744 ql40xx - ok
01:49:21.0066 1744 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
01:49:21.0066 1744 QWAVE - ok
01:49:21.0081 1744 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:49:21.0081 1744 QWAVEdrv - ok
01:49:21.0191 1744 [ 554685122B4F973E21D66C2BAAF29543 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
01:49:21.0222 1744 R300 - ok
01:49:21.0269 1744 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:49:21.0269 1744 RasAcd - ok
01:49:21.0316 1744 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
01:49:21.0316 1744 RasAuto - ok
01:49:21.0378 1744 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:49:21.0378 1744 Rasl2tp - ok
01:49:21.0425 1744 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
01:49:21.0441 1744 RasMan - ok
01:49:21.0472 1744 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:49:21.0503 1744 RasPppoe - ok
01:49:21.0550 1744 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:49:21.0550 1744 RasSstp - ok
01:49:21.0628 1744 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:49:21.0628 1744 rdbss - ok
01:49:21.0691 1744 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:49:21.0691 1744 RDPCDD - ok
01:49:21.0753 1744 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
01:49:21.0769 1744 rdpdr - ok
01:49:21.0769 1744 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:49:21.0769 1744 RDPENCDD - ok
01:49:21.0816 1744 [ 30BFBDFB7F95559EDE971F9DDB9A00BA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:49:21.0816 1744 RDPWD - ok
01:49:21.0925 1744 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
01:49:21.0925 1744 RealNetworks Downloader Resolver Service - ok
01:49:21.0988 1744 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:49:22.0003 1744 RemoteAccess - ok
01:49:22.0050 1744 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:49:22.0066 1744 RemoteRegistry - ok
01:49:22.0144 1744 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
01:49:22.0144 1744 rimmptsk - ok
01:49:22.0191 1744 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\Windows\system32\drivers\rimsptsk.sys
01:49:22.0191 1744 rimsptsk - ok
01:49:22.0222 1744 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
01:49:22.0222 1744 RimVSerPort - ok
01:49:22.0269 1744 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\drivers\rixdptsk.sys
01:49:22.0269 1744 rismxdp - ok
01:49:22.0300 1744 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
01:49:22.0300 1744 ROOTMODEM - ok
01:49:22.0363 1744 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
01:49:22.0363 1744 RpcLocator - ok
01:49:22.0425 1744 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
01:49:22.0441 1744 RpcSs - ok
01:49:22.0456 1744 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:49:22.0456 1744 rspndr - ok
01:49:22.0503 1744 [ 3978F3540329E16C0AC3BCF677E5669F ] SamSs C:\Windows\system32\lsass.exe
01:49:22.0503 1744 SamSs - ok
01:49:22.0581 1744 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
01:49:22.0581 1744 SASDIFSV - ok
01:49:22.0613 1744 [ 7CE61C25C159F50F9EAF6D77FC83FA35 ] SASENUM C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
01:49:22.0613 1744 SASENUM - ok
01:49:22.0675 1744 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
01:49:22.0691 1744 SASKUTIL - ok
01:49:22.0706 1744 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:49:22.0738 1744 sbp2port - ok
01:49:22.0785 1744 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:49:22.0785 1744 SCardSvr - ok
01:49:22.0910 1744 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
01:49:22.0910 1744 Schedule - ok
01:49:22.0925 1744 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
01:49:22.0925 1744 SCPolicySvc - ok
01:49:23.0019 1744 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
01:49:23.0019 1744 sdbus - ok
01:49:23.0066 1744 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:49:23.0066 1744 SDRSVC - ok
01:49:23.0128 1744 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:49:23.0128 1744 secdrv - ok
01:49:23.0160 1744 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
01:49:23.0160 1744 seclogon - ok
01:49:23.0175 1744 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
01:49:23.0175 1744 SENS - ok
01:49:23.0238 1744 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
01:49:23.0238 1744 Serenum - ok
01:49:23.0253 1744 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
01:49:23.0253 1744 Serial - ok
01:49:23.0300 1744 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:49:23.0300 1744 sermouse - ok
01:49:23.0331 1744 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
01:49:23.0331 1744 SessionEnv - ok
01:49:23.0378 1744 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
01:49:23.0394 1744 sffdisk - ok
01:49:23.0410 1744 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:49:23.0410 1744 sffp_mmc - ok
01:49:23.0472 1744 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
01:49:23.0472 1744 sffp_sd - ok
01:49:23.0535 1744 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:49:23.0535 1744 sfloppy - ok
01:49:23.0597 1744 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:49:23.0613 1744 SharedAccess - ok
01:49:23.0675 1744 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:49:23.0691 1744 ShellHWDetection - ok
01:49:23.0706 1744 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
01:49:23.0706 1744 sisagp - ok
01:49:23.0722 1744 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
01:49:23.0722 1744 SiSRaid2 - ok
01:49:23.0769 1744 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:49:23.0769 1744 SiSRaid4 - ok
01:49:23.0925 1744 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
01:49:23.0988 1744 slsvc - ok
01:49:24.0050 1744 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
01:49:24.0050 1744 SLUINotify - ok
01:49:24.0128 1744 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:49:24.0144 1744 Smb - ok
01:49:24.0206 1744 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:49:24.0206 1744 SNMPTRAP - ok
01:49:24.0253 1744 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
01:49:24.0253 1744 spldr - ok
01:49:24.0300 1744 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
01:49:24.0300 1744 Spooler - ok
01:49:24.0363 1744 sprtsvc_dellsupportcenter - ok
01:49:24.0410 1744 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
01:49:24.0410 1744 srv - ok
01:49:24.0488 1744 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:49:24.0488 1744 srv2 - ok
01:49:24.0550 1744 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:49:24.0550 1744 srvnet - ok
01:49:24.0597 1744 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:49:24.0597 1744 SSDPSRV - ok
01:49:24.0644 1744 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:49:24.0644 1744 SstpSvc - ok
01:49:24.0706 1744 [ D294949451D2DBB3FF22BA352978D99D ] STacSV C:\Windows\system32\STacSV.exe
01:49:24.0706 1744 STacSV - ok
01:49:24.0769 1744 [ 3CFEA727795243364BB6A7F9A091FAA3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
01:49:24.0769 1744 STHDA - ok
01:49:24.0831 1744 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
01:49:24.0847 1744 stisvc - ok
01:49:24.0925 1744 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
01:49:24.0925 1744 stllssvr - ok
01:49:25.0003 1744 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:49:25.0003 1744 swenum - ok
01:49:25.0066 1744 [ 851681F7D3200E2A646C5EE4D4E9883D ] swmsflt C:\Windows\System32\drivers\swmsflt.sys
01:49:25.0066 1744 swmsflt - ok
01:49:25.0113 1744 [ 2F6F8B7F821C994DE3D1CAF399BF9CD3 ] SWNC8U56 C:\Windows\system32\DRIVERS\swnc8u56.sys
01:49:25.0113 1744 SWNC8U56 - ok
01:49:25.0191 1744 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
01:49:25.0222 1744 swprv - ok
01:49:25.0253 1744 [ 903A5E596A3910CEBFA33F3BD7D9C174 ] SWUMX56 C:\Windows\system32\DRIVERS\swumx56.sys
01:49:25.0253 1744 SWUMX56 - ok
01:49:25.0316 1744 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
01:49:25.0316 1744 Symc8xx - ok
01:49:25.0378 1744 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
01:49:25.0394 1744 Sym_hi - ok
01:49:25.0425 1744 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
01:49:25.0425 1744 Sym_u3 - ok
01:49:25.0503 1744 [ 451E8037E2EB6DA6BDF0A66F65D1810B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
01:49:25.0535 1744 SynTP - ok
01:49:25.0613 1744 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
01:49:25.0628 1744 SysMain - ok
01:49:25.0660 1744 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:49:25.0660 1744 TabletInputService - ok
01:49:25.0738 1744 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:49:25.0738 1744 TapiSrv - ok
01:49:25.0785 1744 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
01:49:25.0785 1744 TBS - ok
01:49:25.0878 1744 [ 6A10AFCE0B38371064BE41C1FBFD3C6B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:49:25.0878 1744 Tcpip - ok
01:49:25.0925 1744 [ 6A10AFCE0B38371064BE41C1FBFD3C6B ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
01:49:25.0941 1744 Tcpip6 - ok
01:49:25.0956 1744 [ 9BF343F4C878D6AD6922B2C5A4FEFE0D ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:49:25.0956 1744 tcpipreg - ok
01:49:26.0019 1744 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:49:26.0019 1744 TDPIPE - ok
01:49:26.0035 1744 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:49:26.0035 1744 TDTCP - ok
01:49:26.0097 1744 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:49:26.0097 1744 tdx - ok
01:49:26.0160 1744 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:49:26.0160 1744 TermDD - ok
01:49:26.0191 1744 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
01:49:26.0206 1744 TermService - ok
01:49:26.0269 1744 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
01:49:26.0269 1744 Themes - ok
01:49:26.0316 1744 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
01:49:26.0316 1744 THREADORDER - ok
01:49:26.0394 1744 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
01:49:26.0394 1744 TrkWks - ok
01:49:26.0472 1744 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:49:26.0472 1744 TrustedInstaller - ok
01:49:26.0519 1744 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:49:26.0550 1744 tssecsrv - ok
01:49:26.0581 1744 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
01:49:26.0581 1744 tunmp - ok
01:49:26.0628 1744 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:49:26.0628 1744 tunnel - ok
01:49:26.0660 1744 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:49:26.0660 1744 uagp35 - ok
01:49:26.0738 1744 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:49:26.0738 1744 udfs - ok
01:49:26.0800 1744 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:49:26.0800 1744 UI0Detect - ok
01:49:26.0863 1744 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:49:26.0863 1744 uliagpkx - ok
01:49:26.0894 1744 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
01:49:26.0894 1744 uliahci - ok
01:49:26.0910 1744 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
01:49:26.0910 1744 UlSata - ok
01:49:26.0956 1744 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
01:49:26.0972 1744 ulsata2 - ok
01:49:26.0988 1744 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:49:26.0988 1744 umbus - ok
01:49:27.0035 1744 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
01:49:27.0035 1744 upnphost - ok
01:49:27.0097 1744 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:49:27.0097 1744 usbccgp - ok
01:49:27.0128 1744 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:49:27.0128 1744 usbcir - ok
01:49:27.0191 1744 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:49:27.0191 1744 usbehci - ok
01:49:27.0222 1744 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:49:27.0222 1744 usbhub - ok
01:49:27.0300 1744 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
01:49:27.0300 1744 usbohci - ok
01:49:27.0347 1744 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:49:27.0347 1744 usbprint - ok
01:49:27.0378 1744 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:49:27.0378 1744 usbscan - ok
01:49:27.0441 1744 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:49:27.0441 1744 USBSTOR - ok
01:49:27.0503 1744 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:49:27.0503 1744 usbuhci - ok
01:49:27.0566 1744 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
01:49:27.0566 1744 UxSms - ok
01:49:27.0644 1744 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
01:49:27.0660 1744 vds - ok
01:49:27.0691 1744 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:49:27.0691 1744 vga - ok
01:49:27.0722 1744 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
01:49:27.0722 1744 VgaSave - ok
01:49:27.0753 1744 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
01:49:27.0753 1744 viaagp - ok
01:49:27.0800 1744 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
01:49:27.0800 1744 ViaC7 - ok
01:49:27.0894 1744 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
01:49:27.0894 1744 viaide - ok
01:49:27.0910 1744 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:49:27.0910 1744 volmgr - ok
01:49:27.0972 1744 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:49:27.0988 1744 volmgrx - ok
01:49:28.0050 1744 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:49:28.0050 1744 volsnap - ok
01:49:28.0081 1744 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:49:28.0097 1744 vsmraid - ok
01:49:28.0175 1744 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
01:49:28.0191 1744 VSS - ok
01:49:28.0285 1744 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
01:49:28.0285 1744 W32Time - ok
01:49:28.0316 1744 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:49:28.0316 1744 WacomPen - ok
01:49:28.0378 1744 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
01:49:28.0378 1744 Wanarp - ok
01:49:28.0378 1744 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:49:28.0378 1744 Wanarpv6 - ok
01:49:28.0425 1744 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:49:28.0441 1744 wcncsvc - ok
01:49:28.0472 1744 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:49:28.0472 1744 WcsPlugInService - ok
01:49:28.0519 1744 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
01:49:28.0535 1744 Wd - ok
01:49:28.0597 1744 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:49:28.0597 1744 Wdf01000 - ok
01:49:28.0628 1744 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:49:28.0628 1744 WdiServiceHost - ok
01:49:28.0660 1744 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:49:28.0660 1744 WdiSystemHost - ok
01:49:28.0706 1744 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
01:49:28.0738 1744 WebClient - ok
01:49:28.0769 1744 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:49:28.0785 1744 Wecsvc - ok
01:49:28.0816 1744 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:49:28.0816 1744 wercplsupport - ok
01:49:28.0894 1744 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
01:49:28.0894 1744 WerSvc - ok
01:49:28.0972 1744 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
01:49:28.0988 1744 winachsf - ok
01:49:29.0081 1744 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
01:49:29.0081 1744 WinDefend - ok
01:49:29.0097 1744 WinHttpAutoProxySvc - ok
01:49:29.0222 1744 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:49:29.0238 1744 Winmgmt - ok
01:49:29.0300 1744 [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM C:\Windows\system32\WsmSvc.dll
01:49:29.0316 1744 WinRM - ok
01:49:29.0410 1744 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
01:49:29.0425 1744 Wlansvc - ok
01:49:29.0441 1744 wltrysvc - ok
01:49:29.0503 1744 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
01:49:29.0503 1744 WmiAcpi - ok
01:49:29.0550 1744 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:49:29.0581 1744 wmiApSrv - ok
01:49:29.0691 1744 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
01:49:29.0706 1744 WMPNetworkSvc - ok
01:49:29.0769 1744 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:49:29.0769 1744 WPCSvc - ok
01:49:29.0816 1744 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:49:29.0831 1744 WPDBusEnum - ok
01:49:29.0910 1744 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
01:49:29.0910 1744 WpdUsb - ok
01:49:29.0941 1744 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:49:29.0941 1744 ws2ifsl - ok
01:49:30.0019 1744 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
01:49:30.0050 1744 wscsvc - ok
01:49:30.0066 1744 WSearch - ok
01:49:30.0191 1744 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
01:49:30.0222 1744 wuauserv - ok
01:49:30.0269 1744 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:49:30.0269 1744 WUDFRd - ok
01:49:30.0300 1744 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:49:30.0300 1744 wudfsvc - ok
01:49:30.0347 1744 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
01:49:30.0363 1744 XAudio - ok
01:49:30.0378 1744 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
01:49:30.0394 1744 XAudioService - ok
01:49:30.0456 1744 ================ Scan global ===============================
01:49:30.0503 1744 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
01:49:30.0550 1744 [ 5DF01708D214FDC0075AD197F1889557 ] C:\Windows\system32\winsrv.dll
01:49:30.0597 1744 [ 5DF01708D214FDC0075AD197F1889557 ] C:\Windows\system32\winsrv.dll
01:49:30.0660 1744 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
01:49:30.0675 1744 [Global] - ok
01:49:30.0675 1744 ================ Scan MBR ==================================
01:49:30.0691 1744 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
01:49:31.0238 1744 \Device\Harddisk0\DR0 - ok
01:49:31.0238 1744 ================ Scan VBR ==================================
01:49:31.0285 1744 [ 8E06258498D1CC19212F2D57D3E0357A ] \Device\Harddisk0\DR0\Partition1
01:49:31.0285 1744 \Device\Harddisk0\DR0\Partition1 - ok
01:49:31.0300 1744 [ 586058479EC84E17A6024CC5BC95A7FD ] \Device\Harddisk0\DR0\Partition2
01:49:31.0300 1744 \Device\Harddisk0\DR0\Partition2 - ok
01:49:31.0300 1744 ============================================================
01:49:31.0300 1744 Scan finished
01:49:31.0300 1744 ============================================================
01:49:31.0316 0372 Detected object count: 0
01:49:31.0316 0372 Actual detected object count: 0
01:49:47.0316 0996 Deinitialize success
  • 0

#8
khphoto1
Posted 01 July 2013 - 07:05 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
I have two iexplore/combofix log files. I had to run it again to discover it's log name is Rkill.txt.

Here's the first one.

Rkill 2.5.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html

Program started at: 06/30/2013 01:43:48 AM in x86 mode.
Windows Version: Windows Vista ™ Home Basic Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Reparse Point/Junctions Found (Most likely legitimate)!

* C:\Windows\System32\config\systemprofile\AppData\Local\Application Data => C:\Windows\system32\config\systemprofile\AppData\Local [Dir]
* C:\Windows\System32\config\systemprofile\AppData\Local\History => C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History [Dir]
* C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files => C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files [Dir]
* C:\Windows\System32\config\systemprofile\Application Data => C:\Windows\system32\config\systemprofile\AppData\Roaming [Dir]
* C:\Windows\System32\config\systemprofile\Cookies => C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies [Dir]
* C:\Windows\System32\config\systemprofile\Local Settings => C:\Windows\system32\config\systemprofile\AppData\Local [Dir]

* No issues found.

Checking Windows Service Integrity:

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 06/30/2013 01:46:57 AM
Execution time: 0 hours(s), 3 minute(s), and 9 seconds(s)
  • 0

#9
khphoto1
Posted 01 July 2013 - 07:07 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Second log for Rkill/iexplore/combofix

Rkill 2.5.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html

Program started at: 07/01/2013 08:57:13 PM in x86 mode.
Windows Version: Windows Vista ™ Home Basic Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\System32\WLTRYSVC.EXE (PID: 1656) [WD-HEUR]
* C:\Windows\System32\bcmwltry.exe (PID: 1676) [WD-HEUR]
* C:\Windows\system32\STacSV.exe (PID: 2216) [WD-HEUR]
* C:\Windows\System32\WLTRAY.EXE (PID: 3240) [WD-HEUR]
* C:\Windows\sttray.exe (PID: 3440) [WD-HEUR]

5 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Reparse Point/Junctions Found (Most likely legitimate)!

* C:\Windows\System32\config\systemprofile\AppData\Local\Application Data => C:\Windows\system32\config\systemprofile\AppData\Local [Dir]
* C:\Windows\System32\config\systemprofile\AppData\Local\History => C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History [Dir]
* C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files => C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files [Dir]
* C:\Windows\System32\config\systemprofile\Application Data => C:\Windows\system32\config\systemprofile\AppData\Roaming [Dir]
* C:\Windows\System32\config\systemprofile\Cookies => C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies [Dir]
* C:\Windows\System32\config\systemprofile\Local Settings => C:\Windows\system32\config\systemprofile\AppData\Local [Dir]

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 07/01/2013 09:01:44 PM
Execution time: 0 hours(s), 4 minute(s), and 31 seconds(s)
  • 0

#10
khphoto1
Posted 01 July 2013 - 07:12 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Malwarebytes Log:

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 6.0.6002 Service Pack 2 (Safe Mode)

6/30/2013 2:45:23 AM
mbam-log-2013-06-30 (02-45-22).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 238746
Time elapsed: 49 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\ProgramData\00063531 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\55781281 (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Infected:
(No malicious items detected)
  • 0

Advertisements

#11
khphoto1
Posted 01 July 2013 - 07:19 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
MSERT log file:


---------------------------------------------------------------------------------------

Microsoft Safety Scanner v1.0, (build 1.153.772.0)
Started On Thu Jun 27 19:53:33 2013

Extended Scan Results
----------------
->Scan ERROR: resource process://pid:1172 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:22808 (code 0x00000490 (1168))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x0000054F (1359))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x0000054F (1359))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\System Volume Information\{085e86cc-d61d-11e2-a855-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{5a7f01a6-df65-11e2-9534-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{646e46b4-c556-11e2-80e6-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{7ff16d74-c0c4-11e2-a10e-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{c0608e8d-df4f-11e2-b314-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{cc573351-c94c-11e2-aba0-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{d09e6726-be33-11e2-9564-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1BZIHKT\1866759219_dpmp4hi_0[1].mp4 (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NRBJNRCB\1476136417@Middle,x28,x70,Top,Top3[1].txt (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NRBJNRCB\crossdomain[2].xml (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NRBJNRCB\logCADML9EU.txt (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NRBJNRCB\logCAZKT2C0.txt (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PE0IPRE6\smoking_phone-012113074149038-66576[1].flv (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PE0IPRE6\statsnew[1].xml (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U2ZIFCI2\1866753309_dpmp4lo_0[1].mp4 (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U2ZIFCI2\crossdomain[7].xml (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U2ZIFCI2\crossdomain[9].xml (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U2ZIFCI2\dynamic[1].swf (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U2ZIFCI2\log[2].htm (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U2ZIFCI2\statsnew[1].xml (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession.etl (code 0x00000005 (5))
Threat detected: Rogue:Win32/FakeRean
file://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\6b14660a-2013e0ea
SigSeq: 0x0000E0419ED0524B
SHA1: C55207363DA9C5D5BD2508E39C62FA974B9AC4AC
file://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\63f65972-66bf3566
SigSeq: 0x0000E0419ED0524B
SHA1: FAB7B613ADC585851C70E76878A015EF3951BA58
Threat detected: Exploit:Java/CVE-2010-0840
containerfile://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\1954dcb2-58838a3b
SHA1: 69BA0B8B67D38B6CB627FC88919C8BFB9E8FCE40
file://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\1954dcb2-58838a3b->buildService/MapYandex.class
SigSeq: 0x000010803B7947FE
SHA1: 6DCC5BED27D34D1C4B5AF18A4669CD1082CED7C7
Threat detected: PWS:Win32/Fareit.gen!A
containerfile://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\4eae4f5c-1bd9a566
SHA1: DF79D15E721F9E2FDB7D483E43695D877DD6DEB7
containerfile://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\4eae4f5c-512e1833
SHA1: DF79D15E721F9E2FDB7D483E43695D877DD6DEB7
file://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\4eae4f5c-1bd9a566->[Obfuscator.PN]
SigSeq: 0x00008540A8C56923
SHA1: DF79D15E721F9E2FDB7D483E43695D877DD6DEB7
file://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\4eae4f5c-512e1833->[Obfuscator.PN]
SigSeq: 0x00008540A8C56923
SHA1: DF79D15E721F9E2FDB7D483E43695D877DD6DEB7
Threat detected: Exploit:Java/CVE-2011-3544
containerfile://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\49f5e381-242d4de6
SHA1: 1904E219EF32271A6AFF3F05DC0B39FD1B183294
containerfile://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\585180f6-11ca0b79
SHA1: 1904E219EF32271A6AFF3F05DC0B39FD1B183294
file://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\49f5e381-242d4de6->Market.class
SigSeq: 0x000010805BD2F767
SHA1: F7BAA1CB2D793C4C8010D9A88130303C1378E9F1
file://C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\585180f6-11ca0b79->Market.class
SigSeq: 0x000010805BD2F767
SHA1: F7BAA1CB2D793C4C8010D9A88130303C1378E9F1
Threat detected: Trojan:DOS/Alureon.M
file://C:\TDSSKiller_Quarantine\27.06.2013_19.46.41\mbr0000\mbr0000\tsk0000.dta
SigSeq: 0x0000214463632595
SHA1: 369E9016B2C849D05174A840B6C36283FDC8C1E4
file://C:\TDSSKiller_Quarantine\27.06.2013_19.46.41\mbr0000\mbr0000\tsk0001.dta
SigSeq: 0x0000214463632595
SHA1: 75C4AF5AD3A5662CF4AD54E7263498B9C1666B13
file://C:\TDSSKiller_Quarantine\27.06.2013_19.46.41\mbr0001\mbr0000\tsk0000.dta
SigSeq: 0x0000214463632595
SHA1: 369E9016B2C849D05174A840B6C36283FDC8C1E4
file://C:\TDSSKiller_Quarantine\27.06.2013_19.46.41\mbr0001\mbr0000\tsk0001.dta
SigSeq: 0x0000214463632595
SHA1: 6A70EC86BB47B9710E1CCFC3DA97EEE35CDFF20C
Threat detected: Trojan:DOS/Alureon.AB
rootkit://Alureon->Mbr::Alureon
SigSeq: 0x000046A993FAB750

Extended Scan Removal Results
----------------
Start 'remove' for rootkit://Alureon->Mbr::Alureon
Operation failed (code=0x8017), please use a full antivirus product ! !

Start 'remove' for file://\\?\C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\585180f6-11ca0b79->Market.class
Operation succeeded !

Start 'remove' for file://\\?\C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\63f65972-66bf3566
Operation succeeded !

Start 'remove' for file://\\?\C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\1954dcb2-58838a3b->buildService/MapYandex.class
Operation succeeded !

Start 'remove' for file://\\?\C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\4eae4f5c-512e1833->[Obfuscator.PN]
Operation succeeded !

Start 'remove' for file://\\?\C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\4eae4f5c-1bd9a566->[Obfuscator.PN]
Operation succeeded !

Start 'remove' for file://\\?\C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\49f5e381-242d4de6->Market.class
Operation succeeded !

Start 'remove' for file://\\?\C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\6b14660a-2013e0ea
Operation succeeded !

Start 'remove' for file://\\?\C:\TDSSKiller_Quarantine\27.06.2013_19.46.41\mbr0001\mbr0000\tsk0001.dta
Operation succeeded !

Start 'remove' for file://\\?\C:\TDSSKiller_Quarantine\27.06.2013_19.46.41\mbr0001\mbr0000\tsk0000.dta
Operation succeeded !

Start 'remove' for file://\\?\C:\TDSSKiller_Quarantine\27.06.2013_19.46.41\mbr0000\mbr0000\tsk0001.dta
Operation succeeded !

Start 'remove' for file://\\?\C:\TDSSKiller_Quarantine\27.06.2013_19.46.41\mbr0000\mbr0000\tsk0000.dta
Operation succeeded !


Results Summary:
----------------
Found Trojan:DOS/Alureon.M, partially removed and requires additional removal steps
Found Trojan:DOS/Alureon.AB, partially removed.
Found Exploit:Java/CVE-2010-0840 and Removed!
Found Exploit:Java/CVE-2011-3544 and Removed!
Found PWS:Win32/Fareit.gen!A and Removed!
Found Rogue:Win32/FakeRean and Removed!
Microsoft Safety Scanner Finished On Fri Jun 28 02:09:10 2013


Return code: 8 (0x8)

---------------------------------------------------------------------------------------

Microsoft Safety Scanner v1.0, (build 1.153.772.0)
Started On Sat Jun 29 11:44:02 2013

Extended Scan Results
----------------
->Scan ERROR: resource process://pid:1200 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:2240 (code 0x00000490 (1168))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x0000054F (1359))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x0000054F (1359))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{3f2b3271-e036-11e2-a73a-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{68961dc6-e075-11e2-a96e-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{99e3e253-e070-11e2-95e0-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{bdb07893-dfe5-11e2-bdc1-00217077ae31}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl (code 0x00000005 (5))
No infection found as part of the extended scan

Results Summary:
----------------
No infection found.
  • 0

#12
khphoto1
Posted 01 July 2013 - 08:44 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
OTL text file:

OTL logfile created on: 7/1/2013 10:09:10 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.32 Mb Total Physical Memory | 401.73 Mb Available Physical Memory | 44.97% Memory free
2.00 Gb Paging File | 1.03 Gb Available in Paging File | 51.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 64.44 Gb Total Space | 38.17 Gb Free Space | 59.23% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.64 Gb Free Space | 66.38% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/01 22:04:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2013/06/29 22:51:06 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2013/06/28 16:06:13 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/11 02:28:04 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/02/26 11:57:28 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/02/22 18:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/04/28 11:14:44 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/01 20:28:22 | 000,052,736 | ---- | M] () -- C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2013/06/30 01:25:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e515919524c6be56f55ad12fbdd23c19\System.Runtime.Remoting.ni.dll
MOD - [2013/06/30 01:19:47 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll
MOD - [2013/06/30 01:19:00 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll
MOD - [2013/06/30 01:18:40 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49431ce6d568de0bafdb1b25d3942723\System.Xml.ni.dll
MOD - [2013/06/30 01:18:29 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\207b1e1e2254c7a308efe4f903e52ce2\System.Configuration.ni.dll
MOD - [2013/06/30 01:17:18 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll
MOD - [2013/06/30 01:16:29 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll
MOD - [2013/06/29 22:51:22 | 000,063,488 | ---- | M] () -- C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2013/06/27 17:55:50 | 000,052,224 | ---- | M] () -- C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2009/03/30 00:42:19 | 005,242,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2009/03/30 00:42:18 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2007/10/17 05:33:56 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll


========== Services (SafeList) ==========

SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2008/03/06 16:10:52 | 000,106,496 | ---- | M] (PCTEL) [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe -- (ATTRcAppSvc)
SRV - [2008/03/06 16:09:50 | 000,118,784 | ---- | M] (PCTEL) [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe -- (CAATT)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/24 08:31:10 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B412FCC-8A46-40DB-85C6-A1E6EC3C7F36}\MpKsl7f522c90.sys -- (MpKsl7f522c90)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV - [2013/06/29 22:51:06 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2013/06/29 22:51:04 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2013/06/29 22:51:04 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2013/06/28 16:37:32 | 000,030,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2008/09/29 15:42:19 | 000,026,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/06/24 01:42:20 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/03/06 15:57:32 | 000,032,160 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2008/03/06 15:57:32 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2008/01/20 22:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/10/17 05:33:56 | 002,085,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/06/27 09:42:34 | 000,073,856 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swumx56.sys -- (SWUMX56)
DRV - [2007/06/27 09:41:48 | 000,101,248 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8u56.sys -- (SWNC8U56)
DRV - [2007/04/24 08:31:16 | 000,323,584 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/04/24 08:29:38 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/04/24 08:00:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/04/24 08:00:18 | 000,043,520 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/04/24 08:00:16 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/10/30 11:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://broadband.zoomtown.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADFA_en
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADFA_en
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4093085210-3276581103-882992531-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=0080906
IE - HKU\S-1-5-21-4093085210-3276581103-882992531-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-4093085210-3276581103-882992531-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4093085210-3276581103-882992531-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-4093085210-3276581103-882992531-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-4093085210-3276581103-882992531-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-4093085210-3276581103-882992531-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7ADFA_enUS339
IE - HKU\S-1-5-21-4093085210-3276581103-882992531-1000\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}: "URL" = http://www.ffgoo.com...8&oe=utf-8&aq=t
IE - HKU\S-1-5-21-4093085210-3276581103-882992531-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@ei.TelevisionFanatic.com/Plugin: C:\Program Files\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll (TelevisionFanatic)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/05/04 12:28:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/28 16:08:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/05/04 12:28:01 | 000,000,000 | ---D | M]

[2013/06/28 14:03:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\extensions
[2013/06/28 14:03:02 | 000,000,000 | ---D | M] (InfoSeeker) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\extensions\[email protected]

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (InfoSeeker) - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files\InfoSeeker\IE\common.dll (Big Water Applications, LLC)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AT&T Communication Manager] C:\Program Files\AT&T\Communication Manager\ATTCM.exe (ATT)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4093085210-3276581103-882992531-1000..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-4093085210-3276581103-882992531-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51EF80D9-4AB6-4DBA-9AC2-657301461F91}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\User\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\User\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/25 21:27:53 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{30c95656-8a3b-11dd-af02-00217077ae31}\Shell - "" = AutoRun
O33 - MountPoints2\{30c95656-8a3b-11dd-af02-00217077ae31}\Shell\AutoRun\command - "" = F:\WIN\setup.exe
O33 - MountPoints2\{e1c9e5d7-3200-11de-95ce-00217077ae31}\Shell\AutoRun\command - "" = F:\Setup_FlipShare.exe
O33 - MountPoints2\{e1c9e5d7-3200-11de-95ce-00217077ae31}\Shell\Setup FlipShare\command - "" = F:\Setup_FlipShare.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\system\viewer\FlipVideoforPC.exe
O33 - MountPoints2\F\Shell\Flip Video for PC\command - "" = F:\system\viewer\FlipVideoforPC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/01 22:04:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013/06/30 11:31:16 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2013/06/30 11:31:15 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2013/06/30 11:29:48 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2013/06/30 11:29:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2013/06/30 01:02:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2013/06/30 01:02:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2013/06/30 01:02:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2013/06/29 10:27:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apps
[2013/06/29 00:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/06/29 00:29:58 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013/06/28 16:11:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\RealNetworks
[2013/06/28 16:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/06/28 16:08:09 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/06/28 16:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/06/28 16:07:07 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2013/06/28 16:06:35 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2013/06/28 16:06:35 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2013/06/28 16:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2013/06/28 16:06:29 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2013/06/28 16:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2013/06/28 16:02:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Real
[2013/06/28 15:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/06/28 15:46:51 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/06/28 14:10:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\We-Care Reminder
[2013/06/28 14:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\WeCareReminder
[2013/06/28 14:03:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Mozilla
[2013/06/28 14:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\InfoSeeker
[2013/06/27 19:48:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/06/27 18:30:15 | 000,000,000 | ---D | C] -- C:\Users\User\Searches\Documents\Software Help by KHH
[2013/06/27 17:44:14 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Pictures
[2013/06/27 14:21:09 | 000,000,000 | ---D | C] -- C:\779b0474515dc822bb3a872e281e35bd
[2013/06/17 18:02:38 | 000,000,000 | ---D | C] -- C:\3a81e36f66334a4c95c7ae
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/01 22:16:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/01 22:04:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013/07/01 20:31:41 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/07/01 20:31:40 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/01 20:29:34 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DD3BBBAB-7710-49EF-924A-3829D3458E84}.job
[2013/07/01 20:29:20 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/01 20:29:16 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/01 20:26:11 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/01 20:24:36 | 000,000,210 | ---- | M] () -- C:\Windows\tasks\PAV.job
[2013/07/01 20:24:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/01 20:24:13 | 937,476,096 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/01 12:46:17 | 000,000,295 | ---- | M] () -- C:\Users\User\Desktop\OS © - Shortcut.lnk
[2013/07/01 12:19:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013/06/30 02:51:06 | 000,007,944 | ---- | M] () -- C:\Users\User\AppData\Local\d3d9caps.dat
[2013/06/30 01:08:56 | 000,240,936 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/06/29 22:30:38 | 000,000,246 | ---- | M] () -- C:\Users\User\Desktop\Facebook.url
[2013/06/29 00:34:01 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/06/28 16:37:32 | 000,030,464 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro37.sys
[2013/06/28 16:29:41 | 000,002,524 | ---- | M] () -- C:\Windows\System32\.crusader
[2013/06/28 16:08:56 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/06/28 16:07:07 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2013/06/28 16:06:35 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2013/06/28 16:06:35 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2013/06/28 16:06:30 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2013/06/28 14:11:00 | 000,033,958 | ---- | M] () -- C:\ProgramData\uninstaller.exe
[2013/06/27 19:21:22 | 000,000,136 | ---- | M] () -- C:\Users\User\Desktop\FreeCell - Shortcut.lnk
[2013/06/27 19:21:05 | 000,000,136 | ---- | M] () -- C:\Users\User\Desktop\Spider Solitaire - Shortcut.lnk
[2013/06/27 14:05:53 | 000,000,136 | ---- | M] () -- C:\Users\User\Desktop\Solitaire - Shortcut.lnk
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/01 20:24:13 | 937,476,096 | -HS- | C] () -- C:\hiberfil.sys
[2013/07/01 12:46:17 | 000,000,295 | ---- | C] () -- C:\Users\User\Desktop\OS © - Shortcut.lnk
[2013/06/29 22:27:32 | 000,000,246 | ---- | C] () -- C:\Users\User\Desktop\Facebook.url
[2013/06/29 00:34:01 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/06/29 00:33:39 | 000,001,828 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/06/28 16:37:31 | 000,030,464 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro37.sys
[2013/06/28 16:29:41 | 000,002,524 | ---- | C] () -- C:\Windows\System32\.crusader
[2013/06/28 16:08:56 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/06/28 14:11:00 | 000,033,958 | ---- | C] () -- C:\ProgramData\uninstaller.exe
[2013/06/27 19:21:22 | 000,000,136 | ---- | C] () -- C:\Users\User\Desktop\FreeCell - Shortcut.lnk
[2013/06/27 19:21:05 | 000,000,136 | ---- | C] () -- C:\Users\User\Desktop\Spider Solitaire - Shortcut.lnk
[2013/06/27 14:05:53 | 000,000,136 | ---- | C] () -- C:\Users\User\Desktop\Solitaire - Shortcut.lnk
[2013/05/22 11:21:06 | 004,325,376 | ---- | C] () -- C:\ProgramData\ReadOnlyInstaller.msi
[2011/12/15 22:06:02 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/04/21 08:58:14 | 000,004,096 | ---- | C] () -- C:\Users\User\AppData\Local\keyfile3.drm
[2009/01/20 16:26:14 | 000,000,399 | ---- | C] () -- C:\Users\User\Documents - Shortcut.lnk
[2008/10/09 17:12:26 | 000,007,944 | ---- | C] () -- C:\Users\User\AppData\Local\d3d9caps.dat
[2008/09/29 20:50:37 | 000,011,264 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 12:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is F8FC-2A5A
Directory of C:\
09/10/2008 02:42 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
09/10/2008 02:42 PM <JUNCTION> Application Data [C:\ProgramData]
09/10/2008 02:42 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
09/10/2008 02:42 PM <JUNCTION> Documents [C:\Users\Public\Documents]
09/10/2008 02:42 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
09/10/2008 02:42 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
09/10/2008 02:42 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
09/10/2008 02:42 PM <SYMLINKD> All Users [C:\ProgramData]
09/10/2008 02:42 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
09/10/2008 02:42 PM <JUNCTION> Application Data [C:\ProgramData]
09/10/2008 02:42 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
09/10/2008 02:42 PM <JUNCTION> Documents [C:\Users\Public\Documents]
09/10/2008 02:42 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
09/10/2008 02:42 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
09/10/2008 02:42 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
09/10/2008 02:42 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
09/10/2008 02:42 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
09/10/2008 02:42 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
09/10/2008 02:42 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
09/10/2008 02:42 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
09/10/2008 02:42 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
09/10/2008 02:42 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
09/10/2008 02:42 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
09/10/2008 02:42 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
09/10/2008 02:42 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
09/10/2008 02:42 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
09/10/2008 02:42 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
09/10/2008 02:42 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
09/10/2008 02:42 PM <JUNCTION> My Music [C:\Users\Default\Music]
09/10/2008 02:42 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
09/10/2008 02:42 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
09/10/2008 02:42 PM <JUNCTION> My Music [C:\Users\Public\Music]
09/10/2008 02:42 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
09/10/2008 02:42 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\User
09/10/2008 02:46 PM <JUNCTION> Application Data [C:\Users\User\AppData\Roaming]
09/10/2008 02:46 PM <JUNCTION> Cookies [C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies]
09/10/2008 02:46 PM <JUNCTION> Local Settings [C:\Users\User\AppData\Local]
09/10/2008 02:46 PM <JUNCTION> My Documents [C:\Users\User\Documents]
09/10/2008 02:46 PM <JUNCTION> NetHood [C:\Users\User\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
09/10/2008 02:46 PM <JUNCTION> PrintHood [C:\Users\User\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
09/10/2008 02:46 PM <JUNCTION> Recent [C:\Users\User\AppData\Roaming\Microsoft\Windows\Recent]
09/10/2008 02:46 PM <JUNCTION> SendTo [C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo]
09/10/2008 02:46 PM <JUNCTION> Start Menu [C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu]
09/10/2008 02:46 PM <JUNCTION> Templates [C:\Users\User\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\User\AppData\Local
09/10/2008 02:46 PM <JUNCTION> Application Data [C:\Users\User\AppData\Local]
09/10/2008 02:46 PM <JUNCTION> History [C:\Users\User\AppData\Local\Microsoft\Windows\History]
09/10/2008 02:46 PM <JUNCTION> Temporary Internet Files [C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\User\Searches\Documents
09/10/2008 02:46 PM <JUNCTION> My Music [C:\Users\User\Music]
09/10/2008 02:46 PM <JUNCTION> My Pictures [C:\Users\User\Pictures]
09/10/2008 02:46 PM <JUNCTION> My Videos [C:\Users\User\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
09/06/2008 12:42 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
09/06/2008 12:42 PM <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
09/06/2008 12:42 PM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
09/06/2008 12:42 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/06/2008 12:42 PM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/06/2008 12:42 PM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
56 Dir(s) 40,984,059,904 bytes free

< End of report >
  • 0

#13
khphoto1
Posted 01 July 2013 - 08:45 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
OTL Extras.txt file:

OTL Extras logfile created on: 7/1/2013 10:09:10 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.32 Mb Total Physical Memory | 401.73 Mb Available Physical Memory | 44.97% Memory free
2.00 Gb Paging File | 1.03 Gb Available in Paging File | 51.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 64.44 Gb Total Space | 38.17 Gb Free Space | 59.23% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.64 Gb Free Space | 66.38% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4093085210-3276581103-882992531-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AT&T\Communication Manager\SwiApiMux.exe" = C:\Program Files\AT&T\Communication Manager\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15AE1206-E63D-4D8F-9052-78A0575633E8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{1C523981-0932-42FA-ADC4-513E47DF63CA}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{565BA4A5-7DCD-4631-A83E-ED7A39132E95}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{6F397BB1-BE82-4EDA-A292-3255CE4B755A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{7339D5D6-EF14-4F55-8A58-80D5FB5C17BA}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{7C469C93-82B5-491B-9F48-9403F8844E57}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{826F780E-9D4D-4D87-B51F-B5530C08F227}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{A620139F-EBA9-424B-9FAA-C482E5B73A39}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{A6BBAE08-D71E-4A51-AF52-CD5E3509A20C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{AF114355-A8FB-4697-AAD7-BF4A7A115357}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{C644B618-8A56-49EF-AD89-72152E7FCA69}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{D71F9975-3FCF-4729-945D-9AB7EE3BDB8D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{F8016BF5-3559-4FE1-A979-0063BD536CA4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{FEBA2427-5EBE-4029-807C-E29F8CE898F2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"TCP Query User{05174208-7131-4BDD-BA76-0598668CE4B9}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{5A5F5710-C554-479E-87DE-F89D9CECBF1D}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{FD88F6D3-5976-40ED-912E-EC12B1A05B76}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3AB112A6-6908-476C-957E-2BAD159D523D}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{B18ACCA9-3E24-48F6-8585-D1612F13FEF7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D8C938A7-59E4-497C-A791-1CBC88D3AC0F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{0915B10F-8597-4FE7-BC4D-EA3E2FDA646A}" = PS_AIO_03_C4400_Software_Min
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15CC668C-F37C-CE24-9047-40EC8034E29D}" = ATI Catalyst Control Center Ex
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{276E3ECB-E9E9-494E-A3F9-173BAD7D9643}" = C4400
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{37F964E4-9C3F-4066-B933-1747D3AC6737}" = Personal Entertainment Launcher
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{443027F6-2A85-4ACE-B4E8-5F44C02EA301}" = AT&T Communication Manager
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4CC59DA1-469B-49A5-9F6B-C4D26990294A}" = PS_AIO_03_C4400_ProductContext
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{5A3FEF2D-0E14-412E-869C-421AB373EE43}" = C4400_Help
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{753D852A-D86D-42C9-9978-40AE66FB8985}" = Driver Installer
"{75685CA8-0B74-45BB-9C64-744A0FB79EDC}" = Business Tools Launcher
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{82CA0A0C-A3EC-4167-B694-909205B2EDEC}" = muvee Plugin 1.0
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{86732AE7-CB91-4f15-B091-FBA3D3926CD6}" = HP Photosmart C4400 All-In-One Driver Software 11.0 Rel .3
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8ACECB7C-5EB2-42B3-A2E1-B91878B6C5D7}" = PS_AIO_03_C4400_Software
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9579E862-5FC7-4337-B1CC-5E37451524C5}" = Motorola Driver Installation
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B8ABB25D-1E30-4ED7-A3CE-0F8BED439647}" = Product Support Launcher
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DB9BF6DA-8030-4A21-9FF4-8856A7556FCF}" = ASPCA Reminder by We-Care.com v4.1.22.1
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}" = ATI PCI Express (3GIO) Filter Driver
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"InfoSeeker" = InfoSeeker
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"RealPlayer 16.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Dell Touchpad
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4093085210-3276581103-882992531-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/28/2013 4:38:07 PM | Computer Name = User-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/28/2013 4:38:07 PM | Computer Name = User-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/28/2013 5:04:39 PM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/28/2013 5:33:27 PM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/28/2013 5:38:07 PM | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19088, time stamp
0x4de07b1b, faulting module OLEAUT32.dll, version 6.0.6001.18565, time stamp 0x4d0f78bd,
exception code 0xc0000005, fault offset 0x00003e56, process id 0xf34, application
start time 0x01ce74478ef85d62.

Error - 6/29/2013 12:02:22 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/29/2013 12:38:05 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/29/2013 12:39:28 AM | Computer Name = User-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/29/2013 12:39:28 AM | Computer Name = User-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/29/2013 10:59:07 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

[ Broadcom Wireless LAN Events ]
Error - 2/22/2013 3:44:24 PM | Computer Name = User-PC | Source = WLAN-Tray | ID = 0
Description = 14:44:24, Fri, Feb 22, 13 Error - Unable to decrypt string

[ System Events ]
Error - 7/15/2009 1:42:39 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2009 1:42:50 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2009 1:42:52 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2009 1:42:52 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2009 1:42:53 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2009 1:42:54 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2009 1:42:55 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2009 1:42:55 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2009 1:42:57 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2009 1:42:57 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
  • 0

#14
khphoto1
Posted 01 July 2013 - 08:55 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Not sure if I did the aswMBR step correctly. But here are two log files:

First:

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-07-01 22:45:00
-----------------------------
22:45:00.797 OS Version: Windows 6.0.6002 Service Pack 2
22:45:00.798 Number of processors: 1 586 0x7C02
22:45:00.799 ComputerName: USER-PC UserName: User
22:45:02.473 Initialize success
22:48:22.468 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"




Second:

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-07-01 22:45:00
-----------------------------
22:45:00.797 OS Version: Windows 6.0.6002 Service Pack 2
22:45:00.798 Number of processors: 1 586 0x7C02
22:45:00.799 ComputerName: USER-PC UserName: User
22:45:02.473 Initialize success
22:48:22.468 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"
22:48:58.280 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:48:58.289 Disk 0 Vendor: TOSHIBA_MK8052GSX LV011D Size: 76319MB BusType: 3
22:48:58.460 Disk 0 MBR read successfully
22:48:58.468 Disk 0 MBR scan
22:48:58.482 Disk 0 Windows VISTA default MBR code
22:48:58.497 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 94 MB offset 63
22:48:58.527 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 194560
22:48:58.552 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 65983 MB offset 21166080
22:48:58.568 Disk 0 scanning sectors +156299264
22:48:58.650 Disk 0 scanning C:\Windows\system32\drivers
22:49:06.942 Service scanning
22:49:20.304 Service MpKsl469bb7b3 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7FAAF1B-161C-41D8-88F2-8469AE8A6DD2}\MpKsl469bb7b3.sys **LOCKED** 32
22:49:35.205 Modules scanning
22:49:45.791 Disk 0 trace - called modules:
22:49:45.824 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll pciide.sys PCIIDEX.SYS atapi.sys
22:49:45.835 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8410ca38]
22:49:45.844 3 CLASSPNP.SYS[85fa48b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x840645e8]
22:49:45.855 Scan finished successfully
22:50:18.494 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
22:50:18.571 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR2.txt"
  • 0

#15
khphoto1
Posted 01 July 2013 - 08:59 PM

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
This feels like reading a HEX dump from a mainframe in 1975, which I never learned to do. Later on can you let me know if I caused this latest problem by downloading Hitman? Thanks, Kathy
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP