Jump to content

Inojim

Members
  • Posts

    8
  • Joined

  • Last visited

Everything posted by Inojim

  1. Hi, MrC... I don't like registry cleaners either, but Ccleaner seems to be the most gentle of all. It will delete links to missing files, and that's all. The computer seems to be running fine now. In fact, it seems to start Windows substantially faster than before all this. Again, many thanks for all your help. I have had friends with similar problems and will send them here. I recommend Malwarebytes at every opportunity.
  2. That's great, MrC; no rush at all. I just ran Ccleaner, which gets rid of Internet files, etc., and also ran their Registry Cleaner utility, which is supposed to be one of the more benign cleaners of this type. At least I've never had it delete any values that gave me subsequent grief. Lo and behold, it found some registry entries for programs that I never knew I had, which might have been deleted with this last ComboFix exercise. I've attached an image of what the Ccleaner log looked like before I allowed it to delete these registry values. Have no idea what Wget and swearware are (or were), evidently nothing I can't do without. Thanks!
  3. Hello again, MrC I followed your instructions, running ComboFix after temporarily disabling my AVG antivirus. ComboFix seems to have run just fine; I watched it while it did its thing. After ComboFix finished scanning and rebooted my computer, my antivirus started automatically, as usual, and immediately identified ComboFix as a threat. I was given two options, either to quarantine the "virus" or to ignore it. I chose the latter, and ComboFix then completed and created the file, which I have attached below. There was some 'desktopicon' item under appdata/roaming which ComboFix found interesting and deleted; have you ever heard of that before? Also I note in the log that there are several items that are evidently inaccessible, all having to do with Macromedia Flash objects. I have heard that these are in the "supercookie" category and can hold information that one might not want others to access. Do you know of any way to clear those files and keep Flash from creating inaccessible ones? Thanks so much for your help; here's the log: ComboFix 12-05-13.03 - Jim 05/13/2012 11:15:30.1.2 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4084.2421 [GMT -7:00] Running from: c:\users\Jim\Desktop\ComboFix.exe AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Jim\AppData\Roaming\Desktopicon c:\users\Jim\AppData\Roaming\Desktopicon\config.ini . . ((((((((((((((((((((((((( Files Created from 2012-04-13 to 2012-05-13 ))))))))))))))))))))))))))))))) . . 2012-05-08 20:02 . 2012-05-08 20:02 -------- d-----w- c:\program files (x86)\Burrrn 2012-05-08 17:41 . 2012-04-03 08:22 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-08 17:41 . 2012-04-02 13:59 2766848 ----a-w- c:\windows\system32\win32k.sys 2012-05-07 23:14 . 2012-05-07 23:14 -------- d-----w- c:\program files\Microsoft ATS 2012-05-07 18:52 . 2012-05-07 23:36 -------- d-----w- c:\programdata\F4D55F170000265200256BC3570F1C8B 2012-05-07 18:52 . 2012-05-07 23:36 -------- d-----w- c:\program files (x86)\Common Files\XML 2012-04-30 18:50 . 2012-05-07 23:34 -------- d-----w- c:\program files\Lantronix . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-04 22:56 . 2009-12-06 02:53 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-18 02:21 . 2012-03-18 02:21 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-14 16:58 . 2011-10-27 01:11 2379552 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2012-03-09 01:50 . 2012-03-09 01:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll 2012-03-09 01:37 . 2012-03-09 01:37 302448 ----a-w- c:\windows\WLXPGSS.SCR 2012-02-29 15:37 . 2012-04-11 16:12 5632 ----a-w- c:\windows\system32\wmi.dll 2012-02-29 15:37 . 2012-04-11 16:12 219136 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 15:35 . 2012-04-11 16:12 78848 ----a-w- c:\windows\system32\imagehlp.dll 2012-02-29 15:11 . 2012-04-11 16:12 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-02-29 15:11 . 2012-04-11 16:12 172032 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-02-29 15:09 . 2012-04-11 16:12 157696 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-02-29 13:52 . 2012-04-11 16:12 16384 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-02-28 11:30 . 2012-04-11 16:07 916992 ----a-w- c:\windows\SysWow64\wininet.dll 2012-02-28 11:25 . 2012-04-11 16:07 43520 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-02-28 11:25 . 2012-04-11 16:07 1469440 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-02-28 11:25 . 2012-04-11 16:07 71680 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-02-28 11:25 . 2012-04-11 16:07 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-02-28 10:07 . 2012-04-11 16:07 385024 ----a-w- c:\windows\SysWow64\html.iec 2012-02-28 08:12 . 2012-04-11 16:07 133632 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-02-28 08:08 . 2012-04-11 16:07 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-02-28 06:34 . 2012-04-11 16:07 1147392 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 06:30 . 2012-04-11 16:07 56832 ----a-w- c:\windows\system32\licmgr10.dll 2012-02-28 06:30 . 2012-04-11 16:07 1538560 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-28 06:30 . 2012-04-11 16:07 77312 ----a-w- c:\windows\system32\iesetup.dll 2012-02-28 06:30 . 2012-04-11 16:07 132096 ----a-w- c:\windows\system32\iesysprep.dll 2012-02-28 05:41 . 2012-04-11 16:07 479232 ----a-w- c:\windows\system32\html.iec 2012-02-28 05:00 . 2012-04-11 16:07 162816 ----a-w- c:\windows\system32\ieUnatt.exe 2012-02-28 04:58 . 2012-04-11 16:07 1638912 ----a-w- c:\windows\system32\mshtml.tlb . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "c:\program files (x86)\NetMeter\NetMeter.exe"="c:\program files (x86)\NetMeter\NetMeter.exe" [2009-08-09 293888] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-27 15026056] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480] "LFService"="c:\program files (x86)\Lock Folder XP\LFService.exe" [2011-10-28 60248] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux6"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . R4 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSr64.exe [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-25 19:06] . 2012-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-25 19:06] . 2012-05-13 c:\windows\Tasks\User_Feed_Synchronization-{DD75B0B2-BE0A-4434-A78C-7821C4935A5C}.job - c:\windows\system32\msfeedssync.exe [2012-04-11 08:09] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RAVCpl64.exe" [2008-07-18 6453760] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyOverride = <local> IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html Trusted Zone: $talisma_url$ Trusted Zone: usps.com\ecap-ws-prod Trusted Zone: usps.com\ecap21 Trusted Zone: usps.com\shop Trusted Zone: usps.com\sss-web Trusted Zone: usps.com\webapps TCP: DhcpNameServer = 10.0.0.1 TCP: Interfaces\{A949DB4D-ABD6-48A1-82FE-FE02CE1DCEB1}: NameServer = 192.168.5.1 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{C5994560-53D9-4125-87C9-F193FC689CB2} - (no file) ShellIconOverlayIdentifiers-{C5994561-53D9-4125-87C9-F193FC689CB2} - (no file) ShellIconOverlayIdentifiers-{C5994562-53D9-4125-87C9-F193FC689CB2} - (no file) ShellIconOverlayIdentifiers-{C5994563-53D9-4125-87C9-F193FC689CB2} - (no file) ShellIconOverlayIdentifiers-{C5994564-53D9-4125-87C9-F193FC689CB2} - (no file) ShellIconOverlayIdentifiers-{C5994565-53D9-4125-87C9-F193FC689CB2} - (no file) ShellIconOverlayIdentifiers-{C5994566-53D9-4125-87C9-F193FC689CB2} - (no file) ShellIconOverlayIdentifiers-{C5994567-53D9-4125-87C9-F193FC689CB2} - (no file) ShellIconOverlayIdentifiers-{C5994568-53D9-4125-87C9-F193FC689CB2} - (no file) Toolbar-Locked - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe . ************************************************************************** . Completion time: 2012-05-13 11:32:19 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-13 18:32 . Pre-Run: 347,560,878,080 bytes free Post-Run: 347,444,465,664 bytes free . - - End Of File - - 39A1DEF1734F770F6950E1596FA28A82
  4. Thanks, MrC, I followed your instructions; RogueKiller nailed that V0500Mon.exe thing again, but no matter, it'll start with the next boot. I ran the TDSS utility and selected Delete for the one file per your instructions, leaving one possibility: McciCMService64. I believe this is associated with some AT&T modem installation or assistance matter, which I don't use anymore. Anyway, here's the log: 20:55:51.0028 6184 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18 20:55:51.0511 6184 ============================================================ 20:55:51.0511 6184 Current date / time: 2012/05/11 20:55:51.0511 20:55:51.0511 6184 SystemInfo: 20:55:51.0511 6184 20:55:51.0511 6184 OS Version: 6.0.6002 ServicePack: 2.0 20:55:51.0511 6184 Product type: Workstation 20:55:51.0511 6184 ComputerName: SYS030409 20:55:51.0512 6184 UserName: Jim 20:55:51.0512 6184 Windows directory: C:\Windows 20:55:51.0512 6184 System windows directory: C:\Windows 20:55:51.0512 6184 Running under WOW64 20:55:51.0512 6184 Processor architecture: Intel x64 20:55:51.0512 6184 Number of processors: 2 20:55:51.0512 6184 Page size: 0x1000 20:55:51.0512 6184 Boot type: Normal boot 20:55:51.0512 6184 ============================================================ 20:55:52.0693 6184 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:55:52.0737 6184 ============================================================ 20:55:52.0737 6184 \Device\Harddisk0\DR0: 20:55:52.0737 6184 MBR partitions: 20:55:52.0738 6184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000 20:55:52.0738 6184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625830 20:55:52.0738 6184 ============================================================ 20:55:52.0757 6184 C: <-> \Device\Harddisk0\DR0\Partition1 20:55:52.0783 6184 D: <-> \Device\Harddisk0\DR0\Partition0 20:55:52.0783 6184 ============================================================ 20:55:52.0783 6184 Initialize success 20:55:52.0783 6184 ============================================================ 20:56:02.0204 7424 ============================================================ 20:56:02.0204 7424 Scan started 20:56:02.0204 7424 Mode: Manual; SigCheck; TDLFS; 20:56:02.0204 7424 ============================================================ 20:56:03.0507 7424 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 20:56:03.0655 7424 ACPI - ok 20:56:03.0723 7424 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys 20:56:03.0750 7424 adp94xx - ok 20:56:03.0788 7424 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys 20:56:03.0808 7424 adpahci - ok 20:56:03.0841 7424 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys 20:56:03.0854 7424 adpu160m - ok 20:56:03.0872 7424 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys 20:56:03.0886 7424 adpu320 - ok 20:56:03.0933 7424 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll 20:56:03.0959 7424 AeLookupSvc - ok 20:56:04.0040 7424 AERTFilters (0d7a11395c0a33d9e7587cdb9866efad) C:\Windows\system32\AERTSr64.exe 20:56:04.0053 7424 AERTFilters - ok 20:56:04.0111 7424 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys 20:56:04.0133 7424 AFD - ok 20:56:04.0169 7424 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys 20:56:04.0184 7424 agp440 - ok 20:56:04.0219 7424 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 20:56:04.0235 7424 aic78xx - ok 20:56:04.0253 7424 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe 20:56:04.0291 7424 ALG - ok 20:56:04.0321 7424 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys 20:56:04.0335 7424 aliide - ok 20:56:04.0348 7424 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys 20:56:04.0364 7424 amdide - ok 20:56:04.0381 7424 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys 20:56:04.0427 7424 AmdK8 - ok 20:56:04.0517 7424 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll 20:56:04.0537 7424 Appinfo - ok 20:56:04.0576 7424 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys 20:56:04.0595 7424 arc - ok 20:56:04.0657 7424 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys 20:56:04.0682 7424 arcsas - ok 20:56:04.0818 7424 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 20:56:04.0841 7424 aspnet_state - ok 20:56:04.0866 7424 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 20:56:04.0902 7424 AsyncMac - ok 20:56:04.0954 7424 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys 20:56:04.0969 7424 atapi - ok 20:56:05.0038 7424 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll 20:56:05.0067 7424 AudioEndpointBuilder - ok 20:56:05.0073 7424 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll 20:56:05.0102 7424 AudioSrv - ok 20:56:05.0461 7424 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 20:56:05.0595 7424 AVGIDSAgent - ok 20:56:05.0740 7424 AVGIDSDriver (fa46adf6e497cf185160f09e603ce2a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 20:56:05.0798 7424 AVGIDSDriver - ok 20:56:05.0827 7424 AVGIDSEH (d6b93e5d8b96a66f55a4d2ee7f24667c) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 20:56:05.0849 7424 AVGIDSEH - ok 20:56:05.0888 7424 AVGIDSFilter (ff6551f1ab0da3b30c9dec923f21b504) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 20:56:05.0901 7424 AVGIDSFilter - ok 20:56:05.0967 7424 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys 20:56:05.0982 7424 Avgldx64 - ok 20:56:06.0024 7424 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys 20:56:06.0033 7424 Avgmfx64 - ok 20:56:06.0062 7424 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys 20:56:06.0071 7424 Avgrkx64 - ok 20:56:06.0123 7424 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys 20:56:06.0139 7424 Avgtdia - ok 20:56:06.0282 7424 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 20:56:06.0297 7424 avgwd - ok 20:56:06.0313 7424 BCMH43XX - ok 20:56:06.0388 7424 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll 20:56:06.0423 7424 BFE - ok 20:56:06.0512 7424 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll 20:56:06.0577 7424 BITS - ok 20:56:06.0664 7424 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys 20:56:06.0710 7424 blbdrive - ok 20:56:06.0756 7424 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys 20:56:06.0777 7424 bowser - ok 20:56:06.0804 7424 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 20:56:06.0843 7424 BrFiltLo - ok 20:56:06.0875 7424 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 20:56:06.0901 7424 BrFiltUp - ok 20:56:06.0938 7424 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll 20:56:06.0972 7424 Browser - ok 20:56:06.0994 7424 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 20:56:07.0043 7424 Brserid - ok 20:56:07.0063 7424 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 20:56:07.0110 7424 BrSerWdm - ok 20:56:07.0143 7424 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 20:56:07.0189 7424 BrUsbMdm - ok 20:56:07.0199 7424 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 20:56:07.0247 7424 BrUsbSer - ok 20:56:07.0275 7424 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 20:56:07.0321 7424 BTHMODEM - ok 20:56:07.0397 7424 CAXHWBS2 (6c2dd66a3db32450d661ba89b18b1941) C:\Windows\system32\DRIVERS\CAXHWBS2.sys 20:56:07.0413 7424 CAXHWBS2 - ok 20:56:07.0426 7424 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 20:56:07.0458 7424 cdfs - ok 20:56:07.0510 7424 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 20:56:07.0539 7424 cdrom - ok 20:56:07.0586 7424 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll 20:56:07.0615 7424 CertPropSvc - ok 20:56:07.0654 7424 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys 20:56:07.0693 7424 circlass - ok 20:56:07.0744 7424 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 20:56:07.0768 7424 CLFS - ok 20:56:07.0846 7424 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:56:07.0861 7424 clr_optimization_v2.0.50727_32 - ok 20:56:07.0924 7424 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:56:07.0935 7424 clr_optimization_v2.0.50727_64 - ok 20:56:08.0038 7424 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:56:08.0050 7424 clr_optimization_v4.0.30319_32 - ok 20:56:08.0081 7424 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:56:08.0093 7424 clr_optimization_v4.0.30319_64 - ok 20:56:08.0121 7424 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys 20:56:08.0133 7424 cmdide - ok 20:56:08.0143 7424 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys 20:56:08.0156 7424 Compbatt - ok 20:56:08.0159 7424 COMSysApp - ok 20:56:08.0222 7424 CprDrvr (ab6f42636e53abacce29d9135b42e831) C:\Windows\system32\DRIVERS\CprDrvr.sys 20:56:08.0239 7424 CprDrvr - ok 20:56:08.0279 7424 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys 20:56:08.0294 7424 crcdisk - ok 20:56:08.0349 7424 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll 20:56:08.0382 7424 CryptSvc - ok 20:56:08.0459 7424 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll 20:56:08.0568 7424 DcomLaunch - ok 20:56:08.0610 7424 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys 20:56:08.0630 7424 DfsC - ok 20:56:08.0884 7424 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe 20:56:08.0992 7424 DFSR - ok 20:56:09.0147 7424 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll 20:56:09.0174 7424 Dhcp - ok 20:56:09.0239 7424 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 20:56:09.0253 7424 disk - ok 20:56:09.0309 7424 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll 20:56:09.0329 7424 Dnscache - ok 20:56:09.0372 7424 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll 20:56:09.0405 7424 dot3svc - ok 20:56:09.0444 7424 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll 20:56:09.0486 7424 DPS - ok 20:56:09.0523 7424 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 20:56:09.0552 7424 drmkaud - ok 20:56:09.0629 7424 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys 20:56:09.0668 7424 DXGKrnl - ok 20:56:09.0768 7424 e1express (a458e7d986f51c827640f5d1f1e886e4) C:\Windows\system32\DRIVERS\e1e6032e.sys 20:56:09.0788 7424 e1express - ok 20:56:09.0822 7424 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys 20:56:09.0876 7424 E1G60 - ok 20:56:09.0920 7424 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll 20:56:09.0947 7424 EapHost - ok 20:56:10.0017 7424 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 20:56:10.0032 7424 Ecache - ok 20:56:10.0099 7424 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe 20:56:10.0117 7424 ehRecvr - ok 20:56:10.0169 7424 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe 20:56:10.0185 7424 ehSched - ok 20:56:10.0206 7424 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll 20:56:10.0221 7424 ehstart - ok 20:56:10.0252 7424 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys 20:56:10.0276 7424 elxstor - ok 20:56:10.0334 7424 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll 20:56:10.0362 7424 EMDMgmt - ok 20:56:10.0375 7424 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys 20:56:10.0389 7424 ErrDev - ok 20:56:10.0450 7424 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll 20:56:10.0494 7424 EventSystem - ok 20:56:10.0556 7424 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 20:56:10.0578 7424 exfat - ok 20:56:10.0642 7424 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 20:56:10.0679 7424 fastfat - ok 20:56:10.0730 7424 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys 20:56:10.0785 7424 fdc - ok 20:56:10.0808 7424 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll 20:56:10.0894 7424 fdPHost - ok 20:56:10.0935 7424 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll 20:56:10.0996 7424 FDResPub - ok 20:56:11.0016 7424 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 20:56:11.0030 7424 FileInfo - ok 20:56:11.0050 7424 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 20:56:11.0084 7424 Filetrace - ok 20:56:11.0106 7424 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 20:56:11.0138 7424 flpydisk - ok 20:56:11.0182 7424 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 20:56:11.0198 7424 FltMgr - ok 20:56:11.0311 7424 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll 20:56:11.0351 7424 FontCache - ok 20:56:11.0420 7424 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:56:11.0432 7424 FontCache3.0.0.0 - ok 20:56:11.0484 7424 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys 20:56:11.0500 7424 Fs_Rec - ok 20:56:11.0539 7424 FTDIBUS (82d4bd620f7e27ea268ea0e2f701a7ae) C:\Windows\system32\drivers\ftdibus.sys 20:56:11.0552 7424 FTDIBUS - ok 20:56:11.0583 7424 FTSER2K (1fa21ff2d7b50b528d8b73db34ad06bc) C:\Windows\system32\drivers\ftser2k.sys 20:56:11.0598 7424 FTSER2K - ok 20:56:11.0627 7424 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys 20:56:11.0648 7424 gagp30kx - ok 20:56:11.0717 7424 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll 20:56:11.0772 7424 gpsvc - ok 20:56:11.0932 7424 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:56:11.0957 7424 gupdate - ok 20:56:11.0966 7424 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:56:11.0978 7424 gupdatem - ok 20:56:12.0035 7424 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:56:12.0074 7424 HDAudBus - ok 20:56:12.0110 7424 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 20:56:12.0156 7424 HidBth - ok 20:56:12.0180 7424 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys 20:56:12.0225 7424 HidIr - ok 20:56:12.0274 7424 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll 20:56:12.0299 7424 hidserv - ok 20:56:12.0343 7424 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys 20:56:12.0369 7424 HidUsb - ok 20:56:12.0413 7424 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll 20:56:12.0456 7424 hkmsvc - ok 20:56:12.0475 7424 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys 20:56:12.0490 7424 HpCISSs - ok 20:56:12.0564 7424 HSF_DPV (60f1d0ede7ae2b92b3a8886e825b7147) C:\Windows\system32\DRIVERS\CAX_DPV.sys 20:56:12.0613 7424 HSF_DPV - ok 20:56:12.0766 7424 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 20:56:12.0801 7424 HTTP - ok 20:56:12.0827 7424 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys 20:56:12.0845 7424 i2omp - ok 20:56:12.0888 7424 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 20:56:12.0939 7424 i8042prt - ok 20:56:12.0995 7424 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys 20:56:13.0011 7424 iaStorV - ok 20:56:13.0122 7424 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:56:13.0151 7424 idsvc - ok 20:56:13.0575 7424 igfx (df87170ec724080676c18d5a0af87fc5) C:\Windows\system32\DRIVERS\igdkmd64.sys 20:56:13.0748 7424 igfx - ok 20:56:13.0844 7424 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 20:56:13.0856 7424 iirsp - ok 20:56:13.0913 7424 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll 20:56:13.0948 7424 IKEEXT - ok 20:56:14.0036 7424 IntcAzAudAddService (b3fb479a7c0626499eb5989bc087cf8d) C:\Windows\system32\drivers\RTKVHD64.sys 20:56:14.0100 7424 IntcAzAudAddService - ok 20:56:14.0193 7424 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys 20:56:14.0209 7424 intelide - ok 20:56:14.0234 7424 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 20:56:14.0270 7424 intelppm - ok 20:56:14.0318 7424 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll 20:56:14.0354 7424 IPBusEnum - ok 20:56:14.0396 7424 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:56:14.0421 7424 IpFilterDriver - ok 20:56:14.0489 7424 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll 20:56:14.0508 7424 iphlpsvc - ok 20:56:14.0512 7424 IpInIp - ok 20:56:14.0560 7424 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys 20:56:14.0599 7424 IPMIDRV - ok 20:56:14.0618 7424 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 20:56:14.0657 7424 IPNAT - ok 20:56:14.0700 7424 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 20:56:14.0733 7424 IRENUM - ok 20:56:14.0757 7424 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys 20:56:14.0770 7424 isapnp - ok 20:56:14.0822 7424 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 20:56:14.0839 7424 iScsiPrt - ok 20:56:14.0879 7424 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 20:56:14.0895 7424 iteatapi - ok 20:56:14.0936 7424 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 20:56:14.0949 7424 iteraid - ok 20:56:14.0970 7424 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 20:56:14.0984 7424 kbdclass - ok 20:56:15.0019 7424 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys 20:56:15.0044 7424 kbdhid - ok 20:56:15.0087 7424 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 20:56:15.0105 7424 KeyIso - ok 20:56:15.0134 7424 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys 20:56:15.0156 7424 KSecDD - ok 20:56:15.0190 7424 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 20:56:15.0228 7424 ksthunk - ok 20:56:15.0286 7424 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll 20:56:15.0336 7424 KtmRm - ok 20:56:15.0388 7424 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll 20:56:15.0415 7424 LanmanServer - ok 20:56:15.0500 7424 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll 20:56:15.0538 7424 LanmanWorkstation - ok 20:56:15.0668 7424 LFSys (a1fb2e67deb4a435858a697c4e30259b) C:\Windows\syswow64\drivers\LFSys64.sys 20:56:15.0687 7424 LFSys - ok 20:56:15.0714 7424 LHidFilt (0a7d6ed578d85f0c35353424ee3f5245) C:\Windows\system32\DRIVERS\LHidFilt.Sys 20:56:15.0730 7424 LHidFilt - ok 20:56:15.0755 7424 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 20:56:15.0803 7424 lltdio - ok 20:56:15.0840 7424 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll 20:56:15.0899 7424 lltdsvc - ok 20:56:15.0927 7424 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll 20:56:15.0983 7424 lmhosts - ok 20:56:16.0010 7424 LMouFilt (6542e2e6db58118fbb1b82a68ce3aff9) C:\Windows\system32\DRIVERS\LMouFilt.Sys 20:56:16.0021 7424 LMouFilt - ok 20:56:16.0078 7424 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys 20:56:16.0092 7424 LSI_FC - ok 20:56:16.0119 7424 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys 20:56:16.0135 7424 LSI_SAS - ok 20:56:16.0151 7424 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys 20:56:16.0165 7424 LSI_SCSI - ok 20:56:16.0197 7424 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 20:56:16.0229 7424 luafv - ok 20:56:16.0332 7424 McciCMService64 (be3d584d7c021eb7d89166eecb83c341) C:\Program Files\Common Files\Motive\McciCMService.exe 20:56:16.0363 7424 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning 20:56:16.0363 7424 McciCMService64 - detected UnsignedFile.Multi.Generic (1) 20:56:16.0420 7424 MCHPUSB (ba3963a603f0504eb2a1475b335eab53) C:\Windows\system32\DRIVERS\mchpusb64.sys 20:56:16.0434 7424 MCHPUSB - ok 20:56:16.0525 7424 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll 20:56:16.0552 7424 Mcx2Svc - ok 20:56:16.0607 7424 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys 20:56:16.0619 7424 mdmxsdk - ok 20:56:16.0666 7424 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys 20:56:16.0679 7424 megasas - ok 20:56:16.0715 7424 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys 20:56:16.0735 7424 MegaSR - ok 20:56:16.0779 7424 meprog - ok 20:56:16.0800 7424 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll 20:56:16.0836 7424 MMCSS - ok 20:56:16.0878 7424 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 20:56:16.0917 7424 Modem - ok 20:56:16.0937 7424 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 20:56:17.0001 7424 monitor - ok 20:56:17.0028 7424 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 20:56:17.0046 7424 mouclass - ok 20:56:17.0066 7424 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys 20:56:17.0098 7424 mouhid - ok 20:56:17.0148 7424 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 20:56:17.0162 7424 MountMgr - ok 20:56:17.0195 7424 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys 20:56:17.0209 7424 mpio - ok 20:56:17.0241 7424 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 20:56:17.0265 7424 mpsdrv - ok 20:56:17.0322 7424 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll 20:56:17.0364 7424 MpsSvc - ok 20:56:17.0387 7424 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 20:56:17.0402 7424 Mraid35x - ok 20:56:17.0443 7424 MREMP50 - ok 20:56:17.0531 7424 MREMP50a64 - ok 20:56:17.0536 7424 MRESP50 - ok 20:56:17.0543 7424 MRESP50a64 - ok 20:56:17.0585 7424 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 20:56:17.0605 7424 MRxDAV - ok 20:56:17.0667 7424 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:56:17.0689 7424 mrxsmb - ok 20:56:17.0742 7424 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:56:17.0784 7424 mrxsmb10 - ok 20:56:17.0818 7424 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:56:17.0858 7424 mrxsmb20 - ok 20:56:17.0885 7424 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys 20:56:17.0900 7424 msahci - ok 20:56:17.0919 7424 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys 20:56:17.0945 7424 msdsm - ok 20:56:17.0980 7424 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe 20:56:18.0032 7424 MSDTC - ok 20:56:18.0089 7424 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 20:56:18.0120 7424 Msfs - ok 20:56:18.0161 7424 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 20:56:18.0177 7424 msisadrv - ok 20:56:18.0207 7424 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll 20:56:18.0251 7424 MSiSCSI - ok 20:56:18.0255 7424 msiserver - ok 20:56:18.0286 7424 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 20:56:18.0317 7424 MSKSSRV - ok 20:56:18.0349 7424 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 20:56:18.0382 7424 MSPCLOCK - ok 20:56:18.0418 7424 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 20:56:18.0449 7424 MSPQM - ok 20:56:18.0496 7424 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 20:56:18.0513 7424 MsRPC - ok 20:56:18.0523 7424 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 20:56:18.0536 7424 mssmbios - ok 20:56:18.0629 7424 MSSQL$SQLEXPRESS - ok 20:56:18.0676 7424 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 20:56:18.0689 7424 MSSQLServerADHelper100 - ok 20:56:18.0708 7424 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 20:56:18.0748 7424 MSTEE - ok 20:56:18.0780 7424 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 20:56:18.0797 7424 Mup - ok 20:56:18.0852 7424 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll 20:56:18.0906 7424 napagent - ok 20:56:18.0959 7424 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 20:56:19.0001 7424 NativeWifiP - ok 20:56:19.0071 7424 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 20:56:19.0100 7424 NDIS - ok 20:56:19.0128 7424 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 20:56:19.0153 7424 NdisTapi - ok 20:56:19.0201 7424 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 20:56:19.0232 7424 Ndisuio - ok 20:56:19.0274 7424 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 20:56:19.0299 7424 NdisWan - ok 20:56:19.0341 7424 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 20:56:19.0369 7424 NDProxy - ok 20:56:19.0380 7424 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 20:56:19.0418 7424 NetBIOS - ok 20:56:19.0465 7424 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 20:56:19.0491 7424 netbt - ok 20:56:19.0513 7424 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 20:56:19.0531 7424 Netlogon - ok 20:56:19.0582 7424 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll 20:56:19.0623 7424 Netman - ok 20:56:19.0978 7424 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:56:20.0007 7424 NetMsmqActivator - ok 20:56:20.0012 7424 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:56:20.0030 7424 NetPipeActivator - ok 20:56:20.0071 7424 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll 20:56:20.0114 7424 netprofm - ok 20:56:20.0118 7424 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:56:20.0133 7424 NetTcpActivator - ok 20:56:20.0139 7424 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:56:20.0152 7424 NetTcpPortSharing - ok 20:56:20.0189 7424 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 20:56:20.0202 7424 nfrd960 - ok 20:56:20.0222 7424 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll 20:56:20.0261 7424 NlaSvc - ok 20:56:20.0348 7424 nm3 (f554c5fd7bd1efa4da5cfe2eed86391f) C:\Windows\system32\DRIVERS\nm3.sys 20:56:20.0365 7424 nm3 - ok 20:56:20.0472 7424 nmservice (cd2fe9c33cfd0fe0af124e05907e5c3d) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe 20:56:20.0513 7424 nmservice - ok 20:56:20.0560 7424 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 20:56:20.0591 7424 Npfs - ok 20:56:20.0635 7424 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll 20:56:20.0724 7424 nsi - ok 20:56:20.0751 7424 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 20:56:20.0784 7424 nsiproxy - ok 20:56:20.0876 7424 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 20:56:20.0933 7424 Ntfs - ok 20:56:21.0067 7424 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 20:56:21.0099 7424 Null - ok 20:56:21.0130 7424 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys 20:56:21.0144 7424 nvraid - ok 20:56:21.0193 7424 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys 20:56:21.0209 7424 nvstor - ok 20:56:21.0255 7424 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys 20:56:21.0286 7424 nv_agp - ok 20:56:21.0311 7424 NwlnkFlt - ok 20:56:21.0316 7424 NwlnkFwd - ok 20:56:21.0443 7424 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 20:56:21.0467 7424 odserv - ok 20:56:21.0477 7424 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys 20:56:21.0548 7424 ohci1394 - ok 20:56:21.0596 7424 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:56:21.0608 7424 ose - ok 20:56:21.0683 7424 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 20:56:21.0716 7424 p2pimsvc - ok 20:56:21.0725 7424 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 20:56:21.0756 7424 p2psvc - ok 20:56:21.0786 7424 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys 20:56:21.0833 7424 Parport - ok 20:56:21.0859 7424 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys 20:56:21.0876 7424 partmgr - ok 20:56:21.0920 7424 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll 20:56:21.0945 7424 PcaSvc - ok 20:56:21.0980 7424 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 20:56:22.0022 7424 pci - ok 20:56:22.0061 7424 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys 20:56:22.0077 7424 pciide - ok 20:56:22.0098 7424 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 20:56:22.0112 7424 pcmcia - ok 20:56:22.0163 7424 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys 20:56:22.0175 7424 pcouffin - ok 20:56:22.0209 7424 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 20:56:22.0267 7424 PEAUTH - ok 20:56:22.0353 7424 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe 20:56:22.0399 7424 PerfHost - ok 20:56:22.0501 7424 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll 20:56:22.0560 7424 pla - ok 20:56:22.0628 7424 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll 20:56:22.0675 7424 PlugPlay - ok 20:56:22.0718 7424 pnarp (4ff73a83a25d0eead4f5e6c841bb6704) C:\Windows\system32\DRIVERS\pnarp.sys 20:56:22.0733 7424 pnarp - ok 20:56:22.0808 7424 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 20:56:22.0854 7424 PNRPAutoReg - ok 20:56:22.0865 7424 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 20:56:22.0919 7424 PNRPsvc - ok 20:56:22.0970 7424 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll 20:56:23.0061 7424 PolicyAgent - ok 20:56:23.0104 7424 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 20:56:23.0129 7424 PptpMiniport - ok 20:56:23.0159 7424 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys 20:56:23.0190 7424 Processor - ok 20:56:23.0240 7424 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll 20:56:23.0272 7424 ProfSvc - ok 20:56:23.0314 7424 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 20:56:23.0332 7424 ProtectedStorage - ok 20:56:23.0367 7424 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 20:56:23.0396 7424 PSched - ok 20:56:23.0443 7424 purendis (9a68a89f10f283a23afee2a1bfe4bffb) C:\Windows\system32\DRIVERS\purendis.sys 20:56:23.0455 7424 purendis - ok 20:56:23.0494 7424 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys 20:56:23.0508 7424 PxHlpa64 - ok 20:56:23.0563 7424 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys 20:56:23.0609 7424 ql2300 - ok 20:56:23.0659 7424 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 20:56:23.0679 7424 ql40xx - ok 20:56:23.0736 7424 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll 20:56:23.0771 7424 QWAVE - ok 20:56:23.0804 7424 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 20:56:23.0826 7424 QWAVEdrv - ok 20:56:23.0981 7424 R300 (2a09a6b271d1f50adf5e33b37d460de6) C:\Windows\system32\DRIVERS\atikmdag.sys 20:56:24.0111 7424 R300 - ok 20:56:24.0212 7424 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 20:56:24.0244 7424 RasAcd - ok 20:56:24.0306 7424 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll 20:56:24.0345 7424 RasAuto - ok 20:56:24.0385 7424 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:56:24.0415 7424 Rasl2tp - ok 20:56:24.0465 7424 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll 20:56:24.0506 7424 RasMan - ok 20:56:24.0553 7424 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 20:56:24.0583 7424 RasPppoe - ok 20:56:24.0628 7424 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 20:56:24.0645 7424 RasSstp - ok 20:56:24.0691 7424 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 20:56:24.0730 7424 rdbss - ok 20:56:24.0773 7424 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:56:24.0820 7424 RDPCDD - ok 20:56:24.0866 7424 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys 20:56:24.0900 7424 rdpdr - ok 20:56:24.0906 7424 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 20:56:24.0938 7424 RDPENCDD - ok 20:56:25.0044 7424 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys 20:56:25.0062 7424 RDPWD - ok 20:56:25.0091 7424 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll 20:56:25.0140 7424 RemoteAccess - ok 20:56:25.0192 7424 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll 20:56:25.0224 7424 RemoteRegistry - ok 20:56:25.0254 7424 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe 20:56:25.0275 7424 RpcLocator - ok 20:56:25.0347 7424 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll 20:56:25.0397 7424 RpcSs - ok 20:56:25.0467 7424 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys 20:56:25.0484 7424 RsFx0103 - ok 20:56:25.0507 7424 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 20:56:25.0546 7424 rspndr - ok 20:56:25.0596 7424 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 20:56:25.0618 7424 SamSs - ok 20:56:25.0646 7424 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 20:56:25.0664 7424 sbp2port - ok 20:56:25.0713 7424 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll 20:56:25.0761 7424 SCardSvr - ok 20:56:25.0837 7424 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll 20:56:25.0887 7424 Schedule - ok 20:56:25.0927 7424 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll 20:56:25.0962 7424 SCPolicySvc - ok 20:56:26.0003 7424 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll 20:56:26.0044 7424 SDRSVC - ok 20:56:26.0167 7424 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 20:56:26.0183 7424 SeaPort - ok 20:56:26.0232 7424 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:56:26.0279 7424 secdrv - ok 20:56:26.0286 7424 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll 20:56:26.0325 7424 seclogon - ok 20:56:26.0370 7424 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll 20:56:26.0408 7424 SENS - ok 20:56:26.0460 7424 Ser2pl64 (bc7ed37fba7cd8a46a63c6edfe98bb36) C:\Windows\system32\DRIVERS\ser2pl64.sys 20:56:26.0475 7424 Ser2pl64 - ok 20:56:26.0493 7424 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\DRIVERS\serenum.sys 20:56:26.0549 7424 Serenum - ok 20:56:26.0576 7424 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys 20:56:26.0624 7424 Serial - ok 20:56:26.0629 7424 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 20:56:26.0662 7424 sermouse - ok 20:56:26.0710 7424 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll 20:56:26.0749 7424 SessionEnv - ok 20:56:26.0787 7424 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys 20:56:26.0819 7424 sffdisk - ok 20:56:26.0827 7424 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys 20:56:26.0860 7424 sffp_mmc - ok 20:56:26.0885 7424 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys 20:56:26.0916 7424 sffp_sd - ok 20:56:26.0935 7424 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 20:56:26.0988 7424 sfloppy - ok 20:56:27.0025 7424 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll 20:56:27.0086 7424 SharedAccess - ok 20:56:27.0162 7424 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll 20:56:27.0186 7424 ShellHWDetection - ok 20:56:27.0230 7424 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys 20:56:27.0244 7424 SiSRaid2 - ok 20:56:27.0256 7424 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys 20:56:27.0275 7424 SiSRaid4 - ok 20:56:27.0468 7424 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe 20:56:27.0553 7424 slsvc - ok 20:56:27.0699 7424 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll 20:56:27.0734 7424 SLUINotify - ok 20:56:27.0802 7424 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 20:56:27.0829 7424 Smb - ok 20:56:27.0891 7424 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe 20:56:27.0914 7424 SNMPTRAP - ok 20:56:28.0783 7424 SNP2UVC (61f2199588bfbf983cc40e665953656d) C:\Windows\system32\DRIVERS\snp2uvc.sys 20:56:28.0964 7424 SNP2UVC - ok 20:56:29.0093 7424 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 20:56:29.0129 7424 spldr - ok 20:56:29.0172 7424 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe 20:56:29.0195 7424 Spooler - ok 20:56:29.0324 7424 SQLAgent$SQLEXPRESS (12e6d95cde974b131defaa44bab8b056) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 20:56:29.0342 7424 SQLAgent$SQLEXPRESS - ok 20:56:29.0466 7424 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 20:56:29.0479 7424 SQLBrowser - ok 20:56:29.0526 7424 SQLWriter (6d65985945b03ca59b67d0b73702fc7b) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 20:56:29.0538 7424 SQLWriter - ok 20:56:29.0595 7424 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys 20:56:29.0619 7424 srv - ok 20:56:29.0666 7424 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys 20:56:29.0684 7424 srv2 - ok 20:56:29.0729 7424 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys 20:56:29.0747 7424 srvnet - ok 20:56:29.0791 7424 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll 20:56:29.0840 7424 SSDPSRV - ok 20:56:29.0881 7424 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll 20:56:29.0909 7424 SstpSvc - ok 20:56:29.0982 7424 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll 20:56:30.0043 7424 stisvc - ok 20:56:30.0413 7424 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 20:56:30.0461 7424 stllssvr - ok 20:56:30.0507 7424 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 20:56:30.0533 7424 swenum - ok 20:56:30.0593 7424 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll 20:56:30.0647 7424 swprv - ok 20:56:30.0755 7424 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 20:56:30.0768 7424 Symc8xx - ok 20:56:30.0786 7424 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 20:56:30.0813 7424 Sym_hi - ok 20:56:30.0822 7424 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 20:56:30.0836 7424 Sym_u3 - ok 20:56:30.0902 7424 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll 20:56:30.0962 7424 SysMain - ok 20:56:30.0995 7424 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll 20:56:31.0031 7424 TabletInputService - ok 20:56:31.0084 7424 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll 20:56:31.0120 7424 TapiSrv - ok 20:56:31.0161 7424 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll 20:56:31.0251 7424 TBS - ok 20:56:31.0321 7424 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys 20:56:31.0371 7424 Tcpip - ok 20:56:31.0385 7424 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys 20:56:31.0462 7424 Tcpip6 - ok 20:56:31.0507 7424 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys 20:56:31.0527 7424 tcpipreg - ok 20:56:31.0554 7424 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 20:56:31.0592 7424 TDPIPE - ok 20:56:31.0620 7424 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 20:56:31.0660 7424 TDTCP - ok 20:56:31.0708 7424 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 20:56:31.0738 7424 tdx - ok 20:56:31.0766 7424 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 20:56:31.0785 7424 TermDD - ok 20:56:31.0840 7424 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll 20:56:31.0931 7424 TermService - ok 20:56:31.0981 7424 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll 20:56:32.0004 7424 Themes - ok 20:56:32.0041 7424 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll 20:56:32.0078 7424 THREADORDER - ok 20:56:32.0159 7424 TotRec7 (96de4fed634eae753073c8515f1b30d3) C:\Windows\system32\drivers\TotRec7.sys 20:56:32.0183 7424 TotRec7 - ok 20:56:32.0226 7424 TotRec8 (e4561f36020a64cdbb92d94e92cba1b1) C:\Windows\system32\drivers\TotRec8.sys 20:56:32.0238 7424 TotRec8 - ok 20:56:32.0277 7424 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll 20:56:32.0317 7424 TrkWks - ok 20:56:32.0384 7424 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe 20:56:32.0413 7424 TrustedInstaller - ok 20:56:32.0461 7424 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:56:32.0500 7424 tssecsrv - ok 20:56:32.0543 7424 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 20:56:32.0561 7424 tunmp - ok 20:56:32.0599 7424 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys 20:56:32.0616 7424 tunnel - ok 20:56:32.0648 7424 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys 20:56:32.0665 7424 uagp35 - ok 20:56:32.0725 7424 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 20:56:32.0758 7424 udfs - ok 20:56:32.0773 7424 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe 20:56:32.0832 7424 UI0Detect - ok 20:56:32.0870 7424 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys 20:56:32.0883 7424 uliagpkx - ok 20:56:32.0910 7424 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys 20:56:32.0926 7424 uliahci - ok 20:56:32.0980 7424 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 20:56:32.0993 7424 UlSata - ok 20:56:33.0015 7424 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 20:56:33.0030 7424 ulsata2 - ok 20:56:33.0069 7424 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 20:56:33.0101 7424 umbus - ok 20:56:33.0133 7424 UMPass (01abe05c401e70795b43a8933b44831e) C:\Windows\system32\DRIVERS\umpass.sys 20:56:33.0192 7424 UMPass - ok 20:56:33.0237 7424 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll 20:56:33.0282 7424 upnphost - ok 20:56:33.0339 7424 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys 20:56:33.0370 7424 usbaudio - ok 20:56:33.0427 7424 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 20:56:33.0457 7424 usbccgp - ok 20:56:33.0484 7424 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys 20:56:33.0542 7424 usbcir - ok 20:56:33.0579 7424 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys 20:56:33.0609 7424 usbehci - ok 20:56:33.0626 7424 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 20:56:33.0660 7424 usbhub - ok 20:56:33.0731 7424 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys 20:56:33.0796 7424 usbohci - ok 20:56:33.0829 7424 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys 20:56:33.0869 7424 usbprint - ok 20:56:33.0930 7424 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys 20:56:33.0955 7424 usbscan - ok 20:56:33.0996 7424 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:56:34.0022 7424 USBSTOR - ok 20:56:34.0073 7424 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 20:56:34.0098 7424 usbuhci - ok 20:56:34.0144 7424 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys 20:56:34.0186 7424 usbvideo - ok 20:56:34.0234 7424 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll 20:56:34.0266 7424 UxSms - ok 20:56:34.0300 7424 V0500Dev (78b3efdc12d6e62736001b8249079dd8) C:\Windows\system32\DRIVERS\V0500Vid.sys 20:56:34.0315 7424 V0500Dev - ok 20:56:34.0381 7424 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe 20:56:34.0434 7424 vds - ok 20:56:34.0468 7424 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys 20:56:34.0510 7424 vga - ok 20:56:34.0534 7424 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 20:56:34.0572 7424 VgaSave - ok 20:56:34.0612 7424 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys 20:56:34.0627 7424 viaide - ok 20:56:34.0803 7424 Viewpoint Manager Service - ok 20:56:34.0939 7424 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 20:56:34.0963 7424 volmgr - ok 20:56:35.0044 7424 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 20:56:35.0083 7424 volmgrx - ok 20:56:35.0130 7424 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 20:56:35.0173 7424 volsnap - ok 20:56:35.0217 7424 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys 20:56:35.0247 7424 vsmraid - ok 20:56:35.0376 7424 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe 20:56:35.0436 7424 VSS - ok 20:56:35.0698 7424 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll 20:56:35.0759 7424 W32Time - ok 20:56:35.0821 7424 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 20:56:35.0885 7424 WacomPen - ok 20:56:35.0952 7424 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 20:56:35.0989 7424 Wanarp - ok 20:56:35.0993 7424 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 20:56:36.0031 7424 Wanarpv6 - ok 20:56:36.0089 7424 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll 20:56:36.0120 7424 wcncsvc - ok 20:56:36.0145 7424 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll 20:56:36.0180 7424 WcsPlugInService - ok 20:56:36.0227 7424 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys 20:56:36.0241 7424 Wd - ok 20:56:36.0286 7424 Wdf01000 (dbb4397d703a755facb05486c449c507) C:\Windows\system32\drivers\Wdf01000.sys 20:56:36.0311 7424 Wdf01000 - ok 20:56:36.0335 7424 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll 20:56:36.0377 7424 WdiServiceHost - ok 20:56:36.0380 7424 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll 20:56:36.0423 7424 WdiSystemHost - ok 20:56:36.0492 7424 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll 20:56:36.0523 7424 WebClient - ok 20:56:36.0565 7424 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll 20:56:36.0594 7424 Wecsvc - ok 20:56:36.0608 7424 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll 20:56:36.0648 7424 wercplsupport - ok 20:56:36.0679 7424 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll 20:56:36.0719 7424 WerSvc - ok 20:56:36.0789 7424 winachsf (a53cde6beea165fe9b430476eede3c54) C:\Windows\system32\DRIVERS\CAX_CNXT.sys 20:56:36.0821 7424 winachsf - ok 20:56:36.0876 7424 WinDefend - ok 20:56:36.0892 7424 WinHttpAutoProxySvc - ok 20:56:36.0977 7424 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll 20:56:37.0016 7424 Winmgmt - ok 20:56:37.0158 7424 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll 20:56:37.0265 7424 WinRM - ok 20:56:37.0416 7424 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll 20:56:37.0464 7424 Wlansvc - ok 20:56:37.0736 7424 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:56:37.0809 7424 wlidsvc - ok 20:56:37.0923 7424 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys 20:56:37.0942 7424 WmiAcpi - ok 20:56:38.0022 7424 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe 20:56:38.0061 7424 wmiApSrv - ok 20:56:38.0117 7424 WMPNetworkSvc - ok 20:56:38.0164 7424 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll 20:56:38.0228 7424 WPCSvc - ok 20:56:38.0272 7424 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll 20:56:38.0320 7424 WPDBusEnum - ok 20:56:38.0355 7424 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys 20:56:38.0372 7424 WpdUsb - ok 20:56:38.0505 7424 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe 20:56:38.0570 7424 WPFFontCache_v0400 - ok 20:56:38.0608 7424 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 20:56:38.0639 7424 ws2ifsl - ok 20:56:38.0670 7424 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll 20:56:38.0700 7424 wscsvc - ok 20:56:38.0748 7424 WSDPrintDevice (de5f5212ab34221dd1618b5fefe8db6c) C:\Windows\system32\DRIVERS\WSDPrint.sys 20:56:38.0777 7424 WSDPrintDevice - ok 20:56:38.0796 7424 WSDScan (c48e6ef92be6bfef9ee2430c42eaf2bd) C:\Windows\system32\DRIVERS\WSDScan.sys 20:56:38.0827 7424 WSDScan - ok 20:56:38.0831 7424 WSearch - ok 20:56:38.0996 7424 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll 20:56:39.0110 7424 wuauserv - ok 20:56:39.0258 7424 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:56:39.0353 7424 WUDFRd - ok 20:56:39.0391 7424 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll 20:56:39.0465 7424 wudfsvc - ok 20:56:39.0511 7424 WUSB54GCv3 (c088056dfba2b3a6955ea596ee5cc507) C:\Windows\system32\DRIVERS\WUSB54GCv3.sys 20:56:39.0536 7424 WUSB54GCv3 - ok 20:56:39.0542 7424 XAudio (f22e443518bc599d12888daf292a56d8) C:\Windows\system32\DRIVERS\xaudio64.sys 20:56:39.0555 7424 XAudio - ok 20:56:39.0603 7424 XAudioService (963c27034bba4ac52a13f7a3c657c708) C:\Windows\system32\DRIVERS\xaudio64.exe 20:56:39.0621 7424 XAudioService - ok 20:56:39.0674 7424 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0 20:56:39.0802 7424 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 20:56:39.0802 7424 \Device\Harddisk0\DR0 - detected TDSS File System (1) 20:56:39.0825 7424 Boot (0x1200) (2bd43f59bd1fa455adf4cc796604d954) \Device\Harddisk0\DR0\Partition0 20:56:39.0827 7424 \Device\Harddisk0\DR0\Partition0 - ok 20:56:39.0831 7424 Boot (0x1200) (32c325547acdbc4f5cb3e5a96cad24a1) \Device\Harddisk0\DR0\Partition1 20:56:39.0834 7424 \Device\Harddisk0\DR0\Partition1 - ok 20:56:39.0834 7424 ============================================================ 20:56:39.0834 7424 Scan finished 20:56:39.0834 7424 ============================================================ 20:56:39.0849 7344 Detected object count: 2 20:56:39.0850 7344 Actual detected object count: 2 20:57:54.0722 7344 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user 20:57:54.0722 7344 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:57:54.0837 7344 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 20:57:54.0841 7344 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine 20:57:54.0872 7344 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 20:57:54.0880 7344 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 20:57:54.0916 7344 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine 20:57:54.0950 7344 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine 20:57:54.0952 7344 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine 20:57:54.0954 7344 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine 20:57:54.0956 7344 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine 20:57:54.0962 7344 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine 20:57:54.0967 7344 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine 20:57:54.0970 7344 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine 20:57:54.0970 7344 \Device\Harddisk0\DR0\TDLFS - deleted 20:57:54.0971 7344 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
  5. Okay, Charlie, Thanks for sticking with me on this. Here's the RogueKiller report: ************************************************************************ RogueKiller V7.4.4 [05/08/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 64 bits version Started in : Normal mode User: Jim [Admin rights] Mode: Scan -- Date: 05/10/2012 12:25:37 ¤¤¤ Bad processes: 1 ¤¤¤ [sUSP PATH] V0500Mon.exe -- C:\Windows\V0500Mon.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 10 ¤¤¤ [sUSP PATH] HKLM\[...]\Wow6432Node\Run : V0500Mon.exe (C:\Windows\V0500Mon.exe) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [FOLDER] plugs : c:\users\jim\appdata\roaming\adobe\plugs --> FOUND [FOLDER] shed : c:\users\jim\appdata\roaming\adobe\shed --> FOUND ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3500620AS ATA Device +++++ --- User --- [MBR] ecd013456e6c0a9bc99cae972239a87d [bSP] 150fe8091c5ed2ca05f312c1055477c6 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 461899 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt ************************************************************************ Note that the first thing it did was to kill: C:\Windows\V0500Mon.exe. I had checked the Web about this some time ago, and was informed that it's probably an okay application if the system has a Dynex Webcam, which mine does. The computer seems to run without it, however; after the RK scan it hasn't come back. I just tried the Webcam in a couple of applications, and it still works without that .exe running. I wonder if I should find where it starts up and kill it for good. I checked with the guy who wrote that NetMeter utility, here's the conversation for your evaluation: ************************************************************************************************ On 10.05.2012 02:58, Jim Wood, CPEW wrote: > > Hi, > > I have used NetMeter for years, on several computers, and have never had > a problem with it. I’m currently running 1.1.4BETA on a Vista/64 > machine. I picked up a Trojan the other day, finally got rid of it, and > sent a log file to the Malwarebytes people. They said that NetMeter > 1.1.4BETA is a virus and linked me to this site: > http://www.bleepingcomputer.com/startups/NetMeter.exe-3644.html > I think they may be mistaken, but can you comment, please? > > J. Wood > Brea, California Hi, There may be another program named "NetMeter.exe" which is malware - I can assure you though that my NetMeter isn't. See the Softpedia page for example: http://www.softpedia.com/get/Network-Tools/Bandwidth-Tools/NetMeter.shtml http://www.softpedia.com/progClean/NetMeter-Clean-23932.html Best regards Oliver ************************************************************************************************
  6. Hi, MrC, I have to take exception to the NetMeter issue. This is a program that I have used for years, on various computers, with no problems. It is available widely on the Web by various shareware/freeware distributors and has been reviewed favorably by many. The .exe is 576kB; I could zip it and send it to you for evaluation if you like. I depend on this program to monitor Internet in/out traffic. Can you suggest an alternative?
  7. Here are the two requested logs. Thanks much for the help; I'm upgrading Malwarebytes. DDS.txt Attach.txt
  8. Today I was infected by a Trojan going by the name of consrv.dll. My antivirus snagged it, prompted me to restart my computer for complete removal, but when I did both the antivirus software and Windows firewall were inoperative. Obviously it snuck by the antivirus and did its damage. I spent the rest of the day working on this. There was help on the Web, including a site that would fix it for me, while I watched, for $170. In the process of removing the Trojan, which took the better part of the day, I did several scans, both with my antivirus program, limping along, and with the free version of Malwarebytes. Both found the infection, but were not able to remove it. To do that I had to use various 'tools' off the Web and restore my system to a previous date. That looks to have done it, but one never knows "...what evil lurks in the heart of the hard drive." It may reappear if nudged. So here's my question: If the free version of Malwarebytes was able to find the infection after the fact, would the paid version have stopped it from installing?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.