Marth9
-
Posts
9 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Marth9
-
-
Gringo,
The scan found no threats. Does this mean we are close to done? =)
Marth9
-
So far, it seems to be working much better. There weren't any problems with the programs that I am aware of. Here are the newest logs...
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.19.10
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Martha :: MARTHA-PC [administrator]
11/19/2012 10:43:53 PM
mbam-log-2012-11-19 (22-43-53).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218378
Time elapsed: 3 minute(s), 52 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:50:35 PM, on 11/19/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Users\Martha\Downloads\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\System32\ASDR.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: McAfee Online Backup (MOBKbackup) - McAfee, Inc. - C:\Program Files\McAfee Online Backup\MOBKbackup.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 8563 bytes
Hope this is helpful. Thank you so much!
Marth9
-
Gringo,
Here are the logs you requested. My computer also installed a bunch of updates, mostly security updates automatically with a reboot prior to these scans while I was gone.
20:48:29.0314 5956 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:48:29.0829 5956 ============================================================
20:48:29.0829 5956 Current date / time: 2012/11/19 20:48:29.0829
20:48:29.0829 5956 SystemInfo:
20:48:29.0829 5956
20:48:29.0829 5956 OS Version: 6.0.6002 ServicePack: 2.0
20:48:29.0829 5956 Product type: Workstation
20:48:29.0829 5956 ComputerName: MARTHA-PC
20:48:29.0829 5956 UserName: Martha
20:48:29.0829 5956 Windows directory: C:\Windows
20:48:29.0829 5956 System windows directory: C:\Windows
20:48:29.0829 5956 Processor architecture: Intel x86
20:48:29.0829 5956 Number of processors: 2
20:48:29.0829 5956 Page size: 0x1000
20:48:29.0829 5956 Boot type: Normal boot
20:48:29.0829 5956 ============================================================
20:48:30.0968 5956 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:48:30.0983 5956 ============================================================
20:48:30.0983 5956 \Device\Harddisk0\DR0:
20:48:30.0983 5956 MBR partitions:
20:48:30.0983 5956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
20:48:30.0983 5956 ============================================================
20:48:31.0014 5956 C: <-> \Device\Harddisk0\DR0\Partition1
20:48:31.0014 5956 ============================================================
20:48:31.0014 5956 Initialize success
20:48:31.0014 5956 ============================================================
20:48:51.0341 3836 ============================================================
20:48:51.0341 3836 Scan started
20:48:51.0341 3836 Mode: Manual;
20:48:51.0341 3836 ============================================================
20:48:52.0074 3836 ================ Scan system memory ========================
20:48:52.0074 3836 System memory - ok
20:48:52.0074 3836 ================ Scan services =============================
20:48:52.0293 3836 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:48:52.0308 3836 ACPI - ok
20:48:52.0371 3836 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:48:52.0371 3836 AdobeARMservice - ok
20:48:52.0418 3836 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:48:52.0418 3836 AdobeFlashPlayerUpdateSvc - ok
20:48:52.0449 3836 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:48:52.0464 3836 adp94xx - ok
20:48:52.0480 3836 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:48:52.0480 3836 adpahci - ok
20:48:52.0496 3836 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:48:52.0496 3836 adpu160m - ok
20:48:52.0511 3836 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:48:52.0558 3836 adpu320 - ok
20:48:52.0605 3836 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:48:52.0605 3836 AeLookupSvc - ok
20:48:52.0683 3836 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
20:48:52.0698 3836 AFD - ok
20:48:52.0730 3836 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:48:52.0730 3836 agp440 - ok
20:48:52.0776 3836 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:48:52.0776 3836 aic78xx - ok
20:48:52.0823 3836 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
20:48:52.0823 3836 ALG - ok
20:48:52.0839 3836 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
20:48:52.0839 3836 aliide - ok
20:48:52.0870 3836 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:48:52.0870 3836 amdagp - ok
20:48:52.0901 3836 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
20:48:52.0901 3836 amdide - ok
20:48:52.0917 3836 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:48:52.0917 3836 AmdK7 - ok
20:48:52.0932 3836 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:48:52.0948 3836 AmdK8 - ok
20:48:53.0010 3836 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
20:48:53.0010 3836 Appinfo - ok
20:48:53.0120 3836 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:48:53.0120 3836 Apple Mobile Device - ok
20:48:53.0166 3836 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
20:48:53.0182 3836 arc - ok
20:48:53.0213 3836 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:48:53.0213 3836 arcsas - ok
20:48:53.0244 3836 [ F986C42836E3A77F309734F43B653377 ] ASDR C:\Windows\System32\ASDR.exe
20:48:53.0244 3836 ASDR - ok
20:48:53.0260 3836 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] AsIO C:\Windows\system32\drivers\AsIO.sys
20:48:53.0260 3836 AsIO - ok
20:48:53.0276 3836 [ B6E6B264E9C4D0AD0E97AF8434C8754D ] asusgsb C:\Windows\system32\drivers\asusgsb.sys
20:48:53.0276 3836 asusgsb - ok
20:48:53.0307 3836 [ 94442E3029FF6C9F08140FE6718AF4FB ] ASUSVRC C:\Windows\system32\DRIVERS\AsusVRC.sys
20:48:53.0322 3836 ASUSVRC - ok
20:48:53.0369 3836 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:48:53.0369 3836 AsyncMac - ok
20:48:53.0400 3836 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
20:48:53.0400 3836 atapi - ok
20:48:53.0416 3836 [ 697339FF5CEA803625BB452EADBD3B2C ] atkdisplf C:\Windows\system32\drivers\ATKDispLowFilter.sys
20:48:53.0416 3836 atkdisplf - ok
20:48:53.0432 3836 [ E436037994EB711DFE53B8E323B3000C ] ATKFUSService C:\Windows\system32\ATKFUSService.exe
20:48:53.0432 3836 ATKFUSService - ok
20:48:53.0478 3836 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:48:53.0494 3836 AudioEndpointBuilder - ok
20:48:53.0494 3836 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:48:53.0494 3836 Audiosrv - ok
20:48:53.0510 3836 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
20:48:53.0525 3836 Beep - ok
20:48:53.0541 3836 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
20:48:53.0541 3836 BFE - ok
20:48:53.0588 3836 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
20:48:53.0603 3836 BITS - ok
20:48:53.0603 3836 blbdrive - ok
20:48:53.0697 3836 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:48:53.0697 3836 Bonjour Service - ok
20:48:53.0728 3836 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:48:53.0744 3836 bowser - ok
20:48:53.0775 3836 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:48:53.0775 3836 BrFiltLo - ok
20:48:53.0790 3836 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:48:53.0790 3836 BrFiltUp - ok
20:48:53.0822 3836 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
20:48:53.0822 3836 Browser - ok
20:48:53.0853 3836 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:48:53.0853 3836 Brserid - ok
20:48:53.0868 3836 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:48:53.0868 3836 BrSerWdm - ok
20:48:53.0884 3836 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:48:53.0884 3836 BrUsbMdm - ok
20:48:53.0900 3836 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:48:53.0900 3836 BrUsbSer - ok
20:48:53.0915 3836 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:48:53.0915 3836 BTHMODEM - ok
20:48:54.0040 3836 catchme - ok
20:48:54.0071 3836 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:48:54.0071 3836 cdfs - ok
20:48:54.0134 3836 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:48:54.0149 3836 cdrom - ok
20:48:54.0196 3836 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
20:48:54.0196 3836 CertPropSvc - ok
20:48:54.0227 3836 [ 958C33D0715D1496684D2E5E329748E8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
20:48:54.0227 3836 cfwids - ok
20:48:54.0258 3836 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
20:48:54.0258 3836 circlass - ok
20:48:54.0290 3836 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
20:48:54.0290 3836 CLFS - ok
20:48:54.0368 3836 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:48:54.0383 3836 clr_optimization_v2.0.50727_32 - ok
20:48:54.0446 3836 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:48:54.0461 3836 clr_optimization_v4.0.30319_32 - ok
20:48:54.0492 3836 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:48:54.0492 3836 cmdide - ok
20:48:54.0508 3836 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:48:54.0508 3836 Compbatt - ok
20:48:54.0524 3836 COMSysApp - ok
20:48:54.0555 3836 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:48:54.0555 3836 crcdisk - ok
20:48:54.0586 3836 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:48:54.0586 3836 Crusoe - ok
20:48:54.0664 3836 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:48:54.0664 3836 CryptSvc - ok
20:48:54.0773 3836 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:48:54.0773 3836 DcomLaunch - ok
20:48:54.0804 3836 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:48:54.0820 3836 DfsC - ok
20:48:54.0882 3836 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
20:48:54.0898 3836 DFSR - ok
20:48:54.0976 3836 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:48:54.0976 3836 Dhcp - ok
20:48:55.0007 3836 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
20:48:55.0007 3836 disk - ok
20:48:55.0038 3836 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:48:55.0038 3836 Dnscache - ok
20:48:55.0132 3836 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:48:55.0148 3836 dot3svc - ok
20:48:55.0194 3836 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
20:48:55.0194 3836 DPS - ok
20:48:55.0241 3836 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:48:55.0257 3836 drmkaud - ok
20:48:55.0304 3836 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:48:55.0319 3836 DXGKrnl - ok
20:48:55.0350 3836 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:48:55.0366 3836 E1G60 - ok
20:48:55.0397 3836 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
20:48:55.0397 3836 EapHost - ok
20:48:55.0460 3836 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
20:48:55.0460 3836 Ecache - ok
20:48:55.0569 3836 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:48:55.0584 3836 ehRecvr - ok
20:48:55.0616 3836 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
20:48:55.0631 3836 ehSched - ok
20:48:55.0631 3836 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
20:48:55.0631 3836 ehstart - ok
20:48:55.0662 3836 [ 02F9D43D038323D88D14BFAB22535A54 ] EIO C:\Windows\system32\DRIVERS\EIO.sys
20:48:55.0662 3836 EIO - ok
20:48:55.0678 3836 [ 7EC42EC12A4BAC14BCCA99FB06F2D125 ] elagopro C:\Windows\system32\DRIVERS\elagopro.sys
20:48:55.0678 3836 elagopro - ok
20:48:55.0694 3836 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] elaunidr C:\Windows\system32\DRIVERS\elaunidr.sys
20:48:55.0694 3836 elaunidr - ok
20:48:55.0725 3836 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:48:55.0740 3836 elxstor - ok
20:48:55.0803 3836 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:48:55.0803 3836 EMDMgmt - ok
20:48:55.0881 3836 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
20:48:55.0881 3836 EventSystem - ok
20:48:55.0928 3836 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
20:48:55.0943 3836 exfat - ok
20:48:55.0959 3836 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:48:55.0959 3836 fastfat - ok
20:48:56.0006 3836 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:48:56.0021 3836 fdc - ok
20:48:56.0068 3836 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
20:48:56.0068 3836 fdPHost - ok
20:48:56.0084 3836 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
20:48:56.0084 3836 FDResPub - ok
20:48:56.0115 3836 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:48:56.0130 3836 FileInfo - ok
20:48:56.0130 3836 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:48:56.0130 3836 Filetrace - ok
20:48:56.0146 3836 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:48:56.0146 3836 flpydisk - ok
20:48:56.0208 3836 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:48:56.0208 3836 FltMgr - ok
20:48:56.0271 3836 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
20:48:56.0286 3836 FontCache - ok
20:48:56.0396 3836 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:48:56.0396 3836 FontCache3.0.0.0 - ok
20:48:56.0442 3836 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:48:56.0442 3836 Fs_Rec - ok
20:48:56.0489 3836 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:48:56.0505 3836 gagp30kx - ok
20:48:56.0520 3836 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:48:56.0520 3836 GEARAspiWDM - ok
20:48:56.0583 3836 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
20:48:56.0583 3836 gpsvc - ok
20:48:56.0645 3836 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:48:56.0645 3836 HdAudAddService - ok
20:48:56.0770 3836 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:48:56.0786 3836 HDAudBus - ok
20:48:56.0801 3836 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:48:56.0801 3836 HidBth - ok
20:48:56.0832 3836 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:48:56.0832 3836 HidIr - ok
20:48:56.0864 3836 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
20:48:56.0864 3836 hidserv - ok
20:48:56.0926 3836 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:48:56.0942 3836 HidUsb - ok
20:48:56.0973 3836 [ D61E53E3FEC0C92BC8DD3969FAD63F87 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
20:48:56.0988 3836 HipShieldK - ok
20:48:57.0004 3836 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:48:57.0020 3836 hkmsvc - ok
20:48:57.0035 3836 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:48:57.0051 3836 HpCISSs - ok
20:48:57.0098 3836 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:48:57.0098 3836 HTTP - ok
20:48:57.0113 3836 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:48:57.0113 3836 i2omp - ok
20:48:57.0191 3836 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:48:57.0191 3836 i8042prt - ok
20:48:57.0222 3836 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:48:57.0222 3836 iaStorV - ok
20:48:57.0285 3836 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:48:57.0285 3836 IDriverT - ok
20:48:57.0425 3836 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:48:57.0456 3836 idsvc - ok
20:48:57.0488 3836 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:48:57.0488 3836 iirsp - ok
20:48:57.0534 3836 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
20:48:57.0534 3836 IKEEXT - ok
20:48:57.0581 3836 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
20:48:57.0581 3836 intelide - ok
20:48:57.0612 3836 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:48:57.0612 3836 intelppm - ok
20:48:57.0659 3836 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:48:57.0659 3836 IPBusEnum - ok
20:48:57.0706 3836 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:48:57.0722 3836 IpFilterDriver - ok
20:48:57.0737 3836 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:48:57.0753 3836 iphlpsvc - ok
20:48:57.0753 3836 IpInIp - ok
20:48:57.0768 3836 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:48:57.0768 3836 IPMIDRV - ok
20:48:57.0800 3836 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:48:57.0800 3836 IPNAT - ok
20:48:57.0846 3836 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:48:57.0862 3836 iPod Service - ok
20:48:57.0909 3836 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:48:57.0924 3836 IRENUM - ok
20:48:57.0956 3836 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:48:57.0956 3836 isapnp - ok
20:48:58.0002 3836 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:48:58.0018 3836 iScsiPrt - ok
20:48:58.0034 3836 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:48:58.0034 3836 iteatapi - ok
20:48:58.0049 3836 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:48:58.0049 3836 iteraid - ok
20:48:58.0080 3836 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:48:58.0080 3836 kbdclass - ok
20:48:58.0127 3836 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:48:58.0127 3836 kbdhid - ok
20:48:58.0158 3836 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
20:48:58.0158 3836 KeyIso - ok
20:48:58.0190 3836 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:48:58.0205 3836 KSecDD - ok
20:48:58.0252 3836 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:48:58.0252 3836 KtmRm - ok
20:48:58.0299 3836 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
20:48:58.0299 3836 LanmanServer - ok
20:48:58.0361 3836 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:48:58.0361 3836 LanmanWorkstation - ok
20:48:58.0408 3836 [ 71C6A95A5F0CCC87298C4DD0F2C3635A ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:48:58.0408 3836 LightScribeService - ok
20:48:58.0439 3836 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:48:58.0439 3836 lltdio - ok
20:48:58.0455 3836 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:48:58.0455 3836 lltdsvc - ok
20:48:58.0486 3836 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:48:58.0486 3836 lmhosts - ok
20:48:58.0517 3836 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:48:58.0548 3836 LSI_FC - ok
20:48:58.0564 3836 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:48:58.0564 3836 LSI_SAS - ok
20:48:58.0580 3836 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:48:58.0580 3836 LSI_SCSI - ok
20:48:58.0611 3836 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
20:48:58.0611 3836 luafv - ok
20:48:58.0658 3836 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:48:58.0658 3836 MBAMProtector - ok
20:48:58.0689 3836 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:48:58.0689 3836 MBAMScheduler - ok
20:48:58.0736 3836 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:48:58.0736 3836 MBAMService - ok
20:48:58.0829 3836 [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
20:48:58.0829 3836 McAfee SiteAdvisor Service - ok
20:48:58.0829 3836 [ ECAB006AC6136F1307E140B633CDB8C2 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
20:48:58.0829 3836 McMPFSvc - ok
20:48:58.0892 3836 [ ECAB006AC6136F1307E140B633CDB8C2 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
20:48:58.0892 3836 mcmscsvc - ok
20:48:58.0907 3836 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
20:48:58.0907 3836 McNaiAnn - ok
20:48:58.0923 3836 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
20:48:58.0938 3836 McNASvc - ok
20:48:59.0032 3836 [ E63BF12007702D6AC5037AF1E0C6B1C9 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
20:48:59.0032 3836 McODS - ok
20:48:59.0063 3836 [ ECAB006AC6136F1307E140B633CDB8C2 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
20:48:59.0063 3836 McProxy - ok
20:48:59.0079 3836 [ E2E5B3BE663570089F352D311B3D335F ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
20:48:59.0079 3836 McPvDrv - ok
20:48:59.0141 3836 [ 6A78931E71218F38B2B4665D2BA79789 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
20:48:59.0157 3836 McShield - ok
20:48:59.0188 3836 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:48:59.0204 3836 Mcx2Svc - ok
20:48:59.0235 3836 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
20:48:59.0235 3836 megasas - ok
20:48:59.0266 3836 [ 38995E33939DCA02BEED384C37A0BABB ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
20:48:59.0266 3836 mfeapfk - ok
20:48:59.0297 3836 [ ACB64C134E0FA7124FE67A8CC5F02833 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
20:48:59.0297 3836 mfeavfk - ok
20:48:59.0297 3836 mfeavfk01 - ok
20:48:59.0313 3836 [ FB331E460DBAE41B7CBDD72E690D6DA3 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
20:48:59.0328 3836 mfebopk - ok
20:48:59.0328 3836 [ 8421EF9F71E0595BE68B5D913ED0FE78 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:48:59.0328 3836 mfefire - ok
20:48:59.0360 3836 [ 53891A53ACF0D43088E899DDD7209ACC ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
20:48:59.0375 3836 mfefirek - ok
20:48:59.0391 3836 [ 2F70286021B917F6D69C32C5DB8CD288 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
20:48:59.0406 3836 mfehidk - ok
20:48:59.0422 3836 [ 9171F3CA5DDD1D6A590B295F90E1E3BB ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
20:48:59.0422 3836 mferkdet - ok
20:48:59.0438 3836 [ 922E64CA38E38106498FB3435A8E399D ] mfetdi2k C:\Windows\system32\drivers\mfetdi2k.sys
20:48:59.0438 3836 mfetdi2k - ok
20:48:59.0469 3836 [ 958E4A10C7C2C80714882542934C6912 ] mfevtp C:\Windows\system32\mfevtps.exe
20:48:59.0484 3836 mfevtp - ok
20:48:59.0516 3836 [ 07A474725D2DC08759496F58164795CB ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
20:48:59.0531 3836 mfewfpk - ok
20:48:59.0562 3836 Microsoft SharePoint Workspace Audit Service - ok
20:48:59.0609 3836 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
20:48:59.0609 3836 MMCSS - ok
20:48:59.0672 3836 [ 35176FA09A0FC58DB630991A81A0BA39 ] MOBKbackup C:\Program Files\McAfee Online Backup\MOBKbackup.exe
20:48:59.0672 3836 MOBKbackup - ok
20:48:59.0687 3836 [ E896775837A8BCE436348DF460522394 ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
20:48:59.0687 3836 MOBKFilter - ok
20:48:59.0703 3836 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
20:48:59.0703 3836 Modem - ok
20:48:59.0718 3836 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:48:59.0718 3836 monitor - ok
20:48:59.0765 3836 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:48:59.0765 3836 mouclass - ok
20:48:59.0765 3836 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:48:59.0765 3836 mouhid - ok
20:48:59.0812 3836 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:48:59.0828 3836 MountMgr - ok
20:48:59.0874 3836 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:48:59.0874 3836 MozillaMaintenance - ok
20:48:59.0937 3836 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
20:48:59.0952 3836 mpio - ok
20:48:59.0999 3836 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:48:59.0999 3836 mpsdrv - ok
20:49:00.0108 3836 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
20:49:00.0108 3836 MpsSvc - ok
20:49:00.0140 3836 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:49:00.0155 3836 Mraid35x - ok
20:49:00.0202 3836 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:49:00.0202 3836 MRxDAV - ok
20:49:00.0218 3836 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:49:00.0218 3836 mrxsmb - ok
20:49:00.0249 3836 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:49:00.0249 3836 mrxsmb10 - ok
20:49:00.0249 3836 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:49:00.0264 3836 mrxsmb20 - ok
20:49:00.0280 3836 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
20:49:00.0280 3836 msahci - ok
20:49:00.0296 3836 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:49:00.0296 3836 msdsm - ok
20:49:00.0327 3836 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
20:49:00.0342 3836 MSDTC - ok
20:49:00.0405 3836 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:49:00.0405 3836 Msfs - ok
20:49:00.0436 3836 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:49:00.0436 3836 msisadrv - ok
20:49:00.0467 3836 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:49:00.0467 3836 MSiSCSI - ok
20:49:00.0467 3836 msiserver - ok
20:49:00.0498 3836 [ ECAB006AC6136F1307E140B633CDB8C2 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
20:49:00.0498 3836 MSK80Service - ok
20:49:00.0530 3836 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:49:00.0545 3836 MSKSSRV - ok
20:49:00.0576 3836 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:49:00.0592 3836 MSPCLOCK - ok
20:49:00.0592 3836 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:49:00.0592 3836 MSPQM - ok
20:49:00.0639 3836 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:49:00.0639 3836 MsRPC - ok
20:49:00.0670 3836 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:49:00.0670 3836 mssmbios - ok
20:49:00.0701 3836 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:49:00.0701 3836 MSTEE - ok
20:49:00.0732 3836 [ DCDAAB8697A47894A554050CE18D0B56 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
20:49:00.0732 3836 MTsensor - ok
20:49:00.0779 3836 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
20:49:00.0779 3836 Mup - ok
20:49:00.0842 3836 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
20:49:00.0842 3836 napagent - ok
20:49:00.0904 3836 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:49:00.0904 3836 NativeWifiP - ok
20:49:00.0982 3836 [ D9C2C7AA7D811709E63C7194AD4D345F ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
20:49:01.0029 3836 NBService - ok
20:49:01.0091 3836 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:49:01.0107 3836 NDIS - ok
20:49:01.0154 3836 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:49:01.0169 3836 NdisTapi - ok
20:49:01.0185 3836 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:49:01.0185 3836 Ndisuio - ok
20:49:01.0232 3836 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:49:01.0247 3836 NdisWan - ok
20:49:01.0263 3836 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:49:01.0263 3836 NDProxy - ok
20:49:01.0310 3836 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:49:01.0310 3836 NetBIOS - ok
20:49:01.0356 3836 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:49:01.0356 3836 netbt - ok
20:49:01.0372 3836 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
20:49:01.0372 3836 Netlogon - ok
20:49:01.0388 3836 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
20:49:01.0388 3836 Netman - ok
20:49:01.0419 3836 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
20:49:01.0419 3836 netprofm - ok
20:49:01.0466 3836 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:49:01.0481 3836 NetTcpPortSharing - ok
20:49:01.0512 3836 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:49:01.0512 3836 nfrd960 - ok
20:49:01.0559 3836 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:49:01.0559 3836 NlaSvc - ok
20:49:01.0622 3836 [ CB3267C4CEED06A6CB1EF127522D581B ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
20:49:01.0622 3836 NMIndexingService - ok
20:49:01.0668 3836 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:49:01.0684 3836 Npfs - ok
20:49:01.0715 3836 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
20:49:01.0715 3836 nsi - ok
20:49:01.0731 3836 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:49:01.0731 3836 nsiproxy - ok
20:49:01.0809 3836 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:49:01.0840 3836 Ntfs - ok
20:49:01.0887 3836 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:49:01.0902 3836 ntrigdigi - ok
20:49:01.0902 3836 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
20:49:01.0902 3836 Null - ok
20:49:02.0963 3836 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:49:03.0416 3836 nvlddmkm - ok
20:49:03.0447 3836 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:49:03.0462 3836 nvraid - ok
20:49:03.0494 3836 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:49:03.0494 3836 nvstor - ok
20:49:03.0556 3836 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:49:03.0556 3836 nvsvc - ok
20:49:03.0696 3836 [ 61FF84F865B4414EFDC11856BF5757AD ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:49:03.0712 3836 nvUpdatusService - ok
20:49:03.0728 3836 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:49:03.0743 3836 nv_agp - ok
20:49:03.0743 3836 NwlnkFlt - ok
20:49:03.0743 3836 NwlnkFwd - ok
20:49:03.0806 3836 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:49:03.0821 3836 ohci1394 - ok
20:49:03.0868 3836 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:49:03.0868 3836 ose - ok
20:49:04.0508 3836 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:49:04.0554 3836 osppsvc - ok
20:49:04.0726 3836 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:49:04.0742 3836 p2pimsvc - ok
20:49:04.0757 3836 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
20:49:04.0773 3836 p2psvc - ok
20:49:04.0804 3836 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
20:49:04.0820 3836 Parport - ok
20:49:04.0835 3836 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:49:04.0851 3836 partmgr - ok
20:49:04.0866 3836 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:49:04.0866 3836 Parvdm - ok
20:49:04.0898 3836 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
20:49:04.0898 3836 PcaSvc - ok
20:49:04.0944 3836 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
20:49:04.0976 3836 pci - ok
20:49:04.0991 3836 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
20:49:04.0991 3836 pciide - ok
20:49:05.0007 3836 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:49:05.0022 3836 pcmcia - ok
20:49:05.0069 3836 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:49:05.0100 3836 PEAUTH - ok
20:49:05.0147 3836 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
20:49:05.0163 3836 pla - ok
20:49:05.0210 3836 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:49:05.0210 3836 PlugPlay - ok
20:49:05.0303 3836 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:49:05.0319 3836 PNRPAutoReg - ok
20:49:05.0381 3836 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:49:05.0381 3836 PNRPsvc - ok
20:49:05.0444 3836 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:49:05.0444 3836 PolicyAgent - ok
20:49:05.0490 3836 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:49:05.0490 3836 PptpMiniport - ok
20:49:05.0522 3836 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
20:49:05.0522 3836 Processor - ok
20:49:05.0553 3836 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
20:49:05.0553 3836 ProfSvc - ok
20:49:05.0553 3836 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:49:05.0568 3836 ProtectedStorage - ok
20:49:05.0600 3836 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:49:05.0615 3836 PSched - ok
20:49:05.0631 3836 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:49:05.0662 3836 ql2300 - ok
20:49:05.0678 3836 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:49:05.0693 3836 ql40xx - ok
20:49:05.0724 3836 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
20:49:05.0724 3836 QWAVE - ok
20:49:05.0771 3836 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:49:05.0771 3836 QWAVEdrv - ok
20:49:05.0787 3836 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:49:05.0802 3836 RasAcd - ok
20:49:05.0818 3836 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
20:49:05.0818 3836 RasAuto - ok
20:49:05.0834 3836 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:49:05.0834 3836 Rasl2tp - ok
20:49:05.0849 3836 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
20:49:05.0849 3836 RasMan - ok
20:49:05.0880 3836 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:49:05.0880 3836 RasPppoe - ok
20:49:05.0927 3836 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:49:05.0927 3836 RasSstp - ok
20:49:05.0974 3836 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:49:05.0990 3836 rdbss - ok
20:49:06.0021 3836 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:49:06.0021 3836 RDPCDD - ok
20:49:06.0068 3836 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:49:06.0068 3836 rdpdr - ok
20:49:06.0068 3836 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:49:06.0068 3836 RDPENCDD - ok
20:49:06.0114 3836 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:49:06.0130 3836 RDPWD - ok
20:49:06.0161 3836 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:49:06.0161 3836 RemoteAccess - ok
20:49:06.0208 3836 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:49:06.0208 3836 RemoteRegistry - ok
20:49:06.0239 3836 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
20:49:06.0239 3836 RimUsb - ok
20:49:06.0270 3836 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
20:49:06.0270 3836 RpcLocator - ok
20:49:06.0286 3836 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
20:49:06.0302 3836 RpcSs - ok
20:49:06.0333 3836 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:49:06.0348 3836 rspndr - ok
20:49:06.0395 3836 [ 25C91EE1BE0C0CFA79696A2D0B47AA43 ] RTL8187 C:\Windows\system32\DRIVERS\RTL8187.sys
20:49:06.0395 3836 RTL8187 - ok
20:49:06.0395 3836 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
20:49:06.0395 3836 SamSs - ok
20:49:06.0442 3836 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:49:06.0458 3836 sbp2port - ok
20:49:06.0489 3836 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:49:06.0504 3836 SCardSvr - ok
20:49:06.0551 3836 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
20:49:06.0567 3836 Schedule - ok
20:49:06.0598 3836 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:49:06.0598 3836 SCPolicySvc - ok
20:49:06.0645 3836 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:49:06.0660 3836 SDRSVC - ok
20:49:06.0676 3836 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:49:06.0676 3836 secdrv - ok
20:49:06.0692 3836 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
20:49:06.0692 3836 seclogon - ok
20:49:06.0723 3836 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
20:49:06.0723 3836 SENS - ok
20:49:06.0770 3836 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:49:06.0770 3836 Serenum - ok
20:49:06.0801 3836 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:49:06.0801 3836 Serial - ok
20:49:06.0832 3836 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:49:06.0832 3836 sermouse - ok
20:49:06.0863 3836 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
20:49:06.0863 3836 SessionEnv - ok
20:49:06.0894 3836 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:49:06.0910 3836 sffdisk - ok
20:49:06.0957 3836 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:49:06.0957 3836 sffp_mmc - ok
20:49:06.0972 3836 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:49:06.0972 3836 sffp_sd - ok
20:49:06.0972 3836 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:49:06.0988 3836 sfloppy - ok
20:49:07.0019 3836 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:49:07.0035 3836 SharedAccess - ok
20:49:07.0082 3836 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:49:07.0082 3836 ShellHWDetection - ok
20:49:07.0113 3836 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:49:07.0113 3836 sisagp - ok
20:49:07.0113 3836 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:49:07.0128 3836 SiSRaid2 - ok
20:49:07.0144 3836 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:49:07.0144 3836 SiSRaid4 - ok
20:49:07.0534 3836 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
20:49:07.0550 3836 slsvc - ok
20:49:07.0612 3836 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:49:07.0612 3836 SLUINotify - ok
20:49:07.0643 3836 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:49:07.0643 3836 Smb - ok
20:49:07.0674 3836 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:49:07.0674 3836 SNMPTRAP - ok
20:49:07.0737 3836 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
20:49:07.0752 3836 spldr - ok
20:49:07.0784 3836 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
20:49:07.0799 3836 Spooler - ok
20:49:07.0815 3836 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:49:07.0830 3836 srv - ok
20:49:07.0877 3836 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:49:07.0877 3836 srv2 - ok
20:49:07.0924 3836 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:49:07.0924 3836 srvnet - ok
20:49:07.0955 3836 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:49:07.0971 3836 SSDPSRV - ok
20:49:07.0986 3836 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:49:07.0986 3836 SstpSvc - ok
20:49:08.0174 3836 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:49:08.0174 3836 Stereo Service - ok
20:49:08.0267 3836 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
20:49:08.0283 3836 stisvc - ok
20:49:08.0345 3836 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:49:08.0361 3836 swenum - ok
20:49:08.0392 3836 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
20:49:08.0408 3836 swprv - ok
20:49:08.0439 3836 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:49:08.0439 3836 Symc8xx - ok
20:49:08.0454 3836 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:49:08.0454 3836 Sym_hi - ok
20:49:08.0486 3836 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:49:08.0486 3836 Sym_u3 - ok
20:49:08.0532 3836 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
20:49:08.0532 3836 SysMain - ok
20:49:08.0564 3836 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:49:08.0564 3836 TabletInputService - ok
20:49:08.0642 3836 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:49:08.0642 3836 TapiSrv - ok
20:49:08.0688 3836 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
20:49:08.0688 3836 TBS - ok
20:49:08.0876 3836 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:49:08.0922 3836 Tcpip - ok
20:49:08.0954 3836 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:49:08.0954 3836 Tcpip6 - ok
20:49:09.0000 3836 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:49:09.0000 3836 tcpipreg - ok
20:49:09.0016 3836 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:49:09.0016 3836 TDPIPE - ok
20:49:09.0032 3836 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:49:09.0032 3836 TDTCP - ok
20:49:09.0063 3836 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:49:09.0078 3836 tdx - ok
20:49:09.0110 3836 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:49:09.0125 3836 TermDD - ok
20:49:09.0234 3836 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
20:49:09.0234 3836 TermService - ok
20:49:09.0297 3836 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
20:49:09.0297 3836 Themes - ok
20:49:09.0312 3836 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
20:49:09.0312 3836 THREADORDER - ok
20:49:09.0359 3836 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
20:49:09.0375 3836 TrkWks - ok
20:49:09.0422 3836 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:49:09.0422 3836 TrustedInstaller - ok
20:49:09.0453 3836 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:49:09.0484 3836 tssecsrv - ok
20:49:09.0531 3836 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:49:09.0531 3836 tunmp - ok
20:49:09.0546 3836 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:49:09.0546 3836 tunnel - ok
20:49:09.0578 3836 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:49:09.0578 3836 uagp35 - ok
20:49:09.0609 3836 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:49:09.0624 3836 udfs - ok
20:49:09.0671 3836 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:49:09.0687 3836 UI0Detect - ok
20:49:09.0702 3836 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:49:09.0702 3836 uliagpkx - ok
20:49:09.0734 3836 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:49:09.0734 3836 uliahci - ok
20:49:09.0765 3836 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:49:09.0765 3836 UlSata - ok
20:49:09.0796 3836 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:49:09.0796 3836 ulsata2 - ok
20:49:09.0827 3836 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:49:09.0827 3836 umbus - ok
20:49:09.0874 3836 [ 88BD96A1BAEED33EE8BDF9499C07A841 ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
20:49:09.0874 3836 UMPass - ok
20:49:09.0952 3836 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
20:49:09.0952 3836 upnphost - ok
20:49:09.0983 3836 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:49:09.0999 3836 USBAAPL - ok
20:49:10.0030 3836 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:49:10.0030 3836 usbccgp - ok
20:49:10.0061 3836 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:49:10.0061 3836 usbcir - ok
20:49:10.0124 3836 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:49:10.0139 3836 usbehci - ok
20:49:10.0186 3836 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:49:10.0217 3836 usbhub - ok
20:49:10.0233 3836 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:49:10.0248 3836 usbohci - ok
20:49:10.0280 3836 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:49:10.0280 3836 usbprint - ok
20:49:10.0326 3836 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:49:10.0342 3836 usbscan - ok
20:49:10.0358 3836 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:49:10.0358 3836 USBSTOR - ok
20:49:10.0420 3836 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:49:10.0420 3836 usbuhci - ok
20:49:10.0467 3836 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
20:49:10.0467 3836 UxSms - ok
20:49:10.0576 3836 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
20:49:10.0607 3836 vds - ok
20:49:10.0638 3836 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:49:10.0654 3836 vga - ok
20:49:10.0685 3836 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
20:49:10.0701 3836 VgaSave - ok
20:49:10.0716 3836 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:49:10.0716 3836 viaagp - ok
20:49:10.0748 3836 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:49:10.0748 3836 ViaC7 - ok
20:49:10.0779 3836 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
20:49:10.0779 3836 viaide - ok
20:49:10.0826 3836 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:49:10.0826 3836 volmgr - ok
20:49:10.0872 3836 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:49:10.0872 3836 volmgrx - ok
20:49:10.0919 3836 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:49:10.0935 3836 volsnap - ok
20:49:10.0982 3836 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:49:10.0982 3836 vsmraid - ok
20:49:11.0075 3836 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
20:49:11.0122 3836 VSS - ok
20:49:11.0138 3836 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
20:49:11.0138 3836 W32Time - ok
20:49:11.0169 3836 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:49:11.0169 3836 WacomPen - ok
20:49:11.0200 3836 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:49:11.0200 3836 Wanarp - ok
20:49:11.0200 3836 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:49:11.0200 3836 Wanarpv6 - ok
20:49:11.0262 3836 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:49:11.0387 3836 wcncsvc - ok
20:49:11.0403 3836 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:49:11.0418 3836 WcsPlugInService - ok
20:49:11.0450 3836 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
20:49:11.0450 3836 Wd - ok
20:49:11.0481 3836 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:49:11.0512 3836 Wdf01000 - ok
20:49:11.0528 3836 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:49:11.0528 3836 WdiServiceHost - ok
20:49:11.0543 3836 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:49:11.0543 3836 WdiSystemHost - ok
20:49:11.0590 3836 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
20:49:11.0590 3836 WebClient - ok
20:49:11.0652 3836 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:49:11.0668 3836 Wecsvc - ok
20:49:11.0684 3836 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:49:11.0684 3836 wercplsupport - ok
20:49:11.0684 3836 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
20:49:11.0699 3836 WerSvc - ok
20:49:11.0762 3836 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:49:11.0777 3836 WinDefend - ok
20:49:11.0793 3836 WinHttpAutoProxySvc - ok
20:49:11.0824 3836 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:49:11.0824 3836 Winmgmt - ok
20:49:11.0902 3836 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
20:49:11.0949 3836 WinRM - ok
20:49:11.0980 3836 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:49:11.0996 3836 Wlansvc - ok
20:49:12.0042 3836 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:49:12.0058 3836 WmiAcpi - ok
20:49:12.0105 3836 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:49:12.0105 3836 wmiApSrv - ok
20:49:12.0308 3836 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:49:12.0308 3836 WMPNetworkSvc - ok
20:49:12.0354 3836 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:49:12.0370 3836 WPCSvc - ok
20:49:12.0401 3836 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:49:12.0401 3836 WPDBusEnum - ok
20:49:12.0464 3836 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:49:12.0495 3836 WpdUsb - ok
20:49:12.0604 3836 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:49:12.0620 3836 WPFFontCache_v0400 - ok
20:49:12.0651 3836 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:49:12.0651 3836 ws2ifsl - ok
20:49:12.0698 3836 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
20:49:12.0698 3836 wscsvc - ok
20:49:12.0713 3836 WSearch - ok
20:49:12.0916 3836 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:49:12.0994 3836 wuauserv - ok
20:49:13.0041 3836 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:49:13.0041 3836 WUDFRd - ok
20:49:13.0088 3836 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:49:13.0103 3836 wudfsvc - ok
20:49:13.0181 3836 [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
20:49:13.0197 3836 yukonwlh - ok
20:49:13.0197 3836 ================ Scan global ===============================
20:49:13.0244 3836 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:49:13.0290 3836 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:49:13.0337 3836 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:49:13.0446 3836 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:49:13.0446 3836 [Global] - ok
20:49:13.0446 3836 ================ Scan MBR ==================================
20:49:13.0462 3836 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:49:14.0164 3836 \Device\Harddisk0\DR0 - ok
20:49:14.0164 3836 ================ Scan VBR ==================================
20:49:14.0180 3836 [ 86DCF71A498C285FA60A24F2B1B35297 ] \Device\Harddisk0\DR0\Partition1
20:49:14.0195 3836 \Device\Harddisk0\DR0\Partition1 - ok
20:49:14.0195 3836 ============================================================
20:49:14.0195 3836 Scan finished
20:49:14.0195 3836 ============================================================
20:49:14.0195 5660 Detected object count: 0
20:49:14.0195 5660 Actual detected object count: 0
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-19 20:52:20
-----------------------------
20:52:20.992 OS Version: Windows 6.0.6002 Service Pack 2
20:52:20.992 Number of processors: 2 586 0xF0B
20:52:20.992 ComputerName: MARTHA-PC UserName: Martha
20:52:22.411 Initialize success
20:53:25.723 AVAST engine defs: 12111901
21:02:12.333 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-4
21:02:12.333 Disk 0 Vendor: ST3250410AS 3.AAC Size: 238475MB BusType: 3
21:02:12.333 Disk 0 MBR read successfully
21:02:12.349 Disk 0 MBR scan
21:02:12.364 Disk 0 Windows VISTA default MBR code
21:02:12.396 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238473 MB offset 2048
21:02:12.396 Disk 0 scanning sectors +488394752
21:02:12.474 Disk 0 scanning C:\Windows\system32\drivers
21:02:22.302 Service scanning
21:02:48.120 Modules scanning
21:02:53.018 Disk 0 trace - called modules:
21:02:53.034 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:02:53.034 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85eabac8]
21:02:53.034 3 CLASSPNP.SYS[8afba8b3] -> nt!IofCallDriver -> [0x8572ea70]
21:02:53.049 5 acpi.sys[806996bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-4[0x85719030]
21:02:53.704 AVAST engine scan C:\Windows
21:03:01.941 AVAST engine scan C:\Windows\system32
21:07:52.086 AVAST engine scan C:\Windows\system32\drivers
21:08:06.141 AVAST engine scan C:\Users\Martha
21:10:29.318 AVAST engine scan C:\ProgramData
21:11:15.385 Disk 0 MBR has been saved successfully to "C:\Users\Martha\Desktop\MBR.dat"
21:11:15.400 The log file has been saved successfully to "C:\Users\Martha\Desktop\aswMBR2.txt"
It seemed to work just fine. No reboot necessary, though, so I am not sure how it seems on startup.
Marth9
-
Hi,
In safe mode, everything seemed fine. I tried booting in normal mode and the computer seemed slow on startup. When I got past my opening Windows password, I received a message that "20333085A-2D28-4CFD-BC38-3A8F93776C17.exe" could not be found. After that, startup was fine. The internet seems sort of slow as well. Here is the ComboFix log that you requested.
ComboFix 12-11-16.02 - Martha 11/19/2012 6:52.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3326.2725 [GMT -5:00]
Running from: c:\users\Martha\Desktop\ComboFix.exe
Command switches used :: c:\users\Martha\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
.
.
((((((((((((((((((((((((( Files Created from 2012-10-19 to 2012-11-19 )))))))))))))))))))))))))))))))
.
.
2012-11-19 11:56 . 2012-11-19 11:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-11-19 11:56 . 2012-11-19 11:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-19 02:20 . 2012-11-19 02:20 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-18 23:24 . 2012-11-19 11:56 -------- d-----w- c:\users\Martha\AppData\Local\temp
2012-11-18 22:52 . 2012-11-18 22:52 -------- d-----w- c:\windows\Sun
2012-11-18 17:12 . 2012-11-18 17:14 -------- d-----w- c:\program files\SpywareBlaster
2012-11-18 17:12 . 2010-01-10 23:40 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2012-10-27 20:33 . 2012-10-27 01:10 175240 ----a-w- c:\program files\gtres.dll
2012-10-27 19:35 . 2012-10-27 19:35 -------- d-----w- c:\programdata\CAM Development
2012-10-27 19:35 . 2012-10-27 19:35 -------- d-----w- c:\program files\CAM Development
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 17:03 . 2012-05-28 21:27 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 17:03 . 2012-05-28 21:27 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-02 22:53 . 2012-10-02 22:53 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-02 22:53 . 2012-10-02 22:54 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-02 22:53 . 2012-04-17 01:19 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-29 23:54 . 2012-04-17 03:48 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-29 14:23 . 2012-09-29 14:23 652296 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-09-29 14:23 . 2012-09-29 14:23 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-29 14:22 . 2012-09-29 14:22 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
2012-09-14 20:26 . 2012-09-28 23:32 64832 ----a-w- c:\windows\system32\drivers\McPvDrv.sys
2012-09-13 13:28 . 2012-10-09 23:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-30 19:13 . 2012-09-25 23:21 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-08-30 19:13 . 2012-09-25 23:21 6109032 ----a-w- c:\windows\system32\nvopencl.dll
2012-08-30 19:13 . 2012-09-25 23:21 19828584 ----a-w- c:\windows\system32\nvoglv32.dll
2012-08-30 19:13 . 2012-09-25 23:21 10790760 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-08-30 19:13 . 2012-09-25 23:21 7626088 ----a-w- c:\windows\system32\nvcuda.dll
2012-08-30 19:13 . 2012-09-25 23:21 2573672 ----a-w- c:\windows\system32\nvcuvid.dll
2012-08-30 19:13 . 2012-09-25 23:21 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-08-30 19:13 . 2012-09-25 23:21 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-08-30 19:13 . 2012-02-10 02:43 12465512 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-08-30 19:13 . 2012-02-10 02:43 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-08-30 19:13 . 2008-01-03 14:26 2422120 ----a-w- c:\windows\system32\nvapi.dll
2012-08-30 19:13 . 2008-01-03 14:26 15291752 ----a-w- c:\windows\system32\nvd3dum.dll
2012-08-30 15:57 . 2012-04-17 02:40 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-30 15:57 . 2012-04-17 02:40 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-08-30 15:57 . 2008-01-03 14:26 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-30 15:57 . 2008-01-03 14:26 3963240 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-30 15:57 . 2008-01-03 14:26 2836840 ----a-w- c:\windows\system32\nvsvc.dll
2012-08-30 14:40 . 2012-08-30 14:40 429416 ----a-w- c:\windows\system32\nvStreaming.exe
2012-08-29 11:27 . 2012-10-09 23:45 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27 . 2012-10-09 23:45 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 15:53 . 2012-10-09 23:45 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 06:59 . 2012-09-24 07:01 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-24 07:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-24 07:01 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-24 07:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-24 07:01 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-24 07:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-27 19:35 . 2012-10-14 20:34 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-14 00:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-14 00:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-14 00:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-11-30 380928]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"2033085A-2D28-4CFD-BC38-3A8F93776C17"="start" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Online Backup Status.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk
backup=c:\windows\pss\McAfee Online Backup Status.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-05-31 00:06 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-07-04 18:01 148776 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-07 23:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe]
2012-09-12 16:21 1278648 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-07-04 18:20 161064 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 00:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 41298242
*NewlyCreated* - ASWMBR
*Deregistered* - 41298242
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 19:05 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-28 17:03]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
FF - ProfilePath - c:\users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\po1aves9.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-41298242.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-19 06:56
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1356)
c:\program files\McAfee Online Backup\MOBKshell.dll
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO800u.dll
.
Completion time: 2012-11-19 06:57:43
ComboFix-quarantined-files.txt 2012-11-19 11:57
ComboFix2.txt 2012-11-18 23:24
ComboFix3.txt 2012-11-18 23:03
.
Pre-Run: 142,484,742,144 bytes free
Post-Run: 142,620,033,024 bytes free
.
- - End Of File - - 76A88EE72D70C11B9E187F7474D91A67
Should I run this in safe mode still?
Thanks, Martha
-
Thanks so much for your help so far!! Sorry I didn't say that earlier. Here are the newest logs you requested...
21:20:11.0128 0500 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:20:11.0846 0500 ============================================================
21:20:11.0846 0500 Current date / time: 2012/11/18 21:20:11.0846
21:20:11.0846 0500 SystemInfo:
21:20:11.0846 0500
21:20:11.0846 0500 OS Version: 6.0.6002 ServicePack: 2.0
21:20:11.0846 0500 Product type: Workstation
21:20:11.0846 0500 ComputerName: MARTHA-PC
21:20:11.0846 0500 UserName: Martha
21:20:11.0846 0500 Windows directory: C:\Windows
21:20:11.0846 0500 System windows directory: C:\Windows
21:20:11.0846 0500 Processor architecture: Intel x86
21:20:11.0846 0500 Number of processors: 2
21:20:11.0846 0500 Page size: 0x1000
21:20:11.0846 0500 Boot type: Safe boot with network
21:20:11.0846 0500 ============================================================
21:20:12.0626 0500 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:20:12.0626 0500 ============================================================
21:20:12.0626 0500 \Device\Harddisk0\DR0:
21:20:12.0626 0500 MBR partitions:
21:20:12.0626 0500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
21:20:12.0626 0500 ============================================================
21:20:12.0657 0500 C: <-> \Device\Harddisk0\DR0\Partition1
21:20:12.0657 0500 ============================================================
21:20:12.0657 0500 Initialize success
21:20:12.0657 0500 ============================================================
21:20:18.0429 3744 ============================================================
21:20:18.0429 3744 Scan started
21:20:18.0429 3744 Mode: Manual;
21:20:18.0429 3744 ============================================================
21:20:19.0131 3744 ================ Scan system memory ========================
21:20:19.0131 3744 System memory - ok
21:20:19.0131 3744 ================ Scan services =============================
21:20:19.0287 3744 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
21:20:19.0287 3744 ACPI - ok
21:20:19.0334 3744 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:20:19.0334 3744 AdobeARMservice - ok
21:20:19.0381 3744 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:20:19.0381 3744 AdobeFlashPlayerUpdateSvc - ok
21:20:19.0428 3744 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:20:19.0428 3744 adp94xx - ok
21:20:19.0474 3744 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:20:19.0474 3744 adpahci - ok
21:20:19.0490 3744 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
21:20:19.0490 3744 adpu160m - ok
21:20:19.0506 3744 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:20:19.0506 3744 adpu320 - ok
21:20:19.0552 3744 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:20:19.0552 3744 AeLookupSvc - ok
21:20:19.0615 3744 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
21:20:19.0615 3744 AFD - ok
21:20:19.0630 3744 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:20:19.0630 3744 agp440 - ok
21:20:19.0662 3744 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:20:19.0662 3744 aic78xx - ok
21:20:19.0708 3744 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
21:20:19.0708 3744 ALG - ok
21:20:19.0724 3744 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
21:20:19.0724 3744 aliide - ok
21:20:19.0740 3744 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:20:19.0740 3744 amdagp - ok
21:20:19.0755 3744 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
21:20:19.0755 3744 amdide - ok
21:20:19.0771 3744 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
21:20:19.0771 3744 AmdK7 - ok
21:20:19.0802 3744 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:20:19.0802 3744 AmdK8 - ok
21:20:19.0864 3744 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
21:20:19.0864 3744 Appinfo - ok
21:20:20.0005 3744 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:20:20.0005 3744 Apple Mobile Device - ok
21:20:20.0067 3744 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
21:20:20.0067 3744 arc - ok
21:20:20.0098 3744 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:20:20.0098 3744 arcsas - ok
21:20:20.0130 3744 [ F986C42836E3A77F309734F43B653377 ] ASDR C:\Windows\System32\ASDR.exe
21:20:20.0145 3744 ASDR - ok
21:20:20.0161 3744 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] AsIO C:\Windows\system32\drivers\AsIO.sys
21:20:20.0161 3744 AsIO - ok
21:20:20.0176 3744 [ B6E6B264E9C4D0AD0E97AF8434C8754D ] asusgsb C:\Windows\system32\drivers\asusgsb.sys
21:20:20.0176 3744 asusgsb - ok
21:20:20.0176 3744 [ 94442E3029FF6C9F08140FE6718AF4FB ] ASUSVRC C:\Windows\system32\DRIVERS\AsusVRC.sys
21:20:20.0176 3744 ASUSVRC - ok
21:20:20.0223 3744 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:20:20.0223 3744 AsyncMac - ok
21:20:20.0270 3744 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
21:20:20.0270 3744 atapi - ok
21:20:20.0270 3744 [ 697339FF5CEA803625BB452EADBD3B2C ] atkdisplf C:\Windows\system32\drivers\ATKDispLowFilter.sys
21:20:20.0270 3744 atkdisplf - ok
21:20:20.0286 3744 [ E436037994EB711DFE53B8E323B3000C ] ATKFUSService C:\Windows\system32\ATKFUSService.exe
21:20:20.0301 3744 ATKFUSService - ok
21:20:20.0364 3744 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:20:20.0364 3744 AudioEndpointBuilder - ok
21:20:20.0379 3744 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:20:20.0379 3744 Audiosrv - ok
21:20:20.0395 3744 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
21:20:20.0395 3744 Beep - ok
21:20:20.0426 3744 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
21:20:20.0426 3744 BFE - ok
21:20:20.0488 3744 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
21:20:20.0488 3744 BITS - ok
21:20:20.0488 3744 blbdrive - ok
21:20:20.0551 3744 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:20:20.0551 3744 Bonjour Service - ok
21:20:20.0582 3744 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:20:20.0582 3744 bowser - ok
21:20:20.0613 3744 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
21:20:20.0613 3744 BrFiltLo - ok
21:20:20.0613 3744 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
21:20:20.0613 3744 BrFiltUp - ok
21:20:20.0660 3744 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
21:20:20.0660 3744 Browser - ok
21:20:20.0676 3744 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
21:20:20.0676 3744 Brserid - ok
21:20:20.0691 3744 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
21:20:20.0691 3744 BrSerWdm - ok
21:20:20.0707 3744 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
21:20:20.0707 3744 BrUsbMdm - ok
21:20:20.0722 3744 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
21:20:20.0722 3744 BrUsbSer - ok
21:20:20.0722 3744 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:20:20.0722 3744 BTHMODEM - ok
21:20:20.0816 3744 catchme - ok
21:20:20.0847 3744 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:20:20.0847 3744 cdfs - ok
21:20:20.0894 3744 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:20:20.0894 3744 cdrom - ok
21:20:20.0956 3744 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
21:20:20.0956 3744 CertPropSvc - ok
21:20:20.0972 3744 [ 958C33D0715D1496684D2E5E329748E8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
21:20:20.0972 3744 cfwids - ok
21:20:21.0003 3744 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
21:20:21.0003 3744 circlass - ok
21:20:21.0050 3744 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
21:20:21.0050 3744 CLFS - ok
21:20:21.0097 3744 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:20:21.0097 3744 clr_optimization_v2.0.50727_32 - ok
21:20:21.0144 3744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:20:21.0144 3744 clr_optimization_v4.0.30319_32 - ok
21:20:21.0175 3744 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:20:21.0175 3744 cmdide - ok
21:20:21.0206 3744 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:20:21.0206 3744 Compbatt - ok
21:20:21.0206 3744 COMSysApp - ok
21:20:21.0222 3744 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:20:21.0222 3744 crcdisk - ok
21:20:21.0237 3744 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
21:20:21.0237 3744 Crusoe - ok
21:20:21.0315 3744 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:20:21.0315 3744 CryptSvc - ok
21:20:21.0378 3744 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:20:21.0378 3744 DcomLaunch - ok
21:20:21.0393 3744 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:20:21.0393 3744 DfsC - ok
21:20:21.0471 3744 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
21:20:21.0471 3744 DFSR - ok
21:20:21.0518 3744 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
21:20:21.0518 3744 Dhcp - ok
21:20:21.0549 3744 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
21:20:21.0549 3744 disk - ok
21:20:21.0565 3744 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:20:21.0565 3744 Dnscache - ok
21:20:21.0612 3744 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:20:21.0612 3744 dot3svc - ok
21:20:21.0658 3744 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
21:20:21.0658 3744 DPS - ok
21:20:21.0674 3744 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:20:21.0674 3744 drmkaud - ok
21:20:21.0721 3744 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:20:21.0721 3744 DXGKrnl - ok
21:20:21.0752 3744 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
21:20:21.0752 3744 E1G60 - ok
21:20:21.0799 3744 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
21:20:21.0799 3744 EapHost - ok
21:20:21.0846 3744 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
21:20:21.0846 3744 Ecache - ok
21:20:21.0908 3744 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:20:21.0908 3744 ehRecvr - ok
21:20:21.0939 3744 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
21:20:21.0939 3744 ehSched - ok
21:20:21.0955 3744 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
21:20:21.0955 3744 ehstart - ok
21:20:21.0970 3744 [ 02F9D43D038323D88D14BFAB22535A54 ] EIO C:\Windows\system32\DRIVERS\EIO.sys
21:20:21.0970 3744 EIO - ok
21:20:21.0986 3744 [ 7EC42EC12A4BAC14BCCA99FB06F2D125 ] elagopro C:\Windows\system32\DRIVERS\elagopro.sys
21:20:21.0986 3744 elagopro - ok
21:20:22.0002 3744 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] elaunidr C:\Windows\system32\DRIVERS\elaunidr.sys
21:20:22.0002 3744 elaunidr - ok
21:20:22.0033 3744 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:20:22.0033 3744 elxstor - ok
21:20:22.0080 3744 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
21:20:22.0080 3744 EMDMgmt - ok
21:20:22.0126 3744 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
21:20:22.0126 3744 EventSystem - ok
21:20:22.0173 3744 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
21:20:22.0173 3744 exfat - ok
21:20:22.0189 3744 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:20:22.0189 3744 fastfat - ok
21:20:22.0236 3744 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:20:22.0236 3744 fdc - ok
21:20:22.0282 3744 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
21:20:22.0282 3744 fdPHost - ok
21:20:22.0298 3744 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
21:20:22.0298 3744 FDResPub - ok
21:20:22.0314 3744 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:20:22.0314 3744 FileInfo - ok
21:20:22.0329 3744 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:20:22.0329 3744 Filetrace - ok
21:20:22.0345 3744 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:20:22.0345 3744 flpydisk - ok
21:20:22.0376 3744 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:20:22.0376 3744 FltMgr - ok
21:20:22.0454 3744 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
21:20:22.0454 3744 FontCache - ok
21:20:22.0501 3744 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:20:22.0501 3744 FontCache3.0.0.0 - ok
21:20:22.0516 3744 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:20:22.0516 3744 Fs_Rec - ok
21:20:22.0563 3744 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:20:22.0563 3744 gagp30kx - ok
21:20:22.0594 3744 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:20:22.0594 3744 GEARAspiWDM - ok
21:20:22.0657 3744 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
21:20:22.0657 3744 gpsvc - ok
21:20:22.0704 3744 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:20:22.0704 3744 HdAudAddService - ok
21:20:22.0750 3744 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:20:22.0766 3744 HDAudBus - ok
21:20:22.0766 3744 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:20:22.0766 3744 HidBth - ok
21:20:22.0797 3744 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
21:20:22.0797 3744 HidIr - ok
21:20:22.0813 3744 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
21:20:22.0813 3744 hidserv - ok
21:20:22.0828 3744 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:20:22.0828 3744 HidUsb - ok
21:20:22.0875 3744 [ D61E53E3FEC0C92BC8DD3969FAD63F87 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
21:20:22.0875 3744 HipShieldK - ok
21:20:22.0906 3744 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:20:22.0906 3744 hkmsvc - ok
21:20:22.0922 3744 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
21:20:22.0938 3744 HpCISSs - ok
21:20:22.0969 3744 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:20:22.0969 3744 HTTP - ok
21:20:23.0000 3744 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
21:20:23.0000 3744 i2omp - ok
21:20:23.0062 3744 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:20:23.0062 3744 i8042prt - ok
21:20:23.0094 3744 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
21:20:23.0094 3744 iaStorV - ok
21:20:23.0187 3744 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:20:23.0187 3744 IDriverT - ok
21:20:23.0265 3744 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:20:23.0281 3744 idsvc - ok
21:20:23.0296 3744 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:20:23.0296 3744 iirsp - ok
21:20:23.0343 3744 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
21:20:23.0343 3744 IKEEXT - ok
21:20:23.0374 3744 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
21:20:23.0374 3744 intelide - ok
21:20:23.0406 3744 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:20:23.0406 3744 intelppm - ok
21:20:23.0421 3744 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:20:23.0437 3744 IPBusEnum - ok
21:20:23.0452 3744 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:20:23.0452 3744 IpFilterDriver - ok
21:20:23.0499 3744 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:20:23.0499 3744 iphlpsvc - ok
21:20:23.0499 3744 IpInIp - ok
21:20:23.0546 3744 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
21:20:23.0562 3744 IPMIDRV - ok
21:20:23.0577 3744 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
21:20:23.0577 3744 IPNAT - ok
21:20:23.0624 3744 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:20:23.0624 3744 iPod Service - ok
21:20:23.0640 3744 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:20:23.0640 3744 IRENUM - ok
21:20:23.0671 3744 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:20:23.0671 3744 isapnp - ok
21:20:23.0718 3744 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:20:23.0718 3744 iScsiPrt - ok
21:20:23.0749 3744 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
21:20:23.0749 3744 iteatapi - ok
21:20:23.0749 3744 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
21:20:23.0764 3744 iteraid - ok
21:20:23.0796 3744 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:20:23.0796 3744 kbdclass - ok
21:20:23.0842 3744 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:20:23.0842 3744 kbdhid - ok
21:20:23.0874 3744 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
21:20:23.0874 3744 KeyIso - ok
21:20:23.0905 3744 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:20:23.0905 3744 KSecDD - ok
21:20:23.0952 3744 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:20:23.0952 3744 KtmRm - ok
21:20:23.0998 3744 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
21:20:23.0998 3744 LanmanServer - ok
21:20:24.0014 3744 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:20:24.0014 3744 LanmanWorkstation - ok
21:20:24.0045 3744 [ 71C6A95A5F0CCC87298C4DD0F2C3635A ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:20:24.0045 3744 LightScribeService - ok
21:20:24.0092 3744 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:20:24.0092 3744 lltdio - ok
21:20:24.0108 3744 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:20:24.0108 3744 lltdsvc - ok
21:20:24.0154 3744 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:20:24.0154 3744 lmhosts - ok
21:20:24.0186 3744 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:20:24.0186 3744 LSI_FC - ok
21:20:24.0201 3744 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:20:24.0201 3744 LSI_SAS - ok
21:20:24.0232 3744 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:20:24.0232 3744 LSI_SCSI - ok
21:20:24.0264 3744 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
21:20:24.0264 3744 luafv - ok
21:20:24.0295 3744 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:20:24.0295 3744 MBAMProtector - ok
21:20:24.0342 3744 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:20:24.0342 3744 MBAMScheduler - ok
21:20:24.0373 3744 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:20:24.0373 3744 MBAMService - ok
21:20:24.0420 3744 [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:20:24.0420 3744 McAfee SiteAdvisor Service - ok
21:20:24.0420 3744 [ ECAB006AC6136F1307E140B633CDB8C2 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:20:24.0420 3744 McMPFSvc - ok
21:20:24.0435 3744 [ ECAB006AC6136F1307E140B633CDB8C2 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:20:24.0435 3744 mcmscsvc - ok
21:20:24.0435 3744 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:20:24.0435 3744 McNaiAnn - ok
21:20:24.0466 3744 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:20:24.0466 3744 McNASvc - ok
21:20:24.0498 3744 [ E63BF12007702D6AC5037AF1E0C6B1C9 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
21:20:24.0498 3744 McODS - ok
21:20:24.0513 3744 [ ECAB006AC6136F1307E140B633CDB8C2 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:20:24.0513 3744 McProxy - ok
21:20:24.0529 3744 [ E2E5B3BE663570089F352D311B3D335F ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
21:20:24.0529 3744 McPvDrv - ok
21:20:24.0560 3744 [ 6A78931E71218F38B2B4665D2BA79789 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
21:20:24.0560 3744 McShield - ok
21:20:24.0591 3744 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:20:24.0591 3744 Mcx2Svc - ok
21:20:24.0638 3744 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
21:20:24.0638 3744 megasas - ok
21:20:24.0669 3744 [ 38995E33939DCA02BEED384C37A0BABB ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
21:20:24.0669 3744 mfeapfk - ok
21:20:24.0700 3744 [ ACB64C134E0FA7124FE67A8CC5F02833 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
21:20:24.0700 3744 mfeavfk - ok
21:20:24.0732 3744 [ FB331E460DBAE41B7CBDD72E690D6DA3 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
21:20:24.0732 3744 mfebopk - ok
21:20:24.0747 3744 [ 8421EF9F71E0595BE68B5D913ED0FE78 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:20:24.0747 3744 mfefire - ok
21:20:24.0763 3744 [ 53891A53ACF0D43088E899DDD7209ACC ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
21:20:24.0763 3744 mfefirek - ok
21:20:24.0794 3744 [ 2F70286021B917F6D69C32C5DB8CD288 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
21:20:24.0794 3744 mfehidk - ok
21:20:24.0794 3744 [ 9171F3CA5DDD1D6A590B295F90E1E3BB ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
21:20:24.0794 3744 mferkdet - ok
21:20:24.0810 3744 [ 922E64CA38E38106498FB3435A8E399D ] mfetdi2k C:\Windows\system32\drivers\mfetdi2k.sys
21:20:24.0810 3744 mfetdi2k - ok
21:20:24.0841 3744 [ 958E4A10C7C2C80714882542934C6912 ] mfevtp C:\Windows\system32\mfevtps.exe
21:20:24.0841 3744 mfevtp - ok
21:20:24.0856 3744 [ 07A474725D2DC08759496F58164795CB ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
21:20:24.0856 3744 mfewfpk - ok
21:20:24.0903 3744 Microsoft SharePoint Workspace Audit Service - ok
21:20:24.0934 3744 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
21:20:24.0934 3744 MMCSS - ok
21:20:24.0981 3744 [ 35176FA09A0FC58DB630991A81A0BA39 ] MOBKbackup C:\Program Files\McAfee Online Backup\MOBKbackup.exe
21:20:24.0981 3744 MOBKbackup - ok
21:20:24.0997 3744 [ E896775837A8BCE436348DF460522394 ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
21:20:24.0997 3744 MOBKFilter - ok
21:20:25.0012 3744 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
21:20:25.0012 3744 Modem - ok
21:20:25.0044 3744 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:20:25.0044 3744 monitor - ok
21:20:25.0106 3744 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:20:25.0106 3744 mouclass - ok
21:20:25.0106 3744 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:20:25.0106 3744 mouhid - ok
21:20:25.0137 3744 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
21:20:25.0137 3744 MountMgr - ok
21:20:25.0200 3744 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:20:25.0200 3744 MozillaMaintenance - ok
21:20:25.0231 3744 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
21:20:25.0231 3744 mpio - ok
21:20:25.0262 3744 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:20:25.0262 3744 mpsdrv - ok
21:20:25.0309 3744 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
21:20:25.0309 3744 MpsSvc - ok
21:20:25.0340 3744 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
21:20:25.0340 3744 Mraid35x - ok
21:20:25.0356 3744 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:20:25.0356 3744 MRxDAV - ok
21:20:25.0418 3744 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:20:25.0418 3744 mrxsmb - ok
21:20:25.0465 3744 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:20:25.0465 3744 mrxsmb10 - ok
21:20:25.0465 3744 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:20:25.0465 3744 mrxsmb20 - ok
21:20:25.0496 3744 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
21:20:25.0496 3744 msahci - ok
21:20:25.0512 3744 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:20:25.0512 3744 msdsm - ok
21:20:25.0543 3744 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
21:20:25.0543 3744 MSDTC - ok
21:20:25.0605 3744 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:20:25.0605 3744 Msfs - ok
21:20:25.0621 3744 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:20:25.0621 3744 msisadrv - ok
21:20:25.0652 3744 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:20:25.0652 3744 MSiSCSI - ok
21:20:25.0652 3744 msiserver - ok
21:20:25.0683 3744 [ ECAB006AC6136F1307E140B633CDB8C2 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:20:25.0683 3744 MSK80Service - ok
21:20:25.0714 3744 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:20:25.0714 3744 MSKSSRV - ok
21:20:25.0746 3744 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:20:25.0746 3744 MSPCLOCK - ok
21:20:25.0761 3744 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:20:25.0761 3744 MSPQM - ok
21:20:25.0792 3744 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:20:25.0792 3744 MsRPC - ok
21:20:25.0808 3744 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:20:25.0808 3744 mssmbios - ok
21:20:25.0855 3744 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:20:25.0855 3744 MSTEE - ok
21:20:25.0886 3744 [ DCDAAB8697A47894A554050CE18D0B56 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
21:20:25.0886 3744 MTsensor - ok
21:20:25.0917 3744 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
21:20:25.0917 3744 Mup - ok
21:20:25.0980 3744 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
21:20:25.0980 3744 napagent - ok
21:20:26.0042 3744 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:20:26.0042 3744 NativeWifiP - ok
21:20:26.0120 3744 [ D9C2C7AA7D811709E63C7194AD4D345F ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
21:20:26.0120 3744 NBService - ok
21:20:26.0151 3744 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:20:26.0151 3744 NDIS - ok
21:20:26.0198 3744 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:20:26.0198 3744 NdisTapi - ok
21:20:26.0214 3744 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:20:26.0214 3744 Ndisuio - ok
21:20:26.0245 3744 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:20:26.0245 3744 NdisWan - ok
21:20:26.0260 3744 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:20:26.0260 3744 NDProxy - ok
21:20:26.0292 3744 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:20:26.0292 3744 NetBIOS - ok
21:20:26.0323 3744 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
21:20:26.0323 3744 netbt - ok
21:20:26.0338 3744 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
21:20:26.0338 3744 Netlogon - ok
21:20:26.0354 3744 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
21:20:26.0354 3744 Netman - ok
21:20:26.0370 3744 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
21:20:26.0370 3744 netprofm - ok
21:20:26.0385 3744 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:20:26.0385 3744 NetTcpPortSharing - ok
21:20:26.0448 3744 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:20:26.0448 3744 nfrd960 - ok
21:20:26.0463 3744 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:20:26.0463 3744 NlaSvc - ok
21:20:26.0526 3744 [ CB3267C4CEED06A6CB1EF127522D581B ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
21:20:26.0526 3744 NMIndexingService - ok
21:20:26.0557 3744 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:20:26.0557 3744 Npfs - ok
21:20:26.0604 3744 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
21:20:26.0604 3744 nsi - ok
21:20:26.0604 3744 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:20:26.0604 3744 nsiproxy - ok
21:20:26.0666 3744 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:20:26.0682 3744 Ntfs - ok
21:20:26.0697 3744 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
21:20:26.0697 3744 ntrigdigi - ok
21:20:26.0697 3744 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
21:20:26.0697 3744 Null - ok
21:20:26.0900 3744 [ D3F22DA8F670EFD15D348B5952769CEF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:20:26.0962 3744 nvlddmkm - ok
21:20:26.0978 3744 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:20:26.0978 3744 nvraid - ok
21:20:27.0009 3744 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:20:27.0009 3744 nvstor - ok
21:20:27.0056 3744 [ A3B80E6B7CDE9660F639658739A5824E ] nvsvc C:\Windows\system32\nvvsvc.exe
21:20:27.0056 3744 nvsvc - ok
21:20:27.0103 3744 [ 61FF84F865B4414EFDC11856BF5757AD ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:20:27.0118 3744 nvUpdatusService - ok
21:20:27.0134 3744 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:20:27.0134 3744 nv_agp - ok
21:20:27.0134 3744 NwlnkFlt - ok
21:20:27.0134 3744 NwlnkFwd - ok
21:20:27.0181 3744 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:20:27.0181 3744 ohci1394 - ok
21:20:27.0228 3744 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:20:27.0228 3744 ose - ok
21:20:27.0384 3744 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:20:27.0399 3744 osppsvc - ok
21:20:27.0446 3744 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
21:20:27.0462 3744 p2pimsvc - ok
21:20:27.0477 3744 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
21:20:27.0477 3744 p2psvc - ok
21:20:27.0508 3744 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
21:20:27.0508 3744 Parport - ok
21:20:27.0555 3744 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:20:27.0555 3744 partmgr - ok
21:20:27.0571 3744 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
21:20:27.0571 3744 Parvdm - ok
21:20:27.0602 3744 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
21:20:27.0602 3744 PcaSvc - ok
21:20:27.0649 3744 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
21:20:27.0649 3744 pci - ok
21:20:27.0649 3744 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
21:20:27.0649 3744 pciide - ok
21:20:27.0680 3744 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:20:27.0680 3744 pcmcia - ok
21:20:27.0727 3744 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:20:27.0727 3744 PEAUTH - ok
21:20:27.0789 3744 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
21:20:27.0789 3744 pla - ok
21:20:27.0852 3744 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:20:27.0852 3744 PlugPlay - ok
21:20:27.0867 3744 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
21:20:27.0867 3744 PNRPAutoReg - ok
21:20:27.0898 3744 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
21:20:27.0898 3744 PNRPsvc - ok
21:20:27.0914 3744 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:20:27.0914 3744 PolicyAgent - ok
21:20:27.0945 3744 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:20:27.0945 3744 PptpMiniport - ok
21:20:27.0976 3744 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
21:20:27.0976 3744 Processor - ok
21:20:27.0992 3744 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
21:20:27.0992 3744 ProfSvc - ok
21:20:28.0008 3744 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:20:28.0008 3744 ProtectedStorage - ok
21:20:28.0039 3744 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
21:20:28.0039 3744 PSched - ok
21:20:28.0070 3744 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:20:28.0070 3744 ql2300 - ok
21:20:28.0101 3744 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:20:28.0101 3744 ql40xx - ok
21:20:28.0132 3744 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
21:20:28.0132 3744 QWAVE - ok
21:20:28.0179 3744 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:20:28.0179 3744 QWAVEdrv - ok
21:20:28.0179 3744 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:20:28.0195 3744 RasAcd - ok
21:20:28.0195 3744 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
21:20:28.0195 3744 RasAuto - ok
21:20:28.0210 3744 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:20:28.0210 3744 Rasl2tp - ok
21:20:28.0257 3744 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
21:20:28.0257 3744 RasMan - ok
21:20:28.0288 3744 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:20:28.0288 3744 RasPppoe - ok
21:20:28.0304 3744 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:20:28.0304 3744 RasSstp - ok
21:20:28.0351 3744 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:20:28.0351 3744 rdbss - ok
21:20:28.0351 3744 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:20:28.0351 3744 RDPCDD - ok
21:20:28.0382 3744 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
21:20:28.0382 3744 rdpdr - ok
21:20:28.0382 3744 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:20:28.0382 3744 RDPENCDD - ok
21:20:28.0429 3744 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:20:28.0429 3744 RDPWD - ok
21:20:28.0491 3744 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:20:28.0491 3744 RemoteAccess - ok
21:20:28.0538 3744 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:20:28.0538 3744 RemoteRegistry - ok
21:20:28.0554 3744 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
21:20:28.0569 3744 RimUsb - ok
21:20:28.0585 3744 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
21:20:28.0585 3744 RpcLocator - ok
21:20:28.0600 3744 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
21:20:28.0600 3744 RpcSs - ok
21:20:28.0647 3744 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:20:28.0647 3744 rspndr - ok
21:20:28.0678 3744 [ 25C91EE1BE0C0CFA79696A2D0B47AA43 ] RTL8187 C:\Windows\system32\DRIVERS\RTL8187.sys
21:20:28.0678 3744 RTL8187 - ok
21:20:28.0694 3744 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
21:20:28.0694 3744 SamSs - ok
21:20:28.0725 3744 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:20:28.0725 3744 sbp2port - ok
21:20:28.0725 3744 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:20:28.0725 3744 SCardSvr - ok
21:20:28.0788 3744 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
21:20:28.0788 3744 Schedule - ok
21:20:28.0819 3744 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:20:28.0819 3744 SCPolicySvc - ok
21:20:28.0866 3744 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:20:28.0866 3744 SDRSVC - ok
21:20:28.0881 3744 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:20:28.0881 3744 secdrv - ok
21:20:28.0897 3744 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
21:20:28.0897 3744 seclogon - ok
21:20:28.0928 3744 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
21:20:28.0928 3744 SENS - ok
21:20:28.0959 3744 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:20:28.0959 3744 Serenum - ok
21:20:29.0022 3744 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:20:29.0022 3744 Serial - ok
21:20:29.0037 3744 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:20:29.0053 3744 sermouse - ok
21:20:29.0084 3744 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
21:20:29.0084 3744 SessionEnv - ok
21:20:29.0100 3744 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:20:29.0100 3744 sffdisk - ok
21:20:29.0131 3744 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:20:29.0131 3744 sffp_mmc - ok
21:20:29.0146 3744 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:20:29.0146 3744 sffp_sd - ok
21:20:29.0162 3744 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:20:29.0162 3744 sfloppy - ok
21:20:29.0193 3744 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:20:29.0193 3744 SharedAccess - ok
21:20:29.0240 3744 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:20:29.0240 3744 ShellHWDetection - ok
21:20:29.0271 3744 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:20:29.0271 3744 sisagp - ok
21:20:29.0287 3744 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
21:20:29.0287 3744 SiSRaid2 - ok
21:20:29.0302 3744 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:20:29.0302 3744 SiSRaid4 - ok
21:20:29.0412 3744 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
21:20:29.0427 3744 slsvc - ok
21:20:29.0474 3744 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
21:20:29.0474 3744 SLUINotify - ok
21:20:29.0505 3744 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:20:29.0521 3744 Smb - ok
21:20:29.0536 3744 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:20:29.0536 3744 SNMPTRAP - ok
21:20:29.0583 3744 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
21:20:29.0583 3744 spldr - ok
21:20:29.0630 3744 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
21:20:29.0630 3744 Spooler - ok
21:20:29.0646 3744 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:20:29.0646 3744 srv - ok
21:20:29.0677 3744 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:20:29.0677 3744 srv2 - ok
21:20:29.0724 3744 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:20:29.0724 3744 srvnet - ok
21:20:29.0770 3744 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:20:29.0770 3744 SSDPSRV - ok
21:20:29.0786 3744 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:20:29.0786 3744 SstpSvc - ok
21:20:29.0817 3744 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:20:29.0817 3744 Stereo Service - ok
21:20:29.0848 3744 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
21:20:29.0848 3744 stisvc - ok
21:20:29.0880 3744 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:20:29.0880 3744 swenum - ok
21:20:29.0926 3744 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
21:20:29.0926 3744 swprv - ok
21:20:29.0958 3744 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
21:20:29.0958 3744 Symc8xx - ok
21:20:29.0989 3744 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
21:20:29.0989 3744 Sym_hi - ok
21:20:30.0004 3744 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
21:20:30.0004 3744 Sym_u3 - ok
21:20:30.0051 3744 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
21:20:30.0051 3744 SysMain - ok
21:20:30.0067 3744 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:20:30.0067 3744 TabletInputService - ok
21:20:30.0129 3744 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:20:30.0129 3744 TapiSrv - ok
21:20:30.0160 3744 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
21:20:30.0160 3744 TBS - ok
21:20:30.0192 3744 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:20:30.0207 3744 Tcpip - ok
21:20:30.0238 3744 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
21:20:30.0238 3744 Tcpip6 - ok
21:20:30.0254 3744 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:20:30.0254 3744 tcpipreg - ok
21:20:30.0254 3744 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:20:30.0254 3744 TDPIPE - ok
21:20:30.0285 3744 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:20:30.0285 3744 TDTCP - ok
21:20:30.0316 3744 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:20:30.0316 3744 tdx - ok
21:20:30.0348 3744 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:20:30.0348 3744 TermDD - ok
21:20:30.0394 3744 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
21:20:30.0394 3744 TermService - ok
21:20:30.0426 3744 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
21:20:30.0426 3744 Themes - ok
21:20:30.0441 3744 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
21:20:30.0441 3744 THREADORDER - ok
21:20:30.0457 3744 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
21:20:30.0457 3744 TrkWks - ok
21:20:30.0472 3744 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:20:30.0472 3744 TrustedInstaller - ok
21:20:30.0504 3744 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:20:30.0504 3744 tssecsrv - ok
21:20:30.0535 3744 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
21:20:30.0535 3744 tunmp - ok
21:20:30.0535 3744 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:20:30.0535 3744 tunnel - ok
21:20:30.0582 3744 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:20:30.0582 3744 uagp35 - ok
21:20:30.0597 3744 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:20:30.0597 3744 udfs - ok
21:20:30.0628 3744 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:20:30.0628 3744 UI0Detect - ok
21:20:30.0644 3744 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:20:30.0644 3744 uliagpkx - ok
21:20:30.0675 3744 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
21:20:30.0675 3744 uliahci - ok
21:20:30.0691 3744 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
21:20:30.0691 3744 UlSata - ok
21:20:30.0706 3744 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
21:20:30.0706 3744 ulsata2 - ok
21:20:30.0738 3744 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:20:30.0738 3744 umbus - ok
21:20:30.0784 3744 [ 88BD96A1BAEED33EE8BDF9499C07A841 ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
21:20:30.0784 3744 UMPass - ok
21:20:30.0816 3744 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
21:20:30.0831 3744 upnphost - ok
21:20:30.0847 3744 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
21:20:30.0847 3744 USBAAPL - ok
21:20:30.0894 3744 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:20:30.0894 3744 usbccgp - ok
21:20:30.0909 3744 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:20:30.0909 3744 usbcir - ok
21:20:30.0972 3744 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:20:30.0972 3744 usbehci - ok
21:20:31.0003 3744 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:20:31.0018 3744 usbhub - ok
21:20:31.0034 3744 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:20:31.0034 3744 usbohci - ok
21:20:31.0065 3744 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:20:31.0065 3744 usbprint - ok
21:20:31.0065 3744 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:20:31.0065 3744 usbscan - ok
21:20:31.0065 3744 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:20:31.0081 3744 USBSTOR - ok
21:20:31.0112 3744 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:20:31.0112 3744 usbuhci - ok
21:20:31.0159 3744 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
21:20:31.0159 3744 UxSms - ok
21:20:31.0206 3744 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
21:20:31.0206 3744 vds - ok
21:20:31.0221 3744 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:20:31.0221 3744 vga - ok
21:20:31.0237 3744 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
21:20:31.0237 3744 VgaSave - ok
21:20:31.0252 3744 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:20:31.0252 3744 viaagp - ok
21:20:31.0268 3744 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:20:31.0268 3744 ViaC7 - ok
21:20:31.0299 3744 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
21:20:31.0299 3744 viaide - ok
21:20:31.0315 3744 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:20:31.0315 3744 volmgr - ok
21:20:31.0346 3744 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:20:31.0362 3744 volmgrx - ok
21:20:31.0408 3744 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:20:31.0408 3744 volsnap - ok
21:20:31.0440 3744 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:20:31.0440 3744 vsmraid - ok
21:20:31.0486 3744 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
21:20:31.0486 3744 VSS - ok
21:20:31.0502 3744 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
21:20:31.0518 3744 W32Time - ok
21:20:31.0533 3744 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:20:31.0533 3744 WacomPen - ok
21:20:31.0564 3744 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:20:31.0564 3744 Wanarp - ok
21:20:31.0564 3744 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:20:31.0564 3744 Wanarpv6 - ok
21:20:31.0580 3744 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:20:31.0580 3744 wcncsvc - ok
21:20:31.0596 3744 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:20:31.0596 3744 WcsPlugInService - ok
21:20:31.0627 3744 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
21:20:31.0627 3744 Wd - ok
21:20:31.0658 3744 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:20:31.0658 3744 Wdf01000 - ok
21:20:31.0658 3744 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:20:31.0674 3744 WdiServiceHost - ok
21:20:31.0674 3744 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:20:31.0674 3744 WdiSystemHost - ok
21:20:31.0720 3744 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
21:20:31.0736 3744 WebClient - ok
21:20:31.0783 3744 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:20:31.0783 3744 Wecsvc - ok
21:20:31.0783 3744 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:20:31.0798 3744 wercplsupport - ok
21:20:31.0845 3744 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
21:20:31.0845 3744 WerSvc - ok
21:20:31.0908 3744 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:20:31.0908 3744 WinDefend - ok
21:20:31.0908 3744 WinHttpAutoProxySvc - ok
21:20:31.0986 3744 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:20:31.0986 3744 Winmgmt - ok
21:20:32.0017 3744 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
21:20:32.0017 3744 WinRM - ok
21:20:32.0048 3744 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:20:32.0048 3744 Wlansvc - ok
21:20:32.0079 3744 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:20:32.0079 3744 WmiAcpi - ok
21:20:32.0110 3744 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:20:32.0110 3744 wmiApSrv - ok
21:20:32.0157 3744 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:20:32.0173 3744 WMPNetworkSvc - ok
21:20:32.0220 3744 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:20:32.0220 3744 WPCSvc - ok
21:20:32.0251 3744 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:20:32.0251 3744 WPDBusEnum - ok
21:20:32.0298 3744 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
21:20:32.0298 3744 WpdUsb - ok
21:20:32.0376 3744 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:20:32.0376 3744 WPFFontCache_v0400 - ok
21:20:32.0422 3744 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:20:32.0422 3744 ws2ifsl - ok
21:20:32.0469 3744 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
21:20:32.0469 3744 wscsvc - ok
21:20:32.0469 3744 WSearch - ok
21:20:32.0547 3744 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:20:32.0547 3744 wuauserv - ok
21:20:32.0563 3744 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:20:32.0563 3744 WUDFRd - ok
21:20:32.0610 3744 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:20:32.0610 3744 wudfsvc - ok
21:20:32.0641 3744 [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
21:20:32.0641 3744 yukonwlh - ok
21:20:32.0641 3744 ================ Scan global ===============================
21:20:32.0672 3744 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
21:20:32.0703 3744 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:20:32.0719 3744 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:20:32.0766 3744 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
21:20:32.0766 3744 [Global] - ok
21:20:32.0766 3744 ================ Scan MBR ==================================
21:20:32.0766 3744 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:20:32.0766 3744 Suspicious mbr (Forged): \Device\Harddisk0\DR0
21:20:32.0797 3744 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
21:20:32.0797 3744 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
21:20:32.0797 3744 ================ Scan VBR ==================================
21:20:32.0828 3744 [ 86DCF71A498C285FA60A24F2B1B35297 ] \Device\Harddisk0\DR0\Partition1
21:20:32.0828 3744 \Device\Harddisk0\DR0\Partition1 - ok
21:20:32.0828 3744 ============================================================
21:20:32.0828 3744 Scan finished
21:20:32.0828 3744 ============================================================
21:20:32.0828 2728 Detected object count: 1
21:20:32.0828 2728 Actual detected object count: 1
21:20:52.0032 2728 \Device\Harddisk0\DR0\# - copied to quarantine
21:20:52.0032 2728 \Device\Harddisk0\DR0 - copied to quarantine
21:20:52.0047 2728 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
21:20:52.0063 2728 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
21:20:52.0063 2728 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
21:20:52.0063 2728 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
21:20:52.0063 2728 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
21:20:52.0063 2728 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
21:20:52.0063 2728 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
21:20:52.0078 2728 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
21:20:52.0078 2728 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
21:20:52.0078 2728 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
21:20:52.0078 2728 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
21:20:52.0078 2728 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
21:20:52.0078 2728 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
21:20:52.0078 2728 \Device\Harddisk0\DR0 - ok
21:20:57.0741 2728 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
21:21:09.0488 3280 Deinitialize success
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-18 21:28:36
-----------------------------
21:28:36.756 OS Version: Windows 6.0.6002 Service Pack 2
21:28:36.756 Number of processors: 2 586 0xF0B
21:28:36.756 ComputerName: MARTHA-PC UserName: Martha
21:28:46.943 Initialize success
21:33:13.157 AVAST engine defs: 12111801
21:33:36.760 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-6
21:33:36.776 Disk 0 Vendor: ST3250410AS 3.AAC Size: 238475MB BusType: 3
21:33:36.791 Disk 0 MBR read successfully
21:33:36.791 Disk 0 MBR scan
21:33:36.807 Disk 0 Windows VISTA default MBR code
21:33:36.807 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238473 MB offset 2048
21:33:36.822 Disk 0 scanning sectors +488394752
21:33:36.900 Disk 0 scanning C:\Windows\system32\drivers
21:33:45.449 Service scanning
21:34:06.384 Modules scanning
21:34:09.473 Disk 0 trace - called modules:
21:34:09.489 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:34:09.489 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x858c2ac8]
21:34:09.988 3 CLASSPNP.SYS[8afbf8b3] -> nt!IofCallDriver -> [0x8575e918]
21:34:09.988 5 acpi.sys[806916bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-6[0x856e85a8]
21:34:10.550 AVAST engine scan C:\Windows
21:34:13.950 AVAST engine scan C:\Windows\system32
21:36:52.384 AVAST engine scan C:\Windows\system32\drivers
21:37:03.382 AVAST engine scan C:\Users\Martha
21:38:10.618 AVAST engine scan C:\ProgramData
21:38:54.813 Scan finished successfully
21:39:09.383 Disk 0 MBR has been saved successfully to "C:\Users\Martha\Desktop\MBR.dat"
21:39:09.383 The log file has been saved successfully to "C:\Users\Martha\Desktop\aswMBR.txt"
Martha
-
I ran the program, but I still cannot get my computer to start in normal mode without a blue screen. It seems to work just fine in safe mode, though. Also, during the running of ComboFix, it gave me several messages that access was denied because it did not have administrator priveleges. I clicked run as administrator, so that should not have been an issue. In addition, it gave me the warning that McAfee was not turned off, but I had turned all the processes off in the task manager and shut down the parts of the program. I also removed it as a startup program and reran the scan.
Here is the data:
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3326.2749 [GMT -5:00]
Running from: c:\users\Martha\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
.
.
((((((((((((((((((((((((( Files Created from 2012-10-18 to 2012-11-18 )))))))))))))))))))))))))))))))
.
.
2012-11-18 23:01 . 2012-11-18 23:01 -------- d-----w- c:\users\Martha\AppData\Local\temp
2012-11-18 23:01 . 2012-11-18 23:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-11-18 23:01 . 2012-11-18 23:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-18 22:52 . 2012-11-18 22:52 -------- d-----w- c:\windows\Sun
2012-11-18 17:12 . 2012-11-18 17:14 -------- d-----w- c:\program files\SpywareBlaster
2012-11-18 17:12 . 2010-01-10 23:40 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2012-10-27 20:33 . 2012-10-27 01:10 175240 ----a-w- c:\program files\gtres.dll
2012-10-27 19:35 . 2012-10-27 19:35 -------- d-----w- c:\programdata\CAM Development
2012-10-27 19:35 . 2012-10-27 19:35 -------- d-----w- c:\program files\CAM Development
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 17:03 . 2012-05-28 21:27 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 17:03 . 2012-05-28 21:27 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-02 22:53 . 2012-10-02 22:53 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-02 22:53 . 2012-10-02 22:54 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-02 22:53 . 2012-04-17 01:19 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-29 23:54 . 2012-04-17 03:48 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-29 14:23 . 2012-09-29 14:23 652296 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-09-29 14:23 . 2012-09-29 14:23 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-29 14:22 . 2012-09-29 14:22 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
2012-09-14 20:26 . 2012-09-28 23:32 64832 ----a-w- c:\windows\system32\drivers\McPvDrv.sys
2012-09-13 13:28 . 2012-10-09 23:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-30 19:13 . 2012-09-25 23:21 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-08-30 19:13 . 2012-09-25 23:21 6109032 ----a-w- c:\windows\system32\nvopencl.dll
2012-08-30 19:13 . 2012-09-25 23:21 19828584 ----a-w- c:\windows\system32\nvoglv32.dll
2012-08-30 19:13 . 2012-09-25 23:21 10790760 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-08-30 19:13 . 2012-09-25 23:21 7626088 ----a-w- c:\windows\system32\nvcuda.dll
2012-08-30 19:13 . 2012-09-25 23:21 2573672 ----a-w- c:\windows\system32\nvcuvid.dll
2012-08-30 19:13 . 2012-09-25 23:21 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-08-30 19:13 . 2012-09-25 23:21 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-08-30 19:13 . 2012-02-10 02:43 12465512 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-08-30 19:13 . 2012-02-10 02:43 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-08-30 19:13 . 2008-01-03 14:26 2422120 ----a-w- c:\windows\system32\nvapi.dll
2012-08-30 19:13 . 2008-01-03 14:26 15291752 ----a-w- c:\windows\system32\nvd3dum.dll
2012-08-30 15:57 . 2012-04-17 02:40 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-30 15:57 . 2012-04-17 02:40 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-08-30 15:57 . 2008-01-03 14:26 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-30 15:57 . 2008-01-03 14:26 3963240 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-30 15:57 . 2008-01-03 14:26 2836840 ----a-w- c:\windows\system32\nvsvc.dll
2012-08-30 14:40 . 2012-08-30 14:40 429416 ----a-w- c:\windows\system32\nvStreaming.exe
2012-08-29 11:27 . 2012-10-09 23:45 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27 . 2012-10-09 23:45 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 15:53 . 2012-10-09 23:45 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 06:59 . 2012-09-24 07:01 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-24 07:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-24 07:01 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-24 07:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-24 07:01 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-24 07:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-27 19:35 . 2012-10-14 20:34 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-14 00:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-14 00:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-14 00:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-11-30 380928]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Online Backup Status.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk
backup=c:\windows\pss\McAfee Online Backup Status.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-05-31 00:06 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-07-04 18:01 148776 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-07 23:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe]
2012-09-12 16:21 1278648 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-07-04 18:20 161064 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 00:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 19:05 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-28 17:03]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
FF - ProfilePath - c:\users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\po1aves9.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-18 18:01
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2340)
c:\program files\McAfee Online Backup\MOBKshell.dll
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO800u.dll
.
Completion time: 2012-11-18 18:03:25
ComboFix-quarantined-files.txt 2012-11-18 23:03
.
Pre-Run: 142,639,157,248 bytes free
Post-Run: 142,978,048,000 bytes free
.
- - End Of File - - 21119E8C749A7F0E7D54871316D9970D
-
Here are the log results:
Results of screen317's Security Check version 0.99.54
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Disabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 4.6
Malwarebytes Anti-Malware version 1.65.1.1000
Java 7 Update 7
Java version out of Date!
Adobe Flash Player 11.4.402.287
Adobe Reader X (10.1.4)
Mozilla Firefox (16.0.2)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
# AdwCleaner v2.008 - Logfile created 11/18/2012 at 14:46:15
# Updated 17/11/2012 by Xplode
# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)
# User : Martha - MARTHA-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Martha\Downloads\adwcleaner.exe
# Option [Delete]
***** [services] *****
***** [Files / Folders] *****
File Deleted : C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\po1aves9.default\searchplugins\my-web-search.xml
Folder Deleted : C:\Users\Martha\AppData\Local\Wajam
***** [Registry] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
***** [internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v16.0.2 (en-US)
Profile name : default
File : C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\po1aves9.default\prefs.js
Deleted : user_pref("browser.search.defaultenginename", "My Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=644CEA47-E737-4F6[...]
Deleted : user_pref("extensions.enabledAddons", "DivXWebPlayer@divx.com:2.0.2.039,{4ED1F68A-5463-4931-9384-8FF[...]
Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.yahoo.com/search?fr=mcafee&p=");
Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Secure Search");
Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
*************************
AdwCleaner[s1].txt - [1899 octets] - [18/11/2012 14:46:15]
########## EOF - C:\AdwCleaner[s1].txt - [1959 octets] ##########
RogueKiller V8.3.0 [Nov 18 2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Safe mode with network support
User : Martha [Admin rights]
Mode : Scan -- Date : 11/18/2012 15:19:33
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 253a96b5ef5277f088013de1200bda5f
[bSP] ea07d25919a260d1176cc15f26600547 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238473 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 79bad96e4407744931353f7cdb6bcb37
[bSP] ea07d25919a260d1176cc15f26600547 : Windows Vista MBR Code
Partition table:
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238473 Mo
Finished : << RKreport[1]_S_11182012_02d1519.txt >>
RKreport[1]_S_11182012_02d1519.txt
-
MBAM has identified the MRGGen trojan on my computer, but I am unable to reboot in normal mode without a blue screen error. I have included the dds files below.
DDS (Ver_2012-11-07.01) - NTFS_x86 NETWORK
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2
Run by Martha at 12:25:39 on 2012-11-18
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3326.2440 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\WerFault.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [ASUSGamerOSD] c:\program files\asus\gamerosd\GamerOSD.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee online backup\MOBKstat.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{5C6FCFAE-D2E9-4AB9-955A-E78A514D1D51} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{60960038-A57C-4527-8277-A22BD11ABDEE} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\martha\appdata\roaming\mozilla\firefox\profiles\po1aves9.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://home.mywebsearch.com/index.jhtml?ptb=644CEA47-E737-4F6F-8253-1D60D49D15FE&n=77ee403b&ptnrS=Z7xdm051YYus&si=4721
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\mcafee\supportability\mvt\NPMVTPlugin.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2012-9-28 64832]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-10-15 554048]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-4-17 206784]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-4-16 167784]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-4-16 168368]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-4-16 166320]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-4-16 60480]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-4-16 360792]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2008-6-27 335872]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2012-4-16 54776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2012-4-17 21504]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-27 399432]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-4-16 676936]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-4-16 167784]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-4-16 167784]
S2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-4-16 167784]
S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-4-16 200816]
S2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-4-13 229688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-8-30 382312]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-9-28 146872]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-16 22856]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-11-18 40776]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-4-16 230224]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-4-16 61912]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-4-16 92192]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2012-4-16 89792]
.
=============== Created Last 30 ================
.
2012-11-18 17:12:55 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2012-11-18 17:12:55 -------- d-----w- c:\program files\SpywareBlaster
2012-11-18 16:38:37 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-10-27 20:33:13 175240 ----a-w- c:\program files\gtres.dll
2012-10-27 19:35:07 -------- d-----w- c:\programdata\CAM Development
2012-10-27 19:35:06 -------- d-----w- c:\program files\CAM Development
2012-10-27 19:34:51 -------- d-----w- c:\users\martha\appdata\local\Wajam
.
==================== Find3M ====================
.
2012-10-09 17:03:30 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 17:03:30 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-02 22:53:24 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-02 22:53:18 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-02 22:53:18 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-14 20:26:32 64832 ----a-w- c:\windows\system32\drivers\McPvDrv.sys
2012-09-13 13:28:08 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-30 19:13:00 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-08-30 19:13:00 7626088 ----a-w- c:\windows\system32\nvcuda.dll
2012-08-30 19:13:00 6109032 ----a-w- c:\windows\system32\nvopencl.dll
2012-08-30 19:13:00 2573672 ----a-w- c:\windows\system32\nvcuvid.dll
2012-08-30 19:13:00 2422120 ----a-w- c:\windows\system32\nvapi.dll
2012-08-30 19:13:00 19828584 ----a-w- c:\windows\system32\nvoglv32.dll
2012-08-30 19:13:00 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-08-30 19:13:00 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-08-30 19:13:00 15291752 ----a-w- c:\windows\system32\nvd3dum.dll
2012-08-30 19:13:00 12465512 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-08-30 19:13:00 10790760 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-08-30 19:13:00 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-08-30 15:57:55 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-30 15:57:54 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-08-30 15:57:54 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-30 15:57:32 3963240 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-30 15:57:27 2836840 ----a-w- c:\windows\system32\nvsvc.dll
2012-08-30 14:40:14 429416 ----a-w- c:\windows\system32\nvStreaming.exe
2012-08-29 11:27:41 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27:41 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 15:53:29 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 12:26:27.32 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/16/2012 8:21:30 PM
System Uptime: 11/18/2012 11:35:18 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5K-E
Processor: Intel® Core2 Duo CPU E6750 @ 2.66GHz | LGA775 | 2671/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 132.675 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
Description: Standard PS/2 Keyboard
Device ID: ACPI\PNP0303\4&23F9C1E3&0
Manufacturer: (Standard keyboards)
Name: Standard PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&23F9C1E3&0
Service: i8042prt
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS Gamer OSD
ASUS nVidia Driver
ASUS Smart Doctor
ASUS Utilities
ASUS VideoSecurity Online
Bonjour
CAM UnZip 4.5
Cisco Connect
Cool & Quiet
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diablo III
Drivers Install For Linksys Easylink Advisor
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iTunes
Java 7 Update 7
Java Auto Updater
LightScribe System Software
Macromedia Flash Player 8
Malwarebytes Anti-Malware version 1.65.1.1000
McAfee Online Backup
McAfee Total Protection
McAfee Virtual Technician
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
Nero 7 Essentials
NVIDIA 3D Vision Controller Driver 306.23
NVIDIA 3D Vision Driver 306.23
NVIDIA Control Panel 306.23
NVIDIA Graphics Driver 306.23
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
QuickTime
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Shared C Run-time for x86
SpywareBlaster 4.6
System Requirements Lab for Intel
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
World of Warcraft
XviD MPEG-4 Video Codec
.
==== End Of File ===========================
Infected with MRGGen Trojan
in Resolved Malware Removal Logs
Posted
Gringo,
Thank you so so much! My computer is working much better. This has definitely been one of the more pleasant experiences that I've had trying to clean my computer up. Last time I had an issue, I gave up and just wiped it all. =) I appreciate all of the security advice as well and I may be sending some friends your way.
Marth9