nicolep218 Posted April 3, 2012 ID:539675 Share Posted April 3, 2012 Not sure if I should post here or start new thread but this darn svchost is ruining my life!I have tried everything I can but it keeps coming back so I am turning to the pros.Not sure where or how to post all the logs...Nicole Link to post Share on other sites More sharing options...
LDTate Posted April 3, 2012 ID:539677 Share Posted April 3, 2012 Hi and welcome to Malwarebytes. Please update MBAM, run a Quick Scan, and post its log. Next, download DDS by sUBs and save it to your Desktop. Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply. Link to post Share on other sites More sharing options...
nicolep218 Posted April 3, 2012 Author ID:539689 Share Posted April 3, 2012 thanks so much Hope I did this right....Malwarebytes Anti-Malware 1.60.1.1000www.malwarebytes.orgDatabase version: v2012.04.02.03Windows 7 x64 NTFSInternet Explorer 9.0.8112.16421Nicole :: NICOLE-PC [administrator]4/3/2012 3:43:32 PMmbam-log-2012-04-03 (15-43-32).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 249171Time elapsed: 33 minute(s), 22 second(s)Memory Processes Detected: 1C:\Windows\svchost.exe (Trojan.Agent) -> 3388 -> Delete on reboot.Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 1C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.(end)My computer won't let me down load DDS. Link to post Share on other sites More sharing options...
LDTate Posted April 3, 2012 ID:539690 Share Posted April 3, 2012 OK.Lets try this:Vista and Windows 7 users:1. These tools MUST be run from the executable. (.exe) every time you run them 2. With Admin Rights (Right click, choose "Run as Administrator")Stay with this topic until I give you the all clean post.Next:Download TDSSKiller from here and save it to your Desktop.Note: if the Cure option is not there, please select 'Skip'. Please read carefully and follow these steps. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.Click the Start Scan button.If a suspicious object is detected, the default action will be Skip, click on Continue.If Malicious objects are found then ensure Cure is selectedIf TDLFS File System is found then ensure Delete is selectedThen click Continue Reboot now to finish the cleaning process.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply. Link to post Share on other sites More sharing options...
nicolep218 Posted April 3, 2012 Author ID:539691 Share Posted April 3, 2012 It ran.DDS txt.DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 9.0.8112.16421Run by Nicole at 16:19:39 on 2012-04-03Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3999.1400 [GMT -6:00].SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\STacSV64.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\Hpservice.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\conhost.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\taskhost.exeC:\Windows\Explorer.EXEC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\AESTSr64.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Windows\System32\rundll32.exeC:\Users\Nicole\AppData\Roaming\Google\Google Talk\googletalk.exeC:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exeC:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exeC:\Windows\ehome\ehmsas.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exeC:\Windows\system32\conhost.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\SMINST\BLService.exeC:\Program Files (x86)\CyberLink\Shared files\RichVideo.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exeC:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exeC:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exeC:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exeC:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exeC:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe-netsvcsC:\Windows\system32\conhost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exeC:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exeC:\Program Files (x86)\Internet Explorer\iexplore.exec:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Program Files (x86)\Internet Explorer\iexplore.exec:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msntask.exeC:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exeC:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\ytbb.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exec:\program files (x86)\aim toolbar\aimtbServer.exec:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msntask.exeC:\ProgramData\0ea6T22u.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\0ea6T22u.exeC:\ProgramData\0ea6T22u.exeC:\Windows\system32\SearchFilterHost.exeC:\ProgramData\0ea6T22u.exeC:\ProgramData\0ea6T22u.exeC:\ProgramData\0ea6T22u.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\0ea6T22u.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\0ea6T22u.exeC:\ProgramData\0ea6T22u.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exe.============== Pseudo HJT Report ===============.uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnbuStart Page = hxxp://www.aol.com/?src=aimuInternet Settings,ProxyOverride = <local>;*.localuURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dlluURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dllmURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dllmURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dllmURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dllmWinlogon: Userinit=userinit.exe,BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dllBHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dllTB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dllTB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dllTB: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dllTB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dllTB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No FileTB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No FileuRun: [ehTray.exe] C:\Windows\ehome\ehTray.exeuRun: [Google Update] "C:\Users\Nicole\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [googletalk] C:\Users\Nicole\AppData\Roaming\Google\Google Talk\googletalk.exe /autostartuRun: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUNuRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenuRun: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quietuRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /backgrounduRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exeuRun: [meapdx] rundll32.exe "C:\Users\Nicole\AppData\Local\Temp\meapdx.dll",DAEmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"mRun: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exemRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exemRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /StartmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"mRun: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"mRun: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"mRun: [uCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"mRun: [updatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"mRun: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exemRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScriptdRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exedRun: [drivermgr] \devicemgrpro.exedRun: [ACFinder] "C:\Windows\system32\config\systemprofile\AppData\Local\AppCore\ACFinder\ACFinder.exe"dRun: [Mshost Manager] \svchost.exedRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe -update activexmPolicies-explorer: NoActiveDesktop = 1 (0x1)mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLLLSP: mswsock.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: DhcpNameServer = 192.168.1.1TCP: Interfaces\{3E64E3BA-7A35-4FB8-987F-08294445E1ED} : DhcpNameServer = 192.168.1.1TCP: Interfaces\{C2370A83-364F-4105-905A-275EB21DFC24} : DhcpNameServer = 192.168.1.1Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllSubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dllBHO-X64: 0x1 - No FileBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dllBHO-X64: WormRadar.com IESiteBlocker.NavFilter - No FileBHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO-X64: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dllBHO-X64: Somoto Toolbar - No FileBHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO-X64: SkypeIEPluginBHO - No FileBHO-X64: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dllBHO-X64: AIM Toolbar Loader - No FileBHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dllBHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dllTB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dllTB-X64: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dllTB-X64: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dllTB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dllTB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No FileTB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No FilemRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun-x64: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"mRun-x64: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exemRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exemRun-x64: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /StartmRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"mRun-x64: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"mRun-x64: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"mRun-x64: [uCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"mRun-x64: [updatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"mRun-x64: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exemRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScriptHosts: 149.5.18.172 www.google-analytics.com.Hosts: 149.5.18.172 ad-emea.doubleclick.net.Hosts: 149.5.18.172 www.statcounter.com.Hosts: 108.163.215.51 www.google-analytics.com.Hosts: 108.163.215.51 ad-emea.doubleclick.net..Note: multiple HOSTS entries found. Please refer to Attach.txt.============= SERVICES / DRIVERS ===============.R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/08/24 03:12:36];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 146928]R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\AESTSr64.exe [2009-8-24 89088]R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2009-1-13 365952]R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-26 296320]R2 TVSched;TV Task Scheduler (TVTS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-26 116096]R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-1-13 222512]R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-21 136176]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-21 136176]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe --> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [?].=============== Created Last 30 ================.2012-04-03 06:42:05 20480 ------w- C:\Windows\svchost.exe2012-04-02 05:06:14 -------- d-----w- C:\e2012-04-02 04:20:34 -------- d-----w- C:\Data2012-04-02 04:15:50 119296 ----a-w- C:\ProgramData\0ea6T22u.exe2012-04-02 03:37:35 -------- d-----w- C:\Program Files\iPod2012-04-02 03:37:34 -------- d-----w- C:\Program Files\iTunes2012-04-01 09:42:59 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll2012-03-31 05:03:07 1008141 ----a-w- C:\Users\Nicole\rkill.com2012-03-31 04:18:52 -------- d-----w- C:\Users\Nicole\AppData\Roaming\DriverCure2012-03-31 04:18:51 -------- d-----w- C:\Users\Nicole\AppData\Roaming\ParetoLogic2012-03-31 04:18:36 -------- d-----w- C:\ProgramData\ParetoLogic2012-03-31 04:18:36 -------- d-----w- C:\Program Files (x86)\ParetoLogic2012-03-30 11:29:44 -------- d-----w- C:\a264f848cfff78beb326d72012-03-30 06:05:38 210051234 ----a-w- C:\devicemgrpro.exe2012-03-28 05:30:02 -------- d-sh--w- C:\Windows\System32\%APPDATA%2012-03-28 03:32:26 389024 ----a-w- C:\Users\Nicole\unhide.exe2012-03-27 04:55:24 -------- d-----we C:\Windows\system642012-03-27 04:47:37 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3FE113D2-E217-42BC-9FDA-0A27BD528A20}\mpengine.dll2012-03-25 20:30:11 -------- d-----w- C:\ProgramData\AVG20122012-03-25 19:02:10 -------- d-----w- C:\ProgramData\PC Tools2012-03-19 06:11:34 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%2012-03-16 23:12:19 -------- d-----w- C:\Windows\PCHEALTH2012-03-11 08:33:47 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\6690.tmp2012-03-11 08:33:47 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\6641.tmp2012-03-06 07:12:14 -------- d-----w- C:\Users\Nicole\AppData\Local\Diagnostics.==================== Find3M ====================.2012-04-01 09:42:59 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe2012-02-23 15:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe2012-02-15 06:27:54 1031680 ----a-w- C:\Windows\System32\rdpcore.dll2012-02-15 05:44:57 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll2012-02-15 04:47:21 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys2012-02-15 04:46:59 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys2012-02-10 06:18:10 1541120 ----a-w- C:\Windows\System32\DWrite.dll2012-02-10 06:17:55 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll2012-02-10 06:17:54 902656 ----a-w- C:\Windows\System32\d2d1.dll2012-02-10 06:17:54 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll2012-02-10 06:17:54 197120 ----a-w- C:\Windows\System32\d3d10_1.dll2012-02-10 05:41:38 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll2012-02-10 05:41:20 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll2012-02-10 05:41:20 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll2012-02-10 05:41:20 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll2012-02-10 05:41:19 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll2012-02-03 04:16:03 3143168 ----a-w- C:\Windows\System32\win32k.sys2012-01-25 06:27:11 76288 ----a-w- C:\Windows\System32\rdpwsx.dll2012-01-25 06:27:11 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll2012-01-25 06:20:59 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe.============= FINISH: 16:22:51.88 =============== Link to post Share on other sites More sharing options...
LDTate Posted April 3, 2012 ID:539692 Share Posted April 3, 2012 Whether you wish to continue with cleaning or not, you should be aware that you may have been infected by a backdoor trojan. This type of program has the ability to steal passwords and other information from your system. If you are using your computer for sensitive purposes such as internet banking then I recommend you take the following steps immediately:Use another, uninfected computer to change all your internet passwords, especially ones with financial implications such as banks, paypal, ebay, etc. You should also change the passwords for any other site you use.Call your bank(s), credit card company or any other institution which may be affected and advise them that your login/password or credit card information may have been stolen and ask what steps to take with regard to your account.Consider what other private information could possibly have been taken from your computer and take appropriate stepsRemoving this infection can also disable the ability to connect to the internet.This infection can almost certainly be cleaned, but as the malware could be configured to run any program a remote attacker requires, it will be impossible to be 100% sure that the machine is clean, if this is unacceptable to you then you should consider reformatting the system partition and reinstalling Windows as this is the only 100% sure answer.Please post back to let me know how you wish to proceed. Link to post Share on other sites More sharing options...
nicolep218 Posted April 3, 2012 Author ID:539693 Share Posted April 3, 2012 Okay Let's proceed. Your Knowledge is appreciated.did you still want me to download TDSSKiller? Link to post Share on other sites More sharing options...
LDTate Posted April 3, 2012 ID:539694 Share Posted April 3, 2012 Yes, run TDSKIller per instructions Link to post Share on other sites More sharing options...
nicolep218 Posted April 3, 2012 Author ID:539698 Share Posted April 3, 2012 TDS16:29:12.0335 3116 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:3216:29:12.0903 3116 ============================================================16:29:12.0903 3116 Current date / time: 2012/04/03 16:29:12.090316:29:12.0903 3116 SystemInfo:16:29:12.0903 3116 16:29:12.0903 3116 OS Version: 6.1.7600 ServicePack: 0.016:29:12.0903 3116 Product type: Workstation16:29:12.0903 3116 ComputerName: NICOLE-PC16:29:12.0903 3116 UserName: Nicole16:29:12.0903 3116 Windows directory: C:\Windows16:29:12.0903 3116 System windows directory: C:\Windows16:29:12.0903 3116 Running under WOW6416:29:12.0903 3116 Processor architecture: Intel x6416:29:12.0904 3116 Number of processors: 216:29:12.0904 3116 Page size: 0x100016:29:12.0904 3116 Boot type: Normal boot16:29:12.0904 3116 ============================================================16:29:14.0987 3116 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004016:29:14.0999 3116 \Device\Harddisk0\DR0:16:29:14.0999 3116 MBR used16:29:14.0999 3116 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23A1A80016:29:14.0999 3116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23A1B000, BlocksNum 0x1A1200016:29:15.0075 3116 Initialize success16:29:15.0075 3116 ============================================================16:33:15.0787 5764 ============================================================16:33:15.0787 5764 Scan started16:33:15.0787 5764 Mode: Manual; SigCheck; TDLFS;16:33:15.0787 5764 ============================================================16:33:23.0405 5764 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys16:33:23.0643 5764 1394ohci - ok16:33:23.0710 5764 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys16:33:23.0755 5764 Accelerometer - ok16:33:23.0812 5764 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys16:33:23.0872 5764 ACPI - ok16:33:23.0928 5764 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys16:33:24.0083 5764 AcpiPmi - ok16:33:24.0161 5764 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys16:33:24.0201 5764 adp94xx - ok16:33:24.0250 5764 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys16:33:24.0289 5764 adpahci - ok16:33:24.0323 5764 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys16:33:24.0348 5764 adpu320 - ok16:33:24.0394 5764 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll16:33:24.0717 5764 AeLookupSvc - ok16:33:24.0836 5764 AESTFilters (7f66523a27754afcfecae2f5eb643a4a) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\AESTSr64.exe16:33:24.0923 5764 AESTFilters - ok16:33:25.0033 5764 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys16:33:25.0168 5764 AFD - ok16:33:25.0394 5764 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys16:33:25.0536 5764 AgereSoftModem - ok16:33:25.0595 5764 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys16:33:25.0614 5764 agp440 - ok16:33:25.0696 5764 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe16:33:25.0814 5764 ALG - ok16:33:25.0887 5764 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys16:33:25.0901 5764 aliide - ok16:33:25.0934 5764 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys16:33:25.0948 5764 amdide - ok16:33:26.0006 5764 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys16:33:26.0084 5764 AmdK8 - ok16:33:26.0129 5764 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys16:33:26.0195 5764 AmdPPM - ok16:33:26.0265 5764 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys16:33:26.0281 5764 amdsata - ok16:33:26.0341 5764 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys16:33:26.0363 5764 amdsbs - ok16:33:26.0398 5764 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys16:33:26.0412 5764 amdxata - ok16:33:26.0448 5764 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys16:33:26.0554 5764 AppID - ok16:33:26.0609 5764 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll16:33:26.0701 5764 AppIDSvc - ok16:33:26.0756 5764 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll16:33:26.0848 5764 Appinfo - ok16:33:27.0012 5764 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe16:33:27.0029 5764 Apple Mobile Device - ok16:33:27.0228 5764 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys16:33:27.0263 5764 arc - ok16:33:27.0295 5764 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys16:33:27.0317 5764 arcsas - ok16:33:27.0426 5764 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys16:33:27.0564 5764 AsyncMac - ok16:33:27.0599 5764 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys16:33:27.0616 5764 atapi - ok16:33:27.0701 5764 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll16:33:27.0861 5764 AudioEndpointBuilder - ok16:33:27.0879 5764 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll16:33:28.0014 5764 AudioSrv - ok16:33:28.0078 5764 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll16:33:28.0400 5764 AxInstSV - ok16:33:28.0523 5764 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys16:33:28.0686 5764 b06bdrv - ok16:33:28.0767 5764 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys16:33:28.0847 5764 b57nd60a - ok16:33:28.0953 5764 BCM43XX (f509c4fd2eba6af4fd8794aeb6f3efb7) C:\Windows\system32\DRIVERS\bcmwl664.sys16:33:29.0153 5764 BCM43XX - ok16:33:29.0215 5764 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll16:33:29.0362 5764 BDESVC - ok16:33:29.0445 5764 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys16:33:29.0564 5764 Beep - ok16:33:29.0644 5764 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll16:33:29.0929 5764 BITS - ok16:33:29.0983 5764 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys16:33:30.0081 5764 blbdrive - ok16:33:30.0206 5764 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe16:33:30.0228 5764 Bonjour Service - ok16:33:30.0274 5764 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys16:33:30.0478 5764 bowser - ok16:33:30.0499 5764 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys16:33:30.0556 5764 BrFiltLo - ok16:33:30.0593 5764 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys16:33:30.0633 5764 BrFiltUp - ok16:33:30.0727 5764 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll16:33:30.0845 5764 Browser - ok16:33:30.0874 5764 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys16:33:30.0933 5764 Brserid - ok16:33:31.0060 5764 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys16:33:31.0119 5764 BrSerWdm - ok16:33:31.0158 5764 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys16:33:31.0219 5764 BrUsbMdm - ok16:33:31.0259 5764 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys16:33:31.0321 5764 BrUsbSer - ok16:33:31.0349 5764 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys16:33:31.0465 5764 BTHMODEM - ok16:33:31.0554 5764 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll16:33:31.0755 5764 bthserv - ok16:33:31.0784 5764 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys16:33:31.0863 5764 cdfs - ok16:33:31.0931 5764 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys16:33:32.0006 5764 cdrom - ok16:33:32.0062 5764 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll16:33:32.0193 5764 CertPropSvc - ok16:33:32.0287 5764 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys16:33:32.0381 5764 circlass - ok16:33:32.0413 5764 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys16:33:32.0442 5764 CLFS - ok16:33:32.0523 5764 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe16:33:32.0539 5764 clr_optimization_v2.0.50727_32 - ok16:33:32.0604 5764 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe16:33:32.0622 5764 clr_optimization_v2.0.50727_64 - ok16:33:32.0722 5764 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe16:33:32.0780 5764 clr_optimization_v4.0.30319_32 - ok16:33:32.0830 5764 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe16:33:32.0855 5764 clr_optimization_v4.0.30319_64 - ok16:33:32.0999 5764 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys16:33:33.0048 5764 CmBatt - ok16:33:33.0086 5764 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys16:33:33.0100 5764 cmdide - ok16:33:33.0165 5764 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys16:33:33.0291 5764 CNG - ok16:33:33.0844 5764 Com4QLBEx (12e94e225bd7b05a2bccd5c0b841e921) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe16:33:33.0860 5764 Com4QLBEx - ok16:33:34.0059 5764 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys16:33:34.0075 5764 Compbatt - ok16:33:34.0149 5764 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys16:33:34.0226 5764 CompositeBus - ok16:33:34.0254 5764 COMSysApp - ok16:33:34.0288 5764 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys16:33:34.0306 5764 crcdisk - ok16:33:34.0379 5764 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll16:33:34.0514 5764 CryptSvc - ok16:33:34.0577 5764 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll16:33:34.0806 5764 DcomLaunch - ok16:33:34.0933 5764 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll16:33:35.0036 5764 defragsvc - ok16:33:35.0098 5764 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys16:33:35.0257 5764 DfsC - ok16:33:35.0359 5764 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll16:33:35.0511 5764 Dhcp - ok16:33:35.0599 5764 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys16:33:35.0766 5764 discache - ok16:33:35.0825 5764 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys16:33:35.0846 5764 Disk - ok16:33:35.0917 5764 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll16:33:36.0021 5764 Dnscache - ok16:33:36.0073 5764 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll16:33:36.0222 5764 dot3svc - ok16:33:36.0257 5764 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll16:33:36.0439 5764 DPS - ok16:33:36.0536 5764 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys16:33:36.0573 5764 drmkaud - ok16:33:36.0620 5764 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys16:33:36.0701 5764 DXGKrnl - ok16:33:36.0720 5764 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll16:33:36.0823 5764 EapHost - ok16:33:36.0977 5764 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys16:33:37.0290 5764 ebdrv - ok16:33:37.0330 5764 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe16:33:37.0478 5764 EFS - ok16:33:37.0563 5764 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe16:33:37.0801 5764 ehRecvr - ok16:33:37.0853 5764 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe16:33:39.0583 5764 ehSched - ok16:33:39.0795 5764 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys16:33:39.0838 5764 elxstor - ok16:33:39.0934 5764 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys16:33:40.0001 5764 enecir - ok16:33:40.0073 5764 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys16:33:40.0138 5764 ErrDev - ok16:33:40.0201 5764 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll16:33:40.0336 5764 EventSystem - ok16:33:40.0382 5764 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys16:33:40.0487 5764 exfat - ok16:33:40.0542 5764 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys16:33:40.0655 5764 fastfat - ok16:33:40.0731 5764 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe16:33:40.0835 5764 Fax - ok16:33:40.0867 5764 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys16:33:40.0925 5764 fdc - ok16:33:41.0013 5764 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll16:33:41.0071 5764 fdPHost - ok16:33:41.0098 5764 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll16:33:41.0179 5764 FDResPub - ok16:33:41.0224 5764 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys16:33:41.0239 5764 FileInfo - ok16:33:41.0271 5764 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys16:33:41.0365 5764 Filetrace - ok16:33:41.0400 5764 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys16:33:41.0476 5764 flpydisk - ok16:33:41.0517 5764 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys16:33:41.0542 5764 FltMgr - ok16:33:41.0599 5764 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll16:33:41.0722 5764 FontCache - ok16:33:41.0857 5764 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe16:33:41.0869 5764 FontCache3.0.0.0 - ok16:33:41.0928 5764 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys16:33:41.0943 5764 FsDepends - ok16:33:41.0960 5764 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys16:33:41.0974 5764 Fs_Rec - ok16:33:42.0062 5764 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys16:33:42.0096 5764 fvevol - ok16:33:42.0154 5764 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys16:33:42.0177 5764 gagp30kx - ok16:33:42.0303 5764 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe16:33:42.0318 5764 GamesAppService - ok16:33:42.0368 5764 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys16:33:42.0377 5764 GEARAspiWDM - ok16:33:42.0437 5764 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll16:33:42.0517 5764 gpsvc - ok16:33:42.0598 5764 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe16:33:42.0611 5764 gupdate - ok16:33:42.0642 5764 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe16:33:42.0653 5764 gupdatem - ok16:33:42.0719 5764 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys16:33:42.0891 5764 hcw85cir - ok16:33:42.0939 5764 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys16:33:43.0017 5764 HDAudBus - ok16:33:43.0086 5764 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys16:33:43.0383 5764 HidBatt - ok16:33:43.0430 5764 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys16:33:43.0707 5764 HidBth - ok16:33:43.0746 5764 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys16:33:44.0022 5764 HidIr - ok16:33:44.0071 5764 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll16:33:44.0295 5764 hidserv - ok16:33:44.0359 5764 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys16:33:44.0517 5764 HidUsb - ok16:33:44.0623 5764 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll16:33:44.0739 5764 hkmsvc - ok16:33:44.0772 5764 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll16:33:44.0872 5764 HomeGroupListener - ok16:33:44.0913 5764 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll16:33:44.0981 5764 HomeGroupProvider - ok16:33:45.0133 5764 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe16:33:45.0169 5764 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning16:33:45.0169 5764 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)16:33:45.0244 5764 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys16:33:45.0254 5764 hpdskflt - ok16:33:45.0312 5764 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys16:33:45.0416 5764 HpqKbFiltr - ok16:33:45.0582 5764 hpqwmiex (188ff0adf66768d53ad94f43972e1e9a) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe16:33:45.0634 5764 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning16:33:45.0634 5764 hpqwmiex - detected UnsignedFile.Multi.Generic (1)16:33:45.0789 5764 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys16:33:45.0805 5764 HpSAMD - ok16:33:45.0961 5764 hpsrv (6bf024ea61d7894bf4af0b10a90b546e) C:\Windows\system32\Hpservice.exe16:33:46.0019 5764 hpsrv - ok16:33:46.0116 5764 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys16:33:46.0310 5764 HTTP - ok16:33:46.0350 5764 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys16:33:46.0363 5764 hwpolicy - ok16:33:46.0386 5764 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys16:33:46.0410 5764 i8042prt - ok16:33:46.0488 5764 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys16:33:46.0516 5764 iaStorV - ok16:33:46.0639 5764 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe16:33:46.0671 5764 IDriverT ( UnsignedFile.Multi.Generic ) - warning16:33:46.0671 5764 IDriverT - detected UnsignedFile.Multi.Generic (1)16:33:46.0819 5764 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe16:33:46.0860 5764 idsvc - ok16:33:47.0342 5764 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys16:33:47.0741 5764 igfx - ok16:33:47.0855 5764 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys16:33:47.0873 5764 iirsp - ok16:33:47.0984 5764 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll16:33:48.0312 5764 IKEEXT - ok16:33:48.0375 5764 IntcHdmiAddService (be1cb000c655396c9def09aee3ea2d67) C:\Windows\system32\drivers\IntcHdmi.sys16:33:48.0592 5764 IntcHdmiAddService - ok16:33:48.0659 5764 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys16:33:48.0681 5764 intelide - ok16:33:48.0749 5764 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys16:33:48.0873 5764 intelppm - ok16:33:48.0932 5764 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll16:33:49.0038 5764 IPBusEnum - ok16:33:49.0132 5764 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys16:33:49.0366 5764 IpFilterDriver - ok16:33:49.0393 5764 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys16:33:49.0463 5764 IPMIDRV - ok16:33:49.0555 5764 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys16:33:49.0903 5764 IPNAT - ok16:33:50.0045 5764 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe16:33:50.0227 5764 iPod Service - ok16:33:50.0371 5764 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys16:33:50.0399 5764 IRENUM - ok16:33:50.0435 5764 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys16:33:50.0451 5764 isapnp - ok16:33:50.0498 5764 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys16:33:50.0586 5764 iScsiPrt - ok16:33:50.0638 5764 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys16:33:50.0658 5764 kbdclass - ok16:33:50.0725 5764 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys16:33:50.0800 5764 kbdhid - ok16:33:50.0842 5764 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe16:33:50.0896 5764 KeyIso - ok16:33:50.0924 5764 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys16:33:50.0961 5764 KSecDD - ok16:33:51.0116 5764 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys16:33:51.0144 5764 KSecPkg - ok16:33:51.0284 5764 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys16:33:51.0373 5764 ksthunk - ok16:33:51.0541 5764 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll16:33:51.0893 5764 KtmRm - ok16:33:51.0965 5764 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll16:33:53.0424 5764 LanmanServer - ok16:33:53.0663 5764 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll16:33:54.0127 5764 LanmanWorkstation - ok16:33:54.0335 5764 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe16:33:54.0364 5764 LightScribeService ( UnsignedFile.Multi.Generic ) - warning16:33:54.0364 5764 LightScribeService - detected UnsignedFile.Multi.Generic (1)16:33:54.0607 5764 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys16:33:54.0773 5764 lltdio - ok16:33:55.0325 5764 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll16:33:55.0429 5764 lltdsvc - ok16:33:55.0489 5764 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll16:33:55.0552 5764 lmhosts - ok16:33:55.0648 5764 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys16:33:55.0666 5764 LSI_FC - ok16:33:55.0689 5764 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys16:33:55.0725 5764 LSI_SAS - ok16:33:55.0750 5764 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys16:33:55.0789 5764 LSI_SAS2 - ok16:33:55.0826 5764 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys16:33:55.0844 5764 LSI_SCSI - ok16:33:55.0878 5764 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys16:33:56.0058 5764 luafv - ok16:33:56.0131 5764 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll16:33:56.0188 5764 Mcx2Svc - ok16:33:56.0227 5764 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys16:33:56.0242 5764 megasas - ok16:33:56.0277 5764 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys16:33:56.0355 5764 MegaSR - ok16:33:56.0384 5764 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll16:33:56.0478 5764 MMCSS - ok16:33:56.0526 5764 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys16:33:56.0609 5764 Modem - ok16:33:56.0681 5764 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys16:33:56.0743 5764 monitor - ok16:33:56.0778 5764 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys16:33:56.0809 5764 mouclass - ok16:33:56.0828 5764 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys16:33:56.0909 5764 mouhid - ok16:33:56.0925 5764 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys16:33:56.0942 5764 mountmgr - ok16:33:56.0969 5764 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys16:33:56.0989 5764 mpio - ok16:33:57.0023 5764 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys16:33:57.0101 5764 mpsdrv - ok16:33:57.0140 5764 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys16:33:57.0200 5764 MRxDAV - ok16:33:57.0256 5764 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys16:33:57.0287 5764 mrxsmb - ok16:33:57.0334 5764 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys16:33:57.0407 5764 mrxsmb10 - ok16:33:57.0462 5764 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys16:33:57.0534 5764 mrxsmb20 - ok16:33:57.0594 5764 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys16:33:57.0610 5764 msahci - ok16:33:57.0668 5764 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys16:33:57.0686 5764 msdsm - ok16:33:57.0740 5764 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe16:33:57.0806 5764 MSDTC - ok16:33:57.0853 5764 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys16:33:57.0925 5764 Msfs - ok16:33:57.0959 5764 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys16:33:58.0085 5764 mshidkmdf - ok16:33:58.0109 5764 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys16:33:58.0124 5764 msisadrv - ok16:33:58.0215 5764 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll16:33:58.0394 5764 MSiSCSI - ok16:33:58.0405 5764 msiserver - ok16:33:58.0448 5764 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys16:33:58.0560 5764 MSKSSRV - ok16:33:58.0596 5764 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys16:33:58.0729 5764 MSPCLOCK - ok16:33:58.0767 5764 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys16:33:58.0889 5764 MSPQM - ok16:33:58.0943 5764 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys16:33:58.0977 5764 MsRPC - ok16:33:59.0006 5764 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys16:33:59.0025 5764 mssmbios - ok16:33:59.0058 5764 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys16:33:59.0252 5764 MSTEE - ok16:33:59.0291 5764 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys16:33:59.0338 5764 MTConfig - ok16:33:59.0373 5764 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys16:33:59.0410 5764 Mup - ok16:33:59.0475 5764 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll16:33:59.0628 5764 napagent - ok16:33:59.0699 5764 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys16:33:59.0799 5764 NativeWifiP - ok16:33:59.0874 5764 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys16:33:59.0962 5764 NDIS - ok16:33:59.0984 5764 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys16:34:00.0073 5764 NdisCap - ok16:34:00.0125 5764 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys16:34:00.0235 5764 NdisTapi - ok16:34:00.0325 5764 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys16:34:00.0501 5764 Ndisuio - ok16:34:00.0569 5764 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys16:34:00.0652 5764 NdisWan - ok16:34:00.0676 5764 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys16:34:00.0818 5764 NDProxy - ok16:34:00.0891 5764 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys16:34:01.0046 5764 NetBIOS - ok16:34:01.0085 5764 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys16:34:01.0210 5764 NetBT - ok16:34:01.0247 5764 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe16:34:01.0288 5764 Netlogon - ok16:34:01.0359 5764 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll16:34:01.0455 5764 Netman - ok16:34:01.0534 5764 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll16:34:01.0641 5764 netprofm - ok16:34:01.0853 5764 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe16:34:01.0887 5764 NetTcpPortSharing - ok16:34:01.0979 5764 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys16:34:02.0001 5764 nfrd960 - ok16:34:02.0071 5764 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll16:34:02.0163 5764 NlaSvc - ok16:34:02.0183 5764 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys16:34:02.0355 5764 Npfs - ok16:34:02.0391 5764 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll16:34:02.0493 5764 nsi - ok16:34:02.0516 5764 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys16:34:02.0671 5764 nsiproxy - ok16:34:02.0825 5764 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys16:34:02.0925 5764 Ntfs - ok16:34:02.0977 5764 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys16:34:03.0118 5764 Null - ok16:34:03.0217 5764 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys16:34:03.0244 5764 nvraid - ok16:34:03.0311 5764 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys16:34:03.0368 5764 nvstor - ok16:34:03.0442 5764 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys16:34:03.0471 5764 nv_agp - ok16:34:03.0638 5764 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE16:34:03.0758 5764 odserv - ok16:34:03.0961 5764 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys16:34:04.0089 5764 ohci1394 - ok16:34:04.0237 5764 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE16:34:04.0256 5764 ose - ok16:34:04.0373 5764 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll16:34:04.0534 5764 p2pimsvc - ok16:34:04.0589 5764 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll16:34:04.0677 5764 p2psvc - ok16:34:04.0744 5764 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys16:34:04.0775 5764 Parport - ok16:34:04.0797 5764 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys16:34:04.0818 5764 partmgr - ok16:34:04.0838 5764 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll16:34:04.0900 5764 PcaSvc - ok16:34:04.0946 5764 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys16:34:04.0971 5764 pci - ok16:34:04.0995 5764 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys16:34:05.0013 5764 pciide - ok16:34:05.0039 5764 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys16:34:05.0065 5764 pcmcia - ok16:34:05.0116 5764 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys16:34:05.0137 5764 pcw - ok16:34:05.0347 5764 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys16:34:05.0551 5764 PEAUTH - ok16:34:06.0299 5764 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe16:34:06.0349 5764 PerfHost - ok16:34:06.0504 5764 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll16:34:06.0876 5764 pla - ok16:34:06.0958 5764 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll16:34:07.0162 5764 PlugPlay - ok16:34:07.0213 5764 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll16:34:07.0299 5764 PNRPAutoReg - ok16:34:07.0341 5764 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll16:34:07.0372 5764 PNRPsvc - ok16:34:07.0444 5764 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll16:34:07.0567 5764 PolicyAgent - ok16:34:07.0621 5764 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll16:34:07.0778 5764 Power - ok16:34:07.0874 5764 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys16:34:08.0123 5764 PptpMiniport - ok16:34:08.0241 5764 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys16:34:08.0318 5764 Processor - ok16:34:08.0375 5764 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll16:34:08.0495 5764 ProfSvc - ok16:34:08.0564 5764 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe16:34:08.0594 5764 ProtectedStorage - ok16:34:08.0668 5764 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys16:34:08.0807 5764 Psched - ok16:34:08.0896 5764 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys16:34:09.0003 5764 ql2300 - ok16:34:09.0052 5764 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys16:34:09.0132 5764 ql40xx - ok16:34:09.0182 5764 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll16:34:09.0273 5764 QWAVE - ok16:34:09.0312 5764 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys16:34:09.0426 5764 QWAVEdrv - ok16:34:09.0459 5764 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys16:34:09.0636 5764 RasAcd - ok16:34:09.0785 5764 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys16:34:09.0948 5764 RasAgileVpn - ok16:34:10.0024 5764 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll16:34:10.0140 5764 RasAuto - ok16:34:10.0192 5764 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys16:34:10.0339 5764 Rasl2tp - ok16:34:10.0391 5764 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll16:34:10.0614 5764 RasMan - ok16:34:10.0636 5764 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys16:34:10.0731 5764 RasPppoe - ok16:34:10.0785 5764 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys16:34:10.0954 5764 RasSstp - ok16:34:11.0001 5764 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys16:34:11.0164 5764 rdbss - ok16:34:11.0200 5764 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys16:34:11.0253 5764 rdpbus - ok16:34:11.0299 5764 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys16:34:11.0397 5764 RDPCDD - ok16:34:11.0461 5764 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys16:34:11.0646 5764 RDPENCDD - ok16:34:11.0681 5764 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys16:34:11.0933 5764 RDPREFMP - ok16:34:11.0976 5764 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys16:34:12.0068 5764 RDPWD - ok16:34:12.0092 5764 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys16:34:12.0118 5764 rdyboost - ok16:34:12.0252 5764 Recovery Service for Windows (bc0a4d47472b042537f4e57b950415fa) C:\Program Files (x86)\SMINST\BLService.exe16:34:12.0291 5764 Recovery Service for Windows - ok16:34:12.0340 5764 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll16:34:12.0524 5764 RemoteAccess - ok16:34:12.0575 5764 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll16:34:12.0656 5764 RemoteRegistry - ok16:34:12.0787 5764 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe16:34:12.0803 5764 RichVideo ( UnsignedFile.Multi.Generic ) - warning16:34:12.0804 5764 RichVideo - detected UnsignedFile.Multi.Generic (1)16:34:12.0838 5764 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll16:34:12.0940 5764 RpcEptMapper - ok16:34:12.0994 5764 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe16:34:13.0088 5764 RpcLocator - ok16:34:13.0134 5764 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll16:34:14.0577 5764 RpcSs - ok16:34:14.0883 5764 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys16:34:15.0120 5764 rspndr - ok16:34:15.0204 5764 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys16:34:15.0296 5764 RTL8169 - ok16:34:15.0351 5764 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS16:34:15.0418 5764 RTSTOR - ok16:34:15.0468 5764 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe16:34:15.0491 5764 SamSs - ok16:34:15.0555 5764 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys16:34:15.0576 5764 sbp2port - ok16:34:15.0635 5764 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll16:34:15.0805 5764 SCardSvr - ok16:34:15.0849 5764 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys16:34:15.0959 5764 scfilter - ok16:34:16.0294 5764 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll16:34:16.0544 5764 Schedule - ok16:34:16.0582 5764 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll16:34:16.0727 5764 SCPolicySvc - ok16:34:16.0786 5764 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll16:34:17.0037 5764 SDRSVC - ok16:34:17.0201 5764 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys16:34:17.0337 5764 secdrv - ok16:34:17.0367 5764 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll16:34:17.0445 5764 seclogon - ok16:34:17.0467 5764 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll16:34:17.0584 5764 SENS - ok16:34:17.0604 5764 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll16:34:17.0685 5764 SensrSvc - ok16:34:17.0741 5764 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys16:34:17.0764 5764 Serenum - ok16:34:17.0819 5764 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys16:34:17.0857 5764 Serial - ok16:34:17.0880 5764 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys16:34:17.0942 5764 sermouse - ok16:34:18.0038 5764 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll16:34:18.0112 5764 SessionEnv - ok16:34:18.0154 5764 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys16:34:18.0279 5764 sffdisk - ok16:34:18.0304 5764 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys16:34:18.0360 5764 sffp_mmc - ok16:34:18.0381 5764 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys16:34:18.0526 5764 sffp_sd - ok16:34:18.0566 5764 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys16:34:18.0675 5764 sfloppy - ok16:34:18.0735 5764 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll16:34:18.0856 5764 SharedAccess - ok16:34:18.0907 5764 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll16:34:19.0005 5764 ShellHWDetection - ok16:34:19.0103 5764 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys16:34:19.0124 5764 SiSRaid2 - ok16:34:19.0146 5764 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys16:34:19.0166 5764 SiSRaid4 - ok16:34:19.0221 5764 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys16:34:19.0380 5764 Smb - ok16:34:19.0456 5764 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe16:34:19.0506 5764 SNMPTRAP - ok16:34:19.0587 5764 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys16:34:19.0609 5764 spldr - ok16:34:19.0670 5764 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe16:34:19.0832 5764 Spooler - ok16:34:19.0976 5764 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe16:34:20.0241 5764 sppsvc - ok16:34:20.0281 5764 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll16:34:20.0391 5764 sppuinotify - ok16:34:20.0464 5764 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys16:34:20.0712 5764 srv - ok16:34:20.0753 5764 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys16:34:20.0815 5764 srv2 - ok16:34:20.0853 5764 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys16:34:20.0988 5764 srvnet - ok16:34:21.0046 5764 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll16:34:21.0177 5764 SSDPSRV - ok16:34:21.0227 5764 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll16:34:21.0330 5764 SstpSvc - ok16:34:21.0709 5764 STacSV (a400c503b256cd7c8289b2a943370415) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\STacSV64.exe16:34:21.0772 5764 STacSV - ok16:34:21.0848 5764 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys16:34:21.0870 5764 stexstor - ok16:34:21.0931 5764 STHDA (0c2bf91cdc0575f5713a4d2d5118bc06) C:\Windows\system32\DRIVERS\stwrt64.sys16:34:21.0983 5764 STHDA - ok16:34:22.0065 5764 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll16:34:22.0168 5764 stisvc - ok16:34:22.0202 5764 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys16:34:22.0222 5764 swenum - ok16:34:22.0288 5764 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll16:34:22.0440 5764 swprv - ok16:34:22.0601 5764 SynTP (5bfcf934891022e15404befe0f5ece9f) C:\Windows\system32\DRIVERS\SynTP.sys16:34:22.0641 5764 SynTP - ok16:34:22.0733 5764 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll16:34:22.0888 5764 SysMain - ok16:34:22.0927 5764 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll16:34:23.0013 5764 TabletInputService - ok16:34:23.0053 5764 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll16:34:23.0200 5764 TapiSrv - ok16:34:23.0232 5764 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll16:34:23.0445 5764 TBS - ok16:34:23.0638 5764 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys16:34:23.0858 5764 Tcpip - ok16:34:23.0996 5764 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys16:34:24.0154 5764 TCPIP6 - ok16:34:24.0205 5764 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys16:34:24.0360 5764 tcpipreg - ok16:34:24.0408 5764 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys16:34:24.0572 5764 TDPIPE - ok16:34:24.0608 5764 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys16:34:24.0692 5764 TDTCP - ok16:34:24.0723 5764 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys16:34:24.0977 5764 tdx - ok16:34:25.0020 5764 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys16:34:25.0045 5764 TermDD - ok16:34:25.0126 5764 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll16:34:25.0309 5764 TermService - ok16:34:25.0471 5764 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll16:34:25.0597 5764 Themes - ok16:34:25.0649 5764 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll16:34:25.0738 5764 THREADORDER - ok16:34:25.0765 5764 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll16:34:25.0920 5764 TrkWks - ok16:34:26.0012 5764 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe16:34:26.0061 5764 TrustedInstaller - ok16:34:26.0142 5764 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys16:34:26.0316 5764 tssecsrv - ok16:34:26.0401 5764 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys16:34:26.0549 5764 tunnel - ok16:34:26.0993 5764 TVCapSvc (1c31169dddc70c1605f703da701eaeea) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe16:34:27.0014 5764 TVCapSvc - ok16:34:27.0024 5764 TVSched (290b8c381dbc15d3dbcbd2bdb6b0ba12) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe16:34:27.0040 5764 TVSched - ok16:34:27.0205 5764 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys16:34:27.0228 5764 uagp35 - ok16:34:27.0258 5764 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys16:34:27.0419 5764 udfs - ok16:34:27.0479 5764 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe16:34:27.0538 5764 UI0Detect - ok16:34:27.0627 5764 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys16:34:27.0648 5764 uliagpkx - ok16:34:27.0685 5764 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys16:34:27.0817 5764 umbus - ok16:34:27.0849 5764 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys16:34:27.0927 5764 UmPass - ok16:34:27.0987 5764 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll16:34:28.0095 5764 upnphost - ok16:34:28.0181 5764 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys16:34:28.0246 5764 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning16:34:28.0247 5764 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)16:34:28.0315 5764 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys16:34:28.0347 5764 usbccgp - ok16:34:28.0413 5764 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys16:34:28.0491 5764 usbcir - ok16:34:28.0536 5764 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys16:34:28.0568 5764 usbehci - ok16:34:28.0645 5764 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys16:34:28.0709 5764 usbhub - ok16:34:28.0748 5764 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys16:34:28.0802 5764 usbohci - ok16:34:28.0835 5764 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys16:34:28.0883 5764 usbprint - ok16:34:28.0906 5764 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS16:34:28.0943 5764 USBSTOR - ok16:34:28.0971 5764 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys16:34:29.0037 5764 usbuhci - ok16:34:29.0109 5764 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys16:34:29.0166 5764 usbvideo - ok16:34:29.0218 5764 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll16:34:29.0297 5764 UxSms - ok16:34:29.0334 5764 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe16:34:29.0360 5764 VaultSvc - ok16:34:29.0451 5764 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys16:34:29.0470 5764 vdrvroot - ok16:34:29.0524 5764 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe16:34:29.0654 5764 vds - ok16:34:29.0699 5764 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys16:34:29.0740 5764 vga - ok16:34:29.0794 5764 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys16:34:29.0923 5764 VgaSave - ok16:34:29.0958 5764 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys16:34:29.0984 5764 vhdmp - ok16:34:30.0009 5764 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys16:34:30.0028 5764 viaide - ok16:34:30.0084 5764 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys16:34:30.0105 5764 volmgr - ok16:34:30.0139 5764 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys16:34:30.0174 5764 volmgrx - ok16:34:30.0210 5764 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys16:34:30.0239 5764 volsnap - ok16:34:30.0293 5764 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys16:34:30.0317 5764 vsmraid - ok16:34:30.0428 5764 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe16:34:30.0549 5764 VSS - ok16:34:30.0586 5764 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys16:34:30.0718 5764 vwifibus - ok16:34:30.0761 5764 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll16:34:31.0051 5764 W32Time - ok16:34:31.0130 5764 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys16:34:31.0181 5764 WacomPen - ok16:34:31.0256 5764 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys16:34:31.0381 5764 WANARP - ok16:34:31.0400 5764 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys16:34:31.0517 5764 Wanarpv6 - ok16:34:31.0626 5764 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe16:34:31.0701 5764 WatAdminSvc - ok16:34:31.0793 5764 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe16:34:31.0963 5764 wbengine - ok16:34:32.0059 5764 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll16:34:32.0107 5764 WbioSrvc - ok16:34:32.0146 5764 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll16:34:32.0218 5764 wcncsvc - ok16:34:32.0244 5764 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll16:34:32.0385 5764 WcsPlugInService - ok16:34:32.0440 5764 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys16:34:32.0464 5764 Wd - ok16:34:32.0542 5764 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys16:34:32.0660 5764 Wdf01000 - ok16:34:32.0690 5764 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll16:34:32.0803 5764 WdiServiceHost - ok16:34:32.0810 5764 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll16:34:32.0850 5764 WdiSystemHost - ok16:34:32.0914 5764 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll16:34:33.0026 5764 WebClient - ok16:34:33.0055 5764 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll16:34:33.0203 5764 Wecsvc - ok16:34:33.0261 5764 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll16:34:34.0771 5764 wercplsupport - ok16:34:35.0025 5764 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll16:34:35.0210 5764 WerSvc - ok16:34:35.0385 5764 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys16:34:35.0473 5764 WfpLwf - ok16:34:35.0533 5764 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys16:34:35.0556 5764 WIMMount - ok16:34:35.0566 5764 WinHttpAutoProxySvc - ok16:34:35.0657 5764 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll16:34:35.0773 5764 Winmgmt - ok16:34:35.0916 5764 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll16:34:36.0146 5764 WinRM - ok16:34:36.0338 5764 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys16:34:36.0375 5764 WinUsb - ok16:34:36.0463 5764 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll16:34:36.0562 5764 Wlansvc - ok16:34:36.0692 5764 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys16:34:36.0759 5764 WmiAcpi - ok16:34:36.0841 5764 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe16:34:36.0878 5764 wmiApSrv - ok16:34:36.0963 5764 WMPNetworkSvc - ok16:34:37.0010 5764 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll16:34:37.0096 5764 WPCSvc - ok16:34:37.0125 5764 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll16:34:37.0279 5764 WPDBusEnum - ok16:34:37.0395 5764 WPFFontCache_v0400 - ok16:34:37.0466 5764 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys16:34:37.0583 5764 ws2ifsl - ok16:34:37.0596 5764 WSearch - ok16:34:37.0710 5764 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll16:34:37.0920 5764 wuauserv - ok16:34:37.0987 5764 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys16:34:38.0115 5764 WudfPf - ok16:34:38.0174 5764 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys16:34:38.0257 5764 WUDFRd - ok16:34:38.0304 5764 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll16:34:38.0419 5764 wudfsvc - ok16:34:38.0464 5764 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll16:34:38.0540 5764 WwanSvc - ok16:34:38.0718 5764 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe16:34:38.0761 5764 YahooAUService - ok16:34:38.0867 5764 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl16:34:38.0884 5764 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok16:34:38.0932 5764 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR016:34:38.0962 5764 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected16:34:38.0962 5764 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)16:34:39.0011 5764 \Device\Harddisk0\DR0 ( TDSS File System ) - warning16:34:39.0011 5764 \Device\Harddisk0\DR0 - detected TDSS File System (1)16:34:39.0046 5764 Boot (0x1200) (d15ccac574f71726c34a3b3151b9ca5e) \Device\Harddisk0\DR0\Partition016:34:39.0048 5764 \Device\Harddisk0\DR0\Partition0 - ok16:34:39.0080 5764 Boot (0x1200) (3b6cb7abd56f4842f192eb2e335ade78) \Device\Harddisk0\DR0\Partition116:34:39.0082 5764 \Device\Harddisk0\DR0\Partition1 - ok16:34:39.0083 5764 ============================================================16:34:39.0083 5764 Scan finished16:34:39.0083 5764 ============================================================16:34:39.0106 3840 Detected object count: 816:34:39.0106 3840 Actual detected object count: 816:36:42.0806 3840 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user16:36:42.0806 3840 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip16:36:42.0807 3840 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user16:36:42.0807 3840 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip16:36:42.0811 3840 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user16:36:42.0811 3840 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip16:36:42.0814 3840 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user16:36:42.0814 3840 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip16:36:42.0819 3840 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user16:36:42.0819 3840 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip16:36:42.0820 3840 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user16:36:42.0820 3840 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip16:36:42.0961 3840 \Device\Harddisk0\DR0\# - copied to quarantine16:36:42.0962 3840 \Device\Harddisk0\DR0 - copied to quarantine16:36:43.0002 3840 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine16:36:43.0006 3840 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine16:36:43.0011 3840 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine16:36:43.0016 3840 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine16:36:43.0028 3840 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine16:36:43.0040 3840 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine16:36:43.0042 3840 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine16:36:43.0043 3840 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine16:36:43.0045 3840 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine16:36:43.0047 3840 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine16:36:43.0050 3840 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine16:36:43.0052 3840 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine16:36:43.0086 3840 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot16:36:43.0087 3840 \Device\Harddisk0\DR0 - ok16:36:43.0633 3840 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure16:36:43.0634 3840 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user16:36:43.0634 3840 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip16:36:57.0514 6540 Deinitialize success Link to post Share on other sites More sharing options...
LDTate Posted April 3, 2012 ID:539701 Share Posted April 3, 2012 You must Reboot if you haven't aleadyPlease run it again and delete only these 2 that are leftover16:36:43.0634 3840 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user16:36:43.0634 3840 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: SkipThen run a new MBAM scan Link to post Share on other sites More sharing options...
nicolep218 Posted April 3, 2012 Author ID:539703 Share Posted April 3, 2012 When I ran it again I could only see one \Device\Harddisk0\DR0 to delete Link to post Share on other sites More sharing options...
LDTate Posted April 3, 2012 ID:539704 Share Posted April 3, 2012 If it's one of these \Device\Harddisk0\DR0 ( TDSS File System )Then delete it.Reboot and run a new MBAM Link to post Share on other sites More sharing options...
nicolep218 Posted April 3, 2012 Author ID:539721 Share Posted April 3, 2012 MBAM.Malwarebytes Anti-Malware 1.60.1.1000www.malwarebytes.orgDatabase version: v2012.04.02.03Windows 7 x64 NTFSInternet Explorer 9.0.8112.16421Nicole :: NICOLE-PC [administrator]4/3/2012 5:22:38 PMmbam-log-2012-04-03 (17-22-38).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 245765Time elapsed: 25 minute(s), 27 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0Did you need the last TDSS log? Link to post Share on other sites More sharing options...
LDTate Posted April 3, 2012 ID:539722 Share Posted April 3, 2012 Did you need the last TDSS log?Sure,Let me know how it's running too Link to post Share on other sites More sharing options...
nicolep218 Posted April 4, 2012 Author ID:539723 Share Posted April 4, 2012 16:59:04.0934 3416 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:3216:59:05.0380 3416 ============================================================16:59:05.0380 3416 Current date / time: 2012/04/03 16:59:05.038016:59:05.0380 3416 SystemInfo:16:59:05.0381 3416 16:59:05.0381 3416 OS Version: 6.1.7600 ServicePack: 0.016:59:05.0381 3416 Product type: Workstation16:59:05.0381 3416 ComputerName: NICOLE-PC16:59:05.0381 3416 UserName: Nicole16:59:05.0381 3416 Windows directory: C:\Windows16:59:05.0381 3416 System windows directory: C:\Windows16:59:05.0381 3416 Running under WOW6416:59:05.0381 3416 Processor architecture: Intel x6416:59:05.0381 3416 Number of processors: 216:59:05.0381 3416 Page size: 0x100016:59:05.0381 3416 Boot type: Normal boot16:59:05.0381 3416 ============================================================16:59:06.0647 3416 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004016:59:06.0659 3416 \Device\Harddisk0\DR0:16:59:06.0659 3416 MBR used16:59:06.0659 3416 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23A1A80016:59:06.0659 3416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23A1B000, BlocksNum 0x1A1200016:59:06.0732 3416 Initialize success16:59:06.0732 3416 ============================================================16:59:15.0603 0308 ============================================================16:59:15.0603 0308 Scan started16:59:15.0603 0308 Mode: Manual; SigCheck; TDLFS;16:59:15.0603 0308 ============================================================16:59:16.0926 0308 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys16:59:17.0072 0308 1394ohci - ok16:59:17.0143 0308 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys16:59:17.0157 0308 Accelerometer - ok16:59:17.0211 0308 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys16:59:17.0232 0308 ACPI - ok16:59:17.0283 0308 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys16:59:17.0380 0308 AcpiPmi - ok16:59:17.0448 0308 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys16:59:17.0480 0308 adp94xx - ok16:59:17.0504 0308 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys16:59:17.0521 0308 adpahci - ok16:59:17.0543 0308 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys16:59:17.0558 0308 adpu320 - ok16:59:17.0604 0308 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll16:59:17.0677 0308 AeLookupSvc - ok16:59:17.0802 0308 AESTFilters (7f66523a27754afcfecae2f5eb643a4a) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\AESTSr64.exe16:59:17.0844 0308 AESTFilters - ok16:59:17.0954 0308 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys16:59:18.0034 0308 AFD - ok16:59:18.0128 0308 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys16:59:18.0234 0308 AgereSoftModem - ok16:59:18.0282 0308 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys16:59:18.0303 0308 agp440 - ok16:59:18.0373 0308 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe16:59:18.0422 0308 ALG - ok16:59:18.0486 0308 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys16:59:18.0503 0308 aliide - ok16:59:18.0521 0308 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys16:59:18.0536 0308 amdide - ok16:59:18.0582 0308 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys16:59:18.0618 0308 AmdK8 - ok16:59:18.0650 0308 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys16:59:18.0682 0308 AmdPPM - ok16:59:18.0730 0308 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys16:59:18.0748 0308 amdsata - ok16:59:18.0806 0308 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys16:59:18.0824 0308 amdsbs - ok16:59:18.0841 0308 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys16:59:18.0852 0308 amdxata - ok16:59:18.0893 0308 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys16:59:18.0939 0308 AppID - ok16:59:18.0997 0308 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll16:59:19.0141 0308 AppIDSvc - ok16:59:19.0166 0308 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll16:59:19.0232 0308 Appinfo - ok16:59:19.0410 0308 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe16:59:19.0425 0308 Apple Mobile Device - ok16:59:19.0504 0308 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys16:59:19.0523 0308 arc - ok16:59:19.0550 0308 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys16:59:19.0570 0308 arcsas - ok16:59:19.0626 0308 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys16:59:19.0690 0308 AsyncMac - ok16:59:19.0731 0308 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys16:59:19.0740 0308 atapi - ok16:59:19.0821 0308 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll16:59:19.0924 0308 AudioEndpointBuilder - ok16:59:19.0936 0308 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll16:59:19.0980 0308 AudioSrv - ok16:59:20.0032 0308 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll16:59:20.0139 0308 AxInstSV - ok16:59:20.0232 0308 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys16:59:20.0312 0308 b06bdrv - ok16:59:20.0396 0308 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys16:59:20.0442 0308 b57nd60a - ok16:59:20.0553 0308 BCM43XX (f509c4fd2eba6af4fd8794aeb6f3efb7) C:\Windows\system32\DRIVERS\bcmwl664.sys16:59:20.0600 0308 BCM43XX - ok16:59:20.0635 0308 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll16:59:20.0683 0308 BDESVC - ok16:59:20.0721 0308 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys16:59:20.0792 0308 Beep - ok16:59:20.0855 0308 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll16:59:20.0974 0308 BITS - ok16:59:21.0012 0308 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys16:59:21.0054 0308 blbdrive - ok16:59:21.0201 0308 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe16:59:21.0223 0308 Bonjour Service - ok16:59:21.0282 0308 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys16:59:21.0351 0308 bowser - ok16:59:21.0407 0308 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys16:59:21.0456 0308 BrFiltLo - ok16:59:21.0489 0308 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys16:59:21.0533 0308 BrFiltUp - ok16:59:21.0601 0308 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll16:59:21.0688 0308 Browser - ok16:59:21.0725 0308 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys16:59:21.0768 0308 Brserid - ok16:59:21.0801 0308 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys16:59:21.0853 0308 BrSerWdm - ok16:59:21.0899 0308 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys16:59:21.0918 0308 BrUsbMdm - ok16:59:21.0934 0308 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys16:59:21.0972 0308 BrUsbSer - ok16:59:22.0012 0308 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys16:59:22.0064 0308 BTHMODEM - ok16:59:22.0117 0308 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll16:59:22.0181 0308 bthserv - ok16:59:22.0214 0308 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys16:59:22.0253 0308 cdfs - ok16:59:22.0304 0308 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys16:59:22.0351 0308 cdrom - ok16:59:22.0391 0308 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll16:59:22.0453 0308 CertPropSvc - ok16:59:22.0506 0308 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys16:59:22.0554 0308 circlass - ok16:59:22.0598 0308 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys16:59:22.0626 0308 CLFS - ok16:59:22.0708 0308 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe16:59:22.0719 0308 clr_optimization_v2.0.50727_32 - ok16:59:22.0789 0308 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe16:59:22.0806 0308 clr_optimization_v2.0.50727_64 - ok16:59:22.0885 0308 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe16:59:22.0903 0308 clr_optimization_v4.0.30319_32 - ok16:59:22.0949 0308 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe16:59:22.0965 0308 clr_optimization_v4.0.30319_64 - ok16:59:23.0107 0308 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys16:59:23.0147 0308 CmBatt - ok16:59:23.0182 0308 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys16:59:23.0197 0308 cmdide - ok16:59:23.0238 0308 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys16:59:23.0270 0308 CNG - ok16:59:23.0430 0308 Com4QLBEx (12e94e225bd7b05a2bccd5c0b841e921) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe16:59:23.0445 0308 Com4QLBEx - ok16:59:23.0489 0308 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys16:59:23.0499 0308 Compbatt - ok16:59:23.0545 0308 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys16:59:23.0594 0308 CompositeBus - ok16:59:23.0621 0308 COMSysApp - ok16:59:23.0651 0308 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys16:59:23.0662 0308 crcdisk - ok16:59:23.0729 0308 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll16:59:23.0802 0308 CryptSvc - ok16:59:23.0856 0308 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll16:59:23.0926 0308 DcomLaunch - ok16:59:23.0973 0308 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll16:59:24.0043 0308 defragsvc - ok16:59:24.0104 0308 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys16:59:24.0158 0308 DfsC - ok16:59:24.0454 0308 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll16:59:24.0528 0308 Dhcp - ok16:59:24.0572 0308 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys16:59:24.0642 0308 discache - ok16:59:24.0698 0308 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys16:59:24.0717 0308 Disk - ok16:59:24.0757 0308 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll16:59:24.0802 0308 Dnscache - ok16:59:24.0856 0308 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll16:59:24.0922 0308 dot3svc - ok16:59:24.0951 0308 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll16:59:25.0016 0308 DPS - ok16:59:25.0098 0308 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys16:59:25.0119 0308 drmkaud - ok16:59:25.0168 0308 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys16:59:25.0193 0308 DXGKrnl - ok16:59:25.0215 0308 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll16:59:25.0272 0308 EapHost - ok16:59:25.0386 0308 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys16:59:25.0528 0308 ebdrv - ok16:59:25.0570 0308 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe16:59:25.0610 0308 EFS - ok16:59:25.0693 0308 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe16:59:25.0751 0308 ehRecvr - ok16:59:25.0792 0308 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe16:59:25.0822 0308 ehSched - ok16:59:25.0976 0308 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys16:59:26.0017 0308 elxstor - ok16:59:26.0072 0308 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys16:59:26.0117 0308 enecir - ok16:59:26.0155 0308 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys16:59:26.0196 0308 ErrDev - ok16:59:26.0249 0308 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll16:59:26.0312 0308 EventSystem - ok16:59:26.0352 0308 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys16:59:26.0416 0308 exfat - ok16:59:26.0452 0308 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys16:59:26.0517 0308 fastfat - ok16:59:26.0590 0308 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe16:59:26.0656 0308 Fax - ok16:59:26.0693 0308 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys16:59:26.0737 0308 fdc - ok16:59:26.0796 0308 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll16:59:26.0852 0308 fdPHost - ok16:59:26.0869 0308 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll16:59:26.0935 0308 FDResPub - ok16:59:26.0962 0308 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys16:59:26.0974 0308 FileInfo - ok16:59:26.0987 0308 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys16:59:27.0052 0308 Filetrace - ok16:59:27.0082 0308 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys16:59:27.0112 0308 flpydisk - ok16:59:27.0154 0308 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys16:59:27.0170 0308 FltMgr - ok16:59:27.0222 0308 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll16:59:27.0295 0308 FontCache - ok16:59:27.0439 0308 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe16:59:27.0447 0308 FontCache3.0.0.0 - ok16:59:27.0466 0308 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys16:59:27.0477 0308 FsDepends - ok16:59:27.0498 0308 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys16:59:27.0508 0308 Fs_Rec - ok16:59:27.0576 0308 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys16:59:27.0593 0308 fvevol - ok16:59:27.0647 0308 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys16:59:27.0659 0308 gagp30kx - ok16:59:27.0785 0308 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe16:59:27.0803 0308 GamesAppService - ok16:59:27.0861 0308 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys16:59:27.0872 0308 GEARAspiWDM - ok16:59:27.0940 0308 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll16:59:28.0002 0308 gpsvc - ok16:59:28.0080 0308 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe16:59:28.0095 0308 gupdate - ok16:59:28.0124 0308 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe16:59:28.0133 0308 gupdatem - ok16:59:28.0201 0308 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys16:59:28.0247 0308 hcw85cir - ok16:59:28.0298 0308 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys16:59:28.0339 0308 HDAudBus - ok16:59:28.0377 0308 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys16:59:28.0417 0308 HidBatt - ok16:59:28.0456 0308 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys16:59:28.0503 0308 HidBth - ok16:59:28.0533 0308 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys16:59:28.0583 0308 HidIr - ok16:59:28.0619 0308 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll16:59:28.0687 0308 hidserv - ok16:59:28.0740 0308 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys16:59:28.0783 0308 HidUsb - ok16:59:28.0827 0308 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll16:59:28.0911 0308 hkmsvc - ok16:59:28.0952 0308 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll16:59:28.0987 0308 HomeGroupListener - ok16:59:29.0027 0308 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll16:59:29.0058 0308 HomeGroupProvider - ok16:59:29.0192 0308 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe16:59:29.0198 0308 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning16:59:29.0198 0308 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)16:59:29.0269 0308 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys16:59:29.0278 0308 hpdskflt - ok16:59:29.0339 0308 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys16:59:29.0377 0308 HpqKbFiltr - ok16:59:29.0475 0308 hpqwmiex (188ff0adf66768d53ad94f43972e1e9a) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe16:59:29.0539 0308 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning16:59:29.0539 0308 hpqwmiex - detected UnsignedFile.Multi.Generic (1)16:59:29.0604 0308 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys16:59:29.0624 0308 HpSAMD - ok16:59:29.0676 0308 hpsrv (6bf024ea61d7894bf4af0b10a90b546e) C:\Windows\system32\Hpservice.exe16:59:29.0688 0308 hpsrv - ok16:59:29.0730 0308 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys16:59:29.0805 0308 HTTP - ok16:59:29.0841 0308 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys16:59:29.0851 0308 hwpolicy - ok16:59:29.0900 0308 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys16:59:29.0915 0308 i8042prt - ok16:59:29.0982 0308 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys16:59:30.0006 0308 iaStorV - ok16:59:30.0132 0308 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe16:59:30.0148 0308 IDriverT ( UnsignedFile.Multi.Generic ) - warning16:59:30.0149 0308 IDriverT - detected UnsignedFile.Multi.Generic (1)16:59:30.0301 0308 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe16:59:30.0357 0308 idsvc - ok16:59:30.0594 0308 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys16:59:30.0818 0308 igfx - ok16:59:30.0900 0308 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys16:59:30.0919 0308 iirsp - ok16:59:30.0998 0308 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll16:59:31.0116 0308 IKEEXT - ok16:59:31.0177 0308 IntcHdmiAddService (be1cb000c655396c9def09aee3ea2d67) C:\Windows\system32\drivers\IntcHdmi.sys16:59:31.0216 0308 IntcHdmiAddService - ok16:59:31.0250 0308 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys16:59:31.0260 0308 intelide - ok16:59:31.0315 0308 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys16:59:31.0362 0308 intelppm - ok16:59:31.0412 0308 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll16:59:31.0498 0308 IPBusEnum - ok16:59:31.0534 0308 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys16:59:31.0572 0308 IpFilterDriver - ok16:59:31.0595 0308 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys16:59:31.0635 0308 IPMIDRV - ok16:59:31.0690 0308 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys16:59:31.0746 0308 IPNAT - ok16:59:31.0859 0308 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe16:59:31.0889 0308 iPod Service - ok16:59:31.0951 0308 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys16:59:31.0968 0308 IRENUM - ok16:59:31.0992 0308 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys16:59:32.0004 0308 isapnp - ok16:59:32.0055 0308 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys16:59:32.0070 0308 iScsiPrt - ok16:59:32.0128 0308 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys16:59:32.0139 0308 kbdclass - ok16:59:32.0183 0308 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys16:59:32.0222 0308 kbdhid - ok16:59:32.0264 0308 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe16:59:32.0286 0308 KeyIso - ok16:59:32.0303 0308 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys16:59:32.0316 0308 KSecDD - ok16:59:32.0339 0308 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys16:59:32.0351 0308 KSecPkg - ok16:59:32.0374 0308 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys16:59:32.0434 0308 ksthunk - ok16:59:32.0497 0308 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll16:59:32.0556 0308 KtmRm - ok16:59:32.0610 0308 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll16:59:32.0646 0308 LanmanServer - ok16:59:32.0719 0308 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll16:59:32.0789 0308 LanmanWorkstation - ok16:59:32.0946 0308 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe16:59:32.0963 0308 LightScribeService ( UnsignedFile.Multi.Generic ) - warning16:59:32.0963 0308 LightScribeService - detected UnsignedFile.Multi.Generic (1)16:59:33.0063 0308 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys16:59:33.0130 0308 lltdio - ok16:59:33.0203 0308 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll16:59:33.0282 0308 lltdsvc - ok16:59:33.0311 0308 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll16:59:33.0349 0308 lmhosts - ok16:59:33.0403 0308 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys16:59:33.0415 0308 LSI_FC - ok16:59:33.0433 0308 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys16:59:33.0445 0308 LSI_SAS - ok16:59:33.0460 0308 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys16:59:33.0472 0308 LSI_SAS2 - ok16:59:33.0491 0308 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys16:59:33.0504 0308 LSI_SCSI - ok16:59:33.0555 0308 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys16:59:33.0611 0308 luafv - ok16:59:33.0653 0308 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll16:59:33.0703 0308 Mcx2Svc - ok16:59:33.0737 0308 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys16:59:33.0748 0308 megasas - ok16:59:33.0776 0308 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys16:59:33.0792 0308 MegaSR - ok16:59:33.0816 0308 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll16:59:33.0879 0308 MMCSS - ok16:59:33.0914 0308 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys16:59:33.0971 0308 Modem - ok16:59:34.0024 0308 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys16:59:34.0041 0308 monitor - ok16:59:34.0088 0308 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys16:59:34.0099 0308 mouclass - ok16:59:34.0161 0308 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys16:59:34.0196 0308 mouhid - ok16:59:34.0235 0308 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys16:59:34.0247 0308 mountmgr - ok16:59:34.0268 0308 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys16:59:34.0283 0308 mpio - ok16:59:34.0300 0308 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys16:59:34.0340 0308 mpsdrv - ok16:59:34.0361 0308 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys16:59:34.0399 0308 MRxDAV - ok16:59:34.0454 0308 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys16:59:34.0483 0308 mrxsmb - ok16:59:34.0544 0308 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys16:59:34.0621 0308 mrxsmb10 - ok16:59:34.0770 0308 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys16:59:34.0820 0308 mrxsmb20 - ok16:59:34.0871 0308 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys16:59:34.0888 0308 msahci - ok16:59:34.0935 0308 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys16:59:34.0956 0308 msdsm - ok16:59:35.0006 0308 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe16:59:35.0052 0308 MSDTC - ok16:59:35.0097 0308 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys16:59:35.0170 0308 Msfs - ok16:59:35.0202 0308 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys16:59:35.0239 0308 mshidkmdf - ok16:59:35.0252 0308 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys16:59:35.0263 0308 msisadrv - ok16:59:35.0337 0308 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll16:59:35.0410 0308 MSiSCSI - ok16:59:35.0419 0308 msiserver - ok16:59:35.0458 0308 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys16:59:35.0528 0308 MSKSSRV - ok16:59:35.0573 0308 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys16:59:35.0639 0308 MSPCLOCK - ok16:59:35.0666 0308 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys16:59:35.0737 0308 MSPQM - ok16:59:35.0774 0308 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys16:59:35.0791 0308 MsRPC - ok16:59:35.0815 0308 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys16:59:35.0826 0308 mssmbios - ok16:59:35.0846 0308 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys16:59:35.0919 0308 MSTEE - ok16:59:35.0956 0308 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys16:59:35.0992 0308 MTConfig - ok16:59:36.0027 0308 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys16:59:36.0037 0308 Mup - ok16:59:36.0083 0308 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll16:59:36.0147 0308 napagent - ok16:59:36.0208 0308 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys16:59:36.0248 0308 NativeWifiP - ok16:59:36.0313 0308 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys16:59:36.0351 0308 NDIS - ok16:59:36.0371 0308 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys16:59:36.0429 0308 NdisCap - ok16:59:36.0479 0308 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys16:59:36.0545 0308 NdisTapi - ok16:59:36.0590 0308 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys16:59:36.0644 0308 Ndisuio - ok16:59:36.0678 0308 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys16:59:36.0720 0308 NdisWan - ok16:59:36.0741 0308 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys16:59:36.0798 0308 NDProxy - ok16:59:36.0834 0308 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys16:59:36.0911 0308 NetBIOS - ok16:59:36.0948 0308 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys16:59:37.0017 0308 NetBT - ok16:59:37.0056 0308 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe16:59:37.0070 0308 Netlogon - ok16:59:37.0134 0308 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll16:59:37.0182 0308 Netman - ok16:59:37.0254 0308 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll16:59:37.0346 0308 netprofm - ok16:59:37.0492 0308 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe16:59:37.0508 0308 NetTcpPortSharing - ok16:59:37.0588 0308 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys16:59:37.0608 0308 nfrd960 - ok16:59:37.0680 0308 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll16:59:37.0772 0308 NlaSvc - ok16:59:37.0803 0308 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys16:59:37.0886 0308 Npfs - ok16:59:37.0922 0308 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll16:59:37.0960 0308 nsi - ok16:59:37.0980 0308 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys16:59:38.0038 0308 nsiproxy - ok16:59:38.0116 0308 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys16:59:38.0198 0308 Ntfs - ok16:59:38.0219 0308 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys16:59:38.0273 0308 Null - ok16:59:38.0314 0308 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys16:59:38.0327 0308 nvraid - ok16:59:38.0352 0308 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys16:59:38.0366 0308 nvstor - ok16:59:38.0417 0308 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys16:59:38.0430 0308 nv_agp - ok16:59:38.0556 0308 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE16:59:38.0577 0308 odserv - ok16:59:38.0603 0308 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys16:59:38.0640 0308 ohci1394 - ok16:59:38.0712 0308 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE16:59:38.0730 0308 ose - ok16:59:38.0790 0308 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll16:59:38.0819 0308 p2pimsvc - ok16:59:38.0863 0308 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll16:59:38.0924 0308 p2psvc - ok16:59:38.0996 0308 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys16:59:39.0019 0308 Parport - ok16:59:39.0037 0308 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys16:59:39.0048 0308 partmgr - ok16:59:39.0067 0308 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll16:59:39.0115 0308 PcaSvc - ok16:59:39.0152 0308 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys16:59:39.0166 0308 pci - ok16:59:39.0179 0308 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys16:59:39.0190 0308 pciide - ok16:59:39.0211 0308 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys16:59:39.0226 0308 pcmcia - ok16:59:39.0245 0308 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys16:59:39.0256 0308 pcw - ok16:59:39.0296 0308 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys16:59:39.0376 0308 PEAUTH - ok16:59:39.0483 0308 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe16:59:39.0527 0308 PerfHost - ok16:59:39.0613 0308 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll16:59:39.0713 0308 pla - ok16:59:39.0774 0308 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll16:59:39.0841 0308 PlugPlay - ok16:59:39.0872 0308 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll16:59:39.0914 0308 PNRPAutoReg - ok16:59:39.0957 0308 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll16:59:39.0973 0308 PNRPsvc - ok16:59:40.0028 0308 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll16:59:40.0093 0308 PolicyAgent - ok16:59:40.0137 0308 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll16:59:40.0213 0308 Power - ok16:59:40.0302 0308 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys16:59:40.0382 0308 PptpMiniport - ok16:59:40.0435 0308 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys16:59:40.0476 0308 Processor - ok16:59:40.0536 0308 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll16:59:40.0620 0308 ProfSvc - ok16:59:40.0658 0308 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe16:59:40.0672 0308 ProtectedStorage - ok16:59:40.0740 0308 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys16:59:40.0826 0308 Psched - ok16:59:40.0907 0308 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys16:59:40.0987 0308 ql2300 - ok16:59:41.0013 0308 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys16:59:41.0025 0308 ql40xx - ok16:59:41.0075 0308 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll16:59:41.0119 0308 QWAVE - ok16:59:41.0151 0308 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys16:59:41.0189 0308 QWAVEdrv - ok16:59:41.0220 0308 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys16:59:41.0257 0308 RasAcd - ok16:59:41.0313 0308 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys16:59:41.0398 0308 RasAgileVpn - ok16:59:41.0429 0308 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll16:59:41.0500 0308 RasAuto - ok16:59:41.0530 0308 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys16:59:41.0588 0308 Rasl2tp - ok16:59:41.0628 0308 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll16:59:41.0671 0308 RasMan - ok16:59:41.0696 0308 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys16:59:41.0761 0308 RasPppoe - ok16:59:41.0800 0308 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys16:59:41.0859 0308 RasSstp - ok16:59:41.0893 0308 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys16:59:41.0957 0308 rdbss - ok16:59:41.0994 0308 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys16:59:42.0034 0308 rdpbus - ok16:59:42.0070 0308 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys16:59:42.0146 0308 RDPCDD - ok16:59:42.0199 0308 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys16:59:42.0275 0308 RDPENCDD - ok16:59:42.0308 0308 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys16:59:42.0345 0308 RDPREFMP - ok16:59:42.0380 0308 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys16:59:42.0424 0308 RDPWD - ok16:59:42.0463 0308 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys16:59:42.0477 0308 rdyboost - ok16:59:42.0612 0308 Recovery Service for Windows (bc0a4d47472b042537f4e57b950415fa) C:\Program Files (x86)\SMINST\BLService.exe16:59:42.0627 0308 Recovery Service for Windows - ok16:59:42.0678 0308 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll16:59:42.0724 0308 RemoteAccess - ok16:59:42.0768 0308 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll16:59:42.0808 0308 RemoteRegistry - ok16:59:42.0935 0308 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe16:59:42.0945 0308 RichVideo ( UnsignedFile.Multi.Generic ) - warning16:59:42.0945 0308 RichVideo - detected UnsignedFile.Multi.Generic (1)16:59:42.0976 0308 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll16:59:43.0051 0308 RpcEptMapper - ok16:59:43.0098 0308 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe16:59:43.0143 0308 RpcLocator - ok16:59:43.0193 0308 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll16:59:43.0247 0308 RpcSs - ok16:59:43.0330 0308 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys16:59:43.0411 0308 rspndr - ok16:59:43.0485 0308 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys16:59:43.0543 0308 RTL8169 - ok16:59:43.0577 0308 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS16:59:43.0588 0308 RTSTOR - ok16:59:43.0616 0308 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe16:59:43.0629 0308 SamSs - ok16:59:43.0647 0308 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys16:59:43.0660 0308 sbp2port - ok16:59:43.0704 0308 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll16:59:43.0767 0308 SCardSvr - ok16:59:43.0797 0308 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys16:59:43.0865 0308 scfilter - ok16:59:43.0940 0308 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll16:59:44.0003 0308 Schedule - ok16:59:44.0040 0308 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll16:59:44.0076 0308 SCPolicySvc - ok16:59:44.0119 0308 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll16:59:44.0183 0308 SDRSVC - ok16:59:44.0270 0308 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys16:59:44.0348 0308 secdrv - ok16:59:44.0381 0308 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll16:59:44.0419 0308 seclogon - ok16:59:44.0436 0308 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll16:59:44.0475 0308 SENS - ok16:59:44.0495 0308 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll16:59:44.0528 0308 SensrSvc - ok16:59:44.0565 0308 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys16:59:44.0578 0308 Serenum - ok16:59:44.0621 0308 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys16:59:44.0655 0308 Serial - ok16:59:44.0682 0308 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys16:59:44.0696 0308 sermouse - ok16:59:44.0716 0308 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll16:59:44.0757 0308 SessionEnv - ok16:59:44.0778 0308 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys16:59:44.0793 0308 sffdisk - ok16:59:44.0828 0308 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys16:59:44.0843 0308 sffp_mmc - ok16:59:44.0860 0308 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys16:59:44.0897 0308 sffp_sd - ok16:59:44.0924 0308 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys16:59:44.0937 0308 sfloppy - ok16:59:44.0991 0308 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll16:59:45.0063 0308 SharedAccess - ok16:59:45.0097 0308 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll16:59:45.0140 0308 ShellHWDetection - ok16:59:45.0194 0308 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys16:59:45.0212 0308 SiSRaid2 - ok16:59:45.0236 0308 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys16:59:45.0256 0308 SiSRaid4 - ok16:59:45.0311 0308 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys16:59:45.0393 0308 Smb - ok16:59:45.0458 0308 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe16:59:45.0504 0308 SNMPTRAP - ok16:59:45.0544 0308 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys16:59:45.0561 0308 spldr - ok16:59:45.0602 0308 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe16:59:45.0663 0308 Spooler - ok16:59:45.0782 0308 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe16:59:45.0939 0308 sppsvc - ok16:59:45.0971 0308 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll16:59:46.0031 0308 sppuinotify - ok16:59:46.0099 0308 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys16:59:46.0179 0308 srv - ok16:59:46.0208 0308 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys16:59:46.0253 0308 srv2 - ok16:59:46.0287 0308 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys16:59:46.0331 0308 srvnet - ok16:59:46.0391 0308 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll16:59:46.0474 0308 SSDPSRV - ok16:59:46.0509 0308 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll16:59:46.0583 0308 SstpSvc - ok16:59:46.0704 0308 STacSV (a400c503b256cd7c8289b2a943370415) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\STacSV64.exe16:59:46.0750 0308 STacSV - ok16:59:46.0827 0308 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys16:59:46.0845 0308 stexstor - ok16:59:46.0898 0308 STHDA (0c2bf91cdc0575f5713a4d2d5118bc06) C:\Windows\system32\DRIVERS\stwrt64.sys16:59:46.0916 0308 STHDA - ok16:59:46.0987 0308 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll16:59:47.0044 0308 stisvc - ok16:59:47.0081 0308 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys16:59:47.0091 0308 swenum - ok16:59:47.0147 0308 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll16:59:47.0194 0308 swprv - ok16:59:47.0266 0308 SynTP (5bfcf934891022e15404befe0f5ece9f) C:\Windows\system32\DRIVERS\SynTP.sys16:59:47.0279 0308 SynTP - ok16:59:47.0349 0308 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll16:59:47.0458 0308 SysMain - ok16:59:47.0495 0308 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll16:59:47.0534 0308 TabletInputService - ok16:59:47.0575 0308 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll16:59:47.0640 0308 TapiSrv - ok16:59:47.0677 0308 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll16:59:47.0753 0308 TBS - ok16:59:47.0849 0308 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys16:59:47.0943 0308 Tcpip - ok16:59:48.0025 0308 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys16:59:48.0065 0308 TCPIP6 - ok16:59:48.0116 0308 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys16:59:48.0172 0308 tcpipreg - ok16:59:48.0219 0308 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys16:59:48.0253 0308 TDPIPE - ok16:59:48.0285 0308 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys16:59:48.0321 0308 TDTCP - ok16:59:48.0357 0308 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys16:59:48.0427 0308 tdx - ok16:59:48.0461 0308 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys16:59:48.0472 0308 TermDD - ok16:59:48.0537 0308 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll16:59:48.0627 0308 TermService - ok16:59:48.0658 0308 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll16:59:48.0711 0308 Themes - ok16:59:48.0760 0308 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll16:59:48.0798 0308 THREADORDER - ok16:59:48.0820 0308 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll16:59:48.0885 0308 TrkWks - ok16:59:48.0966 0308 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe16:59:49.0013 0308 TrustedInstaller - ok16:59:49.0086 0308 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys16:59:49.0169 0308 tssecsrv - ok16:59:49.0223 0308 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys16:59:49.0262 0308 tunnel - ok16:59:49.0479 0308 TVCapSvc (1c31169dddc70c1605f703da701eaeea) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe16:59:49.0499 0308 TVCapSvc - ok16:59:49.0508 0308 TVSched (290b8c381dbc15d3dbcbd2bdb6b0ba12) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe16:59:49.0522 0308 TVSched - ok16:59:49.0560 0308 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys16:59:49.0572 0308 uagp35 - ok16:59:49.0600 0308 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys16:59:49.0663 0308 udfs - ok16:59:49.0723 0308 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe16:59:49.0748 0308 UI0Detect - ok16:59:49.0793 0308 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys16:59:49.0804 0308 uliagpkx - ok16:59:49.0862 0308 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys16:59:49.0901 0308 umbus - ok16:59:49.0937 0308 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys16:59:49.0977 0308 UmPass - ok16:59:50.0017 0308 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll16:59:50.0060 0308 upnphost - ok16:59:50.0125 0308 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys16:59:50.0156 0308 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning16:59:50.0156 0308 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)16:59:50.0202 0308 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys16:59:50.0224 0308 usbccgp - ok16:59:50.0245 0308 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys16:59:50.0292 0308 usbcir - ok16:59:50.0335 0308 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys16:59:50.0348 0308 usbehci - ok16:59:50.0399 0308 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys16:59:50.0447 0308 usbhub - ok16:59:50.0481 0308 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys16:59:50.0524 0308 usbohci - ok16:59:50.0556 0308 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys16:59:50.0572 0308 usbprint - ok16:59:50.0594 0308 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS16:59:50.0607 0308 USBSTOR - ok16:59:50.0625 0308 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys16:59:50.0657 0308 usbuhci - ok16:59:50.0718 0308 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys16:59:50.0793 0308 usbvideo - ok16:59:50.0828 0308 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll16:59:50.0866 0308 UxSms - ok16:59:50.0888 0308 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe16:59:50.0901 0308 VaultSvc - ok16:59:50.0983 0308 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys16:59:51.0000 0308 vdrvroot - ok16:59:51.0031 0308 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe16:59:51.0093 0308 vds - ok16:59:51.0142 0308 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys16:59:51.0160 0308 vga - ok16:59:51.0183 0308 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys16:59:51.0245 0308 VgaSave - ok16:59:51.0280 0308 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys16:59:51.0295 0308 vhdmp - ok16:59:51.0318 0308 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys16:59:51.0329 0308 viaide - ok16:59:51.0350 0308 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys16:59:51.0362 0308 volmgr - ok16:59:51.0392 0308 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys16:59:51.0409 0308 volmgrx - ok16:59:51.0429 0308 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys16:59:51.0445 0308 volsnap - ok16:59:51.0500 0308 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys16:59:51.0515 0308 vsmraid - ok16:59:51.0613 0308 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe16:59:51.0704 0308 VSS - ok16:59:51.0740 0308 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys16:59:51.0777 0308 vwifibus - ok16:59:51.0814 0308 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll16:59:51.0858 0308 W32Time - ok16:59:51.0884 0308 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys16:59:51.0897 0308 WacomPen - ok16:59:51.0965 0308 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys16:59:52.0047 0308 WANARP - ok16:59:52.0063 0308 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys16:59:52.0101 0308 Wanarpv6 - ok16:59:52.0201 0308 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe16:59:52.0264 0308 WatAdminSvc - ok16:59:52.0344 0308 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe16:59:52.0421 0308 wbengine - ok16:59:52.0441 0308 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll16:59:52.0481 0308 WbioSrvc - ok16:59:52.0532 0308 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll16:59:52.0551 0308 wcncsvc - ok16:59:52.0575 0308 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll16:59:52.0637 0308 WcsPlugInService - ok16:59:52.0693 0308 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys16:59:52.0711 0308 Wd - ok16:59:52.0749 0308 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys16:59:52.0781 0308 Wdf01000 - ok16:59:52.0810 0308 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll16:59:52.0847 0308 WdiServiceHost - ok16:59:52.0852 0308 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll16:59:52.0872 0308 WdiSystemHost - ok16:59:52.0923 0308 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll16:59:52.0981 0308 WebClient - ok16:59:53.0018 0308 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll16:59:53.0086 0308 Wecsvc - ok16:59:53.0136 0308 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll16:59:53.0199 0308 wercplsupport - ok16:59:53.0255 0308 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll16:59:53.0321 0308 WerSvc - ok16:59:53.0403 0308 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys16:59:53.0447 0308 WfpLwf - ok16:59:53.0463 0308 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys16:59:53.0473 0308 WIMMount - ok16:59:53.0480 0308 WinHttpAutoProxySvc - ok16:59:53.0564 0308 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll16:59:53.0618 0308 Winmgmt - ok16:59:53.0711 0308 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll16:59:53.0839 0308 WinRM - ok16:59:53.0924 0308 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys16:59:53.0946 0308 WinUsb - ok16:59:54.0011 0308 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll16:59:54.0080 0308 Wlansvc - ok16:59:54.0133 0308 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys16:59:54.0175 0308 WmiAcpi - ok16:59:54.0259 0308 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe16:59:54.0287 0308 wmiApSrv - ok16:59:54.0370 0308 WMPNetworkSvc - ok16:59:54.0412 0308 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll16:59:54.0435 0308 WPCSvc - ok16:59:54.0454 0308 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll16:59:54.0494 0308 WPDBusEnum - ok16:59:54.0635 0308 WPFFontCache_v0400 - ok16:59:54.0695 0308 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys16:59:54.0761 0308 ws2ifsl - ok16:59:54.0772 0308 WSearch - ok16:59:54.0869 0308 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll16:59:54.0992 0308 wuauserv - ok16:59:55.0015 0308 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys16:59:55.0081 0308 WudfPf - ok16:59:55.0168 0308 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys16:59:55.0216 0308 WUDFRd - ok16:59:55.0244 0308 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll16:59:55.0306 0308 wudfsvc - ok16:59:55.0336 0308 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll16:59:55.0376 0308 WwanSvc - ok16:59:55.0545 0308 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe16:59:55.0565 0308 YahooAUService - ok16:59:55.0673 0308 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl16:59:55.0688 0308 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok16:59:55.0727 0308 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR016:59:55.0882 0308 \Device\Harddisk0\DR0 ( TDSS File System ) - warning16:59:55.0882 0308 \Device\Harddisk0\DR0 - detected TDSS File System (1)16:59:55.0887 0308 Boot (0x1200) (d15ccac574f71726c34a3b3151b9ca5e) \Device\Harddisk0\DR0\Partition016:59:55.0889 0308 \Device\Harddisk0\DR0\Partition0 - ok16:59:55.0910 0308 Boot (0x1200) (3b6cb7abd56f4842f192eb2e335ade78) \Device\Harddisk0\DR0\Partition116:59:55.0911 0308 \Device\Harddisk0\DR0\Partition1 - ok16:59:55.0912 0308 ============================================================16:59:55.0912 0308 Scan finished16:59:55.0912 0308 ============================================================16:59:55.0934 3720 Detected object count: 716:59:55.0934 3720 Actual detected object count: 717:01:50.0808 3720 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user17:01:50.0808 3720 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip17:01:50.0810 3720 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user17:01:50.0810 3720 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip17:01:50.0813 3720 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user17:01:50.0813 3720 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip17:01:50.0816 3720 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user17:01:50.0816 3720 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip17:01:50.0818 3720 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user17:01:50.0818 3720 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip17:01:50.0823 3720 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user17:01:50.0823 3720 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip17:01:50.0939 3720 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine17:01:50.0941 3720 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine17:01:50.0944 3720 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine17:01:50.0948 3720 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine17:01:50.0960 3720 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine17:01:51.0031 3720 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine17:01:51.0032 3720 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine17:01:51.0035 3720 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine17:01:51.0036 3720 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine17:01:51.0038 3720 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine17:01:51.0040 3720 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine17:01:51.0041 3720 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine17:01:51.0041 3720 \Device\Harddisk0\DR0\TDLFS - deleted17:01:51.0041 3720 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete17:01:58.0025 3260 Deinitialize success Link to post Share on other sites More sharing options...
nicolep218 Posted April 4, 2012 Author ID:539724 Share Posted April 4, 2012 So far it's running good but in an hour or so I'll know more since that's when it acts up.Should I have had my external drive connected? Link to post Share on other sites More sharing options...
LDTate Posted April 4, 2012 ID:539726 Share Posted April 4, 2012 Reboot and run TDSKiller again.We need to be sure that last one is gone.You can hook up the external if you like. Link to post Share on other sites More sharing options...
nicolep218 Posted April 4, 2012 Author ID:539730 Share Posted April 4, 2012 18:09:17.0021 4728 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:3218:09:17.0508 4728 ============================================================18:09:17.0508 4728 Current date / time: 2012/04/03 18:09:17.050818:09:17.0509 4728 SystemInfo:18:09:17.0509 4728 18:09:17.0509 4728 OS Version: 6.1.7600 ServicePack: 0.018:09:17.0509 4728 Product type: Workstation18:09:17.0509 4728 ComputerName: NICOLE-PC18:09:17.0509 4728 UserName: Nicole18:09:17.0509 4728 Windows directory: C:\Windows18:09:17.0509 4728 System windows directory: C:\Windows18:09:17.0509 4728 Running under WOW6418:09:17.0509 4728 Processor architecture: Intel x6418:09:17.0509 4728 Number of processors: 218:09:17.0509 4728 Page size: 0x100018:09:17.0509 4728 Boot type: Normal boot18:09:17.0509 4728 ============================================================18:09:20.0089 4728 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004018:09:20.0093 4728 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'18:09:20.0096 4728 \Device\Harddisk0\DR0:18:09:20.0096 4728 MBR used18:09:20.0096 4728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23A1A80018:09:20.0096 4728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23A1B000, BlocksNum 0x1A1200018:09:20.0096 4728 \Device\Harddisk1\DR1:18:09:20.0097 4728 MBR used18:09:20.0097 4728 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C0218:09:20.0185 4728 Initialize success18:09:20.0185 4728 ============================================================18:09:38.0466 5040 ============================================================18:09:38.0466 5040 Scan started18:09:38.0466 5040 Mode: Manual; SigCheck; TDLFS;18:09:38.0466 5040 ============================================================18:09:40.0085 5040 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys18:09:40.0224 5040 1394ohci - ok18:09:40.0302 5040 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys18:09:40.0312 5040 Accelerometer - ok18:09:40.0370 5040 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys18:09:40.0389 5040 ACPI - ok18:09:40.0442 5040 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys18:09:40.0530 5040 AcpiPmi - ok18:09:40.0618 5040 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys18:09:40.0640 5040 adp94xx - ok18:09:40.0675 5040 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys18:09:40.0693 5040 adpahci - ok18:09:40.0725 5040 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys18:09:40.0742 5040 adpu320 - ok18:09:40.0797 5040 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll18:09:40.0965 5040 AeLookupSvc - ok18:09:41.0094 5040 AESTFilters (7f66523a27754afcfecae2f5eb643a4a) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\AESTSr64.exe18:09:41.0177 5040 AESTFilters - ok18:09:41.0290 5040 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys18:09:41.0367 5040 AFD - ok18:09:41.0463 5040 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys18:09:41.0579 5040 AgereSoftModem - ok18:09:41.0642 5040 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys18:09:41.0656 5040 agp440 - ok18:09:41.0732 5040 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe18:09:41.0789 5040 ALG - ok18:09:41.0845 5040 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys18:09:41.0858 5040 aliide - ok18:09:41.0881 5040 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys18:09:41.0894 5040 amdide - ok18:09:41.0953 5040 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys18:09:41.0992 5040 AmdK8 - ok18:09:42.0032 5040 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys18:09:42.0078 5040 AmdPPM - ok18:09:42.0134 5040 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys18:09:42.0149 5040 amdsata - ok18:09:42.0210 5040 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys18:09:42.0233 5040 amdsbs - ok18:09:42.0256 5040 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys18:09:42.0269 5040 amdxata - ok18:09:42.0308 5040 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys18:09:42.0409 5040 AppID - ok18:09:42.0456 5040 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll18:09:42.0537 5040 AppIDSvc - ok18:09:42.0592 5040 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll18:09:42.0677 5040 Appinfo - ok18:09:42.0881 5040 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe18:09:42.0893 5040 Apple Mobile Device - ok18:09:43.0089 5040 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys18:09:43.0104 5040 arc - ok18:09:43.0142 5040 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys18:09:43.0157 5040 arcsas - ok18:09:43.0223 5040 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys18:09:43.0303 5040 AsyncMac - ok18:09:43.0346 5040 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys18:09:43.0356 5040 atapi - ok18:09:43.0434 5040 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll18:09:43.0513 5040 AudioEndpointBuilder - ok18:09:43.0529 5040 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll18:09:43.0575 5040 AudioSrv - ok18:09:43.0647 5040 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll18:09:43.0745 5040 AxInstSV - ok18:09:43.0847 5040 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys18:09:43.0891 5040 b06bdrv - ok18:09:43.0978 5040 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys18:09:44.0019 5040 b57nd60a - ok18:09:44.0121 5040 BCM43XX (f509c4fd2eba6af4fd8794aeb6f3efb7) C:\Windows\system32\DRIVERS\bcmwl664.sys18:09:44.0199 5040 BCM43XX - ok18:09:44.0252 5040 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll18:09:44.0293 5040 BDESVC - ok18:09:44.0337 5040 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys18:09:44.0397 5040 Beep - ok18:09:44.0457 5040 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll18:09:44.0545 5040 BITS - ok18:09:44.0606 5040 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys18:09:44.0649 5040 blbdrive - ok18:09:44.0772 5040 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe18:09:44.0789 5040 Bonjour Service - ok18:09:44.0843 5040 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys18:09:44.0907 5040 bowser - ok18:09:44.0934 5040 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys18:09:44.0980 5040 BrFiltLo - ok18:09:45.0016 5040 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys18:09:45.0054 5040 BrFiltUp - ok18:09:45.0129 5040 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll18:09:45.0190 5040 Browser - ok18:09:45.0230 5040 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys18:09:45.0275 5040 Brserid - ok18:09:45.0317 5040 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys18:09:45.0364 5040 BrSerWdm - ok18:09:45.0393 5040 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys18:09:45.0518 5040 BrUsbMdm - ok18:09:45.0561 5040 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys18:09:45.0799 5040 BrUsbSer - ok18:09:46.0107 5040 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys18:09:46.0298 5040 BTHMODEM - ok18:09:46.0600 5040 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll18:09:46.0699 5040 bthserv - ok18:09:46.0797 5040 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys18:09:46.0873 5040 cdfs - ok18:09:46.0955 5040 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys18:09:46.0978 5040 cdrom - ok18:09:47.0197 5040 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll18:09:47.0392 5040 CertPropSvc - ok18:09:47.0689 5040 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys18:09:47.0809 5040 circlass - ok18:09:47.0892 5040 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys18:09:47.0910 5040 CLFS - ok18:09:48.0080 5040 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe18:09:48.0092 5040 clr_optimization_v2.0.50727_32 - ok18:09:48.0231 5040 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe18:09:48.0242 5040 clr_optimization_v2.0.50727_64 - ok18:09:48.0391 5040 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe18:09:48.0427 5040 clr_optimization_v4.0.30319_32 - ok18:09:48.0577 5040 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe18:09:48.0633 5040 clr_optimization_v4.0.30319_64 - ok18:09:48.0902 5040 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys18:09:48.0935 5040 CmBatt - ok18:09:49.0000 5040 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys18:09:49.0012 5040 cmdide - ok18:09:49.0079 5040 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys18:09:49.0147 5040 CNG - ok18:09:49.0536 5040 Com4QLBEx (12e94e225bd7b05a2bccd5c0b841e921) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe18:09:49.0549 5040 Com4QLBEx - ok18:09:49.0918 5040 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys18:09:49.0930 5040 Compbatt - ok18:09:50.0386 5040 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys18:09:50.0619 5040 CompositeBus - ok18:09:50.0796 5040 COMSysApp - ok18:09:50.0903 5040 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys18:09:50.0917 5040 crcdisk - ok18:09:51.0014 5040 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll18:09:51.0091 5040 CryptSvc - ok18:09:51.0198 5040 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll18:09:51.0302 5040 DcomLaunch - ok18:09:51.0458 5040 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll18:09:51.0527 5040 defragsvc - ok18:09:51.0811 5040 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys18:09:51.0887 5040 DfsC - ok18:09:52.0228 5040 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll18:09:52.0390 5040 Dhcp - ok18:09:52.0691 5040 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys18:09:52.0810 5040 discache - ok18:09:53.0462 5040 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys18:09:53.0477 5040 Disk - ok18:09:53.0687 5040 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll18:09:53.0730 5040 Dnscache - ok18:09:54.0231 5040 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll18:09:54.0342 5040 dot3svc - ok18:09:54.0483 5040 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll18:09:54.0603 5040 DPS - ok18:09:54.0742 5040 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys18:09:54.0767 5040 drmkaud - ok18:09:54.0834 5040 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys18:09:54.0865 5040 DXGKrnl - ok18:09:54.0913 5040 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll18:09:54.0992 5040 EapHost - ok18:09:55.0128 5040 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys18:09:55.0267 5040 ebdrv - ok18:09:55.0312 5040 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe18:09:55.0352 5040 EFS - ok18:09:55.0433 5040 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe18:09:55.0483 5040 ehRecvr - ok18:09:55.0535 5040 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe18:09:55.0580 5040 ehSched - ok18:09:55.0774 5040 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys18:09:55.0813 5040 elxstor - ok18:09:55.0881 5040 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys18:09:55.0951 5040 enecir - ok18:09:55.0976 5040 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys18:09:56.0022 5040 ErrDev - ok18:09:56.0092 5040 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll18:09:56.0259 5040 EventSystem - ok18:09:56.0306 5040 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys18:09:56.0373 5040 exfat - ok18:09:56.0417 5040 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys18:09:56.0486 5040 fastfat - ok18:09:56.0565 5040 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe18:09:56.0626 5040 Fax - ok18:09:56.0669 5040 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys18:09:56.0706 5040 fdc - ok18:09:56.0771 5040 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll18:09:56.0818 5040 fdPHost - ok18:09:56.0845 5040 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll18:09:56.0908 5040 FDResPub - ok18:09:56.0949 5040 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys18:09:56.0961 5040 FileInfo - ok18:09:56.0985 5040 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys18:09:57.0057 5040 Filetrace - ok18:09:57.0125 5040 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys18:09:57.0167 5040 flpydisk - ok18:09:57.0208 5040 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys18:09:57.0226 5040 FltMgr - ok18:09:57.0290 5040 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll18:09:57.0374 5040 FontCache - ok18:09:57.0593 5040 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe18:09:57.0604 5040 FontCache3.0.0.0 - ok18:09:57.0664 5040 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys18:09:57.0679 5040 FsDepends - ok18:09:57.0696 5040 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys18:09:57.0710 5040 Fs_Rec - ok18:09:57.0788 5040 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys18:09:57.0810 5040 fvevol - ok18:09:57.0868 5040 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys18:09:57.0883 5040 gagp30kx - ok18:09:58.0017 5040 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe18:09:58.0030 5040 GamesAppService - ok18:09:58.0081 5040 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys18:09:58.0091 5040 GEARAspiWDM - ok18:09:58.0161 5040 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll18:09:58.0227 5040 gpsvc - ok18:09:58.0311 5040 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe18:09:58.0324 5040 gupdate - ok18:09:58.0367 5040 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe18:09:58.0378 5040 gupdatem - ok18:09:58.0455 5040 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys18:09:58.0498 5040 hcw85cir - ok18:09:58.0552 5040 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys18:09:58.0594 5040 HDAudBus - ok18:09:58.0631 5040 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys18:09:58.0652 5040 HidBatt - ok18:09:58.0676 5040 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys18:09:58.0721 5040 HidBth - ok18:09:58.0765 5040 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys18:09:58.0813 5040 HidIr - ok18:09:58.0873 5040 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll18:09:58.0952 5040 hidserv - ok18:09:59.0016 5040 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys18:09:59.0060 5040 HidUsb - ok18:09:59.0114 5040 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll18:09:59.0183 5040 hkmsvc - ok18:09:59.0251 5040 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll18:09:59.0304 5040 HomeGroupListener - ok18:09:59.0359 5040 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll18:09:59.0390 5040 HomeGroupProvider - ok18:09:59.0549 5040 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe18:09:59.0557 5040 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning18:09:59.0557 5040 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)18:09:59.0634 5040 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys18:09:59.0642 5040 hpdskflt - ok18:09:59.0703 5040 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys18:09:59.0759 5040 HpqKbFiltr - ok18:09:59.0861 5040 hpqwmiex (188ff0adf66768d53ad94f43972e1e9a) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe18:09:59.0880 5040 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning18:09:59.0880 5040 hpqwmiex - detected UnsignedFile.Multi.Generic (1)18:09:59.0946 5040 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys18:09:59.0959 5040 HpSAMD - ok18:10:00.0018 5040 hpsrv (6bf024ea61d7894bf4af0b10a90b546e) C:\Windows\system32\Hpservice.exe18:10:00.0050 5040 hpsrv - ok18:10:00.0096 5040 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys18:10:00.0184 5040 HTTP - ok18:10:00.0227 5040 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys18:10:00.0239 5040 hwpolicy - ok18:10:00.0264 5040 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys18:10:00.0281 5040 i8042prt - ok18:10:00.0345 5040 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys18:10:00.0366 5040 iaStorV - ok18:10:00.0496 5040 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe18:10:00.0513 5040 IDriverT ( UnsignedFile.Multi.Generic ) - warning18:10:00.0513 5040 IDriverT - detected UnsignedFile.Multi.Generic (1)18:10:00.0686 5040 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe18:10:00.0723 5040 idsvc - ok18:10:00.0990 5040 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys18:10:01.0210 5040 igfx - ok18:10:01.0300 5040 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys18:10:01.0312 5040 iirsp - ok18:10:01.0406 5040 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll18:10:01.0513 5040 IKEEXT - ok18:10:01.0587 5040 IntcHdmiAddService (be1cb000c655396c9def09aee3ea2d67) C:\Windows\system32\drivers\IntcHdmi.sys18:10:01.0649 5040 IntcHdmiAddService - ok18:10:01.0704 5040 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys18:10:01.0719 5040 intelide - ok18:10:01.0780 5040 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys18:10:01.0824 5040 intelppm - ok18:10:01.0877 5040 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll18:10:01.0956 5040 IPBusEnum - ok18:10:01.0999 5040 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys18:10:02.0049 5040 IpFilterDriver - ok18:10:02.0083 5040 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys18:10:02.0126 5040 IPMIDRV - ok18:10:02.0200 5040 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys18:10:02.0279 5040 IPNAT - ok18:10:02.0424 5040 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe18:10:02.0475 5040 iPod Service - ok18:10:02.0594 5040 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys18:10:02.0616 5040 IRENUM - ok18:10:02.0658 5040 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys18:10:02.0675 5040 isapnp - ok18:10:02.0711 5040 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys18:10:02.0730 5040 iScsiPrt - ok18:10:02.0794 5040 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys18:10:02.0807 5040 kbdclass - ok18:10:02.0870 5040 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys18:10:02.0908 5040 kbdhid - ok18:10:02.0952 5040 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe18:10:02.0968 5040 KeyIso - ok18:10:02.0991 5040 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys18:10:03.0006 5040 KSecDD - ok18:10:03.0038 5040 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys18:10:03.0054 5040 KSecPkg - ok18:10:03.0084 5040 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys18:10:03.0153 5040 ksthunk - ok18:10:03.0218 5040 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll18:10:03.0311 5040 KtmRm - ok18:10:03.0375 5040 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll18:10:03.0414 5040 LanmanServer - ok18:10:03.0484 5040 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll18:10:03.0557 5040 LanmanWorkstation - ok18:10:03.0967 5040 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe18:10:03.0984 5040 LightScribeService ( UnsignedFile.Multi.Generic ) - warning18:10:03.0984 5040 LightScribeService - detected UnsignedFile.Multi.Generic (1)18:10:04.0576 5040 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys18:10:04.0675 5040 lltdio - ok18:10:04.0790 5040 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll18:10:04.0885 5040 lltdsvc - ok18:10:05.0043 5040 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll18:10:05.0098 5040 lmhosts - ok18:10:05.0713 5040 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys18:10:05.0763 5040 LSI_FC - ok18:10:06.0689 5040 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys18:10:06.0701 5040 LSI_SAS - ok18:10:07.0290 5040 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys18:10:07.0336 5040 LSI_SAS2 - ok18:10:07.0762 5040 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys18:10:07.0777 5040 LSI_SCSI - ok18:10:08.0034 5040 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys18:10:08.0168 5040 luafv - ok18:10:08.0487 5040 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll18:10:08.0600 5040 Mcx2Svc - ok18:10:09.0027 5040 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys18:10:09.0041 5040 megasas - ok18:10:09.0689 5040 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys18:10:09.0750 5040 MegaSR - ok18:10:10.0052 5040 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll18:10:10.0182 5040 MMCSS - ok18:10:10.0383 5040 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys18:10:10.0529 5040 Modem - ok18:10:10.0816 5040 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys18:10:10.0841 5040 monitor - ok18:10:11.0214 5040 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys18:10:11.0230 5040 mouclass - ok18:10:11.0742 5040 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys18:10:11.0757 5040 mouhid - ok18:10:11.0827 5040 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys18:10:11.0869 5040 mountmgr - ok18:10:11.0949 5040 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys18:10:11.0965 5040 mpio - ok18:10:12.0014 5040 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys18:10:12.0061 5040 mpsdrv - ok18:10:12.0120 5040 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys18:10:12.0190 5040 MRxDAV - ok18:10:12.0247 5040 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys18:10:12.0275 5040 mrxsmb - ok18:10:12.0347 5040 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys18:10:12.0446 5040 mrxsmb10 - ok18:10:12.0506 5040 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys18:10:12.0596 5040 mrxsmb20 - ok18:10:12.0719 5040 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys18:10:12.0732 5040 msahci - ok18:10:12.0802 5040 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys18:10:12.0817 5040 msdsm - ok18:10:12.0987 5040 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe18:10:13.0127 5040 MSDTC - ok18:10:13.0723 5040 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys18:10:13.0825 5040 Msfs - ok18:10:14.0540 5040 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys18:10:14.0597 5040 mshidkmdf - ok18:10:15.0346 5040 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys18:10:15.0360 5040 msisadrv - ok18:10:15.0590 5040 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll18:10:15.0677 5040 MSiSCSI - ok18:10:15.0709 5040 msiserver - ok18:10:16.0023 5040 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys18:10:16.0177 5040 MSKSSRV - ok18:10:17.0434 5040 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys18:10:17.0598 5040 MSPCLOCK - ok18:10:18.0017 5040 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys18:10:18.0152 5040 MSPQM - ok18:10:18.0726 5040 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys18:10:18.0745 5040 MsRPC - ok18:10:19.0212 5040 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys18:10:19.0223 5040 mssmbios - ok18:10:19.0765 5040 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys18:10:20.0263 5040 MSTEE - ok18:10:20.0820 5040 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys18:10:20.0927 5040 MTConfig - ok18:10:21.0606 5040 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys18:10:21.0618 5040 Mup - ok18:10:22.0391 5040 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll18:10:22.0571 5040 napagent - ok18:10:23.0085 5040 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys18:10:23.0160 5040 NativeWifiP - ok18:10:23.0716 5040 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys18:10:23.0773 5040 NDIS - ok18:10:24.0094 5040 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys18:10:24.0191 5040 NdisCap - ok18:10:24.0701 5040 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys18:10:24.0879 5040 NdisTapi - ok18:10:25.0557 5040 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys18:10:25.0700 5040 Ndisuio - ok18:10:26.0023 5040 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys18:10:26.0082 5040 NdisWan - ok18:10:26.0153 5040 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys18:10:26.0249 5040 NDProxy - ok18:10:26.0301 5040 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys18:10:26.0433 5040 NetBIOS - ok18:10:26.0494 5040 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys18:10:26.0632 5040 NetBT - ok18:10:26.0801 5040 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe18:10:26.0816 5040 Netlogon - ok18:10:26.0924 5040 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll18:10:26.0976 5040 Netman - ok18:10:27.0098 5040 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll18:10:27.0171 5040 netprofm - ok18:10:27.0448 5040 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe18:10:27.0461 5040 NetTcpPortSharing - ok18:10:27.0723 5040 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys18:10:27.0738 5040 nfrd960 - ok18:10:27.0825 5040 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll18:10:27.0918 5040 NlaSvc - ok18:10:28.0004 5040 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys18:10:28.0125 5040 Npfs - ok18:10:28.0178 5040 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll18:10:28.0233 5040 nsi - ok18:10:28.0303 5040 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys18:10:28.0374 5040 nsiproxy - ok18:10:28.0487 5040 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys18:10:28.0566 5040 Ntfs - ok18:10:28.0698 5040 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys18:10:28.0788 5040 Null - ok18:10:28.0949 5040 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys18:10:28.0967 5040 nvraid - ok18:10:29.0132 5040 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys18:10:29.0154 5040 nvstor - ok18:10:29.0274 5040 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys18:10:29.0291 5040 nv_agp - ok18:10:29.0580 5040 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE18:10:29.0604 5040 odserv - ok18:10:29.0927 5040 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys18:10:30.0010 5040 ohci1394 - ok18:10:30.0325 5040 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE18:10:30.0340 5040 ose - ok18:10:30.0725 5040 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll18:10:30.0748 5040 p2pimsvc - ok18:10:30.0799 5040 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll18:10:30.0894 5040 p2psvc - ok18:10:31.0076 5040 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys18:10:31.0095 5040 Parport - ok18:10:31.0150 5040 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys18:10:31.0165 5040 partmgr - ok18:10:31.0314 5040 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll18:10:31.0416 5040 PcaSvc - ok18:10:31.0800 5040 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys18:10:31.0817 5040 pci - ok18:10:32.0405 5040 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys18:10:32.0418 5040 pciide - ok18:10:32.0459 5040 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys18:10:32.0478 5040 pcmcia - ok18:10:32.0626 5040 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys18:10:32.0639 5040 pcw - ok18:10:33.0201 5040 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys18:10:33.0268 5040 PEAUTH - ok18:10:33.0521 5040 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe18:10:33.0558 5040 PerfHost - ok18:10:33.0729 5040 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll18:10:33.0832 5040 pla - ok18:10:33.0877 5040 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll18:10:33.0929 5040 PlugPlay - ok18:10:33.0965 5040 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll18:10:34.0025 5040 PNRPAutoReg - ok18:10:34.0072 5040 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll18:10:34.0090 5040 PNRPsvc - ok18:10:34.0156 5040 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll18:10:34.0217 5040 PolicyAgent - ok18:10:34.0275 5040 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll18:10:34.0347 5040 Power - ok18:10:34.0439 5040 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys18:10:34.0508 5040 PptpMiniport - ok18:10:34.0561 5040 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys18:10:34.0596 5040 Processor - ok18:10:34.0651 5040 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll18:10:34.0730 5040 ProfSvc - ok18:10:34.0773 5040 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe18:10:34.0791 5040 ProtectedStorage - ok18:10:34.0866 5040 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys18:10:34.0949 5040 Psched - ok18:10:35.0034 5040 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys18:10:35.0115 5040 ql2300 - ok18:10:35.0672 5040 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys18:10:35.0691 5040 ql40xx - ok18:10:35.0835 5040 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll18:10:35.0894 5040 QWAVE - ok18:10:35.0955 5040 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys18:10:35.0998 5040 QWAVEdrv - ok18:10:36.0036 5040 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys18:10:36.0114 5040 RasAcd - ok18:10:36.0183 5040 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys18:10:36.0346 5040 RasAgileVpn - ok18:10:36.0446 5040 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll18:10:36.0571 5040 RasAuto - ok18:10:37.0059 5040 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys18:10:37.0187 5040 Rasl2tp - ok18:10:37.0579 5040 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll18:10:37.0641 5040 RasMan - ok18:10:38.0558 5040 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys18:10:38.0695 5040 RasPppoe - ok18:10:38.0942 5040 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys18:10:39.0037 5040 RasSstp - ok18:10:39.0113 5040 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys18:10:39.0300 5040 rdbss - ok18:10:40.0435 5040 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys18:10:40.0634 5040 rdpbus - ok18:10:41.0523 5040 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys18:10:41.0761 5040 RDPCDD - ok18:10:42.0668 5040 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys18:10:42.0754 5040 RDPENCDD - ok18:10:43.0108 5040 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys18:10:43.0181 5040 RDPREFMP - ok18:10:43.0300 5040 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys18:10:43.0365 5040 RDPWD - ok18:10:43.0469 5040 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys18:10:43.0505 5040 rdyboost - ok18:10:43.0643 5040 Recovery Service for Windows (bc0a4d47472b042537f4e57b950415fa) C:\Program Files (x86)\SMINST\BLService.exe18:10:43.0663 5040 Recovery Service for Windows - ok18:10:43.0742 5040 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll18:10:43.0794 5040 RemoteAccess - ok18:10:43.0900 5040 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll18:10:43.0958 5040 RemoteRegistry - ok18:10:44.0300 5040 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe18:10:44.0311 5040 RichVideo ( UnsignedFile.Multi.Generic ) - warning18:10:44.0311 5040 RichVideo - detected UnsignedFile.Multi.Generic (1)18:10:44.0897 5040 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll18:10:45.0009 5040 RpcEptMapper - ok18:10:45.0475 5040 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe18:10:45.0560 5040 RpcLocator - ok18:10:45.0802 5040 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll18:10:45.0859 5040 RpcSs - ok18:10:47.0007 5040 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys18:10:47.0177 5040 rspndr - ok18:10:47.0351 5040 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys18:10:47.0430 5040 RTL8169 - ok18:10:47.0521 5040 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS18:10:47.0551 5040 RTSTOR - ok18:10:47.0583 5040 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe18:10:47.0603 5040 SamSs - ok18:10:47.0658 5040 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys18:10:47.0678 5040 sbp2port - ok18:10:47.0727 5040 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll18:10:47.0813 5040 SCardSvr - ok18:10:47.0852 5040 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys18:10:47.0930 5040 scfilter - ok18:10:48.0028 5040 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll18:10:48.0117 5040 Schedule - ok18:10:48.0196 5040 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll18:10:48.0250 5040 SCPolicySvc - ok18:10:48.0297 5040 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll18:10:48.0347 5040 SDRSVC - ok18:10:48.0492 5040 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys18:10:48.0586 5040 secdrv - ok18:10:48.0626 5040 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll18:10:48.0687 5040 seclogon - ok18:10:48.0725 5040 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll18:10:48.0803 5040 SENS - ok18:10:48.0839 5040 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll18:10:48.0886 5040 SensrSvc - ok18:10:48.0965 5040 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys18:10:48.0984 5040 Serenum - ok18:10:49.0044 5040 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys18:10:49.0065 5040 Serial - ok18:10:49.0105 5040 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys18:10:49.0149 5040 sermouse - ok18:10:49.0218 5040 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll18:10:49.0276 5040 SessionEnv - ok18:10:49.0312 5040 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys18:10:49.0337 5040 sffdisk - ok18:10:49.0373 5040 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys18:10:49.0396 5040 sffp_mmc - ok18:10:49.0449 5040 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys18:10:49.0490 5040 sffp_sd - ok18:10:49.0535 5040 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys18:10:49.0554 5040 sfloppy - ok18:10:49.0614 5040 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll18:10:49.0698 5040 SharedAccess - ok18:10:49.0753 5040 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll18:10:49.0811 5040 ShellHWDetection - ok18:10:49.0861 5040 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys18:10:49.0878 5040 SiSRaid2 - ok18:10:49.0903 5040 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys18:10:49.0921 5040 SiSRaid4 - ok18:10:49.0978 5040 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys18:10:50.0058 5040 Smb - ok18:10:50.0136 5040 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe18:10:50.0178 5040 SNMPTRAP - ok18:10:50.0222 5040 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys18:10:50.0239 5040 spldr - ok18:10:50.0281 5040 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe18:10:50.0337 5040 Spooler - ok18:10:50.0468 5040 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe18:10:50.0620 5040 sppsvc - ok18:10:50.0660 5040 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll18:10:50.0732 5040 sppuinotify - ok18:10:50.0810 5040 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys18:10:50.0876 5040 srv - ok18:10:50.0921 5040 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys18:10:50.0966 5040 srv2 - ok18:10:51.0010 5040 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys18:10:51.0051 5040 srvnet - ok18:10:51.0147 5040 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll18:10:51.0225 5040 SSDPSRV - ok18:10:51.0287 5040 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll18:10:51.0362 5040 SstpSvc - ok18:10:51.0515 5040 STacSV (a400c503b256cd7c8289b2a943370415) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_79b15e90d309c284\STacSV64.exe18:10:51.0561 5040 STacSV - ok18:10:51.0649 5040 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys18:10:51.0666 5040 stexstor - ok18:10:51.0732 5040 STHDA (0c2bf91cdc0575f5713a4d2d5118bc06) C:\Windows\system32\DRIVERS\stwrt64.sys18:10:51.0762 5040 STHDA - ok18:10:51.0832 5040 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll18:10:51.0917 5040 stisvc - ok18:10:51.0958 5040 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys18:10:51.0973 5040 swenum - ok18:10:52.0037 5040 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll18:10:52.0124 5040 swprv - ok18:10:52.0199 5040 SynTP (5bfcf934891022e15404befe0f5ece9f) C:\Windows\system32\DRIVERS\SynTP.sys18:10:52.0223 5040 SynTP - ok18:10:52.0290 5040 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll18:10:52.0408 5040 SysMain - ok18:10:52.0450 5040 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll18:10:52.0511 5040 TabletInputService - ok18:10:52.0553 5040 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll18:10:52.0641 5040 TapiSrv - ok18:10:52.0677 5040 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll18:10:52.0732 5040 TBS - ok18:10:52.0856 5040 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys18:10:52.0940 5040 Tcpip - ok18:10:53.0038 5040 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys18:10:53.0093 5040 TCPIP6 - ok18:10:53.0150 5040 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys18:10:53.0230 5040 tcpipreg - ok18:10:53.0308 5040 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys18:10:53.0346 5040 TDPIPE - ok18:10:53.0407 5040 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys18:10:53.0448 5040 TDTCP - ok18:10:53.0501 5040 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys18:10:53.0594 5040 tdx - ok18:10:53.0627 5040 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys18:10:53.0644 5040 TermDD - ok18:10:53.0713 5040 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll18:10:53.0811 5040 TermService - ok18:10:53.0847 5040 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll18:10:53.0898 5040 Themes - ok18:10:53.0950 5040 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll18:10:54.0004 5040 THREADORDER - ok18:10:54.0032 5040 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll18:10:54.0110 5040 TrkWks - ok18:10:54.0189 5040 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe18:10:54.0234 5040 TrustedInstaller - ok18:10:54.0333 5040 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys18:10:54.0427 5040 tssecsrv - ok18:10:54.0514 5040 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys18:10:54.0568 5040 tunnel - ok18:10:54.0791 5040 TVCapSvc (1c31169dddc70c1605f703da701eaeea) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe18:10:54.0810 5040 TVCapSvc - ok18:10:54.0821 5040 TVSched (290b8c381dbc15d3dbcbd2bdb6b0ba12) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe18:10:54.0834 5040 TVSched - ok18:10:54.0872 5040 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys18:10:54.0889 5040 uagp35 - ok18:10:54.0923 5040 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys18:10:54.0999 5040 udfs - ok18:10:55.0068 5040 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe18:10:55.0093 5040 UI0Detect - ok18:10:55.0149 5040 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys18:10:55.0166 5040 uliagpkx - ok18:10:55.0240 5040 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys18:10:55.0290 5040 umbus - ok18:10:55.0327 5040 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys18:10:55.0366 5040 UmPass - ok18:10:55.0408 5040 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll18:10:55.0471 5040 upnphost - ok18:10:55.0570 5040 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys18:10:55.0604 5040 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning18:10:55.0604 5040 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)18:10:55.0658 5040 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys18:10:55.0684 5040 usbccgp - ok18:10:55.0735 5040 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys18:10:55.0789 5040 usbcir - ok18:10:55.0858 5040 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys18:10:55.0879 5040 usbehci - ok18:10:55.0968 5040 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys18:10:55.0995 5040 usbhub - ok18:10:56.0026 5040 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys18:10:56.0075 5040 usbohci - ok18:10:56.0113 5040 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys18:10:56.0140 5040 usbprint - ok18:10:56.0184 5040 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS18:10:56.0205 5040 USBSTOR - ok18:10:56.0239 5040 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys18:10:56.0285 5040 usbuhci - ok18:10:56.0353 5040 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys18:10:56.0393 5040 usbvideo - ok18:10:56.0441 5040 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll18:10:56.0495 5040 UxSms - ok18:10:56.0534 5040 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe18:10:56.0556 5040 VaultSvc - ok18:10:56.0639 5040 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys18:10:56.0656 5040 vdrvroot - ok18:10:56.0700 5040 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe18:10:56.0775 5040 vds - ok18:10:56.0833 5040 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys18:10:56.0858 5040 vga - ok18:10:56.0940 5040 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys18:10:57.0020 5040 VgaSave - ok18:10:57.0080 5040 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys18:10:57.0101 5040 vhdmp - ok18:10:57.0142 5040 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys18:10:57.0157 5040 viaide - ok18:10:57.0206 5040 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys18:10:57.0223 5040 volmgr - ok18:10:57.0260 5040 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys18:10:57.0289 5040 volmgrx - ok18:10:57.0342 5040 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys18:10:57.0366 5040 volsnap - ok18:10:57.0424 5040 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys18:10:57.0446 5040 vsmraid - ok18:10:57.0556 5040 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe18:10:57.0656 5040 VSS - ok18:10:57.0697 5040 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys18:10:57.0740 5040 vwifibus - ok18:10:57.0794 5040 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll18:10:57.0855 5040 W32Time - ok18:10:57.0874 5040 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys18:10:57.0895 5040 WacomPen - ok18:10:57.0977 5040 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys18:10:58.0075 5040 WANARP - ok18:10:58.0099 5040 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys18:10:58.0188 5040 Wanarpv6 - ok18:10:58.0288 5040 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe18:10:58.0390 5040 WatAdminSvc - ok18:10:58.0481 5040 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe18:10:58.0558 5040 wbengine - ok18:10:58.0599 5040 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll18:10:58.0638 5040 WbioSrvc - ok18:10:58.0689 5040 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll18:10:58.0738 5040 wcncsvc - ok18:10:58.0769 5040 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll18:10:58.0810 5040 WcsPlugInService - ok18:10:58.0884 5040 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys18:10:58.0900 5040 Wd - ok18:10:58.0940 5040 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys18:10:58.0979 5040 Wdf01000 - ok18:10:59.0011 5040 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll18:10:59.0067 5040 WdiServiceHost - ok18:10:59.0080 5040 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll18:10:59.0111 5040 WdiSystemHost - ok18:10:59.0157 5040 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll18:10:59.0224 5040 WebClient - ok18:10:59.0272 5040 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll18:10:59.0396 5040 Wecsvc - ok18:10:59.0460 5040 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll18:10:59.0551 5040 wercplsupport - ok18:10:59.0635 5040 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll18:10:59.0714 5040 WerSvc - ok18:10:59.0816 5040 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys18:10:59.0868 5040 WfpLwf - ok18:10:59.0897 5040 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys18:10:59.0914 5040 WIMMount - ok18:10:59.0924 5040 WinHttpAutoProxySvc - ok18:11:00.0010 5040 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll18:11:00.0071 5040 Winmgmt - ok18:11:00.0143 5040 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll18:11:00.0293 5040 WinRM - ok18:11:00.0425 5040 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys18:11:00.0450 5040 WinUsb - ok18:11:00.0514 5040 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll18:11:00.0599 5040 Wlansvc - ok18:11:00.0701 5040 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys18:11:00.0742 5040 WmiAcpi - ok18:11:00.0838 5040 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe18:11:00.0863 5040 wmiApSrv - ok18:11:00.0999 5040 WMPNetworkSvc - ok18:11:01.0058 5040 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll18:11:01.0083 5040 WPCSvc - ok18:11:01.0112 5040 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll18:11:01.0157 5040 WPDBusEnum - ok18:11:01.0307 5040 WPFFontCache_v0400 - ok18:11:01.0408 5040 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys18:11:01.0493 5040 ws2ifsl - ok18:11:01.0509 5040 WSearch - ok18:11:01.0614 5040 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll18:11:01.0771 5040 wuauserv - ok18:11:01.0817 5040 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys18:11:02.0343 5040 WudfPf - ok18:11:02.0570 5040 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys18:11:02.0630 5040 WUDFRd - ok18:11:02.0791 5040 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll18:11:02.0878 5040 wudfsvc - ok18:11:03.0050 5040 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll18:11:03.0108 5040 WwanSvc - ok18:11:03.0396 5040 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe18:11:03.0430 5040 YahooAUService - ok18:11:03.0678 5040 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl18:11:03.0692 5040 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok18:11:03.0774 5040 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR018:11:04.0343 5040 \Device\Harddisk0\DR0 - ok18:11:04.0418 5040 MBR (0x1B8) (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk1\DR118:11:04.0599 5040 \Device\Harddisk1\DR1 - ok18:11:04.0672 5040 Boot (0x1200) (d15ccac574f71726c34a3b3151b9ca5e) \Device\Harddisk0\DR0\Partition018:11:04.0778 5040 \Device\Harddisk0\DR0\Partition0 - ok18:11:04.0842 5040 Boot (0x1200) (3b6cb7abd56f4842f192eb2e335ade78) \Device\Harddisk0\DR0\Partition118:11:04.0913 5040 \Device\Harddisk0\DR0\Partition1 - ok18:11:04.0922 5040 Boot (0x1200) (2727c5861400f09ddea8135a113a3b92) \Device\Harddisk1\DR1\Partition018:11:04.0928 5040 \Device\Harddisk1\DR1\Partition0 - ok18:11:04.0932 5040 ============================================================18:11:04.0932 5040 Scan finished18:11:04.0932 5040 ============================================================18:11:04.0949 5032 Detected object count: 618:11:04.0949 5032 Actual detected object count: 618:11:13.0324 5032 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user18:11:13.0324 5032 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip18:11:13.0328 5032 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user18:11:13.0328 5032 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip18:11:13.0332 5032 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user18:11:13.0332 5032 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip18:11:13.0336 5032 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user18:11:13.0336 5032 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip18:11:13.0340 5032 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user18:11:13.0340 5032 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip18:11:13.0343 5032 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user18:11:13.0343 5032 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip18:11:26.0713 4720 Deinitialize success Link to post Share on other sites More sharing options...
LDTate Posted April 4, 2012 ID:539733 Share Posted April 4, 2012 Cool.You can delete TDSSKillerHere's my usual all clean postTo be on the safe side, I would also change all my passwords. This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.Log looks good Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week(Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.Without a firewall your computer is succeptible to being hacked and taken over.I am very serious about this and see it happen almost every day with my clients.Simply using a Firewall in its default configuration can lower your risk greatly. Securing Your Web BrowserThis paper will help you configure your web browser for safer internet surfing.Using a secure browser plugin M86 SecureBrowsing makes it safe to search, surf and socialize online. This free browser plug-in displays security icons next to links on search engines and social networking sites like Facebook, Twitter and LinkedIn, so you'll know which pages are safe and which ones to avoid.•Free browser plug-in for Internet Explorer and Firefox•Real-time safety ratings•Ideal for Facebook, Twitter and LinkedIn JAVA Click this link and click on the Free JAVA DownloadVisit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.This will ensure your computer has always the latest security updates available installed on your computer.If there are new updates to install, install them immediately, reboot your computer, and revisit the siteuntil there are no more critical updates.Only run one Anti-Virus and Firewall program.I would suggest you read:PC Safety and Security--What Do I Need?.How to Prevent Malware:The full version of Malwarebytes' Anti-Malware could have helped protect your computer against this threat.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & ServersMalware Execution PreventionSave yourself the hassle and get protected. Link to post Share on other sites More sharing options...
nicolep218 Posted April 4, 2012 Author ID:539735 Share Posted April 4, 2012 Thank You so Much for all your time. Link to post Share on other sites More sharing options...
LDTate Posted April 4, 2012 ID:539736 Share Posted April 4, 2012 You're more than welcome. Glad we were able to helpPeace be with you Link to post Share on other sites More sharing options...
LDTate Posted April 4, 2012 ID:539737 Share Posted April 4, 2012 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts