My email was hacked

eblaine · June 7, 2012

Hi,

My email was hacked and I'm not sure if there's a keylogger or malware still on my pc. I have malwarebytes pro and emsisoft av. Please advise. Thanks.

MrCharlie · June 8, 2012

Welcome to the forum, please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs.....DDS.txt and Attach.txt

<====><====><====><====><====><====><====><====>

Next.......

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options, they're not all bad!)

Post back the report.

MrC

eblaine · June 8, 2012

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Eblaine at 6:16:54 on 2012-06-08

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3062.1443 [GMT -7:00]

.

AV: Emsisoft Anti-Malware *Enabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Emsisoft Anti-Malware *Enabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe

C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe

C:\Windows\system32\WLANExt.exe

C:\Program Files (x86)\Online Armor\OAcat.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\lxeccoms.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\DRIVERS\xaudio64.exe

C:\Program Files\Dell\QuickSet\NicConfigSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

C:\Windows\System32\igfxtray.exe

C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://asus.msn.com

uDefault_Page_URL = hxxp://asus.msn.com

mStart Page = hxxp://asus.msn.com

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

uRun: [subVid] "C:\Program Files (x86)\MindMovies\Subliminal\SubVid.exe" /startup

uRun: [eFax 4.4] "C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe" /R

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60

StartupFolder: C:\Users\Eblaine\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EFAX44~1.LNK - C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{C69E4FE1-7645-467F-9C67-1CF3CF146DCA} : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{CE233D41-2CEA-454B-BFDB-F79CD4EBF781} : DhcpNameServer = 192.168.2.1

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60

IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Eblaine\AppData\Roaming\Mozilla\Firefox\Profiles\we99zuwk.default\

FF - prefs.js: browser.startup.homepage - hxxp://duckduckgo.com/

FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

.

============= SERVICES / DRIVERS ===============

.

R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2012-4-27 23208]

R1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2012-4-27 41728]

R1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [2012-4-27 14720]

R1 OADevice;OADriver;C:\Windows\SysWOW64\drivers\OADriver.sys [2012-4-27 61624]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 a2AntiMalware;Emsisoft Anti-Malware 6.5 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-4-27 3065120]

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-4-28 913792]

R2 lxec_device;lxec_device;C:\Windows\system32\lxeccoms.exe -service --> C:\Windows\system32\lxeccoms.exe -service [?]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-27 654408]

R2 OAcat;Online Armor Helper Service;C:\Program Files (x86)\Online Armor\oacat.exe [2012-5-31 210920]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2012-4-27 63880]

R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 OAnet;OnlineArmor Service;C:\Windows\system32\DRIVERS\oanet.sys --> C:\Windows\system32\DRIVERS\oanet.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S1 oahlpXX;Online Armor helper driver;C:\Windows\SysWOW64\drivers\oahlp64.sys [2012-4-27 61624]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 lxecCATSCustConnectService;lxecCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxecserv.exe [2012-4-27 45736]

S2 SvcOnlineArmor;Online Armor;C:\Program Files (x86)\Online Armor\OAsrv.exe [2012-5-31 4382968]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-27 257696]

S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]

S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]

S3 becldr3Service;BCL EasyConverter SDK 3 Loader;C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [2011-4-19 176128]

S3 CGVPNCliSrvc;CyberGhost VPN Client;C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2012-4-27 2438696]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]

S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

S3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-27 129976]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-06-01 11:20:37 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{85EB40E3-D8B8-42F4-92D4-574914A3B047}\offreg.dll

2012-06-01 11:18:52 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{85EB40E3-D8B8-42F4-92D4-574914A3B047}\mpengine.dll

2012-05-31 22:20:53 -------- d-----w- C:\Users\Eblaine\AppData\Roaming\j2 Global

2012-05-31 22:19:41 -------- d-----w- C:\Users\Eblaine\AppData\Roaming\eFax Messenger

2012-05-31 22:19:37 -------- d-----w- C:\ProgramData\eFax Messenger 4.4 Output

2012-05-31 22:18:20 -------- d-----w- C:\Program Files (x86)\eFax Messenger 4.4

2012-05-28 18:08:35 -------- d-----w- C:\ProgramData\PDF Writer

2012-05-28 18:08:34 -------- d-----w- C:\Users\Eblaine\AppData\Roaming\PDF Writer

2012-05-28 18:08:34 -------- d-----w- C:\Users\Eblaine\AppData\Local\PDF Writer

2012-05-28 18:06:07 101376 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL

2012-05-28 18:04:39 227840 ----a-w- C:\Windows\SysWow64\bzFlRdr.dll

2012-05-28 18:04:39 103424 ----a-w- C:\Windows\SysWow64\bzDCT.dll

2012-05-28 18:04:39 -------- d-----w- C:\Program Files\Common Files\Bullzip

2012-05-28 18:04:38 135168 ----a-w- C:\Windows\SysWow64\bzpdfc.dll

2012-05-28 18:04:33 216064 ----a-w- C:\Windows\System32\bzpdf.dll

2012-05-28 18:04:26 140288 ----a-w- C:\Windows\SysWow64\comdlg32.OCX

2012-05-28 18:04:24 -------- d-----w- C:\Program Files\Bullzip

2012-05-28 18:02:25 -------- d-----w- C:\Program Files (x86)\BCL Technologies

2012-05-28 18:02:16 -------- d-----w- C:\Users\Eblaine\AppData\Roaming\Pdf2Word

2012-05-28 18:02:14 -------- d-----w- C:\Program Files (x86)\bioPDF

2012-05-28 17:42:23 95008 ----a-w- C:\Windows\System32\Primomonnt.dll

2012-05-28 17:42:22 -------- d-----w- C:\Users\Eblaine\AppData\Roaming\OpenCandy

2012-05-28 17:42:20 -------- d-----w- C:\Program Files (x86)\Nitro PDF

2012-05-28 17:39:27 -------- d-----w- C:\Users\Eblaine\AppData\Local\CutePDF Writer

2012-05-28 17:35:22 -------- d-----w- C:\Program Files (x86)\Acro Software

2012-05-28 17:23:42 46080 ----a-w- C:\Windows\SysWow64\pdfmon.dll

2012-05-28 17:23:42 110642 ----a-w- C:\Windows\SysWow64\pdfmona.dll

2012-05-28 17:22:19 -------- d-----w- C:\pdf995

2012-05-28 15:44:06 -------- d-----w- C:\Program Files (x86)\1ClickDownload

2012-05-28 15:23:24 -------- d-----w- C:\Program Files (x86)\uTorrent

2012-05-28 15:22:13 -------- d-----w- C:\Users\Eblaine\AppData\Roaming\uTorrent

2012-05-23 16:33:43 -------- d-----w- C:\Users\Eblaine\Be Yourself Seduction

2012-05-23 15:50:11 -------- d-----w- C:\ProgramData\MindMovies

2012-05-23 15:50:10 -------- d-----w- C:\Program Files (x86)\MindMovies

2012-05-23 00:12:49 -------- d-----w- C:\Users\Eblaine\AppData\Local\Amazon

2012-05-18 20:48:03 -------- d-----w- C:\Program Files (x86)\Evernote

2012-05-15 00:40:20 -------- d-----w- C:\Users\Eblaine\AppData\Local\{4F884A01-D573-4402-A43C-E8ACD3A1AE5A}

2012-05-15 00:40:13 -------- d-----w- C:\Users\Eblaine\AppData\Local\Windows Live

2012-05-15 00:40:13 -------- d-----w- C:\Users\Eblaine\AppData\Local\{5F7CE4BC-C9E9-4C7C-86BF-A4D6ABD5C22D}

2012-05-15 00:39:44 -------- d-----w- C:\Users\Eblaine\AppData\Local\{62855EB9-E6BF-4188-9C08-45E6EC85DCA8}

2012-05-15 00:39:43 -------- d-----w- C:\Users\Eblaine\AppData\Local\{069F4B55-FD91-44AC-B670-D1D6CB0FA8B2}

2012-05-12 16:57:08 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-05-12 16:57:08 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll

2012-05-12 16:57:08 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2012-05-12 16:56:32 -------- d-----w- C:\Program Files\iPod

2012-05-12 16:56:28 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2012-05-12 16:56:28 -------- d-----w- C:\Program Files\iTunes

2012-05-12 16:56:28 -------- d-----w- C:\Program Files (x86)\iTunes

2012-05-12 16:55:04 -------- d-----w- C:\Users\Eblaine\AppData\Local\Apple

2012-05-12 16:54:02 -------- d-----w- C:\Program Files\Bonjour

2012-05-12 16:54:02 -------- d-----w- C:\Program Files (x86)\Bonjour

2012-05-10 04:51:27 -------- d-----w- C:\Users\Eblaine\AppData\Roaming\EurekaLog

2012-05-09 15:53:20 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2012-05-09 15:53:13 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-09 15:53:09 3146240 ----a-w- C:\Windows\System32\win32k.sys

2012-05-09 15:53:03 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-09 15:53:00 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-09 15:52:34 1544704 ----a-w- C:\Windows\System32\DWrite.dll

2012-05-09 15:52:32 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-05-09 15:51:45 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-05-09 15:50:02 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2012-05-09 15:50:01 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-09 15:49:58 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-09 15:49:57 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2012-05-09 15:49:56 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

.

==================== Find3M ====================

.

2012-06-06 19:04:39 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-06 19:04:39 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-05-31 13:06:19 35368 ----a-w- C:\Windows\System32\drivers\OAnet.sys

2012-05-31 13:06:18 40512 ----a-w- C:\Windows\SysWow64\drivers\OAmon.sys

2012-05-31 13:06:17 61624 ----a-w- C:\Windows\SysWow64\drivers\OADriver.sys

2012-05-31 13:03:49 61624 ----a-w- C:\Windows\SysWow64\drivers\oahlp64.sys

2012-05-28 17:28:51 119 ----a-w- C:\Windows\wpd99.drv

2012-05-05 17:41:07 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-05-04 04:56:16 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe

2012-04-27 20:27:42 40448 ----a-w- C:\Windows\SysWow64\pdf995mon64.dll

2012-04-18 18:18:22 2266624 ----a-w- C:\Windows\System32\pdfmona64.dll

2012-04-04 22:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-20 06:44:20 5888792 ----a-w- C:\Windows\System32\GfxUI.exe

2012-03-20 06:44:20 276248 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe

2012-03-20 06:42:08 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2696.dll

2012-03-20 06:31:16 963912 ----a-w- C:\Windows\SysWow64\igkrng600.bin

2012-03-20 06:31:16 963912 ----a-w- C:\Windows\System32\igkrng600.bin

2012-03-20 06:31:16 261208 ----a-w- C:\Windows\SysWow64\igfcg600m.bin

2012-03-20 06:31:16 261208 ----a-w- C:\Windows\System32\igfcg600m.bin

2012-03-20 06:31:14 79360 ----a-w- C:\Windows\System32\igdde64.dll

2012-03-20 06:25:58 58880 ----a-w- C:\Windows\SysWow64\igdde32.dll

2012-03-20 05:18:40 439296 ----a-w- C:\Windows\System32\igfxrrom.lrc

2012-03-20 05:18:40 438784 ----a-w- C:\Windows\System32\igfxrhrv.lrc

2012-03-20 05:18:38 439808 ----a-w- C:\Windows\System32\igfxresn.lrc

2012-03-20 05:17:14 9216 ----a-w- C:\Windows\System32\IGFXDEVLib.dll

2012-03-20 05:17:14 172032 ----a-w- C:\Windows\System32\gfxSrvc.dll

2012-03-20 05:12:06 25088 ----a-w- C:\Windows\SysWow64\igfxexps32.dll

2012-03-20 05:09:08 524800 ----a-w- C:\Windows\System32\iglhsip64.dll

2012-03-20 05:09:08 519680 ----a-w- C:\Windows\SysWow64\iglhsip32.dll

2012-03-20 05:09:08 2967040 ----a-w- C:\Windows\System32\igfxcmjit64.dll

2012-03-20 05:09:08 237056 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll

2012-03-20 05:09:08 2321408 ----a-w- C:\Windows\SysWow64\igfxcmjit32.dll

2012-03-20 05:09:08 213504 ----a-w- C:\Windows\System32\iglhcp64.dll

2012-03-20 05:09:08 193024 ----a-w- C:\Windows\System32\igfxcmrt64.dll

2012-03-20 05:09:08 177152 ----a-w- C:\Windows\SysWow64\iglhcp32.dll

.

============= FINISH: 6:18:36.95 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 4/27/2012 11:53:11 AM

System Uptime: 6/7/2012 12:38:43 PM (18 hours ago)

.

Motherboard: Dell Inc. | | 0FT292

Processor: Intel® Core2 CPU T5600 @ 1.83GHz | Microprocessor | 1833/166mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 186 GiB total, 100.874 GiB free.

D: is FIXED (NTFS) - 254 GiB total, 254.069 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: ATKWMIACPI Driver

Device ID: ROOT\LEGACY_ATKWMIACPIIO\0000

Manufacturer:

Name: ATKWMIACPI Driver

PNP Device ID: ROOT\LEGACY_ATKWMIACPIIO\0000

Service: ATKWMIACPIIO

.

==== System Restore Points ===================

.

RP57: 5/28/2012 11:09:59 AM - Removed Nitro Reader 2

RP58: 5/28/2012 11:02:46 PM - Windows Update

RP59: 5/31/2012 3:18:33 PM - Installed eFax Messenger

RP60: 6/1/2012 4:18:16 AM - Windows Update

RP61: 6/5/2012 6:13:11 PM - Windows Update

.

==== Installed Programs ======================

.

??????? Windows Live Mesh ActiveX ??(????)

??????? Windows Live Mesh ActiveX ???

µTorrent

1ClickDownloader

ABBYY FineReader 6.0 Sprint

Advanced SystemCare 5

Alcor Micro USB Card Reader

Amazon Kindle

Apple Application Support

Apple Software Update

Asmedia ASM104x USB 3.0 Host Controller Driver

ASUS AI Recovery

ASUS Live Update

ASUS WebStorage

BCL easyConverter 3.0 Licensing Module (BCL License)

BCL easyConverter 3.0 Loader SDK Module

BCL easyConverter 3.0 Module (Loader, BCL License)

BCL easyConverter 3.0 Module (RTF, BCL License)

BCL easyConverter 3.0 RTF SDK Module

BCL easyConverter 3.0 SDK Module

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Compatibility Pack for the 2007 Office system

Contrôle ActiveX Windows Live Mesh pour connexions à distance

Control ActiveX de Windows Live Mesh para conexiones remotas

Controlo ActiveX do Windows Live Mesh para Ligações Remotas

CyberLink LabelPrint

CyberLink Media Suite

CyberLink Power2Go

D3DX10

Dell Driver Download Manager

Digital Line Detect

eFax Messenger

Emsisoft Anti-Malware

Evernote v. 4.5.6

Foxit Reader

Galeria de Fotografias do Windows Live

Galerie de photos Windows Live

Galería fotográfica de Windows Live

Intel® Processor Graphics

Junk Mail filter update

Malwarebytes Anti-Malware version 1.61.0.1400

Mesh Runtime

Microsoft Office 2010

Microsoft Office File Validation Add-In

Microsoft Office Professional Edition 2003

Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 12.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

Nuance PDF Reader

Online Armor 5.5

PDF Print Functionality

PDF2Word Converter Version 1.0.8 (Build 164, bioPDF)

Pdf995

PdfEdit995

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Sonic Focus

Subliminal $SUBLIMINAL_VERSION

SugarSync Manager

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Windows Live

Windows Live ???

Windows Live ????

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Wunderlist

.

==== Event Viewer Messages From Past Week ========

.

6/8/2012 5:24:45 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

6/7/2012 12:39:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ATKWMIACPIIO

6/7/2012 12:39:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxecCATSCustConnectService service to connect.

6/7/2012 12:39:25 PM, Error: Service Control Manager [7000] - The lxecCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

6/7/2012 11:41:44 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

6/7/2012 11:41:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

6/7/2012 11:41:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

6/7/2012 11:41:36 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

6/7/2012 11:41:36 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

6/7/2012 11:41:31 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/7/2012 11:41:25 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

6/7/2012 11:41:14 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: a2injectiondriver AFD ATKWMIACPIIO DfsC discache NetBIOS NetBT nsiproxy OADevice oahlpXX Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

6/7/2012 11:41:14 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

6/7/2012 11:41:14 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

6/7/2012 11:41:14 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

6/7/2012 11:41:14 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

6/7/2012 11:41:14 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

6/7/2012 11:41:14 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

6/7/2012 11:41:14 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

6/7/2012 11:41:14 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

6/7/2012 11:41:14 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

6/7/2012 11:38:34 AM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The data is invalid.

6/7/2012 11:38:32 AM, Error: Service Control Manager [7034] - The Dell Internal Network Card Power Management service terminated unexpectedly. It has done this 1 time(s).

6/7/2012 11:38:31 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

6/7/2012 11:38:31 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.

6/6/2012 2:25:10 AM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

6/5/2012 6:02:16 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Online Armor Helper Service service to connect.

6/5/2012 6:02:16 PM, Error: Service Control Manager [7000] - The Online Armor Helper Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

6/5/2012 6:01:56 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa800245ea10, 0xfffff800047d3518, 0xfffffa80050e14f0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 060512-28813-01.

.

==== End Of File ===========================

eblaine · June 8, 2012

RogueKiller V7.5.4 [06/07/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: Eblaine [Admin rights]

Mode: Scan -- Date: 06/08/2012 06:25:57

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 3 ¤¤¤

[] HKCR\[...]\InprocServer32 : () -> ACCESS DENIED

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500420AS ATA Device +++++

--- User ---

[MBR] dd531fb4b41c9824efa131c578687698

[bSP] 58f0db325bbe6bb982a135e39bb73b46 : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25602 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52436992 | Size: 190779 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 443154432 | Size: 260556 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

MrCharlie · June 8, 2012

Before we proceed further, please disable or uninstall uTorrent and any other peer-to-peer filesharing app.

Continued use of filesharing or ill-advised downloads will surely re-infect your system.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

It's also against our policy:

http://forums.malwar...showtopic=97700

------------------------------------

Next........

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

eblaine · June 8, 2012

10:18:21.0536 3656 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16

10:18:23.0542 3656 ============================================================

10:18:23.0542 3656 Current date / time: 2012/06/08 10:18:23.0542

10:18:23.0542 3656 SystemInfo:

10:18:23.0542 3656

10:18:23.0542 3656 OS Version: 6.1.7601 ServicePack: 1.0

10:18:23.0542 3656 Product type: Workstation

10:18:23.0542 3656 ComputerName: EBLAINE-PC

10:18:23.0543 3656 UserName: Eblaine

10:18:23.0543 3656 Windows directory: C:\Windows

10:18:23.0543 3656 System windows directory: C:\Windows

10:18:23.0543 3656 Running under WOW64

10:18:23.0543 3656 Processor architecture: Intel x64

10:18:23.0543 3656 Number of processors: 2

10:18:23.0543 3656 Page size: 0x1000

10:18:23.0543 3656 Boot type: Normal boot

10:18:23.0543 3656 ============================================================

10:18:26.0201 3656 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

10:18:26.0209 3656 ============================================================

10:18:26.0209 3656 \Device\Harddisk0\DR0:

10:18:26.0209 3656 MBR partitions:

10:18:26.0209 3656 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3202000, BlocksNum 0x1749DA81

10:18:26.0209 3656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A6A0000, BlocksNum 0x1FCE6030

10:18:26.0209 3656 ============================================================

10:18:26.0233 3656 C: <-> \Device\Harddisk0\DR0\Partition0

10:18:26.0267 3656 D: <-> \Device\Harddisk0\DR0\Partition1

10:18:26.0268 3656 ============================================================

10:18:26.0268 3656 Initialize success

10:18:26.0268 3656 ============================================================

10:19:07.0582 1648 ============================================================

10:19:07.0582 1648 Scan started

10:19:07.0583 1648 Mode: Manual; SigCheck; TDLFS;

10:19:07.0583 1648 ============================================================

10:19:08.0198 1648 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

10:19:08.0420 1648 1394ohci - ok

10:19:08.0466 1648 a2acc (922ab7cc2c12c38dc2c4074af893d5fb) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys

10:19:08.0575 1648 a2acc - ok

10:19:08.0739 1648 a2AntiMalware (0d5cb73fd036d9e904e0fc443e4e71ca) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

10:19:08.0835 1648 a2AntiMalware - ok

10:19:08.0847 1648 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys

10:19:08.0872 1648 A2DDA - ok

10:19:08.0884 1648 a2injectiondriver (905cda5a8d86f733df8000909b4916ed) C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys

10:19:08.0910 1648 a2injectiondriver - ok

10:19:08.0921 1648 a2util (e41d79682a209f72f4f578cfd4a53952) C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys

10:19:08.0946 1648 a2util - ok

10:19:09.0060 1648 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

10:19:09.0115 1648 ACPI - ok

10:19:09.0140 1648 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

10:19:09.0215 1648 AcpiPmi - ok

10:19:09.0283 1648 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

10:19:09.0314 1648 AdobeFlashPlayerUpdateSvc - ok

10:19:09.0350 1648 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

10:19:09.0399 1648 adp94xx - ok

10:19:09.0418 1648 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

10:19:09.0464 1648 adpahci - ok

10:19:09.0485 1648 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

10:19:09.0518 1648 adpu320 - ok

10:19:09.0607 1648 AdvancedSystemCareService5 (96d6cdd0b32846e8cfbe592f4f32e608) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe

10:19:09.0649 1648 AdvancedSystemCareService5 - ok

10:19:09.0672 1648 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

10:19:09.0813 1648 AeLookupSvc - ok

10:19:09.0862 1648 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

10:19:09.0933 1648 AFD - ok

10:19:09.0950 1648 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

10:19:09.0979 1648 agp440 - ok

10:19:09.0994 1648 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

10:19:10.0079 1648 ALG - ok

10:19:10.0088 1648 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

10:19:10.0123 1648 aliide - ok

10:19:10.0130 1648 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

10:19:10.0162 1648 amdide - ok

10:19:10.0175 1648 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

10:19:10.0230 1648 AmdK8 - ok

10:19:10.0240 1648 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

10:19:10.0282 1648 AmdPPM - ok

10:19:10.0297 1648 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

10:19:10.0328 1648 amdsata - ok

10:19:10.0351 1648 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

10:19:10.0385 1648 amdsbs - ok

10:19:10.0404 1648 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

10:19:10.0434 1648 amdxata - ok

10:19:10.0446 1648 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

10:19:10.0518 1648 AppID - ok

10:19:10.0531 1648 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

10:19:10.0599 1648 AppIDSvc - ok

10:19:10.0616 1648 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

10:19:10.0681 1648 Appinfo - ok

10:19:10.0745 1648 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

10:19:10.0790 1648 Apple Mobile Device - ok

10:19:10.0809 1648 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

10:19:10.0841 1648 arc - ok

10:19:10.0861 1648 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

10:19:10.0893 1648 arcsas - ok

10:19:10.0929 1648 asmthub3 (c5f36b1087553bac84b493e4dfea9036) C:\Windows\system32\DRIVERS\asmthub3.sys

10:19:10.0995 1648 asmthub3 - ok

10:19:11.0029 1648 asmtxhci (aa6797e04ac24dbac4c239a33f468463) C:\Windows\system32\DRIVERS\asmtxhci.sys

10:19:11.0090 1648 asmtxhci - ok

10:19:11.0153 1648 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

10:19:11.0183 1648 aspnet_state - ok

10:19:11.0207 1648 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

10:19:11.0272 1648 AsyncMac - ok

10:19:11.0287 1648 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

10:19:11.0314 1648 atapi - ok

10:19:11.0448 1648 athr (b4174564ad5834a1680610572477878c) C:\Windows\system32\DRIVERS\athrx.sys

10:19:11.0572 1648 athr - ok

10:19:11.0649 1648 ATKWMIACPIIO - ok

10:19:11.0708 1648 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

10:19:11.0802 1648 AudioEndpointBuilder - ok

10:19:11.0814 1648 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

10:19:11.0884 1648 AudioSrv - ok

10:19:11.0902 1648 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

10:19:12.0018 1648 AxInstSV - ok

10:19:12.0063 1648 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

10:19:12.0131 1648 b06bdrv - ok

10:19:12.0159 1648 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

10:19:12.0216 1648 b57nd60a - ok

10:19:12.0243 1648 BCM42RLY (c3d8920a5aaf10a72cedb57d3339280a) C:\Windows\system32\drivers\BCM42RLY.sys

10:19:12.0269 1648 BCM42RLY - ok

10:19:12.0504 1648 BCM43XX (d20ee58c13ff343b90550861ebcd9ddd) C:\Windows\system32\DRIVERS\bcmwl664.sys

10:19:12.0673 1648 BCM43XX - ok

10:19:12.0764 1648 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

10:19:12.0833 1648 BDESVC - ok

10:19:12.0945 1648 becldr3Service (cb7ce2e47139b620d2b87078165f1ad0) C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe

10:19:12.0986 1648 becldr3Service ( UnsignedFile.Multi.Generic ) - warning

10:19:12.0986 1648 becldr3Service - detected UnsignedFile.Multi.Generic (1)

10:19:13.0052 1648 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

10:19:13.0132 1648 Beep - ok

10:19:13.0196 1648 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

10:19:13.0287 1648 BFE - ok

10:19:13.0338 1648 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

10:19:13.0441 1648 BITS - ok

10:19:13.0460 1648 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

10:19:13.0501 1648 blbdrive - ok

10:19:13.0558 1648 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

10:19:13.0600 1648 Bonjour Service - ok

10:19:13.0619 1648 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

10:19:13.0670 1648 bowser - ok

10:19:13.0686 1648 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

10:19:13.0793 1648 BrFiltLo - ok

10:19:13.0799 1648 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

10:19:13.0864 1648 BrFiltUp - ok

10:19:13.0887 1648 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

10:19:13.0961 1648 Browser - ok

10:19:13.0990 1648 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

10:19:14.0062 1648 Brserid - ok

10:19:14.0072 1648 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

10:19:14.0121 1648 BrSerWdm - ok

10:19:14.0129 1648 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

10:19:14.0170 1648 BrUsbMdm - ok

10:19:14.0183 1648 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

10:19:14.0225 1648 BrUsbSer - ok

10:19:14.0235 1648 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys

10:19:14.0296 1648 BthEnum - ok

10:19:14.0313 1648 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

10:19:14.0365 1648 BTHMODEM - ok

10:19:14.0381 1648 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

10:19:14.0433 1648 BthPan - ok

10:19:14.0469 1648 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys

10:19:14.0535 1648 BTHPORT - ok

10:19:14.0566 1648 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

10:19:14.0637 1648 bthserv - ok

10:19:14.0657 1648 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys

10:19:14.0696 1648 BTHUSB - ok

10:19:14.0734 1648 CAXHWAZL (0ca8ed7f262a3d0034f156bdfdf4814c) C:\Windows\system32\DRIVERS\CAXHWAZL.sys

10:19:14.0788 1648 CAXHWAZL - ok

10:19:14.0809 1648 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

10:19:14.0880 1648 cdfs - ok

10:19:14.0903 1648 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

10:19:14.0952 1648 cdrom - ok

10:19:14.0975 1648 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

10:19:15.0048 1648 CertPropSvc - ok

10:19:15.0213 1648 CGVPNCliSrvc (213b6ec3de19e35373a1906397588429) C:\Program Files\CyberGhost VPN\CGVPNCliService.exe

10:19:15.0334 1648 CGVPNCliSrvc - ok

10:19:15.0425 1648 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

10:19:15.0471 1648 circlass - ok

10:19:15.0514 1648 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

10:19:15.0559 1648 CLFS - ok

10:19:15.0613 1648 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:19:15.0641 1648 clr_optimization_v2.0.50727_32 - ok

10:19:15.0687 1648 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

10:19:15.0718 1648 clr_optimization_v2.0.50727_64 - ok

10:19:15.0762 1648 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

10:19:15.0793 1648 clr_optimization_v4.0.30319_32 - ok

10:19:15.0820 1648 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

10:19:15.0850 1648 clr_optimization_v4.0.30319_64 - ok

10:19:15.0874 1648 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

10:19:15.0919 1648 CmBatt - ok

10:19:15.0929 1648 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

10:19:15.0958 1648 cmdide - ok

10:19:15.0994 1648 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

10:19:16.0050 1648 CNG - ok

10:19:16.0061 1648 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

10:19:16.0090 1648 Compbatt - ok

10:19:16.0105 1648 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

10:19:16.0152 1648 CompositeBus - ok

10:19:16.0159 1648 COMSysApp - ok

10:19:16.0172 1648 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

10:19:16.0208 1648 crcdisk - ok

10:19:16.0246 1648 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

10:19:16.0328 1648 CryptSvc - ok

10:19:16.0384 1648 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

10:19:16.0478 1648 DcomLaunch - ok

10:19:16.0508 1648 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

10:19:16.0597 1648 defragsvc - ok

10:19:16.0616 1648 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

10:19:16.0686 1648 DfsC - ok

10:19:16.0719 1648 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

10:19:16.0808 1648 Dhcp - ok

10:19:16.0823 1648 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

10:19:16.0898 1648 discache - ok

10:19:16.0915 1648 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

10:19:16.0946 1648 Disk - ok

10:19:16.0970 1648 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

10:19:17.0043 1648 Dnscache - ok

10:19:17.0082 1648 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

10:19:17.0169 1648 dot3svc - ok

10:19:17.0195 1648 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

10:19:17.0271 1648 DPS - ok

10:19:17.0298 1648 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

10:19:17.0346 1648 drmkaud - ok

10:19:17.0551 1648 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

10:19:17.0618 1648 DXGKrnl - ok

10:19:17.0639 1648 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

10:19:17.0713 1648 EapHost - ok

10:19:17.0850 1648 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

10:19:17.0993 1648 ebdrv - ok

10:19:18.0062 1648 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

10:19:18.0116 1648 EFS - ok

10:19:18.0186 1648 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

10:19:18.0271 1648 ehRecvr - ok

10:19:18.0296 1648 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

10:19:18.0358 1648 ehSched - ok

10:19:18.0417 1648 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

10:19:18.0466 1648 elxstor - ok

10:19:18.0485 1648 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

10:19:18.0529 1648 ErrDev - ok

10:19:18.0578 1648 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

10:19:18.0650 1648 EventSystem - ok

10:19:18.0674 1648 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

10:19:18.0749 1648 exfat - ok

10:19:18.0775 1648 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

10:19:18.0856 1648 fastfat - ok

10:19:18.0901 1648 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

10:19:18.0974 1648 Fax - ok

10:19:18.0985 1648 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

10:19:19.0043 1648 fdc - ok

10:19:19.0057 1648 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

10:19:19.0127 1648 fdPHost - ok

10:19:19.0144 1648 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

10:19:19.0217 1648 FDResPub - ok

10:19:19.0234 1648 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

10:19:19.0265 1648 FileInfo - ok

10:19:19.0277 1648 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

10:19:19.0357 1648 Filetrace - ok

10:19:19.0365 1648 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

10:19:19.0408 1648 flpydisk - ok

10:19:19.0434 1648 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

10:19:19.0478 1648 FltMgr - ok

10:19:19.0542 1648 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

10:19:19.0631 1648 FontCache - ok

10:19:19.0684 1648 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

10:19:19.0730 1648 FontCache3.0.0.0 - ok

10:19:19.0761 1648 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

10:19:19.0791 1648 FsDepends - ok

10:19:19.0819 1648 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys

10:19:19.0848 1648 fssfltr - ok

10:19:19.0982 1648 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

10:19:20.0062 1648 fsssvc - ok

10:19:20.0145 1648 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

10:19:20.0182 1648 Fs_Rec - ok

10:19:20.0203 1648 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

10:19:20.0244 1648 fvevol - ok

10:19:20.0264 1648 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

10:19:20.0294 1648 gagp30kx - ok

10:19:20.0320 1648 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

10:19:20.0345 1648 GEARAspiWDM - ok

10:19:20.0401 1648 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

10:19:20.0488 1648 gpsvc - ok

10:19:20.0509 1648 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

10:19:20.0565 1648 hcw85cir - ok

10:19:20.0600 1648 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

10:19:20.0665 1648 HdAudAddService - ok

10:19:20.0692 1648 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

10:19:20.0740 1648 HDAudBus - ok

10:19:20.0749 1648 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

10:19:20.0801 1648 HidBatt - ok

10:19:20.0819 1648 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

10:19:20.0861 1648 HidBth - ok

10:19:20.0873 1648 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

10:19:20.0908 1648 HidIr - ok

10:19:20.0924 1648 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

10:19:20.0997 1648 hidserv - ok

10:19:21.0009 1648 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

10:19:21.0044 1648 HidUsb - ok

10:19:21.0074 1648 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

10:19:21.0151 1648 hkmsvc - ok

10:19:21.0264 1648 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

10:19:21.0340 1648 HomeGroupListener - ok

10:19:21.0367 1648 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

10:19:21.0423 1648 HomeGroupProvider - ok

10:19:21.0457 1648 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

10:19:21.0502 1648 HpSAMD - ok

10:19:21.0593 1648 HSF_DPV (8774d021a3fffe44150f8510381deee6) C:\Windows\system32\DRIVERS\CAX_DPV.sys

10:19:21.0674 1648 HSF_DPV - ok

10:19:21.0782 1648 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

10:19:21.0894 1648 HTTP - ok

10:19:21.0914 1648 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

10:19:21.0944 1648 hwpolicy - ok

10:19:21.0963 1648 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

10:19:21.0998 1648 i8042prt - ok

10:19:22.0049 1648 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys

10:19:22.0102 1648 iaStor - ok

10:19:22.0140 1648 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

10:19:22.0185 1648 iaStorV - ok

10:19:22.0280 1648 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

10:19:22.0341 1648 idsvc - ok

10:19:22.0599 1648 igfx (24cc43ecdeefd4c19fbbee4951b647f1) C:\Windows\system32\DRIVERS\igdkmd64.sys

10:19:22.0835 1648 igfx - ok

10:19:22.0921 1648 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

10:19:22.0973 1648 iirsp - ok

10:19:23.0067 1648 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

10:19:23.0155 1648 IKEEXT - ok

10:19:23.0314 1648 IntcAzAudAddService (02c93ebaa4421418411448fe7fdfd815) C:\Windows\system32\drivers\RTKVHD64.sys

10:19:23.0500 1648 IntcAzAudAddService - ok

10:19:23.0584 1648 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys

10:19:23.0646 1648 IntcDAud - ok

10:19:23.0667 1648 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

10:19:23.0695 1648 intelide - ok

10:19:23.0713 1648 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

10:19:23.0753 1648 intelppm - ok

10:19:23.0782 1648 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

10:19:23.0855 1648 IPBusEnum - ok

10:19:23.0873 1648 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:19:23.0932 1648 IpFilterDriver - ok

10:19:23.0971 1648 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

10:19:24.0065 1648 iphlpsvc - ok

10:19:24.0083 1648 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

10:19:24.0123 1648 IPMIDRV - ok

10:19:24.0140 1648 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

10:19:24.0212 1648 IPNAT - ok

10:19:24.0295 1648 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

10:19:24.0355 1648 iPod Service - ok

10:19:24.0369 1648 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

10:19:24.0439 1648 IRENUM - ok

10:19:24.0462 1648 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

10:19:24.0504 1648 isapnp - ok

10:19:24.0529 1648 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

10:19:24.0567 1648 iScsiPrt - ok

10:19:24.0587 1648 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

10:19:24.0618 1648 kbdclass - ok

10:19:24.0632 1648 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

10:19:24.0674 1648 kbdhid - ok

10:19:24.0703 1648 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

10:19:24.0729 1648 kbfiltr - ok

10:19:24.0753 1648 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:19:24.0787 1648 KeyIso - ok

10:19:24.0809 1648 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

10:19:24.0841 1648 KSecDD - ok

10:19:24.0860 1648 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

10:19:24.0893 1648 KSecPkg - ok

10:19:24.0905 1648 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

10:19:24.0967 1648 ksthunk - ok

10:19:25.0002 1648 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

10:19:25.0093 1648 KtmRm - ok

10:19:25.0122 1648 L1C (655a5d8e80869781cce23760ada7e695) C:\Windows\system32\DRIVERS\L1C62x64.sys

10:19:25.0153 1648 L1C - ok

10:19:25.0189 1648 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

10:19:25.0270 1648 LanmanServer - ok

10:19:25.0298 1648 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

10:19:25.0375 1648 LanmanWorkstation - ok

10:19:25.0405 1648 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

10:19:25.0472 1648 lltdio - ok

10:19:25.0535 1648 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

10:19:25.0614 1648 lltdsvc - ok

10:19:25.0630 1648 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

10:19:25.0691 1648 lmhosts - ok

10:19:25.0721 1648 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

10:19:25.0753 1648 LSI_FC - ok

10:19:25.0778 1648 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

10:19:25.0810 1648 LSI_SAS - ok

10:19:25.0827 1648 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

10:19:25.0857 1648 LSI_SAS2 - ok

10:19:25.0874 1648 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

10:19:25.0905 1648 LSI_SCSI - ok

10:19:25.0930 1648 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

10:19:25.0999 1648 luafv - ok

10:19:26.0058 1648 lxecCATSCustConnectService (1f02b554ddc4086d786537a3bf6488f1) C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe

10:19:26.0088 1648 lxecCATSCustConnectService - ok

10:19:26.0096 1648 lxec_device - ok

10:19:26.0121 1648 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

10:19:26.0151 1648 MBAMProtector - ok

10:19:26.0218 1648 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

10:19:26.0256 1648 MBAMService - ok

10:19:26.0295 1648 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

10:19:26.0342 1648 Mcx2Svc - ok

10:19:26.0365 1648 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys

10:19:26.0410 1648 mdmxsdk - ok

10:19:26.0434 1648 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

10:19:26.0463 1648 megasas - ok

10:19:26.0490 1648 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

10:19:26.0531 1648 MegaSR - ok

10:19:26.0560 1648 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

10:19:26.0587 1648 MEIx64 - ok

10:19:26.0617 1648 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

10:19:26.0715 1648 MMCSS - ok

10:19:26.0728 1648 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

10:19:26.0798 1648 Modem - ok

10:19:26.0832 1648 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

10:19:26.0877 1648 monitor - ok

10:19:26.0899 1648 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

10:19:26.0930 1648 mouclass - ok

10:19:26.0948 1648 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys

10:19:26.0998 1648 mouhid - ok

10:19:27.0017 1648 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

10:19:27.0049 1648 mountmgr - ok

10:19:27.0099 1648 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

10:19:27.0130 1648 MozillaMaintenance - ok

10:19:27.0157 1648 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

10:19:27.0202 1648 mpio - ok

10:19:27.0226 1648 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

10:19:27.0292 1648 mpsdrv - ok

10:19:27.0367 1648 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

10:19:27.0457 1648 MpsSvc - ok

10:19:27.0480 1648 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

10:19:27.0537 1648 MRxDAV - ok

10:19:27.0563 1648 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

10:19:27.0614 1648 mrxsmb - ok

10:19:27.0643 1648 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:19:27.0691 1648 mrxsmb10 - ok

10:19:27.0717 1648 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:19:27.0758 1648 mrxsmb20 - ok

10:19:27.0775 1648 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

10:19:27.0805 1648 msahci - ok

10:19:27.0826 1648 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

10:19:27.0860 1648 msdsm - ok

10:19:27.0894 1648 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

10:19:27.0943 1648 MSDTC - ok

10:19:27.0979 1648 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

10:19:28.0046 1648 Msfs - ok

10:19:28.0064 1648 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

10:19:28.0135 1648 mshidkmdf - ok

10:19:28.0152 1648 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

10:19:28.0183 1648 msisadrv - ok

10:19:28.0229 1648 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

10:19:28.0306 1648 MSiSCSI - ok

10:19:28.0319 1648 msiserver - ok

10:19:28.0335 1648 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

10:19:28.0403 1648 MSKSSRV - ok

10:19:28.0413 1648 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

10:19:28.0481 1648 MSPCLOCK - ok

10:19:28.0494 1648 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

10:19:28.0564 1648 MSPQM - ok

10:19:28.0600 1648 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

10:19:28.0662 1648 MsRPC - ok

10:19:28.0704 1648 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

10:19:28.0748 1648 mssmbios - ok

10:19:28.0783 1648 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

10:19:28.0857 1648 MSTEE - ok

10:19:28.0876 1648 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

10:19:28.0948 1648 MTConfig - ok

10:19:28.0975 1648 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

10:19:29.0009 1648 Mup - ok

10:19:29.0058 1648 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

10:19:29.0159 1648 napagent - ok

10:19:29.0194 1648 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

10:19:29.0256 1648 NativeWifiP - ok

10:19:29.0609 1648 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys

10:19:29.0672 1648 NDIS - ok

10:19:29.0711 1648 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

10:19:29.0829 1648 NdisCap - ok

10:19:29.0863 1648 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

10:19:29.0940 1648 NdisTapi - ok

10:19:29.0960 1648 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

10:19:30.0047 1648 Ndisuio - ok

10:19:30.0077 1648 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

10:19:30.0158 1648 NdisWan - ok

10:19:30.0180 1648 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

10:19:30.0260 1648 NDProxy - ok

10:19:30.0287 1648 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

10:19:30.0365 1648 NetBIOS - ok

10:19:30.0390 1648 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

10:19:30.0461 1648 NetBT - ok

10:19:30.0488 1648 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:19:30.0522 1648 Netlogon - ok

10:19:30.0574 1648 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

10:19:30.0661 1648 Netman - ok

10:19:30.0723 1648 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:19:30.0764 1648 NetMsmqActivator - ok

10:19:30.0776 1648 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:19:30.0817 1648 NetPipeActivator - ok

10:19:30.0860 1648 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

10:19:30.0948 1648 netprofm - ok

10:19:30.0973 1648 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:19:31.0006 1648 NetTcpActivator - ok

10:19:31.0026 1648 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:19:31.0061 1648 NetTcpPortSharing - ok

10:19:31.0104 1648 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

10:19:31.0136 1648 nfrd960 - ok

10:19:31.0218 1648 nicconfigsvc (1a9a9d1573d3ee1620a667e2e2032690) C:\Program Files\Dell\QuickSet\NicConfigSvc.exe

10:19:31.0253 1648 nicconfigsvc - ok

10:19:31.0289 1648 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

10:19:31.0368 1648 NlaSvc - ok

10:19:31.0388 1648 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

10:19:31.0448 1648 Npfs - ok

10:19:31.0467 1648 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

10:19:31.0539 1648 nsi - ok

10:19:31.0569 1648 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

10:19:31.0639 1648 nsiproxy - ok

10:19:31.0735 1648 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

10:19:31.0836 1648 Ntfs - ok

10:19:31.0925 1648 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

10:19:32.0016 1648 Null - ok

10:19:32.0047 1648 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

10:19:32.0096 1648 nvraid - ok

10:19:32.0134 1648 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

10:19:32.0171 1648 nvstor - ok

10:19:32.0216 1648 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

10:19:32.0258 1648 nv_agp - ok

10:19:32.0338 1648 OAcat (faef7b156e073f0450c5087f57696f0b) C:\Program Files (x86)\Online Armor\OAcat.exe

10:19:32.0386 1648 OAcat - ok

10:19:32.0457 1648 OADevice (9c78f13766ab2629e11fb0dfb162ee33) C:\Windows\SysWow64\Drivers\OADriver.sys

10:19:32.0484 1648 OADevice - ok

10:19:32.0510 1648 oahlpXX (6cdb036083ef969210d2f747c8ab5771) C:\Windows\syswow64\drivers\oahlp64.sys

10:19:32.0537 1648 oahlpXX - ok

10:19:32.0563 1648 OAnet (f99c170cf63de515c51bb11e76ea23ec) C:\Windows\system32\DRIVERS\oanet.sys

10:19:32.0596 1648 OAnet - ok

10:19:32.0617 1648 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

10:19:32.0664 1648 ohci1394 - ok

10:19:32.0722 1648 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

10:19:32.0757 1648 ose - ok

10:19:32.0814 1648 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

10:19:32.0889 1648 p2pimsvc - ok

10:19:32.0928 1648 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

10:19:32.0985 1648 p2psvc - ok

10:19:33.0014 1648 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

10:19:33.0060 1648 Parport - ok

10:19:33.0089 1648 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

10:19:33.0124 1648 partmgr - ok

10:19:33.0154 1648 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

10:19:33.0231 1648 PcaSvc - ok

10:19:33.0277 1648 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

10:19:33.0314 1648 pci - ok

10:19:33.0345 1648 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

10:19:33.0383 1648 pciide - ok

10:19:33.0414 1648 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

10:19:33.0456 1648 pcmcia - ok

10:19:33.0492 1648 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

10:19:33.0526 1648 pcw - ok

10:19:33.0575 1648 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

10:19:33.0677 1648 PEAUTH - ok

10:19:33.0789 1648 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

10:19:33.0837 1648 PerfHost - ok

10:19:33.0977 1648 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

10:19:34.0084 1648 pla - ok

10:19:34.0138 1648 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

10:19:34.0209 1648 PlugPlay - ok

10:19:34.0230 1648 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

10:19:34.0280 1648 PNRPAutoReg - ok

10:19:34.0336 1648 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

10:19:34.0378 1648 PNRPsvc - ok

10:19:34.0446 1648 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

10:19:34.0548 1648 PolicyAgent - ok

10:19:34.0594 1648 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

10:19:34.0685 1648 Power - ok

10:19:34.0741 1648 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

10:19:34.0823 1648 PptpMiniport - ok

10:19:34.0868 1648 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

10:19:34.0920 1648 Processor - ok

10:19:34.0974 1648 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

10:19:35.0069 1648 ProfSvc - ok

10:19:35.0117 1648 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:19:35.0170 1648 ProtectedStorage - ok

10:19:35.0192 1648 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

10:19:35.0259 1648 Psched - ok

10:19:35.0344 1648 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

10:19:35.0430 1648 ql2300 - ok

10:19:35.0523 1648 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

10:19:35.0558 1648 ql40xx - ok

10:19:35.0597 1648 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

10:19:35.0647 1648 QWAVE - ok

10:19:35.0666 1648 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

10:19:35.0711 1648 QWAVEdrv - ok

10:19:35.0722 1648 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

10:19:35.0787 1648 RasAcd - ok

10:19:35.0823 1648 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

10:19:35.0908 1648 RasAgileVpn - ok

10:19:35.0934 1648 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

10:19:36.0004 1648 RasAuto - ok

10:19:36.0028 1648 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

10:19:36.0099 1648 Rasl2tp - ok

10:19:36.0134 1648 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

10:19:36.0214 1648 RasMan - ok

10:19:36.0236 1648 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

10:19:36.0298 1648 RasPppoe - ok

10:19:36.0323 1648 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

10:19:36.0397 1648 RasSstp - ok

10:19:36.0430 1648 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

10:19:36.0522 1648 rdbss - ok

10:19:36.0541 1648 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

10:19:36.0579 1648 rdpbus - ok

10:19:36.0602 1648 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

10:19:36.0674 1648 RDPCDD - ok

10:19:36.0700 1648 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

10:19:36.0769 1648 RDPENCDD - ok

10:19:36.0794 1648 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

10:19:36.0861 1648 RDPREFMP - ok

10:19:36.0894 1648 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

10:19:36.0956 1648 RDPWD - ok

10:19:37.0000 1648 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

10:19:37.0041 1648 rdyboost - ok

10:19:37.0089 1648 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

10:19:37.0163 1648 RemoteAccess - ok

10:19:37.0208 1648 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

10:19:37.0290 1648 RemoteRegistry - ok

10:19:37.0320 1648 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

10:19:37.0374 1648 RFCOMM - ok

10:19:37.0406 1648 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

10:19:37.0493 1648 RpcEptMapper - ok

10:19:37.0544 1648 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

10:19:37.0600 1648 RpcLocator - ok

10:19:37.0646 1648 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

10:19:37.0738 1648 RpcSs - ok

10:19:37.0756 1648 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

10:19:37.0821 1648 rspndr - ok

10:19:37.0845 1648 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:19:37.0877 1648 SamSs - ok

10:19:37.0898 1648 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

10:19:37.0935 1648 sbp2port - ok

10:19:37.0968 1648 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

10:19:38.0064 1648 SCardSvr - ok

10:19:38.0084 1648 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

10:19:38.0149 1648 scfilter - ok

10:19:38.0226 1648 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

10:19:38.0331 1648 Schedule - ok

10:19:38.0376 1648 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

10:19:38.0441 1648 SCPolicySvc - ok

10:19:38.0478 1648 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

10:19:38.0537 1648 SDRSVC - ok

10:19:38.0579 1648 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

10:19:38.0656 1648 secdrv - ok

10:19:38.0679 1648 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

10:19:38.0741 1648 seclogon - ok

10:19:38.0759 1648 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

10:19:38.0848 1648 SENS - ok

10:19:38.0876 1648 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

10:19:38.0917 1648 SensrSvc - ok

10:19:38.0941 1648 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

10:19:38.0996 1648 Serenum - ok

10:19:39.0028 1648 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

10:19:39.0079 1648 Serial - ok

10:19:39.0092 1648 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

10:19:39.0133 1648 sermouse - ok

10:19:39.0189 1648 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

10:19:39.0263 1648 SessionEnv - ok

10:19:39.0276 1648 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

10:19:39.0323 1648 sffdisk - ok

10:19:39.0335 1648 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

10:19:39.0377 1648 sffp_mmc - ok

10:19:39.0390 1648 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

10:19:39.0434 1648 sffp_sd - ok

10:19:39.0447 1648 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

10:19:39.0484 1648 sfloppy - ok

10:19:39.0537 1648 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

10:19:39.0624 1648 SharedAccess - ok

10:19:39.0679 1648 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

10:19:39.0762 1648 ShellHWDetection - ok

10:19:39.0785 1648 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

10:19:39.0828 1648 SiSGbeLH - ok

10:19:39.0843 1648 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

10:19:39.0874 1648 SiSRaid2 - ok

10:19:39.0892 1648 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

10:19:39.0924 1648 SiSRaid4 - ok

10:19:39.0951 1648 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

10:19:40.0030 1648 Smb - ok

10:19:40.0077 1648 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

10:19:40.0117 1648 SNMPTRAP - ok

10:19:40.0142 1648 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

10:19:40.0171 1648 spldr - ok

10:19:40.0213 1648 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

10:19:40.0297 1648 Spooler - ok

10:19:40.0453 1648 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

10:19:40.0598 1648 sppsvc - ok

10:19:40.0686 1648 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

10:19:40.0748 1648 sppuinotify - ok

10:19:40.0794 1648 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

10:19:40.0859 1648 srv - ok

10:19:40.0901 1648 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

10:19:40.0964 1648 srv2 - ok

10:19:41.0005 1648 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

10:19:41.0046 1648 SrvHsfHDA - ok

10:19:41.0121 1648 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

10:19:41.0213 1648 SrvHsfV92 - ok

10:19:41.0311 1648 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

10:19:41.0368 1648 SrvHsfWinac - ok

10:19:41.0400 1648 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

10:19:41.0435 1648 srvnet - ok

10:19:41.0472 1648 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

10:19:41.0549 1648 SSDPSRV - ok

10:19:41.0576 1648 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

10:19:41.0640 1648 SstpSvc - ok

10:19:41.0663 1648 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

10:19:41.0693 1648 stexstor - ok

10:19:41.0750 1648 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

10:19:41.0833 1648 stisvc - ok

10:19:42.0062 1648 SvcOnlineArmor (578a7d52c4f7ca65e109b4e7c7ac5cb3) C:\Program Files (x86)\Online Armor\oasrv.exe

10:19:42.0183 1648 SvcOnlineArmor - ok

10:19:42.0269 1648 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

10:19:42.0298 1648 swenum - ok

10:19:42.0338 1648 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

10:19:42.0416 1648 swprv - ok

10:19:42.0520 1648 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

10:19:42.0622 1648 SysMain - ok

10:19:42.0682 1648 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

10:19:42.0724 1648 TabletInputService - ok

10:19:42.0769 1648 tap0901 (f9be29d5e097f03f81d3cd12b794cb66) C:\Windows\system32\DRIVERS\tap0901.sys

10:19:42.0817 1648 tap0901 - ok

10:19:42.0856 1648 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

10:19:42.0945 1648 TapiSrv - ok

10:19:42.0967 1648 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

10:19:43.0032 1648 TBS - ok

10:19:43.0132 1648 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

10:19:43.0225 1648 Tcpip - ok

10:19:43.0384 1648 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

10:19:43.0450 1648 TCPIP6 - ok

10:19:43.0526 1648 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

10:19:43.0598 1648 tcpipreg - ok

10:19:43.0627 1648 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

10:19:43.0660 1648 TDPIPE - ok

10:19:43.0691 1648 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

10:19:43.0738 1648 TDTCP - ok

10:19:43.0763 1648 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

10:19:43.0823 1648 tdx - ok

10:19:43.0844 1648 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

10:19:43.0875 1648 TermDD - ok

10:19:43.0921 1648 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

10:19:44.0022 1648 TermService - ok

10:19:44.0045 1648 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

10:19:44.0087 1648 Themes - ok

10:19:44.0120 1648 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

10:19:44.0180 1648 THREADORDER - ok

10:19:44.0206 1648 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

10:19:44.0285 1648 TrkWks - ok

10:19:44.0337 1648 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

10:19:44.0420 1648 TrustedInstaller - ok

10:19:44.0454 1648 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

10:19:44.0514 1648 tssecsrv - ok

10:19:44.0541 1648 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

10:19:44.0589 1648 TsUsbFlt - ok

10:19:44.0623 1648 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

10:19:44.0667 1648 TsUsbGD - ok

10:19:44.0690 1648 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

10:19:44.0763 1648 tunnel - ok

10:19:44.0793 1648 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys

10:19:44.0820 1648 TurboB - ok

10:19:44.0843 1648 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

10:19:44.0874 1648 uagp35 - ok

10:19:44.0912 1648 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

10:19:44.0993 1648 udfs - ok

10:19:45.0052 1648 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

10:19:45.0104 1648 UI0Detect - ok

10:19:45.0122 1648 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

10:19:45.0152 1648 uliagpkx - ok

10:19:45.0175 1648 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

10:19:45.0214 1648 umbus - ok

10:19:45.0229 1648 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

10:19:45.0263 1648 UmPass - ok

10:19:45.0298 1648 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

10:19:45.0384 1648 upnphost - ok

10:19:45.0419 1648 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

10:19:45.0454 1648 USBAAPL64 - ok

10:19:45.0482 1648 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

10:19:45.0541 1648 usbccgp - ok

10:19:45.0566 1648 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

10:19:45.0605 1648 usbcir - ok

10:19:45.0632 1648 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

10:19:45.0669 1648 usbehci - ok

10:19:45.0706 1648 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

10:19:45.0761 1648 usbhub - ok

10:19:45.0793 1648 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

10:19:45.0831 1648 usbohci - ok

10:19:45.0853 1648 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

10:19:45.0889 1648 usbprint - ok

10:19:45.0920 1648 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

10:19:45.0964 1648 usbscan - ok

10:19:45.0998 1648 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:19:46.0063 1648 USBSTOR - ok

10:19:46.0092 1648 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

10:19:46.0134 1648 usbuhci - ok

10:19:46.0167 1648 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

10:19:46.0217 1648 usbvideo - ok

10:19:46.0246 1648 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

10:19:46.0316 1648 UxSms - ok

10:19:46.0347 1648 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:19:46.0378 1648 VaultSvc - ok

10:19:46.0400 1648 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

10:19:46.0430 1648 vdrvroot - ok

10:19:46.0470 1648 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

10:19:46.0538 1648 vds - ok

10:19:46.0567 1648 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

10:19:46.0602 1648 vga - ok

10:19:46.0623 1648 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

10:19:46.0692 1648 VgaSave - ok

10:19:46.0719 1648 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

10:19:46.0760 1648 vhdmp - ok

10:19:46.0784 1648 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

10:19:46.0814 1648 viaide - ok

10:19:46.0840 1648 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

10:19:46.0870 1648 volmgr - ok

10:19:46.0905 1648 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

10:19:46.0952 1648 volmgrx - ok

10:19:47.0005 1648 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys

10:19:47.0047 1648 volsnap - ok

10:19:47.0076 1648 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

10:19:47.0110 1648 vsmraid - ok

10:19:47.0196 1648 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

10:19:47.0293 1648 VSS - ok

10:19:47.0377 1648 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

10:19:47.0421 1648 vwifibus - ok

10:19:47.0443 1648 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

10:19:47.0496 1648 vwififlt - ok

10:19:47.0526 1648 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

10:19:47.0568 1648 vwifimp - ok

10:19:47.0602 1648 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

10:19:47.0684 1648 W32Time - ok

10:19:47.0716 1648 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

10:19:47.0758 1648 WacomPen - ok

10:19:47.0788 1648 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

10:19:47.0858 1648 WANARP - ok

10:19:47.0869 1648 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

10:19:47.0928 1648 Wanarpv6 - ok

10:19:48.0010 1648 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

10:19:48.0087 1648 WatAdminSvc - ok

10:19:48.0171 1648 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

10:19:48.0243 1648 wbengine - ok

10:19:48.0331 1648 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

10:19:48.0377 1648 WbioSrvc - ok

10:19:48.0414 1648 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

10:19:48.0477 1648 wcncsvc - ok

10:19:48.0503 1648 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

10:19:48.0555 1648 WcsPlugInService - ok

10:19:48.0602 1648 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

10:19:48.0631 1648 Wd - ok

10:19:48.0685 1648 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

10:19:48.0740 1648 Wdf01000 - ok

10:19:48.0762 1648 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

10:19:48.0886 1648 WdiServiceHost - ok

10:19:48.0901 1648 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

10:19:48.0942 1648 WdiSystemHost - ok

10:19:48.0988 1648 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

10:19:49.0051 1648 WebClient - ok

10:19:49.0084 1648 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

10:19:49.0174 1648 Wecsvc - ok

10:19:49.0208 1648 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

10:19:49.0279 1648 wercplsupport - ok

10:19:49.0313 1648 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

10:19:49.0385 1648 WerSvc - ok

10:19:49.0434 1648 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

10:19:49.0505 1648 WfpLwf - ok

10:19:49.0543 1648 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

10:19:49.0577 1648 WimFltr - ok

10:19:49.0602 1648 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

10:19:49.0633 1648 WIMMount - ok

10:19:49.0699 1648 winachsf (47e8fe123d0a99dc0e172f89425b9342) C:\Windows\system32\DRIVERS\CAX_CNXT.sys

10:19:49.0756 1648 winachsf - ok

10:19:49.0794 1648 WinDefend - ok

10:19:49.0833 1648 WinHttpAutoProxySvc - ok

10:19:49.0894 1648 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

10:19:49.0969 1648 Winmgmt - ok

10:19:50.0075 1648 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

10:19:50.0218 1648 WinRM - ok

10:19:50.0342 1648 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

10:19:50.0383 1648 WinUsb - ok

10:19:50.0456 1648 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

10:19:50.0541 1648 Wlansvc - ok

10:19:50.0625 1648 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

10:19:50.0666 1648 wlcrasvc - ok

10:19:50.0821 1648 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

10:19:50.0916 1648 wlidsvc - ok

10:19:50.0981 1648 wltrysvc (55dbb16fdc57808615323389241fdc99) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

10:19:50.0999 1648 wltrysvc ( UnsignedFile.Multi.Generic ) - warning

10:19:50.0999 1648 wltrysvc - detected UnsignedFile.Multi.Generic (1)

10:19:51.0091 1648 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

10:19:51.0141 1648 WmiAcpi - ok

10:19:51.0215 1648 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

10:19:51.0259 1648 wmiApSrv - ok

10:19:51.0296 1648 WMPNetworkSvc - ok

10:19:51.0337 1648 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

10:19:51.0381 1648 WPCSvc - ok

10:19:51.0404 1648 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

10:19:51.0458 1648 WPDBusEnum - ok

10:19:51.0481 1648 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

10:19:51.0542 1648 ws2ifsl - ok

10:19:51.0564 1648 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

10:19:51.0606 1648 wscsvc - ok

10:19:51.0621 1648 WSearch - ok

10:19:51.0750 1648 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

10:19:51.0894 1648 wuauserv - ok

10:19:51.0984 1648 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

10:19:52.0062 1648 WudfPf - ok

10:19:52.0094 1648 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

10:19:52.0159 1648 WUDFRd - ok

10:19:52.0192 1648 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

10:19:52.0256 1648 wudfsvc - ok

10:19:52.0284 1648 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

10:19:52.0346 1648 WwanSvc - ok

10:19:52.0372 1648 XAudio (e288fa83c178a3458bac1fa80b346c06) C:\Windows\system32\DRIVERS\xaudio64.sys

10:19:52.0401 1648 XAudio - ok

10:19:52.0440 1648 XAudioService (510652a925b5d6c3892379d263a87f00) C:\Windows\system32\DRIVERS\xaudio64.exe

10:19:52.0486 1648 XAudioService - ok

10:19:52.0590 1648 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

10:19:52.0914 1648 \Device\Harddisk0\DR0 - ok

10:19:52.0922 1648 Boot (0x1200) (b5dd961fe4cb2211a4f2a11614dec531) \Device\Harddisk0\DR0\Partition0

10:19:52.0926 1648 \Device\Harddisk0\DR0\Partition0 - ok

10:19:52.0952 1648 Boot (0x1200) (3746ee3069bf7acfafcaa7f893c52bab) \Device\Harddisk0\DR0\Partition1

10:19:52.0955 1648 \Device\Harddisk0\DR0\Partition1 - ok

eblaine · June 8, 2012

10:19:52.0958 1648 ============================================================

10:19:52.0958 1648 Scan finished

10:19:52.0958 1648 ============================================================

10:19:52.0979 4132 Detected object count: 2

10:19:52.0979 4132 Actual detected object count: 2

10:20:54.0396 4132 becldr3Service ( UnsignedFile.Multi.Generic ) - skipped by user

10:20:54.0396 4132 becldr3Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:20:54.0405 4132 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user

10:20:54.0405 4132 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:28:35.0463 2512 ============================================================

10:28:35.0464 2512 Scan started

10:28:35.0464 2512 Mode: Manual; SigCheck; TDLFS;

10:28:35.0464 2512 ============================================================

10:28:35.0838 2512 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

10:28:35.0888 2512 1394ohci - ok

10:28:35.0933 2512 a2acc (922ab7cc2c12c38dc2c4074af893d5fb) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys

10:28:36.0024 2512 a2acc - ok

10:28:36.0154 2512 a2AntiMalware (0d5cb73fd036d9e904e0fc443e4e71ca) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

10:28:36.0249 2512 a2AntiMalware - ok

10:28:36.0257 2512 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys

10:28:36.0284 2512 A2DDA - ok

10:28:36.0302 2512 a2injectiondriver (905cda5a8d86f733df8000909b4916ed) C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys

10:28:36.0326 2512 a2injectiondriver - ok

10:28:36.0338 2512 a2util (e41d79682a209f72f4f578cfd4a53952) C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys

10:28:36.0363 2512 a2util - ok

10:28:36.0445 2512 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

10:28:36.0481 2512 ACPI - ok

10:28:36.0492 2512 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

10:28:36.0526 2512 AcpiPmi - ok

10:28:36.0585 2512 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

10:28:36.0615 2512 AdobeFlashPlayerUpdateSvc - ok

10:28:36.0651 2512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

10:28:36.0689 2512 adp94xx - ok

10:28:36.0711 2512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

10:28:36.0746 2512 adpahci - ok

10:28:36.0763 2512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

10:28:36.0794 2512 adpu320 - ok

10:28:36.0895 2512 AdvancedSystemCareService5 (96d6cdd0b32846e8cfbe592f4f32e608) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe

10:28:36.0949 2512 AdvancedSystemCareService5 - ok

10:28:36.0974 2512 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

10:28:37.0035 2512 AeLookupSvc - ok

10:28:37.0084 2512 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

10:28:37.0122 2512 AFD - ok

10:28:37.0133 2512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

10:28:37.0162 2512 agp440 - ok

10:28:37.0188 2512 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

10:28:37.0220 2512 ALG - ok

10:28:37.0240 2512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

10:28:37.0268 2512 aliide - ok

10:28:37.0275 2512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

10:28:37.0304 2512 amdide - ok

10:28:37.0312 2512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

10:28:37.0344 2512 AmdK8 - ok

10:28:37.0357 2512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

10:28:37.0389 2512 AmdPPM - ok

10:28:37.0400 2512 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

10:28:37.0430 2512 amdsata - ok

10:28:37.0443 2512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

10:28:37.0475 2512 amdsbs - ok

10:28:37.0491 2512 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

10:28:37.0519 2512 amdxata - ok

10:28:37.0534 2512 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

10:28:37.0591 2512 AppID - ok

10:28:37.0601 2512 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

10:28:37.0660 2512 AppIDSvc - ok

10:28:37.0681 2512 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

10:28:37.0738 2512 Appinfo - ok

10:28:37.0799 2512 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

10:28:37.0833 2512 Apple Mobile Device - ok

10:28:37.0851 2512 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

10:28:37.0880 2512 arc - ok

10:28:37.0893 2512 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

10:28:37.0923 2512 arcsas - ok

10:28:37.0951 2512 asmthub3 (c5f36b1087553bac84b493e4dfea9036) C:\Windows\system32\DRIVERS\asmthub3.sys

10:28:37.0988 2512 asmthub3 - ok

10:28:38.0023 2512 asmtxhci (aa6797e04ac24dbac4c239a33f468463) C:\Windows\system32\DRIVERS\asmtxhci.sys

10:28:38.0073 2512 asmtxhci - ok

10:28:38.0133 2512 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

10:28:38.0161 2512 aspnet_state - ok

10:28:38.0177 2512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

10:28:38.0238 2512 AsyncMac - ok

10:28:38.0258 2512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

10:28:38.0289 2512 atapi - ok

10:28:38.0413 2512 athr (b4174564ad5834a1680610572477878c) C:\Windows\system32\DRIVERS\athrx.sys

10:28:38.0496 2512 athr - ok

10:28:38.0563 2512 ATKWMIACPIIO - ok

10:28:38.0614 2512 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

10:28:38.0716 2512 AudioEndpointBuilder - ok

10:28:38.0729 2512 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

10:28:38.0796 2512 AudioSrv - ok

10:28:38.0816 2512 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

10:28:38.0855 2512 AxInstSV - ok

10:28:38.0900 2512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

10:28:38.0960 2512 b06bdrv - ok

10:28:38.0988 2512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

10:28:39.0031 2512 b57nd60a - ok

10:28:39.0058 2512 BCM42RLY (c3d8920a5aaf10a72cedb57d3339280a) C:\Windows\system32\drivers\BCM42RLY.sys

10:28:39.0084 2512 BCM42RLY - ok

10:28:39.0268 2512 BCM43XX (d20ee58c13ff343b90550861ebcd9ddd) C:\Windows\system32\DRIVERS\bcmwl664.sys

10:28:39.0460 2512 BCM43XX - ok

10:28:39.0518 2512 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

10:28:39.0553 2512 BDESVC - ok

10:28:39.0610 2512 becldr3Service (cb7ce2e47139b620d2b87078165f1ad0) C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe

10:28:39.0632 2512 becldr3Service ( UnsignedFile.Multi.Generic ) - warning

10:28:39.0632 2512 becldr3Service - detected UnsignedFile.Multi.Generic (1)

10:28:39.0669 2512 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

10:28:39.0732 2512 Beep - ok

10:28:39.0773 2512 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

10:28:39.0849 2512 BFE - ok

10:28:39.0907 2512 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

10:28:39.0989 2512 BITS - ok

10:28:40.0019 2512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

10:28:40.0052 2512 blbdrive - ok

10:28:40.0109 2512 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

10:28:40.0153 2512 Bonjour Service - ok

10:28:40.0171 2512 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

10:28:40.0211 2512 bowser - ok

10:28:40.0229 2512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

10:28:40.0266 2512 BrFiltLo - ok

10:28:40.0273 2512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

10:28:40.0307 2512 BrFiltUp - ok

10:28:40.0323 2512 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

10:28:40.0383 2512 Browser - ok

10:28:40.0408 2512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

10:28:40.0451 2512 Brserid - ok

10:28:40.0460 2512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

10:28:40.0497 2512 BrSerWdm - ok

10:28:40.0508 2512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

10:28:40.0544 2512 BrUsbMdm - ok

10:28:40.0553 2512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

10:28:40.0585 2512 BrUsbSer - ok

10:28:40.0595 2512 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys

10:28:40.0650 2512 BthEnum - ok

10:28:40.0662 2512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

10:28:40.0698 2512 BTHMODEM - ok

10:28:40.0713 2512 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

10:28:40.0749 2512 BthPan - ok

10:28:40.0780 2512 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys

10:28:40.0838 2512 BTHPORT - ok

10:28:40.0853 2512 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

10:28:40.0913 2512 bthserv - ok

10:28:40.0934 2512 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys

10:28:40.0967 2512 BTHUSB - ok

10:28:41.0002 2512 CAXHWAZL (0ca8ed7f262a3d0034f156bdfdf4814c) C:\Windows\system32\DRIVERS\CAXHWAZL.sys

10:28:41.0049 2512 CAXHWAZL - ok

10:28:41.0071 2512 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

10:28:41.0131 2512 cdfs - ok

10:28:41.0149 2512 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

10:28:41.0186 2512 cdrom - ok

10:28:41.0204 2512 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

10:28:41.0263 2512 CertPropSvc - ok

10:28:41.0430 2512 CGVPNCliSrvc (213b6ec3de19e35373a1906397588429) C:\Program Files\CyberGhost VPN\CGVPNCliService.exe

10:28:41.0535 2512 CGVPNCliSrvc - ok

10:28:41.0618 2512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

10:28:41.0656 2512 circlass - ok

10:28:41.0691 2512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

10:28:41.0739 2512 CLFS - ok

10:28:41.0801 2512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:28:41.0829 2512 clr_optimization_v2.0.50727_32 - ok

10:28:41.0866 2512 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

10:28:41.0894 2512 clr_optimization_v2.0.50727_64 - ok

10:28:41.0942 2512 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

10:28:41.0971 2512 clr_optimization_v4.0.30319_32 - ok

10:28:42.0009 2512 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

10:28:42.0040 2512 clr_optimization_v4.0.30319_64 - ok

10:28:42.0053 2512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

10:28:42.0085 2512 CmBatt - ok

10:28:42.0099 2512 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

10:28:42.0129 2512 cmdide - ok

10:28:42.0164 2512 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

10:28:42.0218 2512 CNG - ok

10:28:42.0232 2512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

10:28:42.0261 2512 Compbatt - ok

10:28:42.0276 2512 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

10:28:42.0311 2512 CompositeBus - ok

10:28:42.0317 2512 COMSysApp - ok

10:28:42.0342 2512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

10:28:42.0372 2512 crcdisk - ok

10:28:42.0408 2512 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

10:28:42.0472 2512 CryptSvc - ok

10:28:42.0527 2512 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

10:28:42.0599 2512 DcomLaunch - ok

10:28:42.0629 2512 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

10:28:42.0699 2512 defragsvc - ok

10:28:42.0714 2512 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

10:28:42.0773 2512 DfsC - ok

10:28:42.0800 2512 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

10:28:42.0865 2512 Dhcp - ok

10:28:42.0877 2512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

10:28:42.0938 2512 discache - ok

10:28:42.0954 2512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

10:28:42.0985 2512 Disk - ok

10:28:43.0003 2512 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

10:28:43.0044 2512 Dnscache - ok

10:28:43.0069 2512 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

10:28:43.0136 2512 dot3svc - ok

10:28:43.0160 2512 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

10:28:43.0221 2512 DPS - ok

10:28:43.0238 2512 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

10:28:43.0273 2512 drmkaud - ok

10:28:43.0323 2512 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

10:28:43.0381 2512 DXGKrnl - ok

10:28:43.0397 2512 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

10:28:43.0460 2512 EapHost - ok

10:28:43.0600 2512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

10:28:43.0722 2512 ebdrv - ok

10:28:43.0796 2512 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

10:28:43.0848 2512 EFS - ok

10:28:43.0911 2512 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

10:28:43.0963 2512 ehRecvr - ok

10:28:43.0989 2512 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

10:28:44.0026 2512 ehSched - ok

10:28:44.0095 2512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

10:28:44.0147 2512 elxstor - ok

10:28:44.0161 2512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

10:28:44.0194 2512 ErrDev - ok

10:28:44.0238 2512 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

10:28:44.0302 2512 EventSystem - ok

10:28:44.0328 2512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

10:28:44.0391 2512 exfat - ok

10:28:44.0418 2512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

10:28:44.0480 2512 fastfat - ok

10:28:44.0526 2512 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

10:28:44.0579 2512 Fax - ok

10:28:44.0589 2512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

10:28:44.0622 2512 fdc - ok

10:28:44.0642 2512 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

10:28:44.0702 2512 fdPHost - ok

10:28:44.0720 2512 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

10:28:44.0781 2512 FDResPub - ok

10:28:44.0801 2512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

10:28:44.0833 2512 FileInfo - ok

10:28:44.0845 2512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

10:28:44.0904 2512 Filetrace - ok

10:28:44.0912 2512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

10:28:44.0946 2512 flpydisk - ok

10:28:44.0971 2512 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

10:28:45.0010 2512 FltMgr - ok

10:28:45.0071 2512 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

10:28:45.0142 2512 FontCache - ok

10:28:45.0195 2512 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

10:28:45.0234 2512 FontCache3.0.0.0 - ok

10:28:45.0262 2512 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

10:28:45.0293 2512 FsDepends - ok

10:28:45.0322 2512 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys

10:28:45.0349 2512 fssfltr - ok

10:28:45.0482 2512 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

10:28:45.0563 2512 fsssvc - ok

10:28:45.0672 2512 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

10:28:45.0710 2512 Fs_Rec - ok

10:28:45.0731 2512 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

10:28:45.0770 2512 fvevol - ok

10:28:45.0791 2512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

10:28:45.0825 2512 gagp30kx - ok

10:28:45.0846 2512 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

10:28:45.0872 2512 GEARAspiWDM - ok

10:28:45.0936 2512 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

10:28:46.0021 2512 gpsvc - ok

10:28:46.0036 2512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

10:28:46.0069 2512 hcw85cir - ok

10:28:46.0094 2512 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

10:28:46.0138 2512 HdAudAddService - ok

10:28:46.0161 2512 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

10:28:46.0200 2512 HDAudBus - ok

10:28:46.0208 2512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

10:28:46.0243 2512 HidBatt - ok

10:28:46.0264 2512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

10:28:46.0300 2512 HidBth - ok

10:28:46.0315 2512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

10:28:46.0351 2512 HidIr - ok

10:28:46.0369 2512 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

10:28:46.0429 2512 hidserv - ok

10:28:46.0442 2512 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

10:28:46.0474 2512 HidUsb - ok

10:28:46.0492 2512 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

10:28:46.0552 2512 hkmsvc - ok

10:28:46.0577 2512 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

10:28:46.0628 2512 HomeGroupListener - ok

10:28:46.0663 2512 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

10:28:46.0704 2512 HomeGroupProvider - ok

10:28:46.0726 2512 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

10:28:46.0756 2512 HpSAMD - ok

10:28:46.0836 2512 HSF_DPV (8774d021a3fffe44150f8510381deee6) C:\Windows\system32\DRIVERS\CAX_DPV.sys

10:28:46.0900 2512 HSF_DPV - ok

10:28:47.0009 2512 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

10:28:47.0106 2512 HTTP - ok

10:28:47.0127 2512 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

10:28:47.0156 2512 hwpolicy - ok

10:28:47.0177 2512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

10:28:47.0211 2512 i8042prt - ok

10:28:47.0263 2512 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys

10:28:47.0313 2512 iaStor - ok

10:28:47.0344 2512 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

10:28:47.0391 2512 iaStorV - ok

10:28:47.0485 2512 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

10:28:47.0551 2512 idsvc - ok

10:28:47.0845 2512 igfx (24cc43ecdeefd4c19fbbee4951b647f1) C:\Windows\system32\DRIVERS\igdkmd64.sys

10:28:48.0053 2512 igfx - ok

10:28:48.0142 2512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

10:28:48.0172 2512 iirsp - ok

10:28:48.0228 2512 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

10:28:48.0314 2512 IKEEXT - ok

10:28:48.0451 2512 IntcAzAudAddService (02c93ebaa4421418411448fe7fdfd815) C:\Windows\system32\drivers\RTKVHD64.sys

10:28:48.0576 2512 IntcAzAudAddService - ok

10:28:48.0657 2512 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys

10:28:48.0711 2512 IntcDAud - ok

10:28:48.0725 2512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

10:28:48.0754 2512 intelide - ok

10:28:48.0770 2512 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

10:28:48.0803 2512 intelppm - ok

10:28:48.0824 2512 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

10:28:48.0887 2512 IPBusEnum - ok

10:28:48.0905 2512 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:28:48.0964 2512 IpFilterDriver - ok

10:28:49.0140 2512 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

10:28:49.0234 2512 iphlpsvc - ok

10:28:49.0248 2512 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

10:28:49.0282 2512 IPMIDRV - ok

10:28:49.0299 2512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

10:28:49.0361 2512 IPNAT - ok

10:28:49.0455 2512 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

10:28:49.0510 2512 iPod Service - ok

10:28:49.0525 2512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

10:28:49.0562 2512 IRENUM - ok

10:28:49.0576 2512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

10:28:49.0606 2512 isapnp - ok

10:28:49.0633 2512 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

10:28:49.0673 2512 iScsiPrt - ok

10:28:49.0693 2512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

10:28:49.0723 2512 kbdclass - ok

10:28:49.0747 2512 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

10:28:49.0779 2512 kbdhid - ok

10:28:49.0799 2512 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

10:28:49.0825 2512 kbfiltr - ok

10:28:49.0851 2512 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:28:49.0883 2512 KeyIso - ok

10:28:49.0907 2512 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

10:28:49.0938 2512 KSecDD - ok

10:28:49.0962 2512 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

10:28:50.0000 2512 KSecPkg - ok

10:28:50.0020 2512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

10:28:50.0079 2512 ksthunk - ok

10:28:50.0125 2512 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

10:28:50.0200 2512 KtmRm - ok

10:28:50.0237 2512 L1C (655a5d8e80869781cce23760ada7e695) C:\Windows\system32\DRIVERS\L1C62x64.sys

10:28:50.0268 2512 L1C - ok

10:28:50.0304 2512 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

10:28:50.0372 2512 LanmanServer - ok

10:28:50.0396 2512 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

10:28:50.0459 2512 LanmanWorkstation - ok

10:28:50.0486 2512 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

10:28:50.0546 2512 lltdio - ok

10:28:50.0584 2512 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

10:28:50.0661 2512 lltdsvc - ok

10:28:50.0677 2512 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

10:28:50.0739 2512 lmhosts - ok

10:28:50.0769 2512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

10:28:50.0801 2512 LSI_FC - ok

10:28:50.0819 2512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

10:28:50.0852 2512 LSI_SAS - ok

10:28:50.0868 2512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

10:28:50.0898 2512 LSI_SAS2 - ok

10:28:50.0914 2512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

10:28:50.0945 2512 LSI_SCSI - ok

10:28:50.0963 2512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

10:28:51.0024 2512 luafv - ok

10:28:51.0073 2512 lxecCATSCustConnectService (1f02b554ddc4086d786537a3bf6488f1) C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe

10:28:51.0101 2512 lxecCATSCustConnectService - ok

10:28:51.0113 2512 lxec_device - ok

10:28:51.0145 2512 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

10:28:51.0173 2512 MBAMProtector - ok

10:28:51.0246 2512 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

10:28:51.0301 2512 MBAMService - ok

10:28:51.0334 2512 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

10:28:51.0372 2512 Mcx2Svc - ok

10:28:51.0397 2512 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys

10:28:51.0425 2512 mdmxsdk - ok

10:28:51.0441 2512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

10:28:51.0471 2512 megasas - ok

10:28:51.0498 2512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

10:28:51.0538 2512 MegaSR - ok

10:28:51.0568 2512 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

10:28:51.0596 2512 MEIx64 - ok

10:28:51.0617 2512 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

10:28:51.0679 2512 MMCSS - ok

10:28:51.0692 2512 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

10:28:51.0752 2512 Modem - ok

10:28:51.0782 2512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

10:28:51.0817 2512 monitor - ok

10:28:51.0843 2512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

10:28:51.0874 2512 mouclass - ok

10:28:51.0887 2512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys

10:28:51.0919 2512 mouhid - ok

10:28:51.0943 2512 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

10:28:51.0974 2512 mountmgr - ok

10:28:52.0008 2512 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

10:28:52.0037 2512 MozillaMaintenance - ok

10:28:52.0062 2512 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

10:28:52.0096 2512 mpio - ok

10:28:52.0118 2512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

10:28:52.0181 2512 mpsdrv - ok

10:28:52.0227 2512 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

10:28:52.0313 2512 MpsSvc - ok

10:28:52.0340 2512 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

10:28:52.0381 2512 MRxDAV - ok

10:28:52.0406 2512 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

10:28:52.0448 2512 mrxsmb - ok

10:28:52.0478 2512 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:28:52.0519 2512 mrxsmb10 - ok

10:28:52.0537 2512 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:28:52.0573 2512 mrxsmb20 - ok

10:28:52.0591 2512 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

10:28:52.0622 2512 msahci - ok

10:28:52.0651 2512 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

10:28:52.0688 2512 msdsm - ok

10:28:52.0712 2512 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

10:28:52.0749 2512 MSDTC - ok

10:28:52.0781 2512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

10:28:52.0841 2512 Msfs - ok

10:28:52.0858 2512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

10:28:52.0918 2512 mshidkmdf - ok

10:28:52.0937 2512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

10:28:52.0967 2512 msisadrv - ok

10:28:52.0999 2512 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

10:28:53.0063 2512 MSiSCSI - ok

10:28:53.0075 2512 msiserver - ok

10:28:53.0087 2512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

10:28:53.0151 2512 MSKSSRV - ok

10:28:53.0161 2512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

10:28:53.0220 2512 MSPCLOCK - ok

10:28:53.0229 2512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

10:28:53.0289 2512 MSPQM - ok

10:28:53.0318 2512 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

10:28:53.0367 2512 MsRPC - ok

10:28:53.0395 2512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

10:28:53.0424 2512 mssmbios - ok

10:28:53.0439 2512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

10:28:53.0499 2512 MSTEE - ok

10:28:53.0511 2512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

10:28:53.0544 2512 MTConfig - ok

10:28:53.0571 2512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

10:28:53.0601 2512 Mup - ok

10:28:53.0646 2512 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

10:28:53.0724 2512 napagent - ok

10:28:53.0758 2512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

10:28:53.0812 2512 NativeWifiP - ok

10:28:53.0876 2512 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys

10:28:53.0944 2512 NDIS - ok

10:28:53.0984 2512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

10:28:54.0049 2512 NdisCap - ok

10:28:54.0087 2512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

10:28:54.0148 2512 NdisTapi - ok

10:28:54.0169 2512 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

10:28:54.0227 2512 Ndisuio - ok

10:28:54.0251 2512 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

10:28:54.0313 2512 NdisWan - ok

10:28:54.0330 2512 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

10:28:54.0393 2512 NDProxy - ok

10:28:54.0410 2512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

10:28:54.0470 2512 NetBIOS - ok

10:28:54.0499 2512 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

10:28:54.0565 2512 NetBT - ok

10:28:54.0588 2512 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:28:54.0621 2512 Netlogon - ok

10:28:54.0665 2512 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

10:28:54.0738 2512 Netman - ok

10:28:54.0795 2512 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:28:54.0825 2512 NetMsmqActivator - ok

10:28:54.0835 2512 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:28:54.0862 2512 NetPipeActivator - ok

10:28:54.0898 2512 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

10:28:54.0978 2512 netprofm - ok

10:28:54.0987 2512 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:28:55.0017 2512 NetTcpActivator - ok

10:28:55.0028 2512 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:28:55.0056 2512 NetTcpPortSharing - ok

10:28:55.0097 2512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

10:28:55.0127 2512 nfrd960 - ok

10:28:55.0206 2512 nicconfigsvc (1a9a9d1573d3ee1620a667e2e2032690) C:\Program Files\Dell\QuickSet\NicConfigSvc.exe

10:28:55.0261 2512 nicconfigsvc - ok

10:28:55.0297 2512 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

10:28:55.0363 2512 NlaSvc - ok

10:28:55.0381 2512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

10:28:55.0445 2512 Npfs - ok

10:28:55.0461 2512 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

10:28:55.0522 2512 nsi - ok

10:28:55.0537 2512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

10:28:55.0596 2512 nsiproxy - ok

10:28:55.0682 2512 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

10:28:55.0766 2512 Ntfs - ok

10:28:55.0827 2512 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

10:28:55.0886 2512 Null - ok

10:28:55.0912 2512 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

10:28:55.0945 2512 nvraid - ok

10:28:55.0971 2512 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

10:28:56.0003 2512 nvstor - ok

10:28:56.0027 2512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

10:28:56.0058 2512 nv_agp - ok

10:28:56.0137 2512 OAcat (faef7b156e073f0450c5087f57696f0b) C:\Program Files (x86)\Online Armor\OAcat.exe

10:28:56.0171 2512 OAcat - ok

10:28:56.0244 2512 OADevice (9c78f13766ab2629e11fb0dfb162ee33) C:\Windows\SysWow64\Drivers\OADriver.sys

10:28:56.0271 2512 OADevice - ok

10:28:56.0289 2512 oahlpXX (6cdb036083ef969210d2f747c8ab5771) C:\Windows\syswow64\drivers\oahlp64.sys

10:28:56.0318 2512 oahlpXX - ok

10:28:56.0341 2512 OAnet (f99c170cf63de515c51bb11e76ea23ec) C:\Windows\system32\DRIVERS\oanet.sys

10:28:56.0367 2512 OAnet - ok

10:28:56.0390 2512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

10:28:56.0426 2512 ohci1394 - ok

10:28:56.0467 2512 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

10:28:56.0495 2512 ose - ok

10:28:56.0545 2512 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

10:28:56.0600 2512 p2pimsvc - ok

10:28:56.0640 2512 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

10:28:56.0688 2512 p2psvc - ok

10:28:56.0709 2512 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

10:28:56.0744 2512 Parport - ok

10:28:56.0768 2512 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

10:28:56.0799 2512 partmgr - ok

10:28:56.0823 2512 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

10:28:56.0870 2512 PcaSvc - ok

10:28:56.0898 2512 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

10:28:56.0940 2512 pci - ok

10:28:56.0963 2512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

10:28:56.0991 2512 pciide - ok

10:28:57.0017 2512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

10:28:57.0056 2512 pcmcia - ok

10:28:57.0080 2512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

10:28:57.0109 2512 pcw - ok

10:28:57.0150 2512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

10:28:57.0234 2512 PEAUTH - ok

10:28:57.0309 2512 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

10:28:57.0343 2512 PerfHost - ok

10:28:57.0446 2512 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

10:28:57.0539 2512 pla - ok

10:28:57.0585 2512 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

10:28:57.0632 2512 PlugPlay - ok

10:28:57.0653 2512 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

10:28:57.0690 2512 PNRPAutoReg - ok

10:28:57.0730 2512 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

10:28:57.0768 2512 PNRPsvc - ok

10:28:57.0816 2512 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

10:28:57.0892 2512 PolicyAgent - ok

10:28:57.0926 2512 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

10:28:57.0998 2512 Power - ok

10:28:58.0049 2512 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

10:28:58.0109 2512 PptpMiniport - ok

10:28:58.0127 2512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

10:28:58.0160 2512 Processor - ok

10:28:58.0196 2512 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

10:28:58.0263 2512 ProfSvc - ok

10:28:58.0284 2512 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:28:58.0316 2512 ProtectedStorage - ok

10:28:58.0351 2512 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

10:28:58.0415 2512 Psched - ok

10:28:58.0491 2512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

10:28:58.0571 2512 ql2300 - ok

10:28:58.0660 2512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

10:28:58.0707 2512 ql40xx - ok

10:28:58.0741 2512 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

10:28:58.0795 2512 QWAVE - ok

10:28:58.0817 2512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

10:28:58.0855 2512 QWAVEdrv - ok

10:28:58.0867 2512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

10:28:58.0929 2512 RasAcd - ok

10:28:58.0961 2512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

10:28:59.0021 2512 RasAgileVpn - ok

10:28:59.0044 2512 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

10:28:59.0106 2512 RasAuto - ok

10:28:59.0129 2512 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

10:28:59.0192 2512 Rasl2tp - ok

10:28:59.0228 2512 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

10:28:59.0305 2512 RasMan - ok

10:28:59.0329 2512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

10:28:59.0390 2512 RasPppoe - ok

10:28:59.0409 2512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

10:28:59.0472 2512 RasSstp - ok

10:28:59.0507 2512 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

10:28:59.0572 2512 rdbss - ok

10:28:59.0593 2512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

10:28:59.0628 2512 rdpbus - ok

10:28:59.0646 2512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

10:28:59.0707 2512 RDPCDD - ok

10:28:59.0735 2512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

10:28:59.0795 2512 RDPENCDD - ok

10:28:59.0822 2512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

10:28:59.0880 2512 RDPREFMP - ok

10:28:59.0913 2512 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

10:28:59.0966 2512 RDPWD - ok

10:28:59.0994 2512 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

10:29:00.0028 2512 rdyboost - ok

10:29:00.0057 2512 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

10:29:00.0120 2512 RemoteAccess - ok

10:29:00.0146 2512 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

10:29:00.0211 2512 RemoteRegistry - ok

10:29:00.0240 2512 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

10:29:00.0278 2512 RFCOMM - ok

10:29:00.0299 2512 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

10:29:00.0363 2512 RpcEptMapper - ok

10:29:00.0391 2512 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

10:29:00.0426 2512 RpcLocator - ok

10:29:00.0465 2512 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

10:29:00.0530 2512 RpcSs - ok

10:29:00.0552 2512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

10:29:00.0615 2512 rspndr - ok

10:29:00.0641 2512 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:29:00.0673 2512 SamSs - ok

10:29:00.0694 2512 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

10:29:00.0725 2512 sbp2port - ok

10:29:00.0754 2512 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

10:29:00.0818 2512 SCardSvr - ok

10:29:00.0839 2512 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

10:29:00.0899 2512 scfilter - ok

10:29:00.0967 2512 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

10:29:01.0061 2512 Schedule - ok

10:29:01.0089 2512 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

10:29:01.0146 2512 SCPolicySvc - ok

10:29:01.0175 2512 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

10:29:01.0218 2512 SDRSVC - ok

10:29:01.0251 2512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

10:29:01.0311 2512 secdrv - ok

10:29:01.0335 2512 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

10:29:01.0396 2512 seclogon - ok

10:29:01.0415 2512 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

10:29:01.0482 2512 SENS - ok

10:29:01.0499 2512 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

10:29:01.0533 2512 SensrSvc - ok

10:29:01.0546 2512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

10:29:01.0580 2512 Serenum - ok

10:29:01.0599 2512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

10:29:01.0633 2512 Serial - ok

10:29:01.0649 2512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

10:29:01.0681 2512 sermouse - ok

10:29:01.0732 2512 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

10:29:01.0800 2512 SessionEnv - ok

10:29:01.0815 2512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

10:29:01.0851 2512 sffdisk - ok

10:29:01.0863 2512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

10:29:01.0899 2512 sffp_mmc - ok

10:29:01.0911 2512 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

10:29:01.0946 2512 sffp_sd - ok

10:29:01.0962 2512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

10:29:01.0994 2512 sfloppy - ok

10:29:02.0041 2512 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

10:29:02.0119 2512 SharedAccess - ok

10:29:02.0154 2512 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

10:29:02.0229 2512 ShellHWDetection - ok

10:29:02.0250 2512 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

10:29:02.0284 2512 SiSGbeLH - ok

10:29:02.0298 2512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

10:29:02.0328 2512 SiSRaid2 - ok

10:29:02.0346 2512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

10:29:02.0377 2512 SiSRaid4 - ok

10:29:02.0406 2512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

10:29:02.0480 2512 Smb - ok

10:29:02.0518 2512 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

10:29:02.0553 2512 SNMPTRAP - ok

10:29:02.0575 2512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

10:29:02.0604 2512 spldr - ok

10:29:02.0653 2512 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

10:29:02.0733 2512 Spooler - ok

10:29:02.0884 2512 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

10:29:02.0992 2512 sppsvc - ok

10:29:03.0070 2512 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

10:29:03.0146 2512 sppuinotify - ok

10:29:03.0193 2512 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

10:29:03.0251 2512 srv - ok

10:29:03.0293 2512 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

10:29:03.0340 2512 srv2 - ok

10:29:03.0380 2512 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

10:29:03.0421 2512 SrvHsfHDA - ok

10:29:03.0508 2512 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

10:29:03.0592 2512 SrvHsfV92 - ok

10:29:03.0675 2512 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

10:29:03.0726 2512 SrvHsfWinac - ok

10:29:03.0761 2512 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

10:29:03.0800 2512 srvnet - ok

10:29:03.0830 2512 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

10:29:03.0900 2512 SSDPSRV - ok

10:29:03.0920 2512 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

10:29:03.0988 2512 SstpSvc - ok

10:29:04.0014 2512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

10:29:04.0043 2512 stexstor - ok

10:29:04.0091 2512 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

10:29:04.0154 2512 stisvc - ok

10:29:04.0407 2512 SvcOnlineArmor (578a7d52c4f7ca65e109b4e7c7ac5cb3) C:\Program Files (x86)\Online Armor\oasrv.exe

10:29:04.0584 2512 SvcOnlineArmor - ok

10:29:04.0677 2512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

10:29:04.0714 2512 swenum - ok

10:29:04.0756 2512 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

10:29:04.0835 2512 swprv - ok

10:29:04.0936 2512 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

10:29:05.0032 2512 SysMain - ok

10:29:05.0082 2512 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

10:29:05.0124 2512 TabletInputService - ok

10:29:05.0160 2512 tap0901 (f9be29d5e097f03f81d3cd12b794cb66) C:\Windows\system32\DRIVERS\tap0901.sys

10:29:05.0201 2512 tap0901 - ok

10:29:05.0242 2512 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

10:29:05.0308 2512 TapiSrv - ok

10:29:05.0333 2512 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

10:29:05.0398 2512 TBS - ok

10:29:05.0498 2512 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

10:29:05.0566 2512 Tcpip - ok

10:29:05.0689 2512 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

10:29:05.0756 2512 TCPIP6 - ok

10:29:05.0827 2512 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

10:29:05.0885 2512 tcpipreg - ok

10:29:05.0912 2512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

10:29:05.0945 2512 TDPIPE - ok

10:29:05.0984 2512 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

10:29:06.0018 2512 TDTCP - ok

10:29:06.0048 2512 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

10:29:06.0107 2512 tdx - ok

10:29:06.0128 2512 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

10:29:06.0159 2512 TermDD - ok

10:29:06.0206 2512 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

10:29:06.0278 2512 TermService - ok

10:29:06.0304 2512 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

10:29:06.0344 2512 Themes - ok

10:29:06.0377 2512 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

10:29:06.0438 2512 THREADORDER - ok

10:29:06.0466 2512 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

10:29:06.0531 2512 TrkWks - ok

10:29:06.0569 2512 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

10:29:06.0630 2512 TrustedInstaller - ok

10:29:06.0664 2512 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

10:29:06.0724 2512 tssecsrv - ok

10:29:06.0752 2512 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

10:29:06.0791 2512 TsUsbFlt - ok

10:29:06.0816 2512 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

10:29:06.0847 2512 TsUsbGD - ok

10:29:06.0876 2512 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

10:29:06.0936 2512 tunnel - ok

10:29:06.0962 2512 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys

10:29:06.0990 2512 TurboB - ok

10:29:07.0020 2512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

10:29:07.0062 2512 uagp35 - ok

10:29:07.0090 2512 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

10:29:07.0155 2512 udfs - ok

10:29:07.0193 2512 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

10:29:07.0230 2512 UI0Detect - ok

10:29:07.0251 2512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

10:29:07.0282 2512 uliagpkx - ok

10:29:07.0302 2512 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

10:29:07.0336 2512 umbus - ok

10:29:07.0349 2512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

10:29:07.0382 2512 UmPass - ok

10:29:07.0416 2512 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

10:29:07.0493 2512 upnphost - ok

10:29:07.0530 2512 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

10:29:07.0565 2512 USBAAPL64 - ok

10:29:07.0591 2512 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

10:29:07.0634 2512 usbccgp - ok

10:29:07.0654 2512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

10:29:07.0696 2512 usbcir - ok

10:29:07.0718 2512 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

10:29:07.0752 2512 usbehci - ok

10:29:07.0792 2512 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

10:29:07.0841 2512 usbhub - ok

10:29:07.0863 2512 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

10:29:07.0896 2512 usbohci - ok

10:29:07.0915 2512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

10:29:07.0950 2512 usbprint - ok

10:29:07.0990 2512 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

10:29:08.0029 2512 usbscan - ok

10:29:08.0068 2512 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:29:08.0100 2512 USBSTOR - ok

10:29:08.0128 2512 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

10:29:08.0160 2512 usbuhci - ok

10:29:08.0187 2512 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

10:29:08.0226 2512 usbvideo - ok

10:29:08.0250 2512 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

10:29:08.0316 2512 UxSms - ok

10:29:08.0342 2512 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

10:29:08.0374 2512 VaultSvc - ok

10:29:08.0396 2512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

10:29:08.0426 2512 vdrvroot - ok

10:29:08.0481 2512 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

10:29:08.0553 2512 vds - ok

10:29:08.0578 2512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

10:29:08.0614 2512 vga - ok

10:29:08.0635 2512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

10:29:08.0694 2512 VgaSave - ok

10:29:08.0725 2512 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

10:29:08.0766 2512 vhdmp - ok

10:29:08.0788 2512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

10:29:08.0817 2512 viaide - ok

10:29:08.0844 2512 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

10:29:08.0875 2512 volmgr - ok

10:29:08.0917 2512 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

10:29:08.0965 2512 volmgrx - ok

10:29:09.0002 2512 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys

10:29:09.0052 2512 volsnap - ok

10:29:09.0081 2512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

10:29:09.0114 2512 vsmraid - ok

10:29:09.0199 2512 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

10:29:09.0311 2512 VSS - ok

10:29:09.0406 2512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

10:29:09.0450 2512 vwifibus - ok

10:29:09.0473 2512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

10:29:09.0511 2512 vwififlt - ok

10:29:09.0532 2512 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

10:29:09.0570 2512 vwifimp - ok

10:29:09.0606 2512 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

10:29:09.0681 2512 W32Time - ok

10:29:09.0713 2512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

10:29:09.0745 2512 WacomPen - ok

10:29:09.0769 2512 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

10:29:09.0831 2512 WANARP - ok

10:29:09.0843 2512 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

10:29:09.0901 2512 Wanarpv6 - ok

10:29:09.0996 2512 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

10:29:10.0073 2512 WatAdminSvc - ok

10:29:10.0187 2512 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

10:29:10.0241 2512 wbengine - ok

10:29:10.0302 2512 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

10:29:10.0349 2512 WbioSrvc - ok

10:29:10.0385 2512 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

10:29:10.0440 2512 wcncsvc - ok

10:29:10.0459 2512 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

10:29:10.0493 2512 WcsPlugInService - ok

10:29:10.0514 2512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

10:29:10.0546 2512 Wd - ok

10:29:10.0592 2512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

10:29:10.0645 2512 Wdf01000 - ok

10:29:10.0670 2512 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

10:29:10.0711 2512 WdiServiceHost - ok

10:29:10.0722 2512 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

10:29:10.0764 2512 WdiSystemHost - ok

10:29:10.0795 2512 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

10:29:10.0851 2512 WebClient - ok

10:29:10.0882 2512 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

10:29:10.0953 2512 Wecsvc - ok

10:29:10.0975 2512 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

10:29:11.0040 2512 wercplsupport - ok

10:29:11.0062 2512 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

10:29:11.0126 2512 WerSvc - ok

10:29:11.0158 2512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

10:29:11.0219 2512 WfpLwf - ok

10:29:11.0257 2512 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

10:29:11.0293 2512 WimFltr - ok

10:29:11.0313 2512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

10:29:11.0342 2512 WIMMount - ok

10:29:11.0406 2512 winachsf (47e8fe123d0a99dc0e172f89425b9342) C:\Windows\system32\DRIVERS\CAX_CNXT.sys

10:29:11.0463 2512 winachsf - ok

10:29:11.0501 2512 WinDefend - ok

10:29:11.0540 2512 WinHttpAutoProxySvc - ok

10:29:11.0600 2512 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

10:29:11.0670 2512 Winmgmt - ok

10:29:11.0763 2512 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

10:29:11.0875 2512 WinRM - ok

10:29:11.0975 2512 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

10:29:12.0012 2512 WinUsb - ok

10:29:12.0077 2512 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

10:29:12.0147 2512 Wlansvc - ok

10:29:12.0208 2512 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

10:29:12.0242 2512 wlcrasvc - ok

10:29:12.0398 2512 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

10:29:12.0499 2512 wlidsvc - ok

10:29:12.0546 2512 wltrysvc (55dbb16fdc57808615323389241fdc99) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

10:29:12.0554 2512 wltrysvc ( UnsignedFile.Multi.Generic ) - warning

10:29:12.0554 2512 wltrysvc - detected UnsignedFile.Multi.Generic (1)

10:29:12.0658 2512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

10:29:12.0695 2512 WmiAcpi - ok

10:29:12.0759 2512 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

10:29:12.0803 2512 wmiApSrv - ok

10:29:12.0846 2512 WMPNetworkSvc - ok

10:29:12.0887 2512 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

10:29:12.0922 2512 WPCSvc - ok

10:29:12.0955 2512 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

10:29:12.0999 2512 WPDBusEnum - ok

10:29:13.0023 2512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

10:29:13.0084 2512 ws2ifsl - ok

10:29:13.0107 2512 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

10:29:13.0150 2512 wscsvc - ok

10:29:13.0165 2512 WSearch - ok

10:29:13.0288 2512 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

10:29:13.0410 2512 wuauserv - ok

10:29:13.0504 2512 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

10:29:13.0584 2512 WudfPf - ok

10:29:13.0620 2512 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

10:29:13.0681 2512 WUDFRd - ok

10:29:13.0709 2512 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

10:29:13.0770 2512 wudfsvc - ok

10:29:13.0802 2512 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

10:29:13.0849 2512 WwanSvc - ok

10:29:13.0882 2512 XAudio (e288fa83c178a3458bac1fa80b346c06) C:\Windows\system32\DRIVERS\xaudio64.sys

10:29:13.0910 2512 XAudio - ok

10:29:13.0949 2512 XAudioService (510652a925b5d6c3892379d263a87f00) C:\Windows\system32\DRIVERS\xaudio64.exe

10:29:13.0994 2512 XAudioService - ok

10:29:14.0099 2512 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

10:29:14.0381 2512 \Device\Harddisk0\DR0 - ok

10:29:14.0389 2512 Boot (0x1200) (b5dd961fe4cb2211a4f2a11614dec531) \Device\Harddisk0\DR0\Partition0

10:29:14.0398 2512 \Device\Harddisk0\DR0\Partition0 - ok

10:29:14.0428 2512 Boot (0x1200) (3746ee3069bf7acfafcaa7f893c52bab) \Device\Harddisk0\DR0\Partition1

10:29:14.0430 2512 \Device\Harddisk0\DR0\Partition1 - ok

10:29:14.0431 2512 ============================================================

10:29:14.0431 2512 Scan finished

10:29:14.0431 2512 ============================================================

10:29:14.0447 4756 Detected object count: 2

10:29:14.0447 4756 Actual detected object count: 2

10:31:55.0226 4756 becldr3Service ( UnsignedFile.Multi.Generic ) - skipped by user

10:31:55.0226 4756 becldr3Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:31:55.0229 4756 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user

10:31:55.0229 4756 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

MrCharlie · June 8, 2012

That scan was clean....please do this:

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

eblaine · June 8, 2012

ComboFix 12-06-08.02 - Eblaine 06/08/2012 15:23:56.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3062.1860 [GMT -7:00]

Running from: c:\users\Eblaine\Desktop\ComboFix.exe

AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}

FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\programdata\Roaming

c:\users\Eblaine\AppData\Local\uninst.tmp

.

((((((((((((((((((((((((( Files Created from 2012-05-08 to 2012-06-08 )))))))))))))))))))))))))))))))

.

2012-06-08 22:34 . 2012-06-08 22:34 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-06-08 17:16 . 2012-06-08 17:16 -------- d-----w- c:\program files (x86)\ERUNT

2012-06-01 11:18 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{85EB40E3-D8B8-42F4-92D4-574914A3B047}\mpengine.dll

2012-05-31 22:20 . 2012-05-31 22:20 -------- d-----w- c:\users\Eblaine\AppData\Roaming\j2 Global

2012-05-31 22:19 . 2012-05-31 22:19 -------- d-----w- c:\users\Eblaine\AppData\Roaming\eFax Messenger

2012-05-31 22:19 . 2012-05-31 22:19 -------- d-----w- c:\programdata\eFax Messenger 4.4 Output

2012-05-31 22:18 . 2012-05-31 22:23 -------- d-----w- c:\program files (x86)\eFax Messenger 4.4

2012-05-28 18:08 . 2012-05-28 18:08 -------- d-----w- c:\programdata\PDF Writer

2012-05-28 18:08 . 2012-05-28 18:08 -------- d-----w- c:\users\Eblaine\AppData\Roaming\PDF Writer

2012-05-28 18:08 . 2012-05-28 18:08 -------- d-----w- c:\users\Eblaine\AppData\Local\PDF Writer

2012-05-28 18:06 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL

2012-05-28 18:04 . 2012-05-28 18:04 -------- d-----w- c:\program files\Common Files\Bullzip

2012-05-28 18:04 . 2008-10-30 13:29 227840 ----a-w- c:\windows\SysWow64\bzFlRdr.dll

2012-05-28 18:04 . 2008-07-09 13:29 103424 ----a-w- c:\windows\SysWow64\bzDCT.dll

2012-05-28 18:04 . 2010-09-27 13:29 135168 ----a-w- c:\windows\SysWow64\bzpdfc.dll

2012-05-28 18:04 . 2012-03-27 13:29 216064 ----a-w- c:\windows\system32\bzpdf.dll

2012-05-28 18:04 . 1999-05-06 22:00 140288 ----a-w- c:\windows\SysWow64\comdlg32.OCX

2012-05-28 18:04 . 2012-05-28 18:04 -------- d-----w- c:\program files\Bullzip

2012-05-28 18:02 . 2012-05-28 18:02 -------- d-----w- c:\program files (x86)\BCL Technologies

2012-05-28 18:02 . 2012-05-28 18:02 -------- d-----w- c:\users\Eblaine\AppData\Roaming\Pdf2Word

2012-05-28 18:02 . 2012-05-28 18:02 -------- d-----w- c:\program files (x86)\bioPDF

2012-05-28 17:43 . 2012-05-28 17:46 -------- d-----w- c:\users\Eblaine\AppData\Roaming\Nitro PDF

2012-05-28 17:43 . 2012-05-28 17:43 -------- d-----w- c:\programdata\Nitro PDF

2012-05-28 17:42 . 2011-02-28 22:37 95008 ----a-w- c:\windows\system32\Primomonnt.dll

2012-05-28 17:42 . 2012-05-28 17:42 -------- d-----w- c:\users\Eblaine\AppData\Roaming\OpenCandy

2012-05-28 17:42 . 2012-05-28 18:12 -------- d-----w- c:\program files (x86)\Nitro PDF

2012-05-28 17:39 . 2012-05-28 17:40 -------- d-----w- c:\users\Eblaine\AppData\Local\CutePDF Writer

2012-05-28 17:35 . 2012-05-28 18:12 -------- d-----w- c:\program files (x86)\Acro Software

2012-05-28 17:23 . 2012-05-28 17:28 46080 ----a-w- c:\windows\SysWow64\pdfmon.dll

2012-05-28 17:23 . 2012-05-28 17:28 110642 ----a-w- c:\windows\SysWow64\pdfmona.dll

2012-05-28 17:22 . 2012-05-28 17:31 -------- d-----w- C:\pdf995

2012-05-28 15:44 . 2012-05-30 06:15 -------- d-----w- c:\program files (x86)\1ClickDownload

2012-05-23 16:33 . 2012-05-23 16:33 -------- d-----w- c:\users\Eblaine\Be Yourself Seduction

2012-05-23 15:50 . 2012-05-23 15:50 -------- d-----w- c:\programdata\MindMovies

2012-05-23 15:50 . 2012-05-23 15:50 -------- d-----w- c:\program files (x86)\MindMovies

2012-05-23 00:12 . 2012-05-23 00:13 -------- d-----w- c:\users\Eblaine\AppData\Local\Amazon

2012-05-18 20:48 . 2012-05-18 20:48 -------- d-----w- c:\program files (x86)\Evernote

2012-05-15 22:43 . 2012-05-15 22:43 -------- d-----w- c:\program files\Microsoft Silverlight

2012-05-15 22:43 . 2012-05-15 22:43 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2012-05-15 00:40 . 2012-05-15 00:46 -------- d-----w- c:\users\Eblaine\AppData\Local\Windows Live

2012-05-12 16:57 . 2009-05-18 20:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-05-12 16:57 . 2008-04-17 19:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll

2012-05-12 16:57 . 2008-04-17 19:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2012-05-12 16:56 . 2012-05-12 16:56 -------- d-----w- c:\program files\iPod

2012-05-12 16:56 . 2012-05-12 16:57 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2012-05-12 16:56 . 2012-05-12 16:57 -------- d-----w- c:\program files\iTunes

2012-05-12 16:56 . 2012-05-12 16:57 -------- d-----w- c:\program files (x86)\iTunes

2012-05-12 16:56 . 2012-05-12 16:56 -------- d-----w- c:\programdata\Apple Computer

2012-05-12 16:55 . 2012-05-12 16:55 -------- d-----w- c:\users\Eblaine\AppData\Local\Apple

2012-05-12 16:54 . 2012-05-12 16:54 -------- d-----w- c:\program files (x86)\Apple Software Update

2012-05-12 16:54 . 2012-05-12 16:54 -------- d-----w- c:\program files\Common Files\Apple

2012-05-12 16:54 . 2012-05-12 16:54 -------- d-----w- c:\program files\Bonjour

2012-05-12 16:54 . 2012-05-12 16:54 -------- d-----w- c:\program files (x86)\Bonjour

2012-05-12 16:53 . 2012-05-12 16:56 -------- d-----w- c:\program files (x86)\Common Files\Apple

2012-05-12 16:53 . 2012-05-12 16:54 -------- d-----w- c:\programdata\Apple

2012-05-10 04:51 . 2012-05-10 04:51 -------- d-----w- c:\users\Eblaine\AppData\Roaming\EurekaLog

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-06 19:04 . 2012-04-27 22:20 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-06 19:04 . 2012-04-27 22:20 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-05-31 13:06 . 2012-04-27 21:01 35368 ----a-w- c:\windows\system32\drivers\OAnet.sys

2012-05-31 13:06 . 2012-04-27 21:01 40512 ----a-w- c:\windows\SysWow64\drivers\OAmon.sys

2012-05-31 13:06 . 2012-04-27 21:01 61624 ----a-w- c:\windows\SysWow64\drivers\OADriver.sys

2012-05-31 13:03 . 2012-04-27 21:01 61624 ----a-w- c:\windows\SysWow64\drivers\oahlp64.sys

2012-05-05 17:41 . 2012-04-27 22:41 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-05-04 04:56 . 2012-04-27 18:54 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe

2012-04-27 20:27 . 2012-04-27 20:18 40448 ----a-w- c:\windows\SysWow64\pdf995mon64.dll

2012-04-27 18:54 . 2011-03-29 01:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-04-18 18:18 . 2012-04-27 20:18 2266624 ----a-w- c:\windows\system32\pdfmona64.dll

2012-04-04 22:56 . 2012-04-27 19:36 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-31 06:05 . 2012-05-09 15:53 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-03-31 04:39 . 2012-05-09 15:53 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-03-31 04:39 . 2012-05-09 15:53 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-03-31 03:10 . 2012-05-09 15:53 3146240 ----a-w- c:\windows\system32\win32k.sys

2012-03-30 11:35 . 2012-05-09 15:51 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-03-20 06:44 . 2012-03-20 06:44 5888792 ----a-w- c:\windows\system32\GfxUI.exe

2012-03-20 06:44 . 2012-03-20 06:44 276248 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe

2012-03-20 06:42 . 2012-03-20 06:42 90112 ----a-w- c:\windows\system32\igfxCoIn_v2696.dll

2012-03-20 06:31 . 2012-03-20 06:31 963912 ----a-w- c:\windows\system32\igkrng600.bin

2012-03-20 06:31 . 2012-03-20 06:31 261208 ----a-w- c:\windows\system32\igfcg600m.bin

2012-03-20 06:31 . 2012-03-20 06:31 79360 ----a-w- c:\windows\system32\igdde64.dll

2012-03-20 06:25 . 2012-03-20 06:25 58880 ----a-w- c:\windows\SysWow64\igdde32.dll

2012-03-20 05:18 . 2012-03-20 05:18 439296 ----a-w- c:\windows\system32\igfxrrom.lrc

2012-03-20 05:18 . 2012-03-20 05:18 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc

2012-03-20 05:18 . 2012-03-20 05:18 439808 ----a-w- c:\windows\system32\igfxresn.lrc

2012-03-20 05:17 . 2012-03-20 05:17 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll

2012-03-20 05:17 . 2012-03-20 05:17 172032 ----a-w- c:\windows\system32\gfxSrvc.dll

2012-03-20 05:12 . 2012-03-20 05:12 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll

2012-03-20 05:09 . 2012-03-20 05:09 524800 ----a-w- c:\windows\system32\iglhsip64.dll

2012-03-20 05:09 . 2012-03-20 05:09 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll

2012-03-20 05:09 . 2012-03-20 05:09 2967040 ----a-w- c:\windows\system32\igfxcmjit64.dll

2012-03-20 05:09 . 2012-03-20 05:09 237056 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll

2012-03-20 05:09 . 2012-03-20 05:09 2321408 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll

2012-03-20 05:09 . 2012-03-20 05:09 213504 ----a-w- c:\windows\system32\iglhcp64.dll

2012-03-20 05:09 . 2012-03-20 05:09 193024 ----a-w- c:\windows\system32\igfxcmrt64.dll

2012-03-20 05:09 . 2012-03-20 05:09 177152 ----a-w- c:\windows\SysWow64\iglhcp32.dll

2012-03-17 07:58 . 2012-05-09 15:53 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SubVid"="c:\program files (x86)\MindMovies\Subliminal\SubVid.exe" [2008-09-16 139264]

"eFax 4.4"="c:\program files (x86)\eFax Messenger 4.4\J2GDllCmd.exe" [2010-07-02 95744]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"emsisoft anti-malware"="c:\program files (x86)\emsisoft anti-malware\a2guard.exe" [2012-04-20 3361184]

.

c:\users\Eblaine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

eFax 4.4.lnk - c:\program files (x86)\eFax Messenger 4.4\J2GTray.exe [2010-7-2 656896]

ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ \0

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R1 ATKWMIACPIIO;ATKWMIACPI Driver; [x]

R1 oahlpXX;Online Armor helper driver;c:\windows\syswow64\drivers\oahlp64.sys [2012-05-31 61624]

R2 a2AntiMalware;Emsisoft Anti-Malware 6.5 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-04-20 3065120]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]

R2 SvcOnlineArmor;Online Armor;c:\program files (x86)\Online Armor\oasrv.exe [2012-05-31 4382968]

R3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2011-11-02 63880]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-06 257696]

R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]

R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]

R3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [2011-04-20 176128]

R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe [2012-04-26 2438696]

R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]

R3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2011-05-19 23208]

S1 a2injectiondriver;a2injectiondriver;c:\program files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2011-11-02 41728]

S1 a2util;a-squared Malware-IDS utility driver;c:\program files (x86)\Emsisoft Anti-Malware\a2util64.sys [2010-05-05 14720]

S1 OADevice;OADriver;c:\windows\SysWow64\Drivers\OADriver.sys [2012-05-31 61624]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]

S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 OAcat;Online Armor Helper Service;c:\program files (x86)\Online Armor\OAcat.exe [2012-05-31 210920]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]

S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 OAnet;OnlineArmor Service;c:\windows\system32\DRIVERS\oanet.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

Contents of the 'Scheduled Tasks' folder

.

2012-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 19:04]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]

@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"

[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]

2012-03-19 20:23 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]

@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"

[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]

2012-03-19 20:23 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]

@="{A759AFF6-5851-457D-A540-F4ECED148351}"

[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]

2012-03-19 20:23 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]

@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"

[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]

2012-03-19 20:23 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"@OnlineArmor GUI"="c:\program files (x86)\Online Armor\oaui.exe" [2012-05-31 2346592]

"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2011-01-18 6492672]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 165912]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://asus.msn.com

mStart Page = hxxp://asus.msn.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

FF - ProfilePath - c:\users\Eblaine\AppData\Roaming\Mozilla\Firefox\Profiles\we99zuwk.default\

FF - prefs.js: browser.startup.homepage - hxxp://duckduckgo.com/

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-06-08 15:49:16

ComboFix-quarantined-files.txt 2012-06-08 22:49

.

Pre-Run: 107,846,709,248 bytes free

Post-Run: 107,663,695,872 bytes free

.

- - End Of File - - 205E148CC29C1D81C288EF1393BBC17A

MrCharlie · June 9, 2012

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how it is, MrC

eblaine · June 9, 2012

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.09.04

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Eblaine :: EBLAINE-PC [administrator]

Protection: Enabled

6/9/2012 7:29:59 AM

mbam-log-2012-06-09 (07-29-59).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 209668

Time elapsed: 3 minute(s), 24 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

MrCharlie · June 9, 2012

Well I'm confident that there's no malware on the system, MrC

eblaine · June 9, 2012

Thanks. Now my computer is extremely slow. Can you provide any advice on speeding up/optimizing? I purchased iobit adv sys care5 but it's still slow. Thanks

MrCharlie · June 9, 2012

Thanks. Now my computer is extremely slow. Can you provide any advice on speeding up/optimizing? I purchased iobit adv sys care5 but it's still slow. Thanks

You didn't have to do that, most of those programs are "snake oil".

----------------------------

First a little cleanup to do...

Please Uninstall ComboFix:

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

-----------------------------------

Here's three links for slow computers:

http://users.telenet...owcomputer.html

http://forums.malwar...showtopic=81990

http://www.malwarere...nningslowly.php

------------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Maurice Naggar · June 11, 2012

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

My email was hacked

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information