Jump to content

May be infected - mbam hangs - Chameleon won't complete

Michael_P

By Michael_P
in Resolved Malware Removal Logs

 Share

Recommended Posts

Michael_P

Michael_P

Posted
Posted

I've used mbam free version for years, and never had a problem with the program before now. I usually only run it occasionally when I suspect there is a problem, or when I'm working on someone else's computer.

 

Recently I suspected a possible malware problem on my computer due to appearant cpu over-utilizaztion, so I ran mbam and updated to the latest version. However, a quick scan will not complete. It will run for a time, scan approximately 46,000+ objects, and then hang. I have to use task manager to end the program because of not responding. Mbam finds 4 infected objects, but since it will not complete, I can not deal with them. The scan always hangs in C:\USERS\USER NAME\Local Settings\Temporary Internet Files\Content.IE5\... followed by something like \L7JM4MSE\xd_arbiter.htm, but never the same file.

 

Observations: My computer is fully functional except for some minor issues. I can use it almost normally. One of the two noticeable symptoms is that the mouse pointer will jerk at times as if the cpu is being temporarily over utilized, but most of the time this symptom is not noticeable. Secondly, I listen to Pandora Radio most of the day, and sometimes the audio quality will become choppy, again as if the cpu is being over utilized. This symptom is also intermittent, but both sysptoms are persistent at least a little from day to day for the past week or so.

 

While I was using chameleon last night while mbam was running in the tray, I got three or four popups saying "Successfully blocked access to a potentially malicious website 74.120.16.85" noted as outgoing traffic, which could indicate malicious infection.

 

My understanding from reading the various instructions for chameleon is that malicious programs can prevent mbam from starting, but I havn't seen any mention of them causing the program to hang, so I'm wondering if my problem is malware related or not.

 

I have tried the following to resolve the problem:

 

1. run chkdsk with the /f switch

2. scan in safe mode with networking

3. run mbam as administrator

4. do a clean uninstall with mbam-clean.exe, re-install and repeat 2 & 3

5. disable avg antivirus during the above steps

6. run chameleon

7. do a clean uninstall and then run chameleon

 

I've probably attempted to scan at least a couple of dozen times.

 

Chameleon reaches the step of "Killing known malicious processes, please wait..." and the blinking cursor, but will not start mbam. Last night, chameleon was attempting to kill processes for almost two hours before I rebooted the machine. At the time of this writing, chameleon has been attempting to kill processes for approximately one hour. I'll leave it running.

attach.txt

CheckResults.txt

dds.txt

Link to post
Share on other sites
Psychotic

Psychotic

Posted
Posted

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-11-14 08:09:53
-----------------------------
08:09:53.315    OS Version: Windows x64 6.1.7601 Service Pack 1
08:09:53.315    Number of processors: 2 586 0x170A
08:09:53.315    ComputerName: MICHAEL  UserName:
08:10:09.771    Initialize success
08:21:49.961    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:21:49.977    Disk 0 Vendor: Hitachi_ FC4O Size: 305245MB BusType: 3
08:21:50.788    Disk 0 MBR read successfully
08:21:50.804    Disk 0 MBR scan
08:21:50.804    Disk 0 Windows VISTA default MBR code
08:21:50.835    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63
08:21:50.897    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 81920
08:21:50.944    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       290204 MB offset 30801920
08:21:51.162    Disk 0 scanning C:\Windows\system32\drivers
08:22:09.332    Service scanning
08:22:49.737    Modules scanning
08:22:49.737    Disk 0 trace - called modules:
08:22:49.768    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
08:22:49.768    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057a0570]
08:22:50.314    3 CLASSPNP.SYS[fffff880013cb43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80047a1050]
08:22:50.314    Scan finished successfully
08:23:26.011    Disk 0 MBR has been saved successfully to "C:\Users\Michael Purcell\Desktop\MBR.dat"
08:23:26.011    The log file has been saved successfully to "C:\Users\Michael Purcell\Desktop\aswMBR.txt"

___________________________________________________________________________________________________

 

 

08:42:58.0766 9908  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:43:00.0778 9908  ============================================================
08:43:00.0778 9908  Current date / time: 2013/11/14 08:43:00.0778
08:43:00.0778 9908  SystemInfo:
08:43:00.0778 9908 
08:43:00.0778 9908  OS Version: 6.1.7601 ServicePack: 1.0
08:43:00.0778 9908  Product type: Workstation
08:43:00.0778 9908  ComputerName: MICHAEL
08:43:00.0778 9908  UserName: Michael Purcell
08:43:00.0778 9908  Windows directory: C:\Windows
08:43:00.0778 9908  System windows directory: C:\Windows
08:43:00.0778 9908  Running under WOW64
08:43:00.0778 9908  Processor architecture: Intel x64
08:43:00.0778 9908  Number of processors: 2
08:43:00.0778 9908  Page size: 0x1000
08:43:00.0778 9908  Boot type: Normal boot
08:43:00.0778 9908  ============================================================
08:43:04.0741 9908  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:43:04.0803 9908  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:43:04.0834 9908  Drive \Device\Harddisk2\DR2 - Size: 0xF3C00000 (3.81 Gb), SectorSize: 0x200, Cylinders: 0x1F1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:43:04.0834 9908  ============================================================
08:43:04.0834 9908  \Device\Harddisk0\DR0:
08:43:04.0850 9908  MBR partitions:
08:43:04.0850 9908  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
08:43:04.0850 9908  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
08:43:04.0850 9908  \Device\Harddisk1\DR1:
08:43:04.0850 9908  MBR partitions:
08:43:04.0850 9908  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
08:43:04.0850 9908  \Device\Harddisk2\DR2:
08:43:04.0850 9908  MBR partitions:
08:43:04.0850 9908  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x40, BlocksNum 0x79DFC0
08:43:04.0850 9908  ============================================================
08:43:05.0240 9908  C: <-> \Device\Harddisk0\DR0\Partition2
08:43:05.0630 9908  F: <-> \Device\Harddisk1\DR1\Partition1
08:43:06.0894 9908  ============================================================
08:43:06.0894 9908  Initialize success
08:43:06.0894 9908  ============================================================
08:43:20.0185 4964  ============================================================
08:43:20.0185 4964  Scan started
08:43:20.0185 4964  Mode: Manual;
08:43:20.0185 4964  ============================================================
08:43:21.0994 4964  ================ Scan system memory ========================
08:43:21.0994 4964  System memory - ok
08:43:21.0994 4964  ================ Scan services =============================
08:43:22.0603 4964  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:43:22.0603 4964  1394ohci - ok
08:43:22.0681 4964  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:43:22.0681 4964  ACPI - ok
08:43:22.0806 4964  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:43:22.0806 4964  AcpiPmi - ok
08:43:23.0086 4964  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:43:23.0086 4964  AdobeARMservice - ok
08:43:23.0352 4964  [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:43:23.0367 4964  AdobeFlashPlayerUpdateSvc - ok
08:43:23.0492 4964  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:43:23.0492 4964  adp94xx - ok
08:43:23.0570 4964  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:43:23.0570 4964  adpahci - ok
08:43:23.0632 4964  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:43:23.0632 4964  adpu320 - ok
08:43:23.0710 4964  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:43:23.0726 4964  AeLookupSvc - ok
08:43:23.0804 4964  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
08:43:23.0835 4964  AFD - ok
08:43:23.0913 4964  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:43:23.0913 4964  agp440 - ok
08:43:23.0929 4964  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
08:43:23.0960 4964  ALG - ok
08:43:24.0022 4964  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:43:24.0038 4964  aliide - ok
08:43:24.0100 4964  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
08:43:24.0100 4964  amdide - ok
08:43:24.0178 4964  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:43:24.0225 4964  AmdK8 - ok
08:43:24.0256 4964  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:43:24.0256 4964  AmdPPM - ok
08:43:24.0272 4964  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:43:24.0272 4964  amdsata - ok
08:43:24.0350 4964  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:43:24.0366 4964  amdsbs - ok
08:43:24.0381 4964  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:43:24.0381 4964  amdxata - ok
08:43:24.0490 4964  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
08:43:24.0490 4964  androidusb - ok
08:43:24.0849 4964  [ FB32F046A2578755FA0DA5052C6A9CD3 ] Apache2.2       C:\xampp\apache\bin\httpd.exe
08:43:24.0849 4964  Apache2.2 - ok
08:43:24.0943 4964  [ 3CC4531F11648A6081A7BA3AA4924D04 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
08:43:24.0958 4964  ApfiltrService - ok
08:43:25.0068 4964  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
08:43:25.0068 4964  AppID - ok
08:43:25.0114 4964  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:43:25.0114 4964  AppIDSvc - ok
08:43:25.0192 4964  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
08:43:25.0192 4964  Appinfo - ok
08:43:25.0364 4964  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:43:25.0395 4964  Apple Mobile Device - ok
08:43:25.0458 4964  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:43:25.0458 4964  arc - ok
08:43:25.0473 4964  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:43:25.0473 4964  arcsas - ok
08:43:25.0676 4964  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:43:25.0692 4964  aspnet_state - ok
08:43:25.0754 4964  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:43:25.0770 4964  AsyncMac - ok
08:43:25.0801 4964  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
08:43:25.0832 4964  atapi - ok
08:43:25.0988 4964  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:43:26.0019 4964  AudioEndpointBuilder - ok
08:43:26.0097 4964  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:43:26.0097 4964  AudioSrv - ok
08:43:26.0253 4964  [ 0D75C5C4EBF3D8197448189A2F153116 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
08:43:26.0253 4964  Avgdiska - ok
08:43:26.0846 4964  [ 332AEB8F6F9595C8886A7AA7A62322DC ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
08:43:26.0924 4964  AVGIDSAgent - ok
08:43:27.0018 4964  [ 06963A6DE8B1C8F15A8E1053AE9505A4 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
08:43:27.0033 4964  AVGIDSDriver - ok
08:43:27.0127 4964  [ E4F5607D1437FFDEE33CADA40D256D4F ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
08:43:27.0127 4964  AVGIDSHA - ok
08:43:27.0236 4964  [ B010FF7C984FFFFFF019F2CF162F1DE8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
08:43:27.0252 4964  Avgldx64 - ok
08:43:27.0376 4964  [ F05BF4010D3F0E8C2D8CBFE45D7CFCE1 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
08:43:27.0376 4964  Avgloga - ok
08:43:27.0423 4964  [ 4B459C2FCF22ECE548766B2FCF46F62C ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
08:43:27.0454 4964  Avgmfx64 - ok
08:43:27.0486 4964  [ 66D00CC6F7D148980071F55F9056D450 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
08:43:27.0486 4964  Avgrkx64 - ok
08:43:27.0564 4964  [ 4E364FABBD147F59E5D524C9EA86D772 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
08:43:27.0579 4964  Avgtdia - ok
08:43:27.0688 4964  [ 07646F5F37F18F1F978CE3B0378EF1C9 ] avgwd           C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
08:43:27.0751 4964  avgwd - ok
08:43:27.0922 4964  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:43:27.0922 4964  AxInstSV - ok
08:43:28.0078 4964  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
08:43:28.0078 4964  b06bdrv - ok
08:43:28.0141 4964  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:43:28.0141 4964  b57nd60a - ok
08:43:28.0203 4964  [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
08:43:28.0203 4964  BCM42RLY - ok
08:43:28.0624 4964  [ 37394D3553E220FB732C21E217E1BD8B ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
08:43:28.0671 4964  BCM43XX - ok
08:43:28.0749 4964  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:43:28.0749 4964  BDESVC - ok
08:43:28.0858 4964  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:43:28.0858 4964  Beep - ok
08:43:28.0999 4964  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
08:43:28.0999 4964  BFE - ok
08:43:29.0124 4964  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
08:43:29.0233 4964  BITS - ok
08:43:29.0280 4964  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:43:29.0280 4964  blbdrive - ok
08:43:29.0576 4964  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:43:29.0576 4964  Bonjour Service - ok
08:43:29.0638 4964  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:43:29.0654 4964  bowser - ok
08:43:29.0748 4964  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:43:29.0763 4964  BrFiltLo - ok
08:43:29.0779 4964  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:43:29.0810 4964  BrFiltUp - ok
08:43:29.0872 4964  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
08:43:29.0872 4964  Browser - ok
08:43:29.0950 4964  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:43:29.0950 4964  Brserid - ok
08:43:29.0966 4964  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:43:29.0997 4964  BrSerWdm - ok
08:43:30.0028 4964  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:43:30.0044 4964  BrUsbMdm - ok
08:43:30.0044 4964  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:43:30.0044 4964  BrUsbSer - ok
08:43:30.0184 4964  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
08:43:30.0216 4964  BrYNSvc - ok
08:43:30.0294 4964  btaudio - ok
08:43:30.0340 4964  BTDriver - ok
08:43:30.0403 4964  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
08:43:30.0403 4964  BthEnum - ok
08:43:30.0512 4964  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:43:30.0512 4964  BTHMODEM - ok
08:43:30.0574 4964  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
08:43:30.0590 4964  BthPan - ok
08:43:30.0746 4964  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
08:43:30.0746 4964  BTHPORT - ok
08:43:30.0840 4964  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
08:43:30.0840 4964  bthserv - ok
08:43:30.0918 4964  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
08:43:30.0949 4964  BTHUSB - ok
08:43:30.0980 4964  [ 4BDBDB86ABBA924E029FB2683BE7C505 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
08:43:30.0996 4964  btwaudio - ok
08:43:31.0089 4964  [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
08:43:31.0105 4964  btwavdt - ok
08:43:31.0276 4964  [ 31DA517946FFE416442E864592548F8A ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
08:43:31.0276 4964  btwdins - ok
08:43:31.0292 4964  BTWDNDIS - ok
08:43:31.0323 4964  btwhid - ok
08:43:31.0323 4964  [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
08:43:31.0339 4964  btwl2cap - ok
08:43:31.0339 4964  btwmodem - ok
08:43:31.0401 4964  [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
08:43:31.0432 4964  btwrchid - ok
08:43:31.0464 4964  [ 1334ABDA77927D2CD78D83C588FC3C18 ] BTWUSB          C:\Windows\system32\Drivers\btwusb.sys
08:43:31.0464 4964  BTWUSB - ok
08:43:31.0526 4964  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:43:31.0526 4964  cdfs - ok
08:43:31.0620 4964  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
08:43:31.0620 4964  cdrom - ok
08:43:31.0682 4964  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
08:43:31.0713 4964  CertPropSvc - ok
08:43:31.0760 4964  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:43:31.0776 4964  circlass - ok
08:43:31.0822 4964  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
08:43:31.0854 4964  CLFS - ok
08:43:31.0978 4964  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:43:31.0994 4964  clr_optimization_v2.0.50727_32 - ok
08:43:32.0088 4964  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:43:32.0134 4964  clr_optimization_v2.0.50727_64 - ok
08:43:32.0322 4964  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:43:32.0431 4964  clr_optimization_v4.0.30319_32 - ok
08:43:32.0478 4964  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:43:32.0509 4964  clr_optimization_v4.0.30319_64 - ok
08:43:32.0524 4964  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:43:32.0540 4964  CmBatt - ok
08:43:32.0571 4964  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:43:32.0587 4964  cmdide - ok
08:43:32.0680 4964  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
08:43:32.0712 4964  CNG - ok
08:43:32.0790 4964  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:43:32.0790 4964  Compbatt - ok
08:43:32.0852 4964  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:43:32.0852 4964  CompositeBus - ok
08:43:32.0868 4964  COMSysApp - ok
08:43:32.0899 4964  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:43:32.0899 4964  crcdisk - ok
08:43:32.0992 4964  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:43:32.0992 4964  CryptSvc - ok
08:43:33.0086 4964  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:43:33.0102 4964  DcomLaunch - ok
08:43:33.0180 4964  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
08:43:33.0180 4964  defragsvc - ok
08:43:33.0258 4964  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:43:33.0273 4964  DfsC - ok
08:43:33.0403 4964  [ 867FA8B9E9E3078F68C4089904BBF4B0 ] dgderdrv        C:\Windows\system32\drivers\dgderdrv.sys
08:43:33.0403 4964  dgderdrv - ok
08:43:33.0465 4964  [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
08:43:33.0497 4964  dg_ssudbus - ok
08:43:33.0606 4964  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:43:33.0621 4964  Dhcp - ok
08:43:33.0684 4964  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
08:43:33.0684 4964  discache - ok
08:43:33.0777 4964  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:43:33.0777 4964  Disk - ok
08:43:33.0824 4964  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:43:33.0824 4964  Dnscache - ok
08:43:33.0902 4964  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:43:33.0902 4964  dot3svc - ok
08:43:34.0043 4964  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
08:43:34.0058 4964  Dot4 - ok
08:43:34.0152 4964  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
08:43:34.0152 4964  Dot4Print - ok
08:43:34.0183 4964  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
08:43:34.0199 4964  dot4usb - ok
08:43:34.0292 4964  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
08:43:34.0323 4964  DPS - ok
08:43:34.0386 4964  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:43:34.0386 4964  drmkaud - ok
08:43:34.0589 4964  [ EDB7365C4C0AFFD7E5064446FF5AE7CC ] DroidExplorerService C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
08:43:34.0604 4964  DroidExplorerService - ok
08:43:34.0745 4964  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:43:34.0760 4964  DXGKrnl - ok
08:43:34.0854 4964  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
08:43:34.0854 4964  EapHost - ok
08:43:35.0259 4964  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
08:43:35.0306 4964  ebdrv - ok
08:43:35.0369 4964  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
08:43:35.0384 4964  EFS - ok
08:43:35.0592 4964  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:43:35.0608 4964  ehRecvr - ok
08:43:35.0670 4964  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
08:43:35.0670 4964  ehSched - ok
08:43:35.0764 4964  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:43:35.0779 4964  elxstor - ok
08:43:35.0810 4964  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:43:35.0810 4964  ErrDev - ok
08:43:35.0888 4964  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
08:43:35.0888 4964  EventSystem - ok
08:43:35.0951 4964  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
08:43:35.0966 4964  exfat - ok
08:43:36.0013 4964  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:43:36.0044 4964  fastfat - ok
08:43:36.0216 4964  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
08:43:36.0232 4964  Fax - ok
08:43:36.0294 4964  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:43:36.0294 4964  fdc - ok
08:43:36.0341 4964  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
08:43:36.0341 4964  fdPHost - ok
08:43:36.0388 4964  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:43:36.0403 4964  FDResPub - ok
08:43:36.0434 4964  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:43:36.0450 4964  FileInfo - ok
08:43:36.0481 4964  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:43:36.0481 4964  Filetrace - ok
08:43:36.0512 4964  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:43:36.0512 4964  flpydisk - ok
08:43:36.0622 4964  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:43:36.0622 4964  FltMgr - ok
08:43:36.0746 4964  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
08:43:36.0778 4964  FontCache - ok
08:43:36.0871 4964  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:43:36.0871 4964  FontCache3.0.0.0 - ok
08:43:36.0902 4964  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:43:36.0902 4964  FsDepends - ok
08:43:36.0949 4964  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:43:36.0965 4964  Fs_Rec - ok
08:43:37.0043 4964  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:43:37.0043 4964  fvevol - ok
08:43:37.0090 4964  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:43:37.0090 4964  gagp30kx - ok
08:43:37.0105 4964  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:43:37.0105 4964  GEARAspiWDM - ok
08:43:37.0214 4964  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
08:43:37.0214 4964  gpsvc - ok
08:43:37.0355 4964  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:43:37.0355 4964  gupdate - ok
08:43:37.0370 4964  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:43:37.0370 4964  gupdatem - ok
08:43:37.0531 4964  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:43:37.0547 4964  gusvc - ok
08:43:37.0594 4964  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:43:37.0594 4964  hcw85cir - ok
08:43:37.0656 4964  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:43:37.0672 4964  HDAudBus - ok
08:43:37.0703 4964  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:43:37.0703 4964  HidBatt - ok
08:43:37.0750 4964  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:43:37.0750 4964  HidBth - ok
08:43:37.0765 4964  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:43:37.0781 4964  HidIr - ok
08:43:37.0828 4964  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
08:43:37.0843 4964  hidserv - ok
08:43:37.0937 4964  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
08:43:37.0937 4964  HidUsb - ok
08:43:37.0968 4964  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:43:37.0984 4964  hkmsvc - ok
08:43:38.0046 4964  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:43:38.0046 4964  HomeGroupListener - ok
08:43:38.0109 4964  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:43:38.0109 4964  HomeGroupProvider - ok
08:43:38.0202 4964  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:43:38.0202 4964  HpSAMD - ok
08:43:38.0343 4964  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:43:38.0358 4964  HTTP - ok
08:43:38.0405 4964  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:43:38.0405 4964  hwpolicy - ok
08:43:38.0452 4964  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:43:38.0452 4964  i8042prt - ok
08:43:38.0514 4964  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
08:43:38.0514 4964  iaStor - ok
08:43:38.0561 4964  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:43:38.0561 4964  iaStorV - ok
08:43:38.0779 4964  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:43:38.0795 4964  idsvc - ok
08:43:38.0873 4964  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:43:38.0873 4964  iirsp - ok
08:43:38.0998 4964  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
08:43:39.0013 4964  IKEEXT - ok
08:43:39.0076 4964  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
08:43:39.0076 4964  intelide - ok
08:43:39.0154 4964  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:43:39.0154 4964  intelppm - ok
08:43:39.0185 4964  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:43:39.0201 4964  IPBusEnum - ok
08:43:39.0263 4964  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:43:39.0279 4964  IpFilterDriver - ok
08:43:39.0372 4964  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:43:39.0388 4964  iphlpsvc - ok
08:43:39.0422 4964  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:43:39.0422 4964  IPMIDRV - ok
08:43:39.0453 4964  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:43:39.0453 4964  IPNAT - ok
08:43:39.0593 4964  [ 4472C8825B5E41D8697D5962F47AB1C9 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:43:39.0609 4964  iPod Service - ok
08:43:39.0671 4964  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:43:39.0671 4964  IRENUM - ok
08:43:39.0702 4964  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:43:39.0702 4964  isapnp - ok
08:43:39.0749 4964  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:43:39.0749 4964  iScsiPrt - ok
08:43:39.0827 4964  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:43:39.0827 4964  kbdclass - ok
08:43:39.0858 4964  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:43:39.0890 4964  kbdhid - ok
08:43:39.0905 4964  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
08:43:39.0905 4964  KeyIso - ok
08:43:39.0983 4964  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:43:39.0983 4964  KSecDD - ok
08:43:40.0046 4964  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:43:40.0046 4964  KSecPkg - ok
08:43:40.0077 4964  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:43:40.0077 4964  ksthunk - ok
08:43:40.0202 4964  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:43:40.0202 4964  KtmRm - ok
08:43:40.0295 4964  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:43:40.0326 4964  LanmanServer - ok
08:43:40.0404 4964  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:43:40.0404 4964  LanmanWorkstation - ok
08:43:40.0467 4964  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:43:40.0467 4964  lltdio - ok
08:43:40.0592 4964  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:43:40.0592 4964  lltdsvc - ok
08:43:40.0623 4964  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:43:40.0654 4964  lmhosts - ok
08:43:40.0716 4964  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:43:40.0716 4964  LSI_FC - ok
08:43:40.0748 4964  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:43:40.0748 4964  LSI_SAS - ok
08:43:40.0794 4964  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:43:40.0794 4964  LSI_SAS2 - ok
08:43:40.0810 4964  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:43:40.0810 4964  LSI_SCSI - ok
08:43:40.0841 4964  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
08:43:40.0872 4964  luafv - ok
08:43:40.0982 4964  [ 8B03202C731A0B967927EB7E5B2E470C ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
08:43:40.0982 4964  mbamchameleon - ok
08:43:41.0075 4964  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:43:41.0091 4964  Mcx2Svc - ok
08:43:41.0122 4964  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:43:41.0153 4964  megasas - ok
08:43:41.0231 4964  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:43:41.0231 4964  MegaSR - ok
08:43:41.0262 4964  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
08:43:41.0262 4964  MMCSS - ok
08:43:41.0325 4964  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
08:43:41.0325 4964  Modem - ok
08:43:41.0372 4964  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:43:41.0372 4964  monitor - ok
08:43:41.0421 4964  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:43:41.0421 4964  mouclass - ok
08:43:41.0452 4964  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:43:41.0452 4964  mouhid - ok
08:43:41.0499 4964  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:43:41.0514 4964  mountmgr - ok
08:43:41.0639 4964  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:43:41.0639 4964  MozillaMaintenance - ok
08:43:41.0717 4964  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:43:41.0717 4964  mpio - ok
08:43:41.0733 4964  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:43:41.0748 4964  mpsdrv - ok
08:43:41.0858 4964  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:43:41.0873 4964  MpsSvc - ok
08:43:41.0936 4964  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:43:41.0936 4964  MRxDAV - ok
08:43:41.0998 4964  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:43:42.0029 4964  mrxsmb - ok
08:43:42.0107 4964  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:43:42.0123 4964  mrxsmb10 - ok
08:43:42.0154 4964  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:43:42.0154 4964  mrxsmb20 - ok
08:43:42.0216 4964  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:43:42.0216 4964  msahci - ok
08:43:42.0248 4964  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:43:42.0263 4964  msdsm - ok
08:43:42.0294 4964  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
08:43:42.0326 4964  MSDTC - ok
08:43:42.0419 4964  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:43:42.0419 4964  Msfs - ok
08:43:42.0466 4964  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:43:42.0466 4964  mshidkmdf - ok
08:43:42.0466 4964  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:43:42.0466 4964  msisadrv - ok
08:43:42.0544 4964  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:43:42.0560 4964  MSiSCSI - ok
08:43:42.0560 4964  msiserver - ok
08:43:42.0591 4964  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:43:42.0591 4964  MSKSSRV - ok
08:43:42.0638 4964  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:43:42.0638 4964  MSPCLOCK - ok
08:43:42.0653 4964  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:43:42.0653 4964  MSPQM - ok
08:43:42.0731 4964  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:43:42.0731 4964  MsRPC - ok
08:43:42.0809 4964  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:43:42.0809 4964  mssmbios - ok
08:43:42.0856 4964  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:43:42.0856 4964  MSTEE - ok
08:43:42.0918 4964  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:43:42.0918 4964  MTConfig - ok
08:43:42.0934 4964  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
08:43:42.0965 4964  Mup - ok
08:43:43.0469 4964  [ 21EEF976D53A0BCB603ABFF4AB6E4C88 ] MySQL           C:\xampp\mysql\bin\mysqld.exe
08:43:43.0657 4964  MySQL - ok
08:43:43.0719 4964  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
08:43:43.0735 4964  napagent - ok
08:43:43.0844 4964  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:43:43.0844 4964  NativeWifiP - ok
08:43:43.0922 4964  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:43:43.0937 4964  NDIS - ok
08:43:43.0984 4964  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:43:43.0984 4964  NdisCap - ok
08:43:44.0062 4964  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:43:44.0062 4964  NdisTapi - ok
08:43:44.0078 4964  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:43:44.0093 4964  Ndisuio - ok
08:43:44.0187 4964  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:43:44.0203 4964  NdisWan - ok
08:43:44.0249 4964  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:43:44.0249 4964  NDProxy - ok
08:43:44.0374 4964  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:43:44.0374 4964  Net Driver HPZ12 - ok
08:43:44.0421 4964  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:43:44.0421 4964  NetBIOS - ok
08:43:44.0499 4964  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:43:44.0499 4964  NetBT - ok
08:43:44.0530 4964  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
08:43:44.0530 4964  Netlogon - ok
08:43:44.0639 4964  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
08:43:44.0639 4964  Netman - ok
08:43:44.0717 4964  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:43:44.0780 4964  NetMsmqActivator - ok
08:43:44.0795 4964  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:43:44.0795 4964  NetPipeActivator - ok
08:43:44.0873 4964  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
08:43:44.0889 4964  netprofm - ok
08:43:44.0889 4964  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:43:44.0889 4964  NetTcpActivator - ok
08:43:44.0905 4964  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:43:44.0920 4964  NetTcpPortSharing - ok
08:43:44.0983 4964  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:43:44.0983 4964  nfrd960 - ok
08:43:45.0045 4964  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:43:45.0061 4964  NlaSvc - ok
08:43:45.0092 4964  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:43:45.0107 4964  Npfs - ok
08:43:45.0154 4964  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
08:43:45.0154 4964  nsi - ok
08:43:45.0185 4964  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:43:45.0185 4964  nsiproxy - ok
08:43:45.0342 4964  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:43:45.0374 4964  Ntfs - ok
08:43:45.0423 4964  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
08:43:45.0423 4964  Null - ok
08:43:46.0313 4964  [ 5AE348E8710F743199E7225B5DD90868 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:43:46.0610 4964  nvlddmkm - ok
08:43:46.0656 4964  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:43:46.0672 4964  nvraid - ok
08:43:46.0719 4964  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:43:46.0750 4964  nvstor - ok
08:43:46.0937 4964  [ EC61934CDA39114DA769E29B1DC092BE ] nvsvc           C:\Windows\system32\nvvsvc.exe
08:43:46.0984 4964  nvsvc - ok
08:43:47.0031 4964  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:43:47.0031 4964  nv_agp - ok
08:43:47.0109 4964  [ D955D5DE998DB2476BF0892BE3A96C26 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
08:43:47.0109 4964  O2FLASH - ok
08:43:47.0156 4964  [ 1B2E099223F16AAB166E9602F7A5ECD4 ] O2MDGRDR        C:\Windows\system32\DRIVERS\o2mdgx64.sys
08:43:47.0171 4964  O2MDGRDR - ok
08:43:47.0171 4964  [ 4C9C52D9F4EA5579FF70123004B9FD06 ] O2SDGRDR        C:\Windows\system32\DRIVERS\o2sdgx64.sys
08:43:47.0171 4964  O2SDGRDR - ok
08:43:47.0358 4964  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:43:47.0374 4964  odserv - ok
08:43:47.0457 4964  [ 766F689564BC30E5A91F8621CE65AD68 ] OEM13Vfx        C:\Windows\system32\DRIVERS\OEM13Vfx.sys
08:43:47.0457 4964  OEM13Vfx - ok
08:43:47.0519 4964  [ 10DA4A1271F9790BCAD5150F5D861655 ] OEM13Vid        C:\Windows\system32\DRIVERS\OEM13Vid.sys
08:43:47.0519 4964  OEM13Vid - ok
08:43:47.0551 4964  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:43:47.0551 4964  ohci1394 - ok
08:43:47.0644 4964  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:43:47.0644 4964  ose - ok
08:43:47.0785 4964  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:43:47.0800 4964  p2pimsvc - ok
08:43:47.0894 4964  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:43:47.0909 4964  p2psvc - ok
08:43:47.0956 4964  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:43:47.0956 4964  Parport - ok
08:43:48.0003 4964  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:43:48.0003 4964  partmgr - ok
08:43:48.0019 4964  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:43:48.0034 4964  PcaSvc - ok
08:43:48.0081 4964  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
08:43:48.0097 4964  pci - ok
08:43:48.0128 4964  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
08:43:48.0128 4964  pciide - ok
08:43:48.0190 4964  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:43:48.0221 4964  pcmcia - ok
08:43:48.0253 4964  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:43:48.0253 4964  pcw - ok
08:43:48.0299 4964  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:43:48.0331 4964  PEAUTH - ok
08:43:48.0689 4964  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:43:48.0705 4964  PerfHost - ok
08:43:48.0892 4964  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
08:43:48.0923 4964  pla - ok
08:43:49.0001 4964  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:43:49.0017 4964  PlugPlay - ok
08:43:49.0126 4964  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:43:49.0126 4964  Pml Driver HPZ12 - ok
08:43:49.0173 4964  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:43:49.0189 4964  PNRPAutoReg - ok
08:43:49.0204 4964  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:43:49.0204 4964  PNRPsvc - ok
08:43:49.0267 4964  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:43:49.0282 4964  PolicyAgent - ok
08:43:49.0345 4964  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
08:43:49.0345 4964  Power - ok
08:43:49.0428 4964  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:43:49.0443 4964  PptpMiniport - ok
08:43:49.0490 4964  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:43:49.0490 4964  Processor - ok
08:43:49.0552 4964  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:43:49.0552 4964  ProfSvc - ok
08:43:49.0568 4964  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
08:43:49.0568 4964  ProtectedStorage - ok
08:43:49.0646 4964  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:43:49.0646 4964  Psched - ok
08:43:49.0708 4964  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
08:43:49.0708 4964  PxHlpa64 - ok
08:43:49.0818 4964  [ B1A7437A886CE87B31A12A154ED33833 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
08:43:49.0833 4964  QBCFMonitorService - ok
08:43:49.0880 4964  [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
08:43:49.0896 4964  QBFCService - ok
08:43:50.0114 4964  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:43:50.0130 4964  ql2300 - ok
08:43:50.0161 4964  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:43:50.0176 4964  ql40xx - ok
08:43:50.0270 4964  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
08:43:50.0270 4964  QWAVE - ok
08:43:50.0317 4964  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:43:50.0317 4964  QWAVEdrv - ok
08:43:50.0332 4964  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:43:50.0332 4964  RasAcd - ok
08:43:50.0395 4964  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:43:50.0395 4964  RasAgileVpn - ok
08:43:50.0410 4964  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
08:43:50.0426 4964  RasAuto - ok
08:43:50.0520 4964  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:43:50.0520 4964  Rasl2tp - ok
08:43:50.0582 4964  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
08:43:50.0598 4964  RasMan - ok
08:43:50.0644 4964  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:43:50.0644 4964  RasPppoe - ok
08:43:50.0707 4964  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:43:50.0707 4964  RasSstp - ok
08:43:50.0754 4964  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:43:50.0785 4964  rdbss - ok
08:43:50.0816 4964  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:43:50.0816 4964  rdpbus - ok
08:43:50.0847 4964  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:43:50.0847 4964  RDPCDD - ok
08:43:50.0925 4964  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:43:50.0925 4964  RDPENCDD - ok
08:43:50.0956 4964  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:43:50.0956 4964  RDPREFMP - ok
08:43:51.0019 4964  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:43:51.0034 4964  RDPWD - ok
08:43:51.0112 4964  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:43:51.0128 4964  rdyboost - ok
08:43:51.0144 4964  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:43:51.0159 4964  RemoteAccess - ok
08:43:51.0222 4964  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:43:51.0222 4964  RemoteRegistry - ok
08:43:51.0331 4964  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
08:43:51.0331 4964  RFCOMM - ok
08:43:51.0396 4964  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:43:51.0414 4964  RpcEptMapper - ok
08:43:51.0476 4964  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
08:43:51.0476 4964  RpcLocator - ok
08:43:51.0570 4964  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
08:43:51.0570 4964  RpcSs - ok
08:43:51.0617 4964  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:43:51.0632 4964  rspndr - ok
08:43:51.0726 4964  [ 16D4E350420BAA7E63E16E3FC033E1F5 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
08:43:51.0741 4964  RTL8167 - ok
08:43:51.0757 4964  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
08:43:51.0757 4964  SamSs - ok
08:43:51.0819 4964  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:43:51.0835 4964  sbp2port - ok
08:43:51.0882 4964  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:43:51.0882 4964  SCardSvr - ok
08:43:51.0929 4964  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:43:51.0929 4964  scfilter - ok
08:43:52.0053 4964  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
08:43:52.0069 4964  Schedule - ok
08:43:52.0100 4964  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:43:52.0116 4964  SCPolicySvc - ok
08:43:52.0163 4964  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:43:52.0163 4964  SDRSVC - ok
08:43:52.0241 4964  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:43:52.0241 4964  secdrv - ok
08:43:52.0241 4964  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
08:43:52.0256 4964  seclogon - ok
08:43:52.0272 4964  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
08:43:52.0319 4964  SENS - ok
08:43:52.0350 4964  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:43:52.0365 4964  SensrSvc - ok
08:43:52.0397 4964  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:43:52.0397 4964  Serenum - ok
08:43:52.0443 4964  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:43:52.0443 4964  Serial - ok
08:43:52.0537 4964  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:43:52.0537 4964  sermouse - ok
08:43:52.0584 4964  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:43:52.0615 4964  SessionEnv - ok
08:43:52.0662 4964  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:43:52.0662 4964  sffdisk - ok
08:43:52.0693 4964  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:43:52.0693 4964  sffp_mmc - ok
08:43:52.0709 4964  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:43:52.0709 4964  sffp_sd - ok
08:43:52.0755 4964  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:43:52.0755 4964  sfloppy - ok
08:43:52.0787 4964  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:43:52.0802 4964  SharedAccess - ok
08:43:52.0927 4964  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:43:52.0927 4964  ShellHWDetection - ok
08:43:52.0974 4964  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:43:52.0974 4964  SiSRaid2 - ok
08:43:53.0005 4964  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:43:53.0005 4964  SiSRaid4 - ok
08:43:53.0145 4964  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
08:43:53.0145 4964  SkypeUpdate - ok
08:43:53.0208 4964  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:43:53.0208 4964  Smb - ok
08:43:53.0286 4964  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:43:53.0286 4964  SNMPTRAP - ok
08:43:53.0301 4964  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:43:53.0301 4964  spldr - ok
08:43:53.0364 4964  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
08:43:53.0364 4964  Spooler - ok
08:43:53.0668 4964  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
08:43:53.0761 4964  sppsvc - ok
08:43:53.0808 4964  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:43:53.0808 4964  sppuinotify - ok
08:43:53.0855 4964  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:43:53.0870 4964  srv - ok
08:43:53.0948 4964  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:43:53.0948 4964  srv2 - ok
08:43:53.0980 4964  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:43:53.0995 4964  srvnet - ok
08:43:54.0058 4964  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
08:43:54.0058 4964  ssadbus - ok
08:43:54.0104 4964  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
08:43:54.0104 4964  ssadmdfl - ok
08:43:54.0136 4964  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
08:43:54.0151 4964  ssadmdm - ok
08:43:54.0182 4964  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:43:54.0182 4964  SSDPSRV - ok
08:43:54.0229 4964  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:43:54.0229 4964  SstpSvc - ok
08:43:54.0338 4964  [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
08:43:54.0354 4964  ssudmdm - ok
08:43:54.0619 4964  [ C24310D67140E18526396FB3BBAA91C6 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\STacSV64.exe
08:43:54.0650 4964  STacSV - ok
08:43:54.0713 4964  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:43:54.0713 4964  stexstor - ok
08:43:54.0791 4964  [ C79F5CBC47B19A068D8936DF8332E3E6 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
08:43:54.0806 4964  STHDA - ok
08:43:54.0869 4964  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
08:43:54.0869 4964  StillCam - ok
08:43:54.0947 4964  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
08:43:54.0962 4964  stisvc - ok
08:43:55.0040 4964  [ E476C66713C842F58E61A95826ED1D57 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
08:43:55.0040 4964  stllssvr - ok
08:43:55.0103 4964  [ 85BF0B7CE3D9B6D1611E05872E1C3E56 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
08:43:55.0103 4964  SWDUMon - ok
08:43:55.0134 4964  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:43:55.0134 4964  swenum - ok
08:43:55.0212 4964  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
08:43:55.0228 4964  swprv - ok
08:43:55.0290 4964  sxuptp - ok
08:43:55.0420 4964  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
08:43:55.0467 4964  SysMain - ok
08:43:55.0513 4964  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:43:55.0513 4964  TabletInputService - ok
08:43:55.0591 4964  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:43:55.0591 4964  TapiSrv - ok
08:43:55.0669 4964  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
08:43:55.0685 4964  TBS - ok
08:43:55.0857 4964  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:43:55.0903 4964  Tcpip - ok
08:43:56.0028 4964  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:43:56.0044 4964  TCPIP6 - ok
08:43:56.0091 4964  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:43:56.0091 4964  tcpipreg - ok
08:43:56.0169 4964  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:43:56.0169 4964  TDPIPE - ok
08:43:56.0200 4964  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:43:56.0200 4964  TDTCP - ok
08:43:56.0262 4964  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:43:56.0262 4964  tdx - ok
08:43:56.0340 4964  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:43:56.0340 4964  TermDD - ok
08:43:56.0418 4964  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
08:43:56.0418 4964  TermService - ok
08:43:56.0559 4964  [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
08:43:56.0559 4964  TFsExDisk - ok
08:43:56.0590 4964  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
08:43:56.0590 4964  Themes - ok
08:43:56.0637 4964  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
08:43:56.0637 4964  THREADORDER - ok
08:43:56.0652 4964  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
08:43:56.0668 4964  TrkWks - ok
08:43:56.0777 4964  [ EA43DE1743C1BA0D2D17B8DB90C91D88 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
08:43:56.0777 4964  truecrypt - ok
08:43:56.0855 4964  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:43:56.0871 4964  TrustedInstaller - ok
08:43:56.0917 4964  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:43:56.0917 4964  tssecsrv - ok
08:43:56.0995 4964  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:43:57.0011 4964  TsUsbFlt - ok
08:43:57.0136 4964  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:43:57.0136 4964  tunnel - ok
08:43:57.0198 4964  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:43:57.0198 4964  uagp35 - ok
08:43:57.0307 4964  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:43:57.0307 4964  udfs - ok
08:43:57.0370 4964  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:43:57.0385 4964  UI0Detect - ok
08:43:57.0422 4964  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:43:57.0422 4964  uliagpkx - ok
08:43:57.0484 4964  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
08:43:57.0484 4964  umbus - ok
08:43:57.0515 4964  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:43:57.0515 4964  UmPass - ok
08:43:57.0546 4964  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
08:43:57.0546 4964  upnphost - ok
08:43:57.0562 4964  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:43:57.0562 4964  usbccgp - ok
08:43:57.0624 4964  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:43:57.0624 4964  usbcir - ok
08:43:57.0656 4964  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:43:57.0671 4964  usbehci - ok
08:43:57.0718 4964  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:43:57.0718 4964  usbhub - ok
08:43:57.0749 4964  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:43:57.0765 4964  usbohci - ok
08:43:57.0812 4964  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:43:57.0812 4964  usbprint - ok
08:43:57.0890 4964  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
08:43:57.0890 4964  usbscan - ok
08:43:57.0921 4964  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:43:57.0921 4964  USBSTOR - ok
08:43:57.0983 4964  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
08:43:57.0983 4964  usbuhci - ok
08:43:58.0030 4964  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
08:43:58.0030 4964  usbvideo - ok
08:43:58.0139 4964  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
08:43:58.0139 4964  usb_rndisx - ok
08:43:58.0186 4964  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
08:43:58.0217 4964  UxSms - ok
08:43:58.0248 4964  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
08:43:58.0248 4964  VaultSvc - ok
08:43:58.0389 4964  [ ED492636EE26EC43DAA4BAA7EF0DA7AD ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
08:43:58.0404 4964  VBoxDrv - ok
08:43:58.0451 4964  [ 58E2365E7FD880624F648C63C5D22009 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
08:43:58.0451 4964  VBoxNetAdp - ok
08:43:58.0498 4964  [ 5160910CE602710D7E87F1B35487E7DB ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
08:43:58.0514 4964  VBoxNetFlt - ok
08:43:58.0592 4964  [ 99906A079A6C24D4B8B0DBED02B7869B ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
08:43:58.0592 4964  VBoxUSBMon - ok
08:43:58.0638 4964  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:43:58.0638 4964  vdrvroot - ok
08:43:58.0732 4964  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
08:43:58.0748 4964  vds - ok
08:43:58.0794 4964  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:43:58.0794 4964  vga - ok
08:43:58.0841 4964  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:43:58.0841 4964  VgaSave - ok
08:43:58.0857 4964  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:43:58.0872 4964  vhdmp - ok
08:43:58.0919 4964  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:43:58.0919 4964  viaide - ok
08:43:58.0935 4964  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:43:58.0935 4964  volmgr - ok
08:43:59.0013 4964  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:43:59.0013 4964  volmgrx - ok
08:43:59.0091 4964  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:43:59.0091 4964  volsnap - ok
08:43:59.0169 4964  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:43:59.0169 4964  vsmraid - ok
08:43:59.0278 4964  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
08:43:59.0309 4964  VSS - ok
08:43:59.0325 4964  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
08:43:59.0340 4964  vwifibus - ok
08:43:59.0387 4964  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
08:43:59.0387 4964  vwififlt - ok
08:43:59.0450 4964  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
08:43:59.0465 4964  vwifimp - ok
08:43:59.0543 4964  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
08:43:59.0543 4964  W32Time - ok
08:43:59.0574 4964  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:43:59.0574 4964  WacomPen - ok
08:43:59.0637 4964  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:43:59.0652 4964  WANARP - ok
08:43:59.0668 4964  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:43:59.0668 4964  Wanarpv6 - ok
08:43:59.0746 4964  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:43:59.0777 4964  WatAdminSvc - ok
08:43:59.0902 4964  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
08:43:59.0933 4964  wbengine - ok
08:44:00.0011 4964  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:44:00.0027 4964  WbioSrvc - ok
08:44:00.0105 4964  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:44:00.0120 4964  wcncsvc - ok
08:44:00.0120 4964  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:44:00.0120 4964  WcsPlugInService - ok
08:44:00.0167 4964  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:44:00.0167 4964  Wd - ok
08:44:00.0276 4964  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:44:00.0292 4964  Wdf01000 - ok
08:44:00.0323 4964  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:44:00.0339 4964  WdiServiceHost - ok
08:44:00.0339 4964  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:44:00.0354 4964  WdiSystemHost - ok
08:44:00.0386 4964  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
08:44:00.0401 4964  WebClient - ok
08:44:00.0479 4964  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:44:00.0479 4964  Wecsvc - ok
08:44:00.0510 4964  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:44:00.0526 4964  wercplsupport - ok
08:44:00.0588 4964  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:44:00.0588 4964  WerSvc - ok
08:44:00.0604 4964  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:44:00.0604 4964  WfpLwf - ok
08:44:00.0620 4964  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
 

Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

08:44:00.0620 4964  WIMMount - ok
08:44:00.0666 4964  WinDefend - ok
08:44:00.0698 4964  WinHttpAutoProxySvc - ok
08:44:00.0807 4964  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:44:00.0822 4964  Winmgmt - ok
08:44:00.0978 4964  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
08:44:01.0010 4964  WinRM - ok
08:44:01.0088 4964  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
08:44:01.0088 4964  WinUsb - ok
08:44:01.0212 4964  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:44:01.0228 4964  Wlansvc - ok
08:44:01.0509 4964  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:44:01.0556 4964  wlidsvc - ok
08:44:01.0587 4964  [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc        C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
08:44:01.0602 4964  wltrysvc - ok
08:44:01.0665 4964  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:44:01.0665 4964  WmiAcpi - ok
08:44:01.0743 4964  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:44:01.0743 4964  wmiApSrv - ok
08:44:01.0805 4964  WMPNetworkSvc - ok
08:44:01.0821 4964  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:44:01.0821 4964  WPCSvc - ok
08:44:01.0852 4964  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:44:01.0883 4964  WPDBusEnum - ok
08:44:01.0946 4964  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:44:01.0946 4964  ws2ifsl - ok
08:44:01.0961 4964  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
08:44:01.0977 4964  wscsvc - ok
08:44:01.0977 4964  WSearch - ok
08:44:02.0211 4964  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:44:02.0258 4964  wuauserv - ok
08:44:02.0304 4964  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:44:02.0304 4964  WudfPf - ok
08:44:02.0382 4964  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:44:02.0382 4964  WUDFRd - ok
08:44:02.0445 4964  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:44:02.0445 4964  wudfsvc - ok
08:44:02.0492 4964  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:44:02.0507 4964  WwanSvc - ok
08:44:02.0616 4964  ================ Scan global ===============================
08:44:02.0679 4964  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:44:02.0741 4964  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
08:44:02.0757 4964  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
08:44:02.0804 4964  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:44:02.0835 4964  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:44:02.0850 4964  [Global] - ok
08:44:02.0850 4964  ================ Scan MBR ==================================
08:44:02.0882 4964  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:44:03.0490 4964  \Device\Harddisk0\DR0 - ok
08:44:03.0506 4964  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
08:44:03.0506 4964  \Device\Harddisk1\DR1 - ok
08:44:03.0506 4964  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk2\DR2
08:44:10.0932 4964  \Device\Harddisk2\DR2 - ok
08:44:10.0948 4964  ================ Scan VBR ==================================
08:44:10.0963 4964  [ CDAC62CE4D295A9DF369CFD4A30EA217 ] \Device\Harddisk0\DR0\Partition1
08:44:10.0995 4964  \Device\Harddisk0\DR0\Partition1 - ok
08:44:11.0010 4964  [ CD2ABA95A2B41562FD641D196DF2B927 ] \Device\Harddisk0\DR0\Partition2
08:44:11.0026 4964  \Device\Harddisk0\DR0\Partition2 - ok
08:44:11.0026 4964  [ 2FF3C6B02CBC96E502C238688B47448C ] \Device\Harddisk1\DR1\Partition1
08:44:11.0026 4964  \Device\Harddisk1\DR1\Partition1 - ok
08:44:11.0041 4964  [ 70F512910771DD9520FB4858314DD2F9 ] \Device\Harddisk2\DR2\Partition1
08:44:11.0041 4964  \Device\Harddisk2\DR2\Partition1 - ok
08:44:11.0041 4964  ============================================================
08:44:11.0041 4964  Scan finished
08:44:11.0041 4964  ============================================================
08:44:11.0182 10096  Detected object count: 0
08:44:11.0182 10096  Actual detected object count: 0
08:46:53.0362 10128  ============================================================
08:46:53.0362 10128  Scan started
08:46:53.0362 10128  Mode: Manual;
08:46:53.0362 10128  ============================================================
08:46:54.0204 10128  ================ Scan system memory ========================
08:46:54.0204 10128  System memory - ok
08:46:54.0204 10128  ================ Scan services =============================
08:46:54.0735 10128  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:46:54.0735 10128  1394ohci - ok
08:46:54.0828 10128  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:46:54.0828 10128  ACPI - ok
08:46:54.0891 10128  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:46:54.0906 10128  AcpiPmi - ok
08:46:55.0047 10128  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:46:55.0062 10128  AdobeARMservice - ok
08:46:55.0421 10128  [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:46:55.0421 10128  AdobeFlashPlayerUpdateSvc - ok
08:46:55.0499 10128  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:46:55.0499 10128  adp94xx - ok
08:46:55.0530 10128  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:46:55.0530 10128  adpahci - ok
08:46:55.0561 10128  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:46:55.0561 10128  adpu320 - ok
08:46:55.0608 10128  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:46:55.0624 10128  AeLookupSvc - ok
08:46:55.0749 10128  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
08:46:55.0749 10128  AFD - ok
08:46:55.0827 10128  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:46:55.0827 10128  agp440 - ok
08:46:55.0873 10128  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
08:46:55.0873 10128  ALG - ok
08:46:55.0967 10128  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:46:55.0967 10128  aliide - ok
08:46:55.0983 10128  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
08:46:55.0983 10128  amdide - ok
08:46:56.0076 10128  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:46:56.0076 10128  AmdK8 - ok
08:46:56.0123 10128  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:46:56.0123 10128  AmdPPM - ok
08:46:56.0154 10128  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:46:56.0154 10128  amdsata - ok
08:46:56.0201 10128  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:46:56.0201 10128  amdsbs - ok
08:46:56.0232 10128  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:46:56.0232 10128  amdxata - ok
08:46:56.0295 10128  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
08:46:56.0295 10128  androidusb - ok
08:46:56.0482 10128  [ FB32F046A2578755FA0DA5052C6A9CD3 ] Apache2.2       C:\xampp\apache\bin\httpd.exe
08:46:56.0482 10128  Apache2.2 - ok
08:46:56.0544 10128  [ 3CC4531F11648A6081A7BA3AA4924D04 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
08:46:56.0544 10128  ApfiltrService - ok
08:46:56.0575 10128  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
08:46:56.0575 10128  AppID - ok
08:46:56.0653 10128  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:46:56.0653 10128  AppIDSvc - ok
08:46:56.0747 10128  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
08:46:56.0747 10128  Appinfo - ok
08:46:56.0950 10128  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:46:56.0950 10128  Apple Mobile Device - ok
08:46:57.0043 10128  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:46:57.0043 10128  arc - ok
08:46:57.0059 10128  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:46:57.0059 10128  arcsas - ok
08:46:57.0246 10128  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:46:57.0246 10128  aspnet_state - ok
08:46:57.0309 10128  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:46:57.0309 10128  AsyncMac - ok
08:46:57.0402 10128  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
08:46:57.0402 10128  atapi - ok
08:46:57.0511 10128  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:46:57.0527 10128  AudioEndpointBuilder - ok
08:46:57.0621 10128  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:46:57.0621 10128  AudioSrv - ok
08:46:57.0699 10128  [ 0D75C5C4EBF3D8197448189A2F153116 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
08:46:57.0714 10128  Avgdiska - ok
08:46:57.0995 10128  [ 332AEB8F6F9595C8886A7AA7A62322DC ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
08:46:58.0026 10128  AVGIDSAgent - ok
08:46:58.0073 10128  [ 06963A6DE8B1C8F15A8E1053AE9505A4 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
08:46:58.0073 10128  AVGIDSDriver - ok
08:46:58.0167 10128  [ E4F5607D1437FFDEE33CADA40D256D4F ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
08:46:58.0167 10128  AVGIDSHA - ok
08:46:58.0229 10128  [ B010FF7C984FFFFFF019F2CF162F1DE8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
08:46:58.0229 10128  Avgldx64 - ok
08:46:58.0323 10128  [ F05BF4010D3F0E8C2D8CBFE45D7CFCE1 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
08:46:58.0323 10128  Avgloga - ok
08:46:58.0385 10128  [ 4B459C2FCF22ECE548766B2FCF46F62C ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
08:46:58.0385 10128  Avgmfx64 - ok
08:46:58.0401 10128  [ 66D00CC6F7D148980071F55F9056D450 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
08:46:58.0401 10128  Avgrkx64 - ok
08:46:58.0447 10128  [ 4E364FABBD147F59E5D524C9EA86D772 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
08:46:58.0447 10128  Avgtdia - ok
08:46:58.0557 10128  [ 07646F5F37F18F1F978CE3B0378EF1C9 ] avgwd           C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
08:46:58.0557 10128  avgwd - ok
08:46:58.0619 10128  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:46:58.0619 10128  AxInstSV - ok
08:46:58.0681 10128  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
08:46:58.0681 10128  b06bdrv - ok
08:46:58.0759 10128  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:46:58.0775 10128  b57nd60a - ok
08:46:58.0853 10128  [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
08:46:58.0853 10128  BCM42RLY - ok
08:46:59.0025 10128  [ 37394D3553E220FB732C21E217E1BD8B ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
08:46:59.0040 10128  BCM43XX - ok
08:46:59.0087 10128  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:46:59.0087 10128  BDESVC - ok
08:46:59.0165 10128  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:46:59.0165 10128  Beep - ok
08:46:59.0227 10128  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
08:46:59.0227 10128  BFE - ok
08:46:59.0321 10128  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
08:46:59.0321 10128  BITS - ok
08:46:59.0352 10128  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:46:59.0352 10128  blbdrive - ok
08:46:59.0539 10128  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:46:59.0539 10128  Bonjour Service - ok
08:46:59.0602 10128  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:46:59.0617 10128  bowser - ok
08:46:59.0695 10128  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:46:59.0695 10128  BrFiltLo - ok
08:46:59.0742 10128  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:46:59.0742 10128  BrFiltUp - ok
08:46:59.0789 10128  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
08:46:59.0789 10128  Browser - ok
08:46:59.0836 10128  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:46:59.0836 10128  Brserid - ok
08:46:59.0851 10128  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:46:59.0851 10128  BrSerWdm - ok
08:46:59.0883 10128  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:46:59.0883 10128  BrUsbMdm - ok
08:46:59.0898 10128  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:46:59.0898 10128  BrUsbSer - ok
08:46:59.0992 10128  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
08:46:59.0992 10128  BrYNSvc - ok
08:47:00.0007 10128  btaudio - ok
08:47:00.0007 10128  BTDriver - ok
08:47:00.0070 10128  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
08:47:00.0070 10128  BthEnum - ok
08:47:00.0085 10128  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:47:00.0085 10128  BTHMODEM - ok
08:47:00.0148 10128  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
08:47:00.0148 10128  BthPan - ok
08:47:00.0210 10128  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
08:47:00.0226 10128  BTHPORT - ok
08:47:00.0273 10128  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
08:47:00.0273 10128  bthserv - ok
08:47:00.0335 10128  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
08:47:00.0335 10128  BTHUSB - ok
08:47:00.0382 10128  [ 4BDBDB86ABBA924E029FB2683BE7C505 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
08:47:00.0382 10128  btwaudio - ok
08:47:00.0429 10128  [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
08:47:00.0429 10128  btwavdt - ok
08:47:00.0491 10128  [ 31DA517946FFE416442E864592548F8A ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
08:47:00.0491 10128  btwdins - ok
08:47:00.0507 10128  BTWDNDIS - ok
08:47:00.0507 10128  btwhid - ok
08:47:00.0538 10128  [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
08:47:00.0538 10128  btwl2cap - ok
08:47:00.0553 10128  btwmodem - ok
08:47:00.0569 10128  [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
08:47:00.0569 10128  btwrchid - ok
08:47:00.0616 10128  [ 1334ABDA77927D2CD78D83C588FC3C18 ] BTWUSB          C:\Windows\system32\Drivers\btwusb.sys
08:47:00.0616 10128  BTWUSB - ok
08:47:00.0647 10128  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:47:00.0647 10128  cdfs - ok
08:47:00.0694 10128  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
08:47:00.0694 10128  cdrom - ok
08:47:00.0756 10128  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
08:47:00.0756 10128  CertPropSvc - ok
08:47:00.0787 10128  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:47:00.0787 10128  circlass - ok
08:47:00.0819 10128  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
08:47:00.0834 10128  CLFS - ok
08:47:01.0084 10128  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:47:01.0084 10128  clr_optimization_v2.0.50727_32 - ok
08:47:01.0162 10128  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:47:01.0162 10128  clr_optimization_v2.0.50727_64 - ok
08:47:01.0240 10128  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:47:01.0240 10128  clr_optimization_v4.0.30319_32 - ok
08:47:01.0255 10128  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:47:01.0271 10128  clr_optimization_v4.0.30319_64 - ok
08:47:01.0287 10128  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:47:01.0287 10128  CmBatt - ok
08:47:01.0302 10128  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:47:01.0318 10128  cmdide - ok
08:47:01.0380 10128  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
08:47:01.0380 10128  CNG - ok
08:47:01.0427 10128  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:47:01.0427 10128  Compbatt - ok
08:47:01.0458 10128  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:47:01.0474 10128  CompositeBus - ok
08:47:01.0474 10128  COMSysApp - ok
08:47:01.0489 10128  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:47:01.0505 10128  crcdisk - ok
08:47:01.0536 10128  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:47:01.0536 10128  CryptSvc - ok
08:47:01.0583 10128  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:47:01.0599 10128  DcomLaunch - ok
08:47:01.0645 10128  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
08:47:01.0661 10128  defragsvc - ok
08:47:01.0708 10128  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:47:01.0708 10128  DfsC - ok
08:47:01.0739 10128  [ 867FA8B9E9E3078F68C4089904BBF4B0 ] dgderdrv        C:\Windows\system32\drivers\dgderdrv.sys
08:47:01.0739 10128  dgderdrv - ok
08:47:01.0817 10128  [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
08:47:01.0817 10128  dg_ssudbus - ok
08:47:01.0879 10128  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:47:01.0879 10128  Dhcp - ok
08:47:01.0942 10128  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
08:47:01.0942 10128  discache - ok
08:47:02.0004 10128  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:47:02.0004 10128  Disk - ok
08:47:02.0067 10128  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:47:02.0067 10128  Dnscache - ok
08:47:02.0113 10128  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:47:02.0113 10128  dot3svc - ok
08:47:02.0160 10128  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
08:47:02.0160 10128  Dot4 - ok
08:47:02.0191 10128  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
08:47:02.0191 10128  Dot4Print - ok
08:47:02.0223 10128  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
08:47:02.0223 10128  dot4usb - ok
08:47:02.0301 10128  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
08:47:02.0301 10128  DPS - ok
08:47:02.0347 10128  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:47:02.0347 10128  drmkaud - ok
08:47:02.0425 10128  [ EDB7365C4C0AFFD7E5064446FF5AE7CC ] DroidExplorerService C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
08:47:02.0441 10128  DroidExplorerService - ok
08:47:02.0503 10128  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:47:02.0503 10128  DXGKrnl - ok
08:47:02.0566 10128  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
08:47:02.0581 10128  EapHost - ok
08:47:02.0878 10128  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
08:47:02.0893 10128  ebdrv - ok
08:47:02.0925 10128  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
08:47:02.0940 10128  EFS - ok
08:47:03.0081 10128  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:47:03.0096 10128  ehRecvr - ok
08:47:03.0143 10128  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
08:47:03.0174 10128  ehSched - ok
08:47:03.0237 10128  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:47:03.0237 10128  elxstor - ok
08:47:03.0283 10128  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:47:03.0283 10128  ErrDev - ok
08:47:03.0346 10128  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
08:47:03.0346 10128  EventSystem - ok
08:47:03.0377 10128  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
08:47:03.0377 10128  exfat - ok
08:47:03.0424 10128  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:47:03.0439 10128  fastfat - ok
08:47:03.0580 10128  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
08:47:03.0580 10128  Fax - ok
08:47:03.0627 10128  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:47:03.0627 10128  fdc - ok
08:47:03.0658 10128  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
08:47:03.0673 10128  fdPHost - ok
08:47:03.0673 10128  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:47:03.0689 10128  FDResPub - ok
08:47:03.0689 10128  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:47:03.0689 10128  FileInfo - ok
08:47:03.0736 10128  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:47:03.0736 10128  Filetrace - ok
08:47:03.0751 10128  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:47:03.0751 10128  flpydisk - ok
08:47:03.0798 10128  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:47:03.0814 10128  FltMgr - ok
08:47:03.0970 10128  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
08:47:03.0985 10128  FontCache - ok
08:47:04.0032 10128  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:47:04.0048 10128  FontCache3.0.0.0 - ok
08:47:04.0110 10128  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:47:04.0110 10128  FsDepends - ok
08:47:04.0141 10128  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:47:04.0141 10128  Fs_Rec - ok
08:47:04.0204 10128  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:47:04.0235 10128  fvevol - ok
08:47:04.0282 10128  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:47:04.0282 10128  gagp30kx - ok
08:47:04.0313 10128  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:47:04.0313 10128  GEARAspiWDM - ok
08:47:04.0407 10128  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
08:47:04.0407 10128  gpsvc - ok
08:47:04.0563 10128  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:47:04.0563 10128  gupdate - ok
08:47:04.0641 10128  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:47:04.0641 10128  gupdatem - ok
08:47:05.0389 10128  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:47:05.0452 10128  gusvc - ok
08:47:05.0779 10128  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:47:05.0779 10128  hcw85cir - ok
08:47:06.0076 10128  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:47:06.0076 10128  HDAudBus - ok
08:47:06.0388 10128  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:47:06.0388 10128  HidBatt - ok
08:47:07.0293 10128  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:47:07.0293 10128  HidBth - ok
08:47:07.0542 10128  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:47:07.0558 10128  HidIr - ok
08:47:07.0807 10128  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
08:47:07.0823 10128  hidserv - ok
08:47:08.0665 10128  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
08:47:08.0681 10128  HidUsb - ok
08:47:09.0133 10128  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:47:09.0133 10128  hkmsvc - ok
08:47:09.0960 10128  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:47:09.0976 10128  HomeGroupListener - ok
08:47:10.0288 10128  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:47:10.0288 10128  HomeGroupProvider - ok
08:47:10.0818 10128  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:47:10.0818 10128  HpSAMD - ok
08:47:12.0207 10128  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:47:12.0425 10128  HTTP - ok
08:47:12.0846 10128  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:47:12.0862 10128  hwpolicy - ok
08:47:13.0548 10128  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:47:13.0548 10128  i8042prt - ok
08:47:13.0689 10128  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
08:47:13.0689 10128  iaStor - ok
08:47:13.0782 10128  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:47:13.0798 10128  iaStorV - ok
08:47:13.0938 10128  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:47:13.0938 10128  idsvc - ok
08:47:13.0985 10128  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:47:13.0985 10128  iirsp - ok
08:47:14.0063 10128  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
08:47:14.0079 10128  IKEEXT - ok
08:47:14.0110 10128  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
08:47:14.0110 10128  intelide - ok
08:47:14.0172 10128  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:47:14.0172 10128  intelppm - ok
08:47:14.0219 10128  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:47:14.0219 10128  IPBusEnum - ok
08:47:14.0266 10128  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:47:14.0266 10128  IpFilterDriver - ok
08:47:14.0359 10128  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:47:14.0375 10128  iphlpsvc - ok
08:47:14.0422 10128  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:47:14.0422 10128  IPMIDRV - ok
08:47:14.0469 10128  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:47:14.0469 10128  IPNAT - ok
08:47:14.0578 10128  [ 4472C8825B5E41D8697D5962F47AB1C9 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:47:14.0593 10128  iPod Service - ok
08:47:14.0625 10128  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:47:14.0625 10128  IRENUM - ok
08:47:14.0687 10128  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:47:14.0687 10128  isapnp - ok
08:47:14.0718 10128  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:47:14.0734 10128  iScsiPrt - ok
08:47:14.0749 10128  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:47:14.0749 10128  kbdclass - ok
08:47:14.0781 10128  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:47:14.0796 10128  kbdhid - ok
08:47:14.0843 10128  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
08:47:14.0843 10128  KeyIso - ok
08:47:14.0890 10128  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:47:14.0905 10128  KSecDD - ok
08:47:14.0968 10128  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:47:14.0968 10128  KSecPkg - ok
08:47:15.0015 10128  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:47:15.0015 10128  ksthunk - ok
08:47:15.0124 10128  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:47:15.0124 10128  KtmRm - ok
08:47:15.0217 10128  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:47:15.0217 10128  LanmanServer - ok
08:47:15.0280 10128  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:47:15.0280 10128  LanmanWorkstation - ok
08:47:15.0295 10128  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:47:15.0311 10128  lltdio - ok
08:47:15.0358 10128  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:47:15.0373 10128  lltdsvc - ok
08:47:15.0389 10128  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:47:15.0389 10128  lmhosts - ok
08:47:15.0420 10128  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:47:15.0420 10128  LSI_FC - ok
08:47:15.0467 10128  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:47:15.0467 10128  LSI_SAS - ok
08:47:15.0498 10128  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:47:15.0498 10128  LSI_SAS2 - ok
08:47:15.0529 10128  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:47:15.0529 10128  LSI_SCSI - ok
08:47:15.0545 10128  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
08:47:15.0545 10128  luafv - ok
08:47:15.0607 10128  [ 8B03202C731A0B967927EB7E5B2E470C ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
08:47:15.0607 10128  mbamchameleon - ok
08:47:15.0654 10128  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:47:15.0654 10128  Mcx2Svc - ok
08:47:15.0701 10128  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:47:15.0701 10128  megasas - ok
08:47:15.0763 10128  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:47:15.0763 10128  MegaSR - ok
08:47:15.0826 10128  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
08:47:15.0826 10128  MMCSS - ok
08:47:15.0873 10128  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
08:47:15.0873 10128  Modem - ok
08:47:15.0904 10128  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:47:15.0904 10128  monitor - ok
08:47:15.0935 10128  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:47:15.0935 10128  mouclass - ok
08:47:15.0966 10128  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:47:15.0982 10128  mouhid - ok
08:47:16.0013 10128  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:47:16.0013 10128  mountmgr - ok
08:47:16.0107 10128  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:47:16.0107 10128  MozillaMaintenance - ok
08:47:16.0169 10128  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:47:16.0169 10128  mpio - ok
08:47:16.0247 10128  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:47:16.0247 10128  mpsdrv - ok
08:47:16.0325 10128  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:47:16.0341 10128  MpsSvc - ok
08:47:16.0387 10128  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:47:16.0387 10128  MRxDAV - ok
08:47:16.0450 10128  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:47:16.0450 10128  mrxsmb - ok
08:47:16.0528 10128  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:47:16.0528 10128  mrxsmb10 - ok
08:47:16.0575 10128  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:47:16.0575 10128  mrxsmb20 - ok
08:47:16.0637 10128  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:47:16.0637 10128  msahci - ok
08:47:16.0668 10128  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:47:16.0684 10128  msdsm - ok
08:47:16.0699 10128  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
08:47:16.0699 10128  MSDTC - ok
08:47:16.0777 10128  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:47:16.0777 10128  Msfs - ok
08:47:16.0793 10128  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:47:16.0793 10128  mshidkmdf - ok
08:47:16.0824 10128  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:47:16.0824 10128  msisadrv - ok
08:47:16.0855 10128  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:47:16.0855 10128  MSiSCSI - ok
08:47:16.0855 10128  msiserver - ok
08:47:16.0871 10128  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:47:16.0871 10128  MSKSSRV - ok
08:47:16.0902 10128  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:47:16.0902 10128  MSPCLOCK - ok
08:47:16.0918 10128  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:47:16.0918 10128  MSPQM - ok
08:47:16.0996 10128  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:47:16.0996 10128  MsRPC - ok
08:47:17.0043 10128  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:47:17.0043 10128  mssmbios - ok
08:47:17.0058 10128  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:47:17.0058 10128  MSTEE - ok
08:47:17.0105 10128  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:47:17.0105 10128  MTConfig - ok
08:47:17.0121 10128  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
08:47:17.0121 10128  Mup - ok
08:47:17.0604 10128  [ 21EEF976D53A0BCB603ABFF4AB6E4C88 ] MySQL           C:\xampp\mysql\bin\mysqld.exe
08:47:17.0745 10128  MySQL - ok
08:47:17.0807 10128  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
08:47:17.0807 10128  napagent - ok
08:47:17.0885 10128  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:47:17.0885 10128  NativeWifiP - ok
08:47:17.0947 10128  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:47:17.0963 10128  NDIS - ok
08:47:17.0994 10128  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:47:17.0994 10128  NdisCap - ok
08:47:18.0010 10128  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:47:18.0010 10128  NdisTapi - ok
08:47:18.0072 10128  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:47:18.0072 10128  Ndisuio - ok
08:47:18.0135 10128  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:47:18.0135 10128  NdisWan - ok
08:47:18.0166 10128  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:47:18.0166 10128  NDProxy - ok
08:47:18.0228 10128  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:47:18.0228 10128  Net Driver HPZ12 - ok
08:47:18.0291 10128  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:47:18.0291 10128  NetBIOS - ok
08:47:18.0369 10128  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:47:18.0369 10128  NetBT - ok
08:47:18.0400 10128  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
08:47:18.0400 10128  Netlogon - ok
08:47:18.0431 10128  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
08:47:18.0447 10128  Netman - ok
08:47:18.0509 10128  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:47:18.0509 10128  NetMsmqActivator - ok
08:47:18.0509 10128  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:47:18.0525 10128  NetPipeActivator - ok
08:47:18.0587 10128  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
08:47:18.0587 10128  netprofm - ok
08:47:18.0603 10128  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:47:18.0603 10128  NetTcpActivator - ok
08:47:18.0634 10128  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:47:18.0634 10128  NetTcpPortSharing - ok
08:47:18.0665 10128  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:47:18.0665 10128  nfrd960 - ok
08:47:18.0759 10128  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:47:18.0774 10128  NlaSvc - ok
08:47:18.0790 10128  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:47:18.0790 10128  Npfs - ok
08:47:18.0852 10128  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
08:47:18.0852 10128  nsi - ok
08:47:18.0883 10128  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:47:18.0883 10128  nsiproxy - ok
08:47:18.0977 10128  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:47:18.0993 10128  Ntfs - ok
08:47:19.0024 10128  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
08:47:19.0024 10128  Null - ok
08:47:19.0554 10128  [ 5AE348E8710F743199E7225B5DD90868 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:47:19.0617 10128  nvlddmkm - ok
08:47:19.0679 10128  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:47:19.0679 10128  nvraid - ok
08:47:19.0726 10128  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:47:19.0726 10128  nvstor - ok
08:47:19.0882 10128  [ EC61934CDA39114DA769E29B1DC092BE ] nvsvc           C:\Windows\system32\nvvsvc.exe
08:47:19.0882 10128  nvsvc - ok
08:47:19.0929 10128  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:47:19.0929 10128  nv_agp - ok
08:47:19.0944 10128  [ D955D5DE998DB2476BF0892BE3A96C26 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
08:47:19.0944 10128  O2FLASH - ok
08:47:19.0991 10128  [ 1B2E099223F16AAB166E9602F7A5ECD4 ] O2MDGRDR        C:\Windows\system32\DRIVERS\o2mdgx64.sys
08:47:19.0991 10128  O2MDGRDR - ok
08:47:20.0038 10128  [ 4C9C52D9F4EA5579FF70123004B9FD06 ] O2SDGRDR        C:\Windows\system32\DRIVERS\o2sdgx64.sys
08:47:20.0038 10128  O2SDGRDR - ok
08:47:20.0179 10128  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:47:20.0179 10128  odserv - ok
08:47:20.0226 10128  [ 766F689564BC30E5A91F8621CE65AD68 ] OEM13Vfx        C:\Windows\system32\DRIVERS\OEM13Vfx.sys
08:47:20.0226 10128  OEM13Vfx - ok
08:47:20.0273 10128  [ 10DA4A1271F9790BCAD5150F5D861655 ] OEM13Vid        C:\Windows\system32\DRIVERS\OEM13Vid.sys
08:47:20.0273 10128  OEM13Vid - ok
08:47:20.0320 10128  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:47:20.0320 10128  ohci1394 - ok
08:47:20.0366 10128  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:47:20.0366 10128  ose - ok
08:47:20.0429 10128  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:47:20.0429 10128  p2pimsvc - ok
08:47:20.0491 10128  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:47:20.0491 10128  p2psvc - ok
08:47:20.0569 10128  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:47:20.0569 10128  Parport - ok
08:47:20.0616 10128  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:47:20.0616 10128  partmgr - ok
08:47:20.0647 10128  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:47:20.0647 10128  PcaSvc - ok
08:47:20.0710 10128  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
08:47:20.0710 10128  pci - ok
08:47:20.0772 10128  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
08:47:20.0772 10128  pciide - ok
08:47:20.0834 10128  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:47:20.0834 10128  pcmcia - ok
08:47:20.0850 10128  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:47:20.0850 10128  pcw - ok
08:47:20.0897 10128  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:47:20.0912 10128  PEAUTH - ok
08:47:21.0053 10128  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:47:21.0084 10128  PerfHost - ok
08:47:21.0162 10128  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
08:47:21.0162 10128  pla - ok
08:47:21.0271 10128  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:47:21.0271 10128  PlugPlay - ok
08:47:21.0302 10128  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:47:21.0302 10128  Pml Driver HPZ12 - ok
08:47:21.0365 10128  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:47:21.0365 10128  PNRPAutoReg - ok
08:47:21.0443 10128  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:47:21.0443 10128  PNRPsvc - ok
08:47:21.0536 10128  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:47:21.0536 10128  PolicyAgent - ok
08:47:21.0614 10128  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
08:47:21.0614 10128  Power - ok
08:47:21.0661 10128  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:47:21.0661 10128  PptpMiniport - ok
08:47:21.0692 10128  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:47:21.0692 10128  Processor - ok
08:47:21.0770 10128  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:47:21.0770 10128  ProfSvc - ok
08:47:21.0802 10128  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
08:47:21.0802 10128  ProtectedStorage - ok
08:47:21.0895 10128  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:47:21.0895 10128  Psched - ok
08:47:21.0942 10128  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
08:47:21.0942 10128  PxHlpa64 - ok
08:47:22.0020 10128  [ B1A7437A886CE87B31A12A154ED33833 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
08:47:22.0036 10128  QBCFMonitorService - ok
08:47:22.0114 10128  [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
08:47:22.0114 10128  QBFCService - ok
08:47:22.0207 10128  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:47:22.0223 10128  ql2300 - ok
08:47:22.0270 10128  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:47:22.0270 10128  ql40xx - ok
08:47:22.0332 10128  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
08:47:22.0332 10128  QWAVE - ok
08:47:22.0363 10128  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:47:22.0363 10128  QWAVEdrv - ok
08:47:22.0379 10128  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:47:22.0379 10128  RasAcd - ok
08:47:22.0410 10128  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:47:22.0410 10128  RasAgileVpn - ok
08:47:22.0441 10128  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
08:47:22.0441 10128  RasAuto - ok
08:47:22.0488 10128  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:47:22.0488 10128  Rasl2tp - ok
08:47:22.0535 10128  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
08:47:22.0535 10128  RasMan - ok
08:47:22.0550 10128  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:47:22.0550 10128  RasPppoe - ok
08:47:22.0582 10128  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:47:22.0582 10128  RasSstp - ok
08:47:22.0628 10128  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:47:22.0628 10128  rdbss - ok
08:47:22.0660 10128  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:47:22.0660 10128  rdpbus - ok
08:47:22.0691 10128  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:47:22.0691 10128  RDPCDD - ok
08:47:22.0706 10128  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:47:22.0706 10128  RDPENCDD - ok
08:47:22.0738 10128  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:47:22.0738 10128  RDPREFMP - ok
08:47:22.0800 10128  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:47:22.0800 10128  RDPWD - ok
08:47:22.0878 10128  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:47:22.0878 10128  rdyboost - ok
08:47:22.0925 10128  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:47:22.0925 10128  RemoteAccess - ok
08:47:22.0956 10128  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:47:22.0956 10128  RemoteRegistry - ok
08:47:23.0018 10128  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
08:47:23.0018 10128  RFCOMM - ok
08:47:23.0050 10128  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:47:23.0050 10128  RpcEptMapper - ok
08:47:23.0112 10128  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
08:47:23.0112 10128  RpcLocator - ok
08:47:23.0206 10128  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
08:47:23.0206 10128  RpcSs - ok
08:47:23.0252 10128  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:47:23.0252 10128  rspndr - ok
08:47:23.0377 10128  [ 16D4E350420BAA7E63E16E3FC033E1F5 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
08:47:23.0377 10128  RTL8167 - ok
08:47:23.0393 10128  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
08:47:23.0393 10128  SamSs - ok
08:47:23.0440 10128  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:47:23.0440 10128  sbp2port - ok
08:47:23.0518 10128  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:47:23.0533 10128  SCardSvr - ok
08:47:23.0564 10128  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:47:23.0564 10128  scfilter - ok
08:47:23.0658 10128  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
08:47:23.0674 10128  Schedule - ok
08:47:23.0689 10128  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:47:23.0705 10128  SCPolicySvc - ok
08:47:23.0767 10128  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:47:23.0767 10128  SDRSVC - ok
08:47:23.0814 10128  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:47:23.0814 10128  secdrv - ok
08:47:23.0830 10128  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
08:47:23.0830 10128  seclogon - ok
08:47:23.0876 10128  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
08:47:23.0876 10128  SENS - ok
08:47:23.0908 10128  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:47:23.0923 10128  SensrSvc - ok
08:47:23.0939 10128  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:47:23.0939 10128  Serenum - ok
08:47:23.0970 10128  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:47:23.0970 10128  Serial - ok
08:47:24.0017 10128  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:47:24.0017 10128  sermouse - ok
08:47:24.0064 10128  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:47:24.0064 10128  SessionEnv - ok
08:47:24.0095 10128  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:47:24.0095 10128  sffdisk - ok
08:47:24.0142 10128  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:47:24.0142 10128  sffp_mmc - ok
08:47:24.0173 10128  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:47:24.0173 10128  sffp_sd - ok
08:47:24.0173 10128  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:47:24.0173 10128  sfloppy - ok
08:47:24.0235 10128  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:47:24.0235 10128  SharedAccess - ok
08:47:24.0329 10128  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:47:24.0329 10128  ShellHWDetection - ok
08:47:24.0391 10128  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:47:24.0391 10128  SiSRaid2 - ok
08:47:24.0422 10128  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:47:24.0422 10128  SiSRaid4 - ok
08:47:24.0532 10128  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
08:47:24.0532 10128  SkypeUpdate - ok
08:47:24.0547 10128  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:47:24.0547 10128  Smb - ok
08:47:24.0594 10128  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:47:24.0594 10128  SNMPTRAP - ok
08:47:24.0625 10128  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:47:24.0625 10128  spldr - ok
08:47:24.0734 10128  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
08:47:24.0750 10128  Spooler - ok
08:47:25.0031 10128  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
08:47:25.0062 10128  sppsvc - ok
08:47:25.0093 10128  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:47:25.0109 10128  sppuinotify - ok
08:47:25.0171 10128  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:47:25.0171 10128  srv - ok
08:47:25.0249 10128  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:47:25.0249 10128  srv2 - ok
08:47:25.0296 10128  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:47:25.0296 10128  srvnet - ok
08:47:25.0358 10128  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
08:47:25.0358 10128  ssadbus - ok
08:47:25.0390 10128  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
08:47:25.0390 10128  ssadmdfl - ok
08:47:25.0436 10128  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
08:47:25.0452 10128  ssadmdm - ok
08:47:25.0499 10128  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:47:25.0499 10128  SSDPSRV - ok
08:47:25.0530 10128  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:47:25.0546 10128  SstpSvc - ok
08:47:25.0592 10128  [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
08:47:25.0592 10128  ssudmdm - ok
08:47:25.0748 10128  [ C24310D67140E18526396FB3BBAA91C6 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\STacSV64.exe
08:47:25.0748 10128  STacSV - ok
08:47:25.0811 10128  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:47:25.0811 10128  stexstor - ok
08:47:25.0920 10128  [ C79F5CBC47B19A068D8936DF8332E3E6 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
08:47:25.0920 10128  STHDA - ok
08:47:25.0982 10128  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
08:47:25.0982 10128  StillCam - ok
08:47:26.0045 10128  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
08:47:26.0060 10128  stisvc - ok
08:47:26.0107 10128  [ E476C66713C842F58E61A95826ED1D57 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
08:47:26.0107 10128  stllssvr - ok
08:47:26.0154 10128  [ 85BF0B7CE3D9B6D1611E05872E1C3E56 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
08:47:26.0154 10128  SWDUMon - ok
08:47:26.0216 10128  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:47:26.0232 10128  swenum - ok
08:47:26.0294 10128  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
08:47:26.0294 10128  swprv - ok
08:47:26.0294 10128  sxuptp - ok
08:47:26.0435 10128  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
08:47:26.0450 10128  SysMain - ok
08:47:26.0497 10128  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:47:26.0497 10128  TabletInputService - ok
08:47:26.0560 10128  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:47:26.0575 10128  TapiSrv - ok
08:47:26.0591 10128  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
08:47:26.0591 10128  TBS - ok
08:47:26.0778 10128  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:47:26.0778 10128  Tcpip - ok
08:47:26.0825 10128  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:47:26.0840 10128  TCPIP6 - ok
08:47:26.0887 10128  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:47:26.0887 10128  tcpipreg - ok
08:47:26.0918 10128  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:47:26.0918 10128  TDPIPE - ok
08:47:26.0965 10128  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:47:26.0965 10128  TDTCP - ok
08:47:26.0996 10128  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:47:26.0996 10128  tdx - ok
08:47:27.0043 10128  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:47:27.0043 10128  TermDD - ok
08:47:27.0152 10128  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
08:47:27.0152 10128  TermService - ok
08:47:27.0199 10128  [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
08:47:27.0199 10128  TFsExDisk - ok
08:47:27.0246 10128  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
08:47:27.0246 10128  Themes - ok
08:47:27.0262 10128  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
08:47:27.0277 10128  THREADORDER - ok
08:47:27.0293 10128  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
08:47:27.0293 10128  TrkWks - ok
08:47:27.0418 10128  [ EA43DE1743C1BA0D2D17B8DB90C91D88 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
08:47:27.0418 10128  truecrypt - ok
08:47:27.0511 10128  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:47:27.0511 10128  TrustedInstaller - ok
08:47:27.0589 10128  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:47:27.0589 10128  tssecsrv - ok
08:47:27.0636 10128  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:47:27.0636 10128  TsUsbFlt - ok
08:47:27.0683 10128  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:47:27.0683 10128  tunnel - ok
08:47:27.0730 10128  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:47:27.0730 10128  uagp35 - ok
08:47:27.0776 10128  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:47:27.0776 10128  udfs - ok
08:47:27.0839 10128  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:47:27.0839 10128  UI0Detect - ok
08:47:27.0854 10128  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:47:27.0854 10128  uliagpkx - ok
08:47:27.0917 10128  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
08:47:27.0917 10128  umbus - ok
08:47:27.0948 10128  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:47:27.0948 10128  UmPass - ok
08:47:27.0995 10128  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
08:47:27.0995 10128  upnphost - ok
08:47:28.0010 10128  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:47:28.0010 10128  usbccgp - ok
08:47:28.0073 10128  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:47:28.0073 10128  usbcir - ok
08:47:28.0104 10128  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:47:28.0104 10128  usbehci - ok
08:47:28.0135 10128  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:47:28.0135 10128  usbhub - ok
08:47:28.0166 10128  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:47:28.0166 10128  usbohci - ok
08:47:28.0244 10128  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:47:28.0244 10128  usbprint - ok
08:47:28.0291 10128  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
08:47:28.0291 10128  usbscan - ok
08:47:28.0338 10128  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:47:28.0338 10128  USBSTOR - ok
08:47:28.0354 10128  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
08:47:28.0354 10128  usbuhci - ok
08:47:28.0400 10128  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
08:47:28.0400 10128  usbvideo - ok
08:47:28.0447 10128  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
08:47:28.0447 10128  usb_rndisx - ok
08:47:28.0478 10128  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
08:47:28.0478 10128  UxSms - ok
08:47:28.0494 10128  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
08:47:28.0494 10128  VaultSvc - ok
08:47:28.0525 10128  [ ED492636EE26EC43DAA4BAA7EF0DA7AD ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
08:47:28.0525 10128  VBoxDrv - ok
08:47:28.0556 10128  [ 58E2365E7FD880624F648C63C5D22009 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
08:47:28.0556 10128  VBoxNetAdp - ok
08:47:28.0588 10128  [ 5160910CE602710D7E87F1B35487E7DB ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
08:47:28.0588 10128  VBoxNetFlt - ok
08:47:28.0634 10128  [ 99906A079A6C24D4B8B0DBED02B7869B ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
08:47:28.0634 10128  VBoxUSBMon - ok
08:47:28.0681 10128  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:47:28.0681 10128  vdrvroot - ok
08:47:28.0790 10128  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
08:47:28.0790 10128  vds - ok
08:47:28.0822 10128  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:47:28.0822 10128  vga - ok
08:47:28.0868 10128  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:47:28.0868 10128  VgaSave - ok
08:47:28.0915 10128  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:47:28.0915 10128  vhdmp - ok
08:47:28.0931 10128  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:47:28.0931 10128  viaide - ok
08:47:28.0978 10128  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:47:28.0978 10128  volmgr - ok
08:47:29.0040 10128  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:47:29.0040 10128  volmgrx - ok
08:47:29.0102 10128  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:47:29.0102 10128  volsnap - ok
08:47:29.0149 10128  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:47:29.0149 10128  vsmraid - ok
08:47:29.0244 10128  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
08:47:29.0244 10128  VSS - ok
08:47:29.0275 10128  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
08:47:29.0275 10128  vwifibus - ok
08:47:29.0306 10128  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
08:47:29.0306 10128  vwififlt - ok
08:47:29.0353 10128  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
08:47:29.0353 10128  vwifimp - ok
08:47:29.0431 10128  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
08:47:29.0431 10128  W32Time - ok
08:47:29.0478 10128  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:47:29.0478 10128  WacomPen - ok
08:47:29.0525 10128  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:47:29.0525 10128  WANARP - ok
08:47:29.0540 10128  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:47:29.0540 10128  Wanarpv6 - ok
08:47:29.0681 10128  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:47:29.0681 10128  WatAdminSvc - ok
08:47:29.0821 10128  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
08:47:29.0821 10128  wbengine - ok
08:47:29.0883 10128  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:47:29.0883 10128  WbioSrvc - ok
08:47:29.0946 10128  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:47:29.0961 10128  wcncsvc - ok
08:47:29.0961 10128  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:47:29.0961 10128  WcsPlugInService - ok
08:47:30.0008 10128  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:47:30.0008 10128  Wd - ok
08:47:30.0071 10128  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:47:30.0086 10128  Wdf01000 - ok
08:47:30.0102 10128  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:47:30.0117 10128  WdiServiceHost - ok
08:47:30.0117 10128  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:47:30.0117 10128  WdiSystemHost - ok
08:47:30.0180 10128  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
08:47:30.0180 10128  WebClient - ok
08:47:30.0289 10128  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:47:30.0289 10128  Wecsvc - ok
08:47:30.0320 10128  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:47:30.0320 10128  wercplsupport - ok
08:47:30.0351 10128  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:47:30.0351 10128  WerSvc - ok
08:47:30.0398 10128  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:47:30.0398 10128  WfpLwf - ok
08:47:30.0429 10128  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:47:30.0429 10128  WIMMount - ok
08:47:30.0476 10128  WinDefend - ok
08:47:30.0492 10128  WinHttpAutoProxySvc - ok
08:47:30.0632 10128  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:47:30.0632 10128  Winmgmt - ok
08:47:30.0726 10128  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
08:47:30.0741 10128  WinRM - ok
08:47:30.0788 10128  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
08:47:30.0788 10128  WinUsb - ok
08:47:30.0866 10128  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:47:30.0882 10128  Wlansvc - ok
08:47:31.0163 10128  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:47:31.0194 10128  wlidsvc - ok
08:47:31.0287 10128  [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc        C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
08:47:31.0287 10128  wltrysvc - ok
08:47:31.0350 10128  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:47:31.0350 10128  WmiAcpi - ok
08:47:31.0412 10128  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:47:31.0412 10128  wmiApSrv - ok
08:47:31.0475 10128  WMPNetworkSvc - ok
08:47:31.0506 10128  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:47:31.0506 10128  WPCSvc - ok
08:47:31.0568 10128  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:47:31.0568 10128  WPDBusEnum - ok
08:47:31.0615 10128  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:47:31.0615 10128  ws2ifsl - ok
08:47:31.0646 10128  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
08:47:31.0646 10128  wscsvc - ok
08:47:31.0662 10128  WSearch - ok
08:47:31.0849 10128  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:47:31.0865 10128  wuauserv - ok
08:47:31.0911 10128  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:47:31.0911 10128  WudfPf - ok
08:47:31.0943 10128  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:47:31.0943 10128  WUDFRd - ok
08:47:31.0989 10128  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:47:32.0005 10128  wudfsvc - ok
08:47:32.0036 10128  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:47:32.0052 10128  WwanSvc - ok
08:47:32.0114 10128  ================ Scan global ===============================
08:47:32.0177 10128  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:47:32.0240 10128  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
08:47:32.0256 10128  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
08:47:32.0349 10128  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:47:32.0458 10128  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:47:32.0458 10128  [Global] - ok
08:47:32.0474 10128  ================ Scan MBR ==================================
08:47:32.0490 10128  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:47:33.0067 10128  \Device\Harddisk0\DR0 - ok
08:47:33.0082 10128  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
08:47:33.0082 10128  \Device\Harddisk1\DR1 - ok
08:47:33.0098 10128  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk2\DR2
08:47:40.0525 10128  \Device\Harddisk2\DR2 - ok
08:47:40.0525 10128  ================ Scan VBR ==================================
08:47:40.0556 10128  [ CDAC62CE4D295A9DF369CFD4A30EA217 ] \Device\Harddisk0\DR0\Partition1
08:47:40.0571 10128  \Device\Harddisk0\DR0\Partition1 - ok
08:47:40.0587 10128  [ CD2ABA95A2B41562FD641D196DF2B927 ] \Device\Harddisk0\DR0\Partition2
08:47:40.0587 10128  \Device\Harddisk0\DR0\Partition2 - ok
08:47:40.0603 10128  [ 2FF3C6B02CBC96E502C238688B47448C ] \Device\Harddisk1\DR1\Partition1
08:47:40.0603 10128  \Device\Harddisk1\DR1\Partition1 - ok
08:47:40.0603 10128  [ 70F512910771DD9520FB4858314DD2F9 ] \Device\Harddisk2\DR2\Partition1
08:47:40.0603 10128  \Device\Harddisk2\DR2\Partition1 - ok
08:47:40.0603 10128  ============================================================
08:47:40.0603 10128  Scan finished
08:47:40.0603 10128  ============================================================
08:47:40.0634 8172  Detected object count: 0
08:47:40.0634 8172  Actual detected object count: 0
08:47:44.0253 8040  Deinitialize success

Link to post
Share on other sites
Psychotic

Psychotic

Posted
Posted

STEP 1

 

  • Please download RKill by Grinler from the link below and save it to your desktop.

    Rkill
     
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log.
  • post the log in your next reply.



STEP 2




  • Please download RogueKiller.exe and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt
  • post the log in your next reply.
Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/14/2013 10:25:16 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 11/14/2013 10:27:42 AM
Execution time: 0 hours(s), 2 minute(s), and 25 seconds(s)

 

__________________________________________________________________

 

 

RogueKiller V8.7.8 [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Michael Purcell [Admin rights]
Mode : Scan -- Date : 11/14/2013 10:36:25
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 12 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\Michael Purcell\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid dd792ac0cb93992a0f25f24dc96158b4-b602d594afd2b0b327e07a06f36ca6a7e42546d0 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x][x][x][x][x]) -> FOUND
[RUN][sUSP PATH] HKCU\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\Michael Purcell\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid dd792ac0cb93992a0f25f24dc96158b4-b602d594afd2b0b327e07a06f36ca6a7e42546d0 --CMPID 0913a [x][x][x][x]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-3555310225-1332001709-691086116-1001\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\Michael Purcell\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid dd792ac0cb93992a0f25f24dc96158b4-b602d594afd2b0b327e07a06f36ca6a7e42546d0 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x][x][x][x][x]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-3555310225-1332001709-691086116-1001\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\Michael Purcell\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid dd792ac0cb93992a0f25f24dc96158b4-b602d594afd2b0b327e07a06f36ca6a7e42546d0 --CMPID 0913a [x][x][x][x]) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][sUSP PATH] {2C2AAEC2-D67C-4983-A60E-666C7FEE4DA8} : C:\Users\Michael Purcell\AppData\Local\Apple\Apple Software Update\SetupAdmin.exe [x] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS723232L9A362 +++++
--- User ---
[MBR] d497f8f8be28698a4e29fb45dfe1d651
[bSP] 5ec5c7198e1908a2f85b9365a1b9a2b7 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 290204 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) WD Ext HDD 1021 USB Device +++++
--- User ---
[MBR] c681af92e208dbc9d8d552595794483b
[bSP] 0235a8d9f9c160f52d9fc9336749ceb3 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907726 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic Flash Disk USB Device +++++
--- User ---
[MBR] 399bde9b00b02ba0eb97e266b94b5f6b
[bSP] c3fbcba5677fe4630020b0f2db6db0e5 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 64 | Size: 3899 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_S_11142013_103625.txt >>
 

Link to post
Share on other sites
Psychotic

Psychotic

Posted
Posted

Fix anything Roguekiller found.

 

 

Full System Scan with Malwarebytes Antimalware


  • If not existing, please download
Malwarebytes' Anti-Malware to your desktop. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.



If the program is already installed:

  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

I disabled AVG and ran a Malwarebytes Anti-malware full scan. The scan stopped scanning after approximately 1 hour at 170,345 objects scanned, on "C:\USERS\USERNAAME\Local Settings\Temporary Internet Files\Content.IE5\L7JM4MSE\zrt_lookup[1].htm" with one object detected. As always, it was necessary to use Task Manager to stop the non-responding program. And since mbam did not complete, it was not possible to deal with the infected object.

 

After a reboot, I ran mbam again and did a quick scan with AVG disabled. The results were similar to before: 46,641 objects scanned, 4 objects detected, and  the scan froze on "C:\USERS\USERNAAME\Local Settings\Temporary Internet Files\Content.IE5\L7JM4MSE\_static[1].css."

 

My main concern is that I can not get Malwarebytes Anti-Malware to complete a scan. I originally posted a topic/question in the Malwarebytes Anti-Malware Help forum detailing the issue. See: https://forums.malwarebytes.org/index.php?showtopic=136440 if you would like to refer to that post. In that thread the Trusted Advisor Firefox indicated that the issue of not completing the scan may be due to an infection, and to open a post in this forum.

 

Observations: I have probably run at least 25 quick scans, and the scan always hangs while scanning in the exact same directory which is "C:\USERS\USERNAAME\Local Settings\Temporary Internet Files\Content.IE5\L7JM4MSE\" but on different actual files.

Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

(I don't know what caused the problem with the font in the previous post, but evidently I can't edit the post to fix it.)

 

After posting the above, later on Nov 15 I decided to try running a Malwarebytes Anti-malware full scan on just the external hard disk drive F:, and that was successful, so I then started a full scan on the C: drive, and left it running overnight. The scan of the C: drive did not freeze, or if it did, it recovered and continued to completion. Here are the logs of each scan:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.13.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Michael Purcell :: MICHAEL [administrator]

11/15/2013 9:11:39 PM
mbam-log-2013-11-15 (21-11-39).txt

Scan type: Full scan (F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 456051
Time elapsed: 41 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
F:\Archive\Michael C Drive 1-19-10\Download\Archive\Delphi\keygen\BORLAND delphi 7.0_keygen_update_Jan_2004.zip (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
F:\Archive\Michael C Drive 1-19-10\Download\Archive\Internet\P2P Streaming Clients\UUSee\UUSEE.EXE (PUP.Uusee) -> Quarantined and deleted successfully.
F:\Archive\Michael C Drive 1-19-10\Download\Archive\Internet\P2P Streaming Clients\UUSee\UUSee_Setup_2007 by Myp2p.eu.exe (PUP.Uusee) -> Quarantined and deleted successfully.
F:\Archive\Michael C Drive 1-19-10\Download\Archive\Internet\P2P Streaming Clients\UUSee\UUTV_Setup_2007.exe (PUP.Uusee) -> Quarantined and deleted successfully.

(end)

 

_______________________________________________________________________

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.13.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Michael Purcell :: MICHAEL [administrator]

11/15/2013 10:17:23 PM
mbam-log-2013-11-15 (22-17-23).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 2198210
Time elapsed: 1 day(s), 3 hour(s), 30 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 6
C:\$Recycle.Bin\S-1-5-21-3555310225-1332001709-691086116-1001\$RZ6E589.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Users\Michael Purcell\Downloads\BlockYouTubeAdsSetup_v7-510.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Michael Purcell\Downloads\iLividSetup-r157-n-bi.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\Michael Purcell\Downloads\iLividSetup-r394-n-bi.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\upgrade[1].cab (Adware.ResultBar) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\upgrade[1].cab (Adware.ResultBar) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites
Psychotic

Psychotic

Posted
Posted

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

C:\ProgramData\Ask\APN-Stub\AD5\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\All Users\Ask\APN-Stub\AD5\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH\qatestpub2_com[1].htm JS/Agent.NJV trojan
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH\qatestpub2_com[2].htm JS/Agent.NJV trojan
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH\qatestpub2_com[3].htm JS/Agent.NJV trojan
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH\qatestpub2_com[4].htm JS/Agent.NJV trojan
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH\qatestpub2_com[5].htm JS/Agent.NJV trojan
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH\qatestpub2_com[6].htm JS/Agent.NJV trojan
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH\qatestpub2_com[7].htm JS/Agent.NJV trojan
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH\qatestpub2_com[8].htm JS/Agent.NJV trojan
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH\qatestpub2_com[9].htm JS/Agent.NJV trojan
C:\Users\Michael Purcell\AppData\Local\Temp\jar_cache7473378486868223237.tmp Java/Exploit.CVE-2012-5076.E trojan
C:\Users\Michael Purcell\AppData\Local\Temp\is1438683437\YontooSetup-DropDownDeals-SilentInstaller.exe a variant of Win32/Adware.Yontoo.B application
C:\Users\Michael Purcell\Downloads\PIP2671_AVR32_.exe a variant of Win32/Bundled.Toolbar.Ask.D application
C:\Users\Michael Purcell\Downloads\Archive\Internet\P2P Clients\Sopcast\SopCast-3.5.0.exe multiple threats
C:\Users\Michael Purcell\Downloads\Archive\Utilities\Pea Zip\peazip-4.2.WINDOWS.exe Win32/OpenCandy application
C:\Users\Michael Purcell\Downloads\Galaxy S II\SuperOneClick\SuperOneClickv2.3.1-ShortFuse\Exploits\psneuter Android/Exploit.Lotoor.AK trojan
C:\Users\Michael Purcell\Downloads\Galaxy S II\SuperOneClick\SuperOneClickv2.3.1-ShortFuse\Exploits\zergRush Android/Exploit.Lotoor.AN trojan
C:\Users\Michael Purcell\Downloads\Galaxy S II\ZergRush Exploit\DooMLoRD_v3_ROOT-zergRush-busybox-su\files\zergRush Android/Exploit.Lotoor.AT trojan
F:\Archive\Michael C Drive 1-19-10\Download\Archive\Internet\AOL IM\Install_AIM.exe Win32/Adware.WBug.A application

Link to post
Share on other sites
Psychotic

Psychotic

Posted
Posted

Fix with FRST (normal mode)


Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 

  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
  • Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.
C:\ProgramData\AskC:\Users\All Users\AskC:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CHC:\Users\Michael Purcell\AppData\Local\Temp\jar_cache7473378486868223237.tmpC:\Users\Michael Purcell\AppData\Local\Temp\is1438683437\YontooSetup-DropDownDeals-SilentInstaller.exeC:\Users\Michael Purcell\Downloads\PIP2671_AVR32_.exeC:\Users\Michael Purcell\Downloads\Archive\Internet\P2P Clients\Sopcast\SopCast-3.5.0.exeC:\Users\Michael Purcell\Downloads\Archive\Utilities\Pea Zip\peazip-4.2.WINDOWS.exeC:\Users\Michael Purcell\Downloads\Galaxy S IIF:\Archive\Michael C Drive 1-19-10\Download\Archive\Internet\AOL IM\Install_AIM.exe
  • NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

I had a problem with frst64 freezing the first time I ran it. So I rebooted the system and ran it a second time, removing the second line from the fixlist as you can see from the logs. Below are appended the logs from both runs.

 

________________________________________________

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-11-2013
Ran by Michael Purcell at 2013-11-20 08:00:41 Run:1
Running from C:\Users\Michael Purcell\Downloads\Archive\Anti Malware\Bleeping Computer
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\Ask
C:\Users\All Users\Ask
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH
C:\Users\Michael Purcell\AppData\Local\Temp\jar_cache7473378486868223237.tmp
C:\Users\Michael Purcell\AppData\Local\Temp\is1438683437\YontooSetup-DropDownDeals-SilentInstaller.exe
C:\Users\Michael Purcell\Downloads\PIP2671_AVR32_.exe
C:\Users\Michael Purcell\Downloads\Archive\Internet\P2P Clients\Sopcast\SopCast-3.5.0.exe
C:\Users\Michael Purcell\Downloads\Archive\Utilities\Pea Zip\peazip-4.2.WINDOWS.exe
C:\Users\Michael Purcell\Downloads\Galaxy S II
F:\Archive\Michael C Drive 1-19-10\Download\Archive\Internet\AOL IM\Install_AIM.exe
*****************

C:\ProgramData\Ask => Moved successfully.
"C:\Users\All Users\Ask" => File/Directory not found.

 

_____________________________________________________________

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-11-2013
Ran by Michael Purcell at 2013-11-20 17:02:57 Run:2
Running from C:\Users\Michael Purcell\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\Ask
C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH
C:\Users\Michael Purcell\AppData\Local\Temp\jar_cache7473378486868223237.tmp
C:\Users\Michael Purcell\AppData\Local\Temp\is1438683437\YontooSetup-DropDownDeals-SilentInstaller.exe
C:\Users\Michael Purcell\Downloads\PIP2671_AVR32_.exe
C:\Users\Michael Purcell\Downloads\Archive\Internet\P2P Clients\Sopcast\SopCast-3.5.0.exe
C:\Users\Michael Purcell\Downloads\Archive\Utilities\Pea Zip\peazip-4.2.WINDOWS.exe
C:\Users\Michael Purcell\Downloads\Galaxy S II
F:\Archive\Michael C Drive 1-19-10\Download\Archive\Internet\AOL IM\Install_AIM.exe
*****************

"C:\ProgramData\Ask" => File/Directory not found.
"C:\Users\Michael Purcell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF35I7CH"

=> File/Directory not found.
C:\Users\Michael Purcell\AppData\Local\Temp\jar_cache7473378486868223237.tmp => Moved successfully.
C:\Users\Michael Purcell\AppData\Local\Temp\is1438683437\YontooSetup-DropDownDeals-SilentInstaller.exe

=> Moved successfully.
C:\Users\Michael Purcell\Downloads\PIP2671_AVR32_.exe => Moved successfully.
C:\Users\Michael Purcell\Downloads\Archive\Internet\P2P Clients\Sopcast\SopCast-3.5.0.exe => Moved

successfully.
C:\Users\Michael Purcell\Downloads\Archive\Utilities\Pea Zip\peazip-4.2.WINDOWS.exe => Moved

successfully.
C:\Users\Michael Purcell\Downloads\Galaxy S II => Moved successfully.
F:\Archive\Michael C Drive 1-19-10\Download\Archive\Internet\AOL IM\Install_AIM.exe => Moved

successfully.

==== End of Fixlog ====

Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

As an addendum to the above logs, a little investigation shows that the following 3 items were moved to the FRST\Quarantine directory:

 

1) Ask\APN-Stub\AD5\APNIC.dll

2) The entire GalaxySII directory (approximately 72.2 GB of files)

3) A directory named PF3517CH (which is locked and not easily accessable - for instance I could not read the size of the contents)

 

The other items in the above log that are marked as moved successfully do not appear to be in the quarantine directory at all.

Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

I think the whole Galaxy SII folder shouldn´t have been moved. Please move it back and remove only the files ESET detected.

The locked folder contains the other files.

I moved the Galaxy SII folder to the external hard disk. It is just an archive of mostly old files for my phone, and that is a better place for it. SuperOneClick and zergRush are both android rooting exploits which are designed to run on the pc and do their work on the phone via USB connection. They are entirely benign to the computer, nor do they damage the phone firmware (except perhaps in the eyes of the phone company folks who want to keep users out of the root files of the phone.) I have had them whitelisted in my anti-virus program when necessary.

 

Yes, I agree your script for FRST should *not* have moved the entire Galaxy SII directory. I don't see how you made that decision based on the ESET log. However, I take responsibility for running it the way you wrote it. I just didn't look closely enough at what was intended to happen, and I made a wrong assumption about how FRST would function. Other files in the list are also benign. SopCast is a P2P video client which is not harmful. PeaZip is a free open source file archiving utility and is also not harmful. Both are easily downloadable so their removal is trivial.

 

Okay, you didn't give any additional instructions. What is the next step? Are you ready to declare this computer clean?

Link to post
Share on other sites
Psychotic

Psychotic

Posted
Posted

If something is detected as a trojan, we remove standardicious. In this case, I made the mistake to mark the folder, not the file. Sorry for that.

The other files you mentioned contain adware platforms or other things harming your computer´s security state.

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also


SecurityCheck

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

"Folder Deleted : C:\vShare" is a directory used to transfer files between Windows and Ubuntu Linux, when running in Oracle VM VirtualBox. I recreated it.

 

 

____________________________________________________________________________

 

 

# AdwCleaner v3.012 - Report created 22/11/2013 at 11:22:24
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michael Purcell - MICHAEL
# Running from : C:\Users\Michael Purcell\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\vShare
File Deleted : C:\Users\Michael Purcell\AppData\Roaming\Mozilla\Firefox\Profiles\ds18v46y.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Michael Purcell\AppData\Roaming\Mozilla\Firefox\Profiles\ds18v46y.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.Localizer
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.Localizer.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{937936AF-28CA-4973-B8AE-F250406149A2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

-\\ Mozilla Firefox v21.0 (en-US)

[ File : C:\Users\Michael Purcell\AppData\Roaming\Mozilla\Firefox\Profiles\ds18v46y.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v

[ File : C:\Users\Michael Purcell\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [5886 octets] - [22/11/2013 11:20:52]
AdwCleaner[s0].txt - [5677 octets] - [22/11/2013 11:22:24]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5737 octets] ##########

 

 

________________________________________________________________________

 

 

 Results of screen317's Security Check version 0.99.77 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
AVG AntiVirus Free Edition 2014  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Out of date HijackThis  installed!
 Malwarebytes Anti-Malware version 1.75.0.1300 
 HijackThis 2.0.2   
 Java 7 Update 45 
 Adobe Flash Player 11.9.900.117 
 Adobe Reader 10.1.8 Adobe Reader out of Date! 
 Mozilla Firefox 21.0 Firefox out of Date! 
 Mozilla Thunderbird (17.0.5)
 Google Chrome 30.0.1599.101 
 Google Chrome 31.0.1650.57 
````````Process Check: objlist.exe by Laurent```````` 
 AVG avgwdsvc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

Downloadced and installed Internet Explorer 11 using Windows update. Evidently it won't do that automatically without user input.

 

Uninstalled Hijackthis. Can download if needed.

 

Updated Adobe Reader. I don't know why it wasn't automatically updating.

 

Opened firefox and it updated immediately. Checked "Help|About" which shows version 25.0.1.

Link to post
Share on other sites
Psychotic

Psychotic

Posted
Posted

Your system is clean now! :)

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  3. In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.


    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help you if aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites
Michael_P

Michael_P

Posted
  • Author
Posted

Thank you. Here is a little something to support your work: Confirmation Number 8PY00162A3027442K.

 

As a result of the cleaning process, Malwarebytes Anti Malware now runs without hanging. For the benefit of anyone who follows this thread, here is what I have learned in the process. Mbam, both with the quick scan and with the full scan, was hanging during the scan of Temporary Internet Files from Internet Explorer. I discovered that if the scan was left to run overnight after it would hang, it would eventually recover and complete. The Mbam full scan took about 27 hours to complete, scanning approximately 2.3 million objects. The temporary internet files was approximately 1.68 million objects, and somewhere around 72 GB of disk space. In the cleaning process, it was the FRST tool that removed all of that. In doing research, I learned that AVG anti-virus is locking the temporary internet files and preventing IE from deleting old files, so I will be removing AVG free and switching to Avast.

Link to post
Share on other sites
  • 2 weeks later...
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.