Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: lavasoft adware blekko search engine


(!)

isasooner's Avatar
isasooner isasooner is offline
Computer Specs
Member with 111 posts.
THREAD STARTER
 
Join Date: Oct 2012
Experience: Intermediate
25-Oct-2012, 07:56 PM #16
Optical drive
Do you know what may have caused my DVD drive to have disappeared?
Satchfan's Avatar
Satchfan Satchfan is offline Satchfan is authorized to help remove malware.
Computer Specs
Malware Removal Specialist with 580 posts.
 
Join Date: Jan 2009
Location: Devon, UK
26-Oct-2012, 03:26 AM #17
That was the same ComboFix log, not the first. I need thefirst one to see what was deleted. Please look in C:Qoobox for a log that wasrun prior to 10/24/2012 22:28, you’ll find that on the first line of the log).

Quote:
Do you know what may have caused my DVD drive to havedisappeared?
Not at this stage but we’ll try and find out.


Open ComboFix


Please do the following:
  • close any open browsers.
  • close/disable all anti virus and anti malware programs so that they do not interfere with the running of ComboFix.
  • open notepad and copy/paste the text in the codebox below into it:
Code:
Firefox::
FF - ProfilePath -
c:\users\Idris\AppData\Roaming\Mozilla\Firefox\Profiles\aaz6112f.default\
FF 
- prefs.js: browser.startup.homepage -
hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=8C21AF89554D5ADF1
 847E15084341867
Save this as "CFScript.txt", and as Type: All Files (*.*) in the same location asComboFix.exe



Referring to the picture above, drag CFScript intoComboFix.exe

When finished, it produces a log atC:\ComboFix.txt. Post thecontents of Combofix.txt in your next reply.

===================================================

RunRogueKiller

IMPORTANT: Do notreboot your computer if at all possible otherwise the malware will reactivateand you will have to run RogueKiller again


Download RogueKillerto your desktop
  • close all running programs
  • for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
  • when the prescan is finished, click on Scan
  • click on Report and copy/paste the content in your next post.
If the program is blocked, do not hesitate to try severaltimes. If it really does not work (it could happen), rename it to winlogon.exe.Please post the contents of the RKreport.txt in your next reply.

Remember: do not reboot your computer if at allpossible otherwise the malware will reactivate and you will have to runRogueKiller again.

===================================================

RunTDSSKiller


Please downloadTDSSKiller.zip
  • extract it to your desktop
  • double click TDSSKiller.exe
  • press Start Scan
only if Maliciousobjects are found then ensure Cure is selected. Do not change it to Deleteor Quarantine as it may delete infected files that arerequired for Windows to operate properly.

click Continue >Reboot now

  • copy and paste the log in your next reply
  • a copy of the log will be saved automatically to the root of the drive (typically C:\) called TDSSKiller_*** (*** denotes version & date)
Satchfan
isasooner's Avatar
isasooner isasooner is offline
Computer Specs
Member with 111 posts.
THREAD STARTER
 
Join Date: Oct 2012
Experience: Intermediate
26-Oct-2012, 06:29 PM #18
combofix
Nothing was deleted from my computer. When I ran the combo fix the first time, it rebooted my laptop and upon reboot, no programs or web-browsers were functional and all programs on my laptop were marked for deletion when I tried to run them. I think an antivirus wasn't disabled that caused this. But I rebooted my laptop and everything went back to normal and was functional again and ever since save my optical DVD drive disappeared and doesn't function. It is still on my PC but can't locate it or run it Anyway I am going to send you the first combofix in my next post.
isasooner's Avatar
isasooner isasooner is offline
Computer Specs
Member with 111 posts.
THREAD STARTER
 
Join Date: Oct 2012
Experience: Intermediate
26-Oct-2012, 06:31 PM #19
Combofix cont.
ComboFix 12-10-24.02 - Idris 10/24/2012 19:34:04.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3693.2331 [GMT -4:00]
Running from: c:\users\Idris\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Idris\AppData\Roaming\DefaultTab\DefaultTab
c:\users\Idris\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DefaultTabUpdate
-------\Service_DefaultTabUpdate
.
.
((((((((((((((((((((((((( Files Created from 2012-09-24 to 2012-10-24 )))))))))))))))))))))))))))))))
.
.
2012-10-24 23:17 . 2012-10-24 23:17 -------- d-----w- C:\_OTL
2012-10-24 16:35 . 2012-10-12 04:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F679A206-3857-441F-A18F-F3CEE5B81ECC}\mpengine.dll
2012-10-23 16:29 . 2012-10-12 04:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-23 02:13 . 2012-10-23 02:13 -------- d-----w- c:\users\Idris\AppData\Local\CRE
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-10-23 01:57 . 2012-10-24 23:13 -------- d-----w- c:\program files (x86)\QuickTime
2012-10-23 00:38 . 2012-10-23 00:38 -------- d-----w- c:\users\Idris\AppData\Roaming\WinZip
2012-10-23 00:36 . 2012-10-23 00:36 -------- d-----w- c:\program files (x86)\Kaspersky Security Scan
2012-10-23 00:36 . 2012-03-22 12:37 19344 ----a-w- c:\windows\system32\roboot64.exe
2012-10-23 00:36 . 2012-10-23 00:39 -------- d-----w- c:\program files (x86)\WinZip System Utilities Suite
2012-10-21 20:27 . 2012-10-21 20:27 -------- d-----w- c:\program files (x86)\Microsoft
2012-10-21 19:25 . 2012-10-21 19:24 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{871B5673-2EB6-428E-8B47-EFE2BD083C40}\gapaengine.dll
2012-10-21 19:22 . 2012-10-21 19:22 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-10-21 19:22 . 2012-10-21 19:22 -------- d-----w- c:\program files\Microsoft Security Client
2012-10-21 14:50 . 2012-10-21 14:50 -------- d-----w- c:\users\Idris\AppData\Roaming\LavasoftStatistics
2012-10-21 14:14 . 2012-10-21 14:14 -------- d-----w- c:\users\Idris\AppData\Local\Downloaded Installations
2012-10-21 14:08 . 2012-10-21 19:10 -------- d-----w- c:\users\Idris\AppData\Roaming\Ad-Aware Antivirus
2012-10-20 21:39 . 2012-10-24 23:41 -------- d-----w- c:\users\Idris\AppData\Roaming\DefaultTab
2012-10-15 00:02 . 2012-10-15 00:02 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-10-15 00:02 . 2012-10-15 00:02 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-10-10 09:39 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 09:39 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 09:39 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 09:39 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 09:39 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 09:39 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 09:39 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 09:39 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-09 21:44 . 2009-04-16 18:08 248320 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfpp70v.dll
2012-10-09 21:38 . 2009-04-16 18:08 145408 ----a-w- c:\windows\system32\hpfll70v.dll
2012-10-09 21:37 . 2009-04-16 11:53 642360 ----a-w- c:\windows\system32\hpzids40.dll
2012-10-09 21:37 . 2008-10-29 00:27 551424 ----a-w- c:\windows\system32\hppldcoi.dll
2012-10-05 11:26 . 2012-10-05 11:26 -------- d-----w- C:\N360_BACKUP
2012-10-03 10:14 . 2012-10-21 14:11 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 09:50 . 2012-04-07 11:10 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 21:10 . 2012-04-13 23:17 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 21:10 . 2011-11-02 12:01 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-01 15:18 . 2012-09-01 15:18 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-01 15:18 . 2012-07-20 11:59 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-01 15:18 . 2011-11-02 12:01 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-31 02:03 . 2012-08-31 02:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-31 02:03 . 2012-08-31 02:03 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-28 05:49 . 2012-09-18 13:17 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{53B6CFDD-5688-4055-9DAB-18FD12AADC34}\mpengine.dll
2012-08-24 11:15 . 2012-09-22 07:06 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 07:06 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 07:06 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 07:06 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 07:06 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 07:06 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 07:06 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 07:06 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 07:06 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 07:06 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 07:06 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 07:06 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 07:06 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 07:06 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 07:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 07:06 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 07:06 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 07:06 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 07:06 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 07:06 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 07:06 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 07:06 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 01:15 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 01:16 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 01:15 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 01:15 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 17:38 . 2012-10-10 09:40 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 01:15 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 01:15 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ru n]
"WindowsLiveDeviceIntegrator"="c:\program files (x86)\Windows Live\Device Integrator\wldi.exe" [2010-09-24 245544]
.
c:\users\Idris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 245120]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Kaspersky Security Scan.lnk - c:\program files (x86)\Kaspersky Security Scan\KSS.exe [2010-11-29 2402696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSv c]
@="Service"
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 cpuz134;cpuz134;c:\users\Idris\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28ux.sys [2012-01-05 1675840]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-29 250984]
R3 TDEIO;TDEIO; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-07 1255736]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-08 204288]
R4 GFNEXSrv;GFNEX Service;c:\ubios\GFNEXSrv.exe [2010-04-23 133640]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-14 136176]
R4 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-14 136176]
R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-15 115168]
R4 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]
R4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 WINZIPSSDiskOptimizer;WINZIPSSDiskOptimizer;c:\program files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe [2012-03-22 628624]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-06-08 9360896]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-06-08 309760]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-14 413800]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-02-24 1142376]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 21:10]
.
2012-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-14 11:22]
.
2012-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-14 11:22]
.
2012-10-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3987105026-2523861380-3924649800-1000Core.job
- c:\users\Idris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-10 01:31]
.
2012-10-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3987105026-2523861380-3924649800-1000UA.job
- c:\users\Idris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-10 01:31]
.
2012-10-23 c:\windows\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job
- c:\program files (x86)\WinZip System Utilities Suite\WINZIPSSCheckUpdate.exe [2012-10-23 12:38]
.
2012-10-24 c:\windows\Tasks\WINZIPSS-WINZIPSSOneClickCare.job
- c:\program files (x86)\WinZip System Utilities Suite\WINZIPSS.exe [2012-10-23 12:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2009-09-24 371712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{B3C8C90F-BDB6-4028-A7B6-8BA1AEFD3CCA}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Idris\AppData\Roaming\Mozilla\Firefox\Profiles\aaz6112f.default\
FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=8C21AF89554D5ADF1 847E15084341867
FF - prefs.js: keyword.URL - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=url&toolbarid=adawaretb&u=8C21AF89554D5ADF1847E1508402 E0A9&q=
FF - ExtSQL: 2012-10-21 10:13; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Idris\AppData\Roaming\Mozilla\Firefox\Profiles\aaz6112f.default\ex tensions\jid1-yZwVFzbsyfMrqQ@jetpack
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
AddRemove-Adobe Connect Add-in - c:\users\Idris\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\connec...nnectaddin.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_ 4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX .exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_ 4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX .exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-24 19:50:16 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-24 23:50
.
Pre-Run: 253,770,567,680 bytes free
Post-Run: 253,060,599,808 bytes free
.
- - End Of File - - 989EE03C5601FA1A2E292BC99EF6722A
Satchfan's Avatar
Satchfan Satchfan is offline Satchfan is authorized to help remove malware.
Computer Specs
Malware Removal Specialist with 580 posts.
 
Join Date: Jan 2009
Location: Devon, UK
26-Oct-2012, 07:08 PM #20
That's the one I wanted but it hasn't given us much more.

Please follow the previous instructions I sent to run the ComboFix script, Rogue Killer and TDSSKiller.

One o'clock in the morning here now so won't be replying until tomorrow.

Satchfan
isasooner's Avatar
isasooner isasooner is offline
Computer Specs
Member with 111 posts.
THREAD STARTER
 
Join Date: Oct 2012
Experience: Intermediate
27-Oct-2012, 01:28 PM #21
Combofix cont.
ComboFix 12-10-24.02 - Idris 10/27/2012 13:26:32.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3693.2329 [GMT -4:00]
Running from: c:\users\Idris\Downloads\ComboFix.exe
Command switches used :: c:\users\Idris\Downloads\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-09-27 to 2012-10-27 )))))))))))))))))))))))))))))))
.
.
2012-10-27 18:22 . 2012-10-27 18:22 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-10-27 18:22 . 2012-10-27 18:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-27 18:22 . 2012-10-27 18:22 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-10-27 15:38 . 2012-10-27 15:38 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{462398BB-4DC3-4E5F-A37C-9EB9EC08F92A}\offreg.dll
2012-10-27 15:37 . 2012-10-12 04:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{462398BB-4DC3-4E5F-A37C-9EB9EC08F92A}\mpengine.dll
2012-10-27 06:45 . 2012-10-12 04:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-24 23:17 . 2012-10-24 23:17 -------- d-----w- C:\_OTL
2012-10-23 02:13 . 2012-10-23 02:13 -------- d-----w- c:\users\Idris\AppData\Local\CRE
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-10-23 01:58 . 2012-10-23 01:58 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-10-23 01:57 . 2012-10-24 23:13 -------- d-----w- c:\program files (x86)\QuickTime
2012-10-23 00:38 . 2012-10-25 01:08 -------- d-----w- c:\users\Idris\AppData\Roaming\WinZip
2012-10-21 20:27 . 2012-10-21 20:27 -------- d-----w- c:\program files (x86)\Microsoft
2012-10-21 19:25 . 2012-10-21 19:24 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{871B5673-2EB6-428E-8B47-EFE2BD083C40}\gapaengine.dll
2012-10-21 19:22 . 2012-10-21 19:22 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-10-21 19:22 . 2012-10-21 19:22 -------- d-----w- c:\program files\Microsoft Security Client
2012-10-21 14:50 . 2012-10-21 14:50 -------- d-----w- c:\users\Idris\AppData\Roaming\LavasoftStatistics
2012-10-21 14:14 . 2012-10-21 14:14 -------- d-----w- c:\users\Idris\AppData\Local\Downloaded Installations
2012-10-21 14:08 . 2012-10-21 19:10 -------- d-----w- c:\users\Idris\AppData\Roaming\Ad-Aware Antivirus
2012-10-20 21:39 . 2012-10-24 23:41 -------- d-----w- c:\users\Idris\AppData\Roaming\DefaultTab
2012-10-15 00:02 . 2012-10-15 00:02 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-10-15 00:02 . 2012-10-15 00:02 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-10-10 09:39 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 09:39 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 09:39 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 09:39 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 09:39 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 09:39 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 09:39 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 09:39 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-09 21:44 . 2009-04-16 18:08 248320 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfpp70v.dll
2012-10-09 21:38 . 2009-04-16 18:08 145408 ----a-w- c:\windows\system32\hpfll70v.dll
2012-10-09 21:37 . 2009-04-16 11:53 642360 ----a-w- c:\windows\system32\hpzids40.dll
2012-10-09 21:37 . 2008-10-29 00:27 551424 ----a-w- c:\windows\system32\hppldcoi.dll
2012-10-05 11:26 . 2012-10-05 11:26 -------- d-----w- C:\N360_BACKUP
2012-10-03 10:14 . 2012-10-21 14:11 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 09:50 . 2012-04-07 11:10 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 21:10 . 2012-04-13 23:17 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 21:10 . 2011-11-02 12:01 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-01 15:18 . 2012-09-01 15:18 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-01 15:18 . 2012-07-20 11:59 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-01 15:18 . 2011-11-02 12:01 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-31 02:03 . 2012-08-31 02:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-31 02:03 . 2012-08-31 02:03 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-28 05:49 . 2012-09-18 13:17 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{53B6CFDD-5688-4055-9DAB-18FD12AADC34}\mpengine.dll
2012-08-24 11:15 . 2012-09-22 07:06 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 07:06 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 07:06 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 07:06 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 07:06 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 07:06 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 07:06 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 07:06 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 07:06 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 07:06 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 07:06 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 07:06 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 07:06 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 07:06 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 07:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 07:06 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 07:06 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 07:06 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 07:06 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 07:06 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 07:06 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 07:06 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 01:15 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 01:16 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 01:15 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 01:15 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 17:38 . 2012-10-10 09:40 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 01:15 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 01:15 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ru n]
"WindowsLiveDeviceIntegrator"="c:\program files (x86)\Windows Live\Device Integrator\wldi.exe" [2010-09-24 245544]
.
c:\users\Idris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 245120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSv c]
@="Service"
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 cpuz134;cpuz134;c:\users\Idris\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28ux.sys [2012-01-05 1675840]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-29 250984]
R3 TDEIO;TDEIO; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-07 1255736]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-08 204288]
R4 GFNEXSrv;GFNEX Service;c:\ubios\GFNEXSrv.exe [2010-04-23 133640]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-14 136176]
R4 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-14 136176]
R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-15 115168]
R4 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]
R4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-06-08 9360896]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-06-08 309760]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-14 413800]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-02-24 1142376]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 21:10]
.
2012-10-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-14 11:22]
.
2012-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-14 11:22]
.
2012-10-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3987105026-2523861380-3924649800-1000Core.job
- c:\users\Idris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-10 01:31]
.
2012-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3987105026-2523861380-3924649800-1000UA.job
- c:\users\Idris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-10 01:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2009-09-24 371712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{B3C8C90F-BDB6-4028-A7B6-8BA1AEFD3CCA}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Idris\AppData\Roaming\Mozilla\Firefox\Profiles\aaz6112f.default\
FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=8C21AF89554D5ADF1 847E15084341867
FF - ExtSQL: 2012-10-21 10:13; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Idris\AppData\Roaming\Mozilla\Firefox\Profiles\aaz6112f.default\ex tensions\jid1-yZwVFzbsyfMrqQ@jetpack
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_ 4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX .exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_ 4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX .exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-27 14:26:16
ComboFix-quarantined-files.txt 2012-10-27 18:26
ComboFix2.txt 2012-10-25 02:40
ComboFix3.txt 2012-10-24 23:50
.
Pre-Run: 254,633,168,896 bytes free
Post-Run: 254,570,229,760 bytes free
.
- - End Of File - - 94DD3CB9049BA0C107C4C56511F4B385
isasooner's Avatar
isasooner isasooner is offline
Computer Specs
Member with 111 posts.
THREAD STARTER
 
Join Date: Oct 2012
Experience: Intermediate
27-Oct-2012, 01:35 PM #22
roguekiller report
RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files...3-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Idris [Admin rights]
Mode : Scan -- Date : 10/27/2012 14:31:43

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4688 : wscript.exe C:\Users\Idris\AppData\Local\Temp\launchie.vbs //B -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS543232A7A384 ATA Device +++++
--- User ---
[MBR] bb8815480b4049995f78ce33c908329c
[BSP] dcfc4537725933b1ce39cacdd24e39f1 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 288645 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 594219008 | Size: 15099 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt
isasooner's Avatar
isasooner isasooner is offline
Computer Specs
Member with 111 posts.
THREAD STARTER
 
Join Date: Oct 2012
Experience: Intermediate
27-Oct-2012, 01:48 PM #23
TDSSKILLER scan
At the end of the TDSSKILLER, it did not ask to continue and reboot now just the close button was available so I just reboot my laptop myself. waiting for next reply,

thanks
Satchfan's Avatar
Satchfan Satchfan is offline Satchfan is authorized to help remove malware.
Computer Specs
Malware Removal Specialist with 580 posts.
 
Join Date: Jan 2009
Location: Devon, UK
28-Oct-2012, 12:32 PM #24
I apologise but again got no notification of your reply.

The run of RogueKiller did indeed find something.

Run RogueKiller

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again




  • close all programs
  • double-click RogueKiller.exe - Windows 7: right-click the program and select Run as Administrator'
  • after it has completed it's prescan click on the “Registry” tab
  • uncheck the following false positives
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

  • make sure the other entries there are checked, then click on Delete
Re-run RogueKiller and send a new log.

===================================================

A copy of the TDSSK log will have been saved automatically to the root of the drive (typically C:\) called TDSSKiller_*** (*** denotes version & date)

Please also post that if you find it

Last edited by Satchfan; 29-Oct-2012 at 05:01 AM..
isasooner's Avatar
isasooner isasooner is offline
Computer Specs
Member with 111 posts.
THREAD STARTER
 
Join Date: Oct 2012
Experience: Intermediate
29-Oct-2012, 07:40 AM #25
Registry tab
Hey again, in the registry tab in roguekiller, there is nothing to uncheck. The only things that have the ability to be checked or unchecked are MBR scan, check FAKED, and AntiRootkit.
Satchfan's Avatar
Satchfan Satchfan is offline Satchfan is authorized to help remove malware.
Computer Specs
Malware Removal Specialist with 580 posts.
 
Join Date: Jan 2009
Location: Devon, UK
29-Oct-2012, 08:13 AM #26
You need to run a new scan to see the results.

Run it as you did the first time. As nothing was fixed that time, the results should be the same and you should check and delete these:

[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4688 : wscript.exe C:\Users\Idris\AppData\Local\Temp\launchie.vbs //B -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
isasooner's Avatar
isasooner isasooner is offline
Computer Specs
Member with 111 posts.
THREAD STARTER
 
Join Date: Oct 2012
Experience: Intermediate
29-Oct-2012, 08:50 AM #27
TDSSKILLER log
14:38:27.0947 3552 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
14:38:28.0368 3552 ============================================================
14:38:28.0368 3552 Current date / time: 2012/10/27 14:38:28.0368
14:38:28.0369 3552 SystemInfo:
14:38:28.0369 3552
14:38:28.0369 3552 OS Version: 6.1.7601 ServicePack: 1.0
14:38:28.0369 3552 Product type: Workstation
14:38:28.0369 3552 ComputerName: ISASOONER
14:38:28.0369 3552 UserName: Idris
14:38:28.0370 3552 Windows directory: C:\windows
14:38:28.0370 3552 System windows directory: C:\windows
14:38:28.0370 3552 Running under WOW64
14:38:28.0370 3552 Processor architecture: Intel x64
14:38:28.0370 3552 Number of processors: 2
14:38:28.0370 3552 Page size: 0x1000
14:38:28.0370 3552 Boot type: Normal boot
14:38:28.0370 3552 ============================================================
14:38:29.0637 3552 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:38:29.0873 3552 ============================================================
14:38:29.0873 3552 \Device\Harddisk0\DR0:
14:38:29.0873 3552 MBR partitions:
14:38:29.0873 3552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x233C2800
14:38:29.0873 3552 ============================================================
14:38:29.0892 3552 C: <-> \Device\Harddisk0\DR0\Partition1
14:38:29.0892 3552 ============================================================
14:38:29.0893 3552 Initialize success
14:38:29.0893 3552 ============================================================
14:38:34.0326 4824 ============================================================
14:38:34.0326 4824 Scan started
14:38:34.0326 4824 Mode: Manual;
14:38:34.0326 4824 ============================================================
14:38:35.0080 4824 ================ Scan system memory ========================
14:38:35.0080 4824 System memory - ok
14:38:35.0082 4824 ================ Scan services =============================
14:38:35.0274 4824 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
14:38:35.0278 4824 1394ohci - ok
14:38:35.0317 4824 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
14:38:35.0322 4824 ACPI - ok
14:38:35.0359 4824 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
14:38:35.0360 4824 AcpiPmi - ok
14:38:35.0433 4824 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:38:35.0435 4824 AdobeARMservice - ok
14:38:35.0549 4824 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:38:35.0553 4824 AdobeFlashPlayerUpdateSvc - ok
14:38:35.0609 4824 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
14:38:35.0616 4824 adp94xx - ok
14:38:35.0666 4824 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
14:38:35.0671 4824 adpahci - ok
14:38:35.0724 4824 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
14:38:35.0727 4824 adpu320 - ok
14:38:35.0762 4824 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
14:38:35.0764 4824 AeLookupSvc - ok
14:38:35.0817 4824 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
14:38:35.0824 4824 AFD - ok
14:38:35.0872 4824 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
14:38:35.0873 4824 agp440 - ok
14:38:35.0912 4824 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
14:38:35.0915 4824 ALG - ok
14:38:35.0937 4824 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
14:38:35.0938 4824 aliide - ok
14:38:35.0994 4824 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
14:38:35.0998 4824 AMD External Events Utility - ok
14:38:36.0018 4824 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
14:38:36.0020 4824 amdide - ok
14:38:36.0045 4824 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
14:38:36.0048 4824 AmdK8 - ok
14:38:36.0494 4824 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
14:38:36.0610 4824 amdkmdag - ok
14:38:36.0664 4824 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
14:38:36.0668 4824 amdkmdap - ok
14:38:36.0703 4824 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
14:38:36.0705 4824 AmdPPM - ok
14:38:36.0733 4824 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
14:38:36.0736 4824 amdsata - ok
14:38:36.0765 4824 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
14:38:36.0769 4824 amdsbs - ok
14:38:36.0795 4824 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
14:38:36.0796 4824 amdxata - ok
14:38:36.0855 4824 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
14:38:36.0857 4824 AppID - ok
14:38:36.0886 4824 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
14:38:36.0888 4824 AppIDSvc - ok
14:38:36.0924 4824 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
14:38:36.0926 4824 Appinfo - ok
14:38:36.0966 4824 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
14:38:36.0968 4824 arc - ok
14:38:37.0016 4824 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
14:38:37.0019 4824 arcsas - ok
14:38:37.0153 4824 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:38:37.0155 4824 aspnet_state - ok
14:38:37.0177 4824 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
14:38:37.0179 4824 AsyncMac - ok
14:38:37.0210 4824 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
14:38:37.0211 4824 atapi - ok
14:38:37.0417 4824 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:38:37.0426 4824 AudioEndpointBuilder - ok
14:38:37.0446 4824 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
14:38:37.0455 4824 AudioSrv - ok
14:38:37.0503 4824 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
14:38:37.0505 4824 AxInstSV - ok
14:38:37.0553 4824 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
14:38:37.0559 4824 b06bdrv - ok
14:38:37.0605 4824 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
14:38:37.0609 4824 b57nd60a - ok
14:38:37.0664 4824 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
14:38:37.0666 4824 BDESVC - ok
14:38:37.0690 4824 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
14:38:37.0691 4824 Beep - ok
14:38:37.0749 4824 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
14:38:37.0758 4824 BFE - ok
14:38:37.0811 4824 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
14:38:37.0823 4824 BITS - ok
14:38:37.0850 4824 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
14:38:37.0852 4824 blbdrive - ok
14:38:37.0896 4824 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
14:38:37.0898 4824 bowser - ok
14:38:37.0946 4824 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
14:38:37.0947 4824 BrFiltLo - ok
14:38:37.0958 4824 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
14:38:37.0959 4824 BrFiltUp - ok
14:38:38.0013 4824 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
14:38:38.0015 4824 BridgeMP - ok
14:38:38.0057 4824 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
14:38:38.0060 4824 Browser - ok
14:38:38.0089 4824 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
14:38:38.0094 4824 Brserid - ok
14:38:38.0128 4824 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
14:38:38.0130 4824 BrSerWdm - ok
14:38:38.0155 4824 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
14:38:38.0156 4824 BrUsbMdm - ok
14:38:38.0167 4824 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
14:38:38.0168 4824 BrUsbSer - ok
14:38:38.0194 4824 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
14:38:38.0196 4824 BTHMODEM - ok
14:38:38.0240 4824 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
14:38:38.0242 4824 bthserv - ok
14:38:38.0263 4824 catchme - ok
14:38:38.0308 4824 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
14:38:38.0309 4824 cdfs - ok
14:38:38.0353 4824 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
14:38:38.0355 4824 cdrom - ok
14:38:38.0404 4824 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
14:38:38.0406 4824 CertPropSvc - ok
14:38:38.0431 4824 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
14:38:38.0432 4824 circlass - ok
14:38:38.0464 4824 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
14:38:38.0470 4824 CLFS - ok
14:38:38.0522 4824 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:38.0524 4824 clr_optimization_v2.0.50727_32 - ok
14:38:38.0599 4824 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:38:38.0601 4824 clr_optimization_v2.0.50727_64 - ok
14:38:38.0758 4824 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:38:38.0761 4824 clr_optimization_v4.0.30319_32 - ok
14:38:38.0791 4824 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:38:38.0794 4824 clr_optimization_v4.0.30319_64 - ok
14:38:38.0835 4824 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
14:38:38.0836 4824 CmBatt - ok
14:38:38.0863 4824 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
14:38:38.0864 4824 cmdide - ok
14:38:38.0932 4824 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
14:38:38.0938 4824 CNG - ok
14:38:38.0974 4824 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
14:38:38.0975 4824 Compbatt - ok
14:38:39.0013 4824 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
14:38:39.0015 4824 CompositeBus - ok
14:38:39.0033 4824 COMSysApp - ok
14:38:39.0149 4824 cpuz134 - ok
14:38:39.0170 4824 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
14:38:39.0171 4824 crcdisk - ok
14:38:39.0208 4824 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
14:38:39.0211 4824 CryptSvc - ok
14:38:39.0271 4824 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
14:38:39.0281 4824 DcomLaunch - ok
14:38:39.0326 4824 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
14:38:39.0331 4824 defragsvc - ok
14:38:39.0370 4824 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
14:38:39.0373 4824 DfsC - ok
14:38:39.0416 4824 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
14:38:39.0422 4824 Dhcp - ok
14:38:39.0438 4824 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
14:38:39.0440 4824 discache - ok
14:38:39.0494 4824 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
14:38:39.0496 4824 Disk - ok
14:38:39.0537 4824 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
14:38:39.0540 4824 Dnscache - ok
14:38:39.0572 4824 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
14:38:39.0577 4824 dot3svc - ok
14:38:39.0620 4824 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
14:38:39.0622 4824 Dot4 - ok
14:38:39.0672 4824 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
14:38:39.0673 4824 Dot4Print - ok
14:38:39.0696 4824 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
14:38:39.0697 4824 dot4usb - ok
14:38:39.0740 4824 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
14:38:39.0743 4824 DPS - ok
14:38:39.0791 4824 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
14:38:39.0792 4824 drmkaud - ok
14:38:39.0847 4824 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
14:38:39.0859 4824 DXGKrnl - ok
14:38:39.0888 4824 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
14:38:39.0892 4824 EapHost - ok
14:38:40.0004 4824 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
14:38:40.0040 4824 ebdrv - ok
14:38:40.0074 4824 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
14:38:40.0078 4824 EFS - ok
14:38:40.0135 4824 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
14:38:40.0143 4824 ehRecvr - ok
14:38:40.0158 4824 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
14:38:40.0160 4824 ehSched - ok
14:38:40.0210 4824 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
14:38:40.0217 4824 elxstor - ok
14:38:40.0263 4824 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
14:38:40.0265 4824 ErrDev - ok
14:38:40.0301 4824 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
14:38:40.0309 4824 EventSystem - ok
14:38:40.0335 4824 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
14:38:40.0339 4824 exfat - ok
14:38:40.0359 4824 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
14:38:40.0363 4824 fastfat - ok
14:38:40.0429 4824 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
14:38:40.0438 4824 Fax - ok
14:38:40.0460 4824 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
14:38:40.0461 4824 fdc - ok
14:38:40.0484 4824 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
14:38:40.0487 4824 fdPHost - ok
14:38:40.0504 4824 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
14:38:40.0507 4824 FDResPub - ok
14:38:40.0524 4824 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
14:38:40.0525 4824 FileInfo - ok
14:38:40.0549 4824 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
14:38:40.0551 4824 Filetrace - ok
14:38:40.0571 4824 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
14:38:40.0572 4824 flpydisk - ok
14:38:40.0605 4824 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
14:38:40.0610 4824 FltMgr - ok
14:38:40.0674 4824 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
14:38:40.0689 4824 FontCache - ok
14:38:40.0759 4824 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:38:40.0760 4824 FontCache3.0.0.0 - ok
14:38:40.0799 4824 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
14:38:40.0801 4824 FsDepends - ok
14:38:40.0837 4824 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
14:38:40.0839 4824 Fs_Rec - ok
14:38:40.0878 4824 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
14:38:40.0881 4824 fvevol - ok
14:38:40.0920 4824 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
14:38:40.0922 4824 gagp30kx - ok
14:38:41.0017 4824 [ 38AB2F49F100145D72D630DFD79098D0 ] GFNEXSrv c:\UBIOS\GFNEXSrv.exe
14:38:41.0019 4824 GFNEXSrv - ok
14:38:41.0059 4824 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
14:38:41.0069 4824 gpsvc - ok
14:38:41.0171 4824 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:38:41.0173 4824 gupdate - ok
14:38:41.0195 4824 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:38:41.0198 4824 gupdatem - ok
14:38:41.0219 4824 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
14:38:41.0221 4824 hcw85cir - ok
14:38:41.0246 4824 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:38:41.0251 4824 HdAudAddService - ok
14:38:41.0281 4824 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
14:38:41.0284 4824 HDAudBus - ok
14:38:41.0312 4824 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
14:38:41.0313 4824 HidBatt - ok
14:38:41.0333 4824 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
14:38:41.0335 4824 HidBth - ok
14:38:41.0354 4824 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
14:38:41.0356 4824 HidIr - ok
14:38:41.0392 4824 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
14:38:41.0395 4824 hidserv - ok
14:38:41.0443 4824 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
14:38:41.0444 4824 HidUsb - ok
14:38:41.0473 4824 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
14:38:41.0478 4824 hkmsvc - ok
14:38:41.0496 4824 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:38:41.0501 4824 HomeGroupListener - ok
14:38:41.0541 4824 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:38:41.0548 4824 HomeGroupProvider - ok
14:38:41.0589 4824 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
14:38:41.0591 4824 HpSAMD - ok
14:38:41.0628 4824 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
14:38:41.0638 4824 HTTP - ok
14:38:41.0652 4824 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
14:38:41.0654 4824 hwpolicy - ok
14:38:41.0680 4824 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
14:38:41.0682 4824 i8042prt - ok
14:38:41.0736 4824 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
14:38:41.0742 4824 iaStorV - ok
14:38:41.0806 4824 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:38:41.0816 4824 idsvc - ok
14:38:41.0851 4824 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
14:38:41.0852 4824 iirsp - ok
14:38:41.0924 4824 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
14:38:41.0935 4824 IKEEXT - ok
14:38:42.0062 4824 [ 028E40182A6F0374978C755F85B9F07C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
14:38:42.0094 4824 IntcAzAudAddService - ok
14:38:42.0121 4824 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
14:38:42.0122 4824 intelide - ok
14:38:42.0150 4824 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
14:38:42.0152 4824 intelppm - ok
14:38:42.0177 4824 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
14:38:42.0181 4824 IPBusEnum - ok
14:38:42.0199 4824 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
14:38:42.0201 4824 IpFilterDriver - ok
14:38:42.0245 4824 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
14:38:42.0253 4824 iphlpsvc - ok
14:38:42.0294 4824 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
14:38:42.0296 4824 IPMIDRV - ok
14:38:42.0312 4824 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
14:38:42.0315 4824 IPNAT - ok
14:38:42.0346 4824 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
14:38:42.0347 4824 IRENUM - ok
14:38:42.0364 4824 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
14:38:42.0365 4824 isapnp - ok
14:38:42.0403 4824 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
14:38:42.0407 4824 iScsiPrt - ok
14:38:42.0439 4824 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
14:38:42.0441 4824 kbdclass - ok
14:38:42.0496 4824 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
14:38:42.0498 4824 kbdhid - ok
14:38:42.0519 4824 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
14:38:42.0522 4824 KeyIso - ok
14:38:42.0589 4824 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
14:38:42.0592 4824 KSecDD - ok
14:38:42.0683 4824 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
14:38:42.0686 4824 KSecPkg - ok
14:38:42.0727 4824 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
14:38:42.0729 4824 ksthunk - ok
14:38:42.0768 4824 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
14:38:42.0776 4824 KtmRm - ok
14:38:42.0823 4824 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
14:38:42.0830 4824 LanmanServer - ok
14:38:42.0861 4824 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:38:42.0867 4824 LanmanWorkstation - ok
14:38:42.0915 4824 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
14:38:42.0917 4824 lltdio - ok
14:38:42.0955 4824 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
14:38:42.0962 4824 lltdsvc - ok
14:38:42.0983 4824 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
14:38:42.0986 4824 lmhosts - ok
14:38:43.0035 4824 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
14:38:43.0037 4824 LSI_FC - ok
14:38:43.0053 4824 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
14:38:43.0056 4824 LSI_SAS - ok
14:38:43.0068 4824 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
14:38:43.0070 4824 LSI_SAS2 - ok
14:38:43.0089 4824 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
14:38:43.0091 4824 LSI_SCSI - ok
14:38:43.0109 4824 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
14:38:43.0111 4824 luafv - ok
14:38:43.0144 4824 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
14:38:43.0148 4824 Mcx2Svc - ok
14:38:43.0164 4824 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
14:38:43.0165 4824 megasas - ok
14:38:43.0199 4824 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
14:38:43.0203 4824 MegaSR - ok
14:38:43.0240 4824 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
14:38:43.0243 4824 MMCSS - ok
14:38:43.0275 4824 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
14:38:43.0277 4824 Modem - ok
14:38:43.0308 4824 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
14:38:43.0309 4824 monitor - ok
14:38:43.0341 4824 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
14:38:43.0342 4824 mouclass - ok
14:38:43.0366 4824 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
14:38:43.0367 4824 mouhid - ok
14:38:43.0396 4824 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
14:38:43.0399 4824 mountmgr - ok
14:38:43.0445 4824 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:38:43.0448 4824 MozillaMaintenance - ok
14:38:43.0503 4824 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
14:38:43.0507 4824 MpFilter - ok
14:38:43.0532 4824 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
14:38:43.0536 4824 mpio - ok
14:38:43.0571 4824 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
14:38:43.0573 4824 mpsdrv - ok
14:38:43.0624 4824 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
14:38:43.0636 4824 MpsSvc - ok
14:38:43.0656 4824 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
14:38:43.0659 4824 MRxDAV - ok
14:38:43.0677 4824 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
14:38:43.0681 4824 mrxsmb - ok
14:38:43.0721 4824 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
14:38:43.0725 4824 mrxsmb10 - ok
14:38:43.0739 4824 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
14:38:43.0742 4824 mrxsmb20 - ok
14:38:43.0754 4824 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
14:38:43.0756 4824 msahci - ok
14:38:43.0780 4824 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
14:38:43.0782 4824 msdsm - ok
14:38:43.0806 4824 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
14:38:43.0810 4824 MSDTC - ok
14:38:43.0850 4824 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
14:38:43.0852 4824 Msfs - ok
14:38:43.0896 4824 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
14:38:43.0898 4824 mshidkmdf - ok
14:38:43.0911 4824 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
14:38:43.0912 4824 msisadrv - ok
14:38:43.0947 4824 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
14:38:43.0951 4824 MSiSCSI - ok
14:38:43.0958 4824 msiserver - ok
14:38:43.0992 4824 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
14:38:43.0994 4824 MSKSSRV - ok
14:38:44.0064 4824 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:38:44.0065 4824 MsMpSvc - ok
14:38:44.0094 4824 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
14:38:44.0095 4824 MSPCLOCK - ok
14:38:44.0114 4824 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
14:38:44.0115 4824 MSPQM - ok
14:38:44.0145 4824 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
14:38:44.0150 4824 MsRPC - ok
14:38:44.0167 4824 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
14:38:44.0168 4824 mssmbios - ok
14:38:44.0175 4824 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
14:38:44.0177 4824 MSTEE - ok
14:38:44.0193 4824 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
14:38:44.0194 4824 MTConfig - ok
14:38:44.0212 4824 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
14:38:44.0214 4824 Mup - ok
14:38:44.0264 4824 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
14:38:44.0275 4824 napagent - ok
14:38:44.0320 4824 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
14:38:44.0325 4824 NativeWifiP - ok
14:38:44.0402 4824 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
14:38:44.0413 4824 NDIS - ok
14:38:44.0450 4824 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
14:38:44.0452 4824 NdisCap - ok
14:38:44.0482 4824 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
14:38:44.0484 4824 NdisTapi - ok
14:38:44.0512 4824 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
14:38:44.0514 4824 Ndisuio - ok
14:38:44.0536 4824 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
14:38:44.0539 4824 NdisWan - ok
14:38:44.0575 4824 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
14:38:44.0577 4824 NDProxy - ok
14:38:44.0633 4824 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:38:44.0636 4824 Net Driver HPZ12 - ok
14:38:44.0679 4824 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
14:38:44.0680 4824 NetBIOS - ok
14:38:44.0704 4824 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
14:38:44.0707 4824 NetBT - ok
14:38:44.0730 4824 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
14:38:44.0733 4824 Netlogon - ok
14:38:44.0786 4824 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
14:38:44.0794 4824 Netman - ok
14:38:44.0836 4824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:44.0839 4824 NetMsmqActivator - ok
14:38:44.0845 4824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:44.0848 4824 NetPipeActivator - ok
14:38:44.0879 4824 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
14:38:44.0889 4824 netprofm - ok
14:38:44.0995 4824 [ B330CE846D1C672F640D3B3647CEF86D ] netr28ux C:\windows\system32\DRIVERS\netr28ux.sys
14:38:45.0015 4824 netr28ux - ok
14:38:45.0047 4824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:45.0050 4824 NetTcpActivator - ok
14:38:45.0057 4824 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:45.0060 4824 NetTcpPortSharing - ok
14:38:45.0099 4824 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
14:38:45.0100 4824 nfrd960 - ok
14:38:45.0170 4824 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:38:45.0172 4824 NisDrv - ok
14:38:45.0201 4824 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
14:38:45.0207 4824 NisSrv - ok
14:38:45.0260 4824 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
14:38:45.0266 4824 NlaSvc - ok
14:38:45.0305 4824 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
14:38:45.0306 4824 Npfs - ok
14:38:45.0327 4824 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
14:38:45.0331 4824 nsi - ok
14:38:45.0349 4824 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
14:38:45.0351 4824 nsiproxy - ok
14:38:45.0430 4824 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
14:38:45.0449 4824 Ntfs - ok
14:38:45.0480 4824 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
14:38:45.0481 4824 Null - ok
14:38:45.0518 4824 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
14:38:45.0520 4824 nvraid - ok
14:38:45.0538 4824 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
14:38:45.0541 4824 nvstor - ok
14:38:45.0560 4824 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
14:38:45.0562 4824 nv_agp - ok
14:38:45.0593 4824 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
14:38:45.0595 4824 ohci1394 - ok
14:38:45.0688 4824 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:38:45.0691 4824 ose64 - ok
14:38:45.0880 4824 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:38:45.0933 4824 osppsvc - ok
14:38:45.0981 4824 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
14:38:45.0989 4824 p2pimsvc - ok
14:38:46.0010 4824 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
14:38:46.0018 4824 p2psvc - ok
14:38:46.0048 4824 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
14:38:46.0050 4824 Parport - ok
14:38:46.0083 4824 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
14:38:46.0086 4824 partmgr - ok
14:38:46.0121 4824 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
14:38:46.0127 4824 PcaSvc - ok
14:38:46.0155 4824 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
14:38:46.0158 4824 pci - ok
14:38:46.0177 4824 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
14:38:46.0179 4824 pciide - ok
14:38:46.0197 4824 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
14:38:46.0201 4824 pcmcia - ok
14:38:46.0224 4824 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
14:38:46.0226 4824 pcw - ok
14:38:46.0262 4824 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
14:38:46.0270 4824 PEAUTH - ok
14:38:46.0376 4824 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
14:38:46.0379 4824 PerfHost - ok
14:38:46.0421 4824 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
14:38:46.0423 4824 PGEffect - ok
14:38:46.0489 4824 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
14:38:46.0507 4824 pla - ok
14:38:46.0573 4824 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
14:38:46.0582 4824 PlugPlay - ok
14:38:46.0664 4824 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:38:46.0668 4824 Pml Driver HPZ12 - ok
14:38:46.0703 4824 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
14:38:46.0706 4824 PNRPAutoReg - ok
14:38:46.0737 4824 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
14:38:46.0744 4824 PNRPsvc - ok
14:38:46.0774 4824 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
14:38:46.0783 4824 PolicyAgent - ok
14:38:46.0807 4824 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
14:38:46.0813 4824 Power - ok
14:38:46.0844 4824 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
14:38:46.0846 4824 PptpMiniport - ok
14:38:46.0862 4824 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
14:38:46.0864 4824 Processor - ok
14:38:46.0905 4824 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
14:38:46.0911 4824 ProfSvc - ok
14:38:46.0930 4824 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
14:38:46.0933 4824 ProtectedStorage - ok
14:38:46.0965 4824 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
14:38:46.0967 4824 Psched - ok
14:38:47.0024 4824 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
14:38:47.0044 4824 ql2300 - ok
14:38:47.0094 4824 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
14:38:47.0097 4824 ql40xx - ok
14:38:47.0128 4824 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
14:38:47.0134 4824 QWAVE - ok
14:38:47.0153 4824 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
14:38:47.0155 4824 QWAVEdrv - ok
14:38:47.0186 4824 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
14:38:47.0188 4824 RasAcd - ok
14:38:47.0210 4824 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
14:38:47.0212 4824 RasAgileVpn - ok
14:38:47.0253 4824 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
14:38:47.0258 4824 RasAuto - ok
14:38:47.0274 4824 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
14:38:47.0276 4824 Rasl2tp - ok
14:38:47.0299 4824 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
14:38:47.0307 4824 RasMan - ok
14:38:47.0333 4824 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
14:38:47.0336 4824 RasPppoe - ok
14:38:47.0354 4824 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
14:38:47.0356 4824 RasSstp - ok
14:38:47.0393 4824 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
14:38:47.0398 4824 rdbss - ok
14:38:47.0418 4824 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
14:38:47.0420 4824 rdpbus - ok
14:38:47.0440 4824 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
14:38:47.0442 4824 RDPCDD - ok
14:38:47.0476 4824 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
14:38:47.0477 4824 RDPENCDD - ok
14:38:47.0490 4824 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
14:38:47.0491 4824 RDPREFMP - ok
14:38:47.0535 4824 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
14:38:47.0539 4824 RDPWD - ok
14:38:47.0579 4824 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
14:38:47.0582 4824 rdyboost - ok
14:38:47.0621 4824 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
14:38:47.0626 4824 RemoteAccess - ok
14:38:47.0659 4824 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
14:38:47.0665 4824 RemoteRegistry - ok
14:38:47.0687 4824 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
14:38:47.0692 4824 RpcEptMapper - ok
14:38:47.0708 4824 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
14:38:47.0712 4824 RpcLocator - ok
14:38:47.0738 4824 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
14:38:47.0748 4824 RpcSs - ok
14:38:47.0789 4824 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
14:38:47.0791 4824 rspndr - ok
14:38:47.0839 4824 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
14:38:47.0843 4824 RSUSBSTOR - ok
14:38:47.0884 4824 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
14:38:47.0890 4824 RTL8167 - ok
14:38:47.0950 4824 [ FA088015155C4C6DAB5D1D9E68EB9D6B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
14:38:47.0964 4824 RTL8192Ce - ok
14:38:47.0986 4824 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
14:38:47.0989 4824 SamSs - ok
14:38:48.0020 4824 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
14:38:48.0023 4824 sbp2port - ok
14:38:48.0063 4824 SBRE - ok
14:38:48.0098 4824 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
14:38:48.0106 4824 SCardSvr - ok
14:38:48.0124 4824 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
14:38:48.0125 4824 scfilter - ok
14:38:48.0166 4824 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
14:38:48.0182 4824 Schedule - ok
14:38:48.0216 4824 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
14:38:48.0218 4824 SCPolicySvc - ok
14:38:48.0255 4824 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
14:38:48.0262 4824 SDRSVC - ok
14:38:48.0302 4824 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
14:38:48.0303 4824 secdrv - ok
14:38:48.0332 4824 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
14:38:48.0337 4824 seclogon - ok
14:38:48.0352 4824 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
14:38:48.0357 4824 SENS - ok
14:38:48.0388 4824 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
14:38:48.0393 4824 SensrSvc - ok
14:38:48.0418 4824 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
14:38:48.0420 4824 Serenum - ok
14:38:48.0466 4824 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
14:38:48.0468 4824 Serial - ok
14:38:48.0496 4824 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
14:38:48.0498 4824 sermouse - ok
14:38:48.0539 4824 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
14:38:48.0545 4824 SessionEnv - ok
14:38:48.0575 4824 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
14:38:48.0577 4824 sffdisk - ok
14:38:48.0604 4824 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
14:38:48.0605 4824 sffp_mmc - ok
14:38:48.0640 4824 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
14:38:48.0642 4824 sffp_sd - ok
14:38:48.0685 4824 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
14:38:48.0687 4824 sfloppy - ok
14:38:48.0723 4824 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
14:38:48.0730 4824 SharedAccess - ok
14:38:48.0754 4824 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:38:48.0763 4824 ShellHWDetection - ok
14:38:48.0794 4824 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
14:38:48.0796 4824 SiSRaid2 - ok
14:38:48.0821 4824 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
14:38:48.0823 4824 SiSRaid4 - ok
14:38:48.0859 4824 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
14:38:48.0861 4824 Smb - ok
14:38:48.0907 4824 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
14:38:48.0911 4824 SNMPTRAP - ok
14:38:48.0922 4824 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
14:38:48.0923 4824 spldr - ok
14:38:48.0962 4824 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
14:38:48.0972 4824 Spooler - ok
14:38:49.0075 4824 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
14:38:49.0118 4824 sppsvc - ok
14:38:49.0153 4824 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
14:38:49.0158 4824 sppuinotify - ok
14:38:49.0204 4824 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
14:38:49.0212 4824 srv - ok
14:38:49.0236 4824 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
14:38:49.0243 4824 srv2 - ok
14:38:49.0262 4824 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
14:38:49.0266 4824 srvnet - ok
14:38:49.0309 4824 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
14:38:49.0316 4824 SSDPSRV - ok
14:38:49.0330 4824 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
14:38:49.0336 4824 SstpSvc - ok
14:38:49.0365 4824 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
14:38:49.0366 4824 stexstor - ok
14:38:49.0423 4824 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
14:38:49.0435 4824 stisvc - ok
14:38:49.0456 4824 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
14:38:49.0457 4824 swenum - ok
14:38:49.0507 4824 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
14:38:49.0518 4824 swprv - ok
14:38:49.0600 4824 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
14:38:49.0617 4824 SynTP - ok
14:38:49.0719 4824 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
14:38:49.0742 4824 SysMain - ok
14:38:49.0768 4824 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
14:38:49.0773 4824 TabletInputService - ok
14:38:49.0818 4824 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
14:38:49.0826 4824 TapiSrv - ok
14:38:49.0845 4824 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
14:38:49.0851 4824 TBS - ok
14:38:49.0935 4824 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
14:38:49.0957 4824 Tcpip - ok
14:38:50.0024 4824 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
14:38:50.0045 4824 TCPIP6 - ok
14:38:50.0082 4824 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
14:38:50.0084 4824 tcpipreg - ok
14:38:50.0123 4824 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
14:38:50.0124 4824 tdcmdpst - ok
14:38:50.0142 4824 TDEIO - ok
14:38:50.0165 4824 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
14:38:50.0166 4824 TDPIPE - ok
14:38:50.0202 4824 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
14:38:50.0204 4824 TDTCP - ok
14:38:50.0220 4824 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
14:38:50.0223 4824 tdx - ok
14:38:50.0261 4824 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
14:38:50.0263 4824 TermDD - ok
14:38:50.0305 4824 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
14:38:50.0316 4824 TermService - ok
14:38:50.0338 4824 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
14:38:50.0342 4824 Themes - ok
14:38:50.0373 4824 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
14:38:50.0377 4824 THREADORDER - ok
14:38:50.0442 4824 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
14:38:50.0444 4824 TMachInfo - ok
14:38:50.0474 4824 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
14:38:50.0480 4824 TODDSrv - ok
14:38:50.0571 4824 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
14:38:50.0578 4824 TosCoSrv - ok
14:38:50.0632 4824 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:38:50.0634 4824 TOSHIBA HDD SSD Alert Service - ok
14:38:50.0654 4824 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
14:38:50.0660 4824 TrkWks - ok
14:38:50.0725 4824 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:38:50.0728 4824 TrustedInstaller - ok
14:38:50.0750 4824 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
14:38:50.0751 4824 tssecsrv - ok
14:38:50.0784 4824 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
14:38:50.0785 4824 TsUsbFlt - ok
14:38:50.0816 4824 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
14:38:50.0818 4824 TsUsbGD - ok
14:38:50.0849 4824 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
14:38:50.0852 4824 tunnel - ok
14:38:50.0899 4824 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
14:38:50.0901 4824 TVALZ - ok
14:38:50.0939 4824 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
14:38:50.0941 4824 uagp35 - ok
14:38:50.0969 4824 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
14:38:50.0974 4824 udfs - ok
14:38:51.0007 4824 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
14:38:51.0012 4824 UI0Detect - ok
14:38:51.0051 4824 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
14:38:51.0053 4824 uliagpkx - ok
14:38:51.0103 4824 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
14:38:51.0104 4824 umbus - ok
14:38:51.0123 4824 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
14:38:51.0125 4824 UmPass - ok
14:38:51.0157 4824 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
14:38:51.0165 4824 upnphost - ok
14:38:51.0195 4824 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
14:38:51.0197 4824 usbaudio - ok
14:38:51.0215 4824 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
14:38:51.0217 4824 usbccgp - ok
14:38:51.0254 4824 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
14:38:51.0257 4824 usbcir - ok
14:38:51.0276 4824 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
14:38:51.0277 4824 usbehci - ok
14:38:51.0318 4824 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
14:38:51.0323 4824 usbhub - ok
14:38:51.0343 4824 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
14:38:51.0344 4824 usbohci - ok
14:38:51.0368 4824 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
14:38:51.0370 4824 usbprint - ok
14:38:51.0391 4824 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
14:38:51.0393 4824 USBSTOR - ok
14:38:51.0412 4824 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
14:38:51.0413 4824 usbuhci - ok
14:38:51.0442 4824 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
14:38:51.0445 4824 usbvideo - ok
14:38:51.0471 4824 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
14:38:51.0476 4824 UxSms - ok
14:38:51.0485 4824 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
14:38:51.0488 4824 VaultSvc - ok
14:38:51.0521 4824 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
14:38:51.0523 4824 vdrvroot - ok
14:38:51.0560 4824 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
14:38:51.0570 4824 vds - ok
14:38:51.0592 4824 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
14:38:51.0594 4824 vga - ok
14:38:51.0612 4824 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
14:38:51.0613 4824 VgaSave - ok
14:38:51.0638 4824 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
14:38:51.0642 4824 vhdmp - ok
14:38:51.0669 4824 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
14:38:51.0670 4824 viaide - ok
14:38:51.0690 4824 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
14:38:51.0691 4824 volmgr - ok
14:38:51.0715 4824 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
14:38:51.0721 4824 volmgrx - ok
14:38:51.0748 4824 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
14:38:51.0752 4824 volsnap - ok
14:38:51.0782 4824 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
14:38:51.0785 4824 vsmraid - ok
14:38:51.0853 4824 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
14:38:51.0875 4824 VSS - ok
14:38:51.0905 4824 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
14:38:51.0907 4824 vwifibus - ok
14:38:51.0933 4824 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
14:38:51.0935 4824 vwififlt - ok
14:38:51.0965 4824 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
14:38:51.0967 4824 vwifimp - ok
14:38:52.0011 4824 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
14:38:52.0020 4824 W32Time - ok
14:38:52.0053 4824 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
14:38:52.0055 4824 WacomPen - ok
14:38:52.0089 4824 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
14:38:52.0091 4824 WANARP - ok
14:38:52.0098 4824 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
14:38:52.0100 4824 Wanarpv6 - ok
14:38:52.0166 4824 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
14:38:52.0181 4824 WatAdminSvc - ok
14:38:52.0240 4824 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
14:38:52.0260 4824 wbengine - ok
14:38:52.0278 4824 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
14:38:52.0286 4824 WbioSrvc - ok
14:38:52.0325 4824 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
14:38:52.0334 4824 wcncsvc - ok
14:38:52.0349 4824 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:38:52.0354 4824 WcsPlugInService - ok
14:38:52.0384 4824 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
14:38:52.0385 4824 Wd - ok
14:38:52.0417 4824 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
14:38:52.0426 4824 Wdf01000 - ok
14:38:52.0441 4824 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
14:38:52.0446 4824 WdiServiceHost - ok
14:38:52.0454 4824 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
14:38:52.0460 4824 WdiSystemHost - ok
14:38:52.0495 4824 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
14:38:52.0503 4824 WebClient - ok
14:38:52.0530 4824 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
14:38:52.0539 4824 Wecsvc - ok
14:38:52.0572 4824 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
14:38:52.0578 4824 wercplsupport - ok
14:38:52.0620 4824 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
14:38:52.0626 4824 WerSvc - ok
14:38:52.0669 4824 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
14:38:52.0670 4824 WfpLwf - ok
14:38:52.0687 4824 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
14:38:52.0689 4824 WIMMount - ok
14:38:52.0717 4824 WinDefend - ok
14:38:52.0729 4824 WinHttpAutoProxySvc - ok
14:38:52.0955 4824 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
14:38:52.0959 4824 Winmgmt - ok
14:38:53.0054 4824 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
14:38:53.0083 4824 WinRM - ok
14:38:53.0156 4824 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
14:38:53.0170 4824 Wlansvc - ok
14:38:53.0243 4824 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:38:53.0245 4824 wlcrasvc - ok
14:38:53.0354 4824 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:38:53.0381 4824 wlidsvc - ok
14:38:53.0428 4824 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
14:38:53.0429 4824 WmiAcpi - ok
14:38:53.0467 4824 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
14:38:53.0470 4824 wmiApSrv - ok
14:38:53.0510 4824 WMPNetworkSvc - ok
14:38:53.0530 4824 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
14:38:53.0535 4824 WPCSvc - ok
14:38:53.0554 4824 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
14:38:53.0561 4824 WPDBusEnum - ok
14:38:53.0581 4824 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
14:38:53.0583 4824 ws2ifsl - ok
14:38:53.0609 4824 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
14:38:53.0615 4824 wscsvc - ok
14:38:53.0624 4824 WSearch - ok
14:38:53.0726 4824 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
14:38:53.0757 4824 wuauserv - ok
14:38:53.0776 4824 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
14:38:53.0779 4824 WudfPf - ok
14:38:53.0817 4824 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
14:38:53.0823 4824 wudfsvc - ok
14:38:53.0844 4824 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
14:38:53.0852 4824 WwanSvc - ok
14:38:53.0886 4824 ================ Scan global ===============================
14:38:53.0908 4824 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
14:38:53.0947 4824 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
14:38:53.0966 4824 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
14:38:54.0000 4824 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
14:38:54.0038 4824 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
14:38:54.0047 4824 [Global] - ok
14:38:54.0048 4824 ================ Scan MBR ==================================
14:38:54.0061 4824 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
14:38:54.0348 4824 \Device\Harddisk0\DR0 - ok
14:38:54.0351 4824 ================ Scan VBR ==================================
14:38:54.0360 4824 [ 8260A09DFBE29E60819C0CEF7179B131 ] \Device\Harddisk0\DR0\Partition1
14:38:54.0363 4824 \Device\Harddisk0\DR0\Partition1 - ok
14:38:54.0364 4824 ============================================================
14:38:54.0364 4824 Scan finished
14:38:54.0364 4824 ============================================================
14:38:54.0369 0384 Detected object count: 0
14:38:54.0369 0384 Actual detected object count: 0
14:39:56.0501 4600 ============================================================
14:39:56.0501 4600 Scan started
14:39:56.0501 4600 Mode: Manual;
14:39:56.0501 4600 ============================================================
14:39:56.0896 4600 ================ Scan system memory ========================
14:39:56.0897 4600 System memory - ok
14:39:56.0898 4600 ================ Scan services =============================
14:39:57.0067 4600 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
14:39:57.0071 4600 1394ohci - ok
14:39:57.0101 4600 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
14:39:57.0105 4600 ACPI - ok
14:39:57.0141 4600 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
14:39:57.0142 4600 AcpiPmi - ok
14:39:57.0204 4600 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:39:57.0206 4600 AdobeARMservice - ok
14:39:57.0320 4600 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:39:57.0324 4600 AdobeFlashPlayerUpdateSvc - ok
14:39:57.0369 4600 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
14:39:57.0376 4600 adp94xx - ok
14:39:57.0404 4600 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
14:39:57.0409 4600 adpahci - ok
14:39:57.0450 4600 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
14:39:57.0454 4600 adpu320 - ok
14:39:57.0511 4600 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
14:39:57.0513 4600 AeLookupSvc - ok
14:39:57.0554 4600 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
14:39:57.0560 4600 AFD - ok
14:39:57.0587 4600 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
14:39:57.0589 4600 agp440 - ok
14:39:57.0628 4600 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
14:39:57.0630 4600 ALG - ok
14:39:57.0653 4600 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
14:39:57.0654 4600 aliide - ok
14:39:57.0687 4600 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
14:39:57.0690 4600 AMD External Events Utility - ok
14:39:57.0712 4600 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
14:39:57.0713 4600 amdide - ok
14:39:57.0739 4600 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
14:39:57.0740 4600 AmdK8 - ok
14:39:57.0995 4600 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
14:39:58.0095 4600 amdkmdag - ok
14:39:58.0134 4600 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
14:39:58.0138 4600 amdkmdap - ok
14:39:58.0186 4600 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
14:39:58.0187 4600 AmdPPM - ok
14:39:58.0216 4600 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
14:39:58.0218 4600 amdsata - ok
14:39:58.0236 4600 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
14:39:58.0239 4600 amdsbs - ok
14:39:58.0266 4600 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
14:39:58.0268 4600 amdxata - ok
14:39:58.0304 4600 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
14:39:58.0306 4600 AppID - ok
14:39:58.0335 4600 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
14:39:58.0336 4600 AppIDSvc - ok
14:39:58.0361 4600 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
14:39:58.0363 4600 Appinfo - ok
14:39:58.0392 4600 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
14:39:58.0394 4600 arc - ok
14:39:58.0429 4600 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
14:39:58.0431 4600 arcsas - ok
14:39:58.0537 4600 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:39:58.0539 4600 aspnet_state - ok
14:39:58.0571 4600 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
14:39:58.0572 4600 AsyncMac - ok
14:39:58.0615 4600 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
14:39:58.0616 4600 atapi - ok
14:39:58.0670 4600 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:39:58.0679 4600 AudioEndpointBuilder - ok
14:39:58.0698 4600 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
14:39:58.0707 4600 AudioSrv - ok
14:39:58.0729 4600 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
14:39:58.0732 4600 AxInstSV - ok
14:39:58.0779 4600 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
14:39:58.0786 4600 b06bdrv - ok
14:39:58.0809 4600 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
14:39:58.0813 4600 b57nd60a - ok
14:39:58.0857 4600 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
14:39:58.0860 4600 BDESVC - ok
14:39:58.0883 4600 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
14:39:58.0884 4600 Beep - ok
14:39:58.0931 4600 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
14:39:58.0940 4600 BFE - ok
14:39:58.0993 4600 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
14:39:59.0006 4600 BITS - ok
14:39:59.0021 4600 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
14:39:59.0023 4600 blbdrive - ok
14:39:59.0056 4600 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
14:39:59.0058 4600 bowser - ok
14:39:59.0095 4600 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
14:39:59.0096 4600 BrFiltLo - ok
14:39:59.0108 4600 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
14:39:59.0109 4600 BrFiltUp - ok
14:39:59.0140 4600 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
14:39:59.0142 4600 BridgeMP - ok
14:39:59.0184 4600 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
14:39:59.0187 4600 Browser - ok
14:39:59.0216 4600 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
14:39:59.0221 4600 Brserid - ok
14:39:59.0255 4600 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
14:39:59.0256 4600 BrSerWdm - ok
14:39:59.0271 4600 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
14:39:59.0272 4600 BrUsbMdm - ok
14:39:59.0288 4600 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
14:39:59.0289 4600 BrUsbSer - ok
14:39:59.0310 4600 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
14:39:59.0312 4600 BTHMODEM - ok
14:39:59.0344 4600 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
14:39:59.0347 4600 bthserv - ok
14:39:59.0355 4600 catchme - ok
14:39:59.0390 4600 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
14:39:59.0392 4600 cdfs - ok
14:39:59.0424 4600 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
14:39:59.0426 4600 cdrom - ok
14:39:59.0452 4600 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
14:39:59.0455 4600 CertPropSvc - ok
14:39:59.0480 4600 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
14:39:59.0481 4600 circlass - ok
14:39:59.0524 4600 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
14:39:59.0529 4600 CLFS - ok
14:39:59.0593 4600 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:39:59.0595 4600 clr_optimization_v2.0.50727_32 - ok
14:39:59.0635 4600 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:39:59.0638 4600 clr_optimization_v2.0.50727_64 - ok
14:39:59.0695 4600 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:39:59.0697 4600 clr_optimization_v4.0.30319_32 - ok
14:39:59.0716 4600 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:39:59.0719 4600 clr_optimization_v4.0.30319_64 - ok
14:39:59.0761 4600 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
14:39:59.0762 4600 CmBatt - ok
14:39:59.0789 4600 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
14:39:59.0790 4600 cmdide - ok
14:39:59.0835 4600 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
14:39:59.0843 4600 CNG - ok
14:39:59.0899 4600 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
14:39:59.0901 4600 Compbatt - ok
14:39:59.0916 4600 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
14:39:59.0917 4600 CompositeBus - ok
14:39:59.0929 4600 COMSysApp - ok
14:40:00.0030 4600 cpuz134 - ok
14:40:00.0063 4600 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
14:40:00.0064 4600 crcdisk - ok
14:40:00.0111 4600 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
14:40:00.0114 4600 CryptSvc - ok
14:40:00.0185 4600 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
14:40:00.0195 4600 DcomLaunch - ok
14:40:00.0241 4600 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
14:40:00.0246 4600 defragsvc - ok
14:40:00.0285 4600 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
14:40:00.0287 4600 DfsC - ok
14:40:00.0331 4600 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
14:40:00.0336 4600 Dhcp - ok
14:40:00.0353 4600 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
14:40:00.0355 4600 discache - ok
14:40:00.0386 4600 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
14:40:00.0388 4600 Disk - ok
14:40:00.0428 4600 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
14:40:00.0432 4600 Dnscache - ok
14:40:00.0465 4600 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
14:40:00.0469 4600 dot3svc - ok
14:40:00.0501 4600 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
14:40:00.0504 4600 Dot4 - ok
14:40:00.0542 4600 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
14:40:00.0543 4600 Dot4Print - ok
14:40:00.0566 4600 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
14:40:00.0567 4600 dot4usb - ok
14:40:00.0598 4600 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
14:40:00.0602 4600 DPS - ok
14:40:00.0639 4600 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
14:40:00.0640 4600 drmkaud - ok
14:40:00.0683 4600 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
14:40:00.0694 4600 DXGKrnl - ok
14:40:00.0725 4600 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
14:40:00.0728 4600 EapHost - ok
14:40:00.0833 4600 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
14:40:00.0868 4600 ebdrv - ok
14:40:00.0911 4600 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
14:40:00.0914 4600 EFS - ok
14:40:00.0972 4600 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
14:40:00.0980 4600 ehRecvr - ok
14:40:00.0995 4600 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
14:40:00.0997 4600 ehSched - ok
14:40:01.0046 4600 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
14:40:01.0053 4600 elxstor - ok
14:40:01.0078 4600 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
14:40:01.0079 4600 ErrDev - ok
14:40:01.0127 4600 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
14:40:01.0133 4600 EventSystem - ok
14:40:01.0161 4600 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
14:40:01.0164 4600 exfat - ok
14:40:01.0184 4600 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
14:40:01.0187 4600 fastfat - ok
14:40:01.0243 4600 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
14:40:01.0252 4600 Fax - ok
14:40:01.0285 4600 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
14:40:01.0287 4600 fdc - ok
14:40:01.0321 4600 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
14:40:01.0324 4600 fdPHost - ok
14:40:01.0341 4600 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
14:40:01.0344 4600 FDResPub - ok
14:40:01.0360 4600 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
14:40:01.0362 4600 FileInfo - ok
14:40:01.0397 4600 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
14:40:01.0399 4600 Filetrace - ok
14:40:01.0418 4600 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
14:40:01.0420 4600 flpydisk - ok
14:40:01.0451 4600 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
14:40:01.0455 4600 FltMgr - ok
14:40:01.0522 4600 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
14:40:01.0540 4600 FontCache - ok
14:40:01.0597 4600 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:40:01.0598 4600 FontCache3.0.0.0 - ok
14:40:01.0625 4600 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
14:40:01.0626 4600 FsDepends - ok
14:40:01.0663 4600 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
14:40:01.0664 4600 Fs_Rec - ok
14:40:01.0692 4600 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
14:40:01.0696 4600 fvevol - ok
14:40:01.0720 4600 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
14:40:01.0722 4600 gagp30kx - ok
14:40:01.0787 4600 [ 38AB2F49F100145D72D630DFD79098D0 ] GFNEXSrv c:\UBIOS\GFNEXSrv.exe
14:40:01.0792 4600 GFNEXSrv - ok
14:40:01.0840 4600 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
14:40:01.0851 4600 gpsvc - ok
14:40:01.0930 4600 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:40:01.0932 4600 gupdate - ok
14:40:01.0942 4600 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:40:01.0945 4600 gupdatem - ok
14:40:01.0978 4600 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
14:40:01.0980 4600 hcw85cir - ok
14:40:02.0005 4600 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:40:02.0011 4600 HdAudAddService - ok
14:40:02.0041 4600 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
14:40:02.0044 4600 HDAudBus - ok
14:40:02.0082 4600 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
14:40:02.0083 4600 HidBatt - ok
14:40:02.0103 4600 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
14:40:02.0106 4600 HidBth - ok
14:40:02.0124 4600 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
14:40:02.0126 4600 HidIr - ok
14:40:02.0162 4600 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
14:40:02.0165 4600 hidserv - ok
14:40:02.0202 4600 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
14:40:02.0203 4600 HidUsb - ok
14:40:02.0243 4600 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
14:40:02.0247 4600 hkmsvc - ok
14:40:02.0276 4600 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:40:02.0282 4600 HomeGroupListener - ok
14:40:02.0322 4600 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:40:02.0328 4600 HomeGroupProvider - ok
14:40:02.0359 4600 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
14:40:02.0361 4600 HpSAMD - ok
14:40:02.0398 4600 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
14:40:02.0407 4600 HTTP - ok
14:40:02.0434 4600 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
14:40:02.0435 4600 hwpolicy - ok
14:40:02.0461 4600 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
14:40:02.0463 4600 i8042prt - ok
14:40:02.0506 4600 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
14:40:02.0512 4600 iaStorV - ok
14:40:02.0586 4600 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:40:02.0596 4600 idsvc - ok
14:40:02.0621 4600 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
14:40:02.0622 4600 iirsp - ok
14:40:02.0682 4600 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
14:40:02.0694 4600 IKEEXT - ok
14:40:02.0809 4600 [ 028E40182A6F0374978C755F85B9F07C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
14:40:02.0841 4600 IntcAzAudAddService - ok
14:40:02.0891 4600 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
14:40:02.0893 4600 intelide - ok
14:40:02.0921 4600 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
14:40:02.0922 4600 intelppm - ok
14:40:02.0980 4600 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
14:40:02.0984 4600 IPBusEnum - ok
14:40:03.0014 4600 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
14:40:03.0016 4600 IpFilterDriver - ok
14:40:03.0059 4600 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
14:40:03.0068 4600 iphlpsvc - ok
14:40:03.0108 4600 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
14:40:03.0110 4600 IPMIDRV - ok
14:40:03.0136 4600 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
14:40:03.0138 4600 IPNAT - ok
14:40:03.0160 4600 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
14:40:03.0162 4600 IRENUM - ok
14:40:03.0178 4600 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
14:40:03.0180 4600 isapnp - ok
14:40:03.0218 4600 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
14:40:03.0222 4600 iScsiPrt - ok
14:40:03.0242 4600 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
14:40:03.0244 4600 kbdclass - ok
14:40:03.0266 4600 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
14:40:03.0267 4600 kbdhid - ok
14:40:03.0289 4600 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
14:40:03.0292 4600 KeyIso - ok
14:40:03.0326 4600 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
14:40:03.0329 4600 KSecDD - ok
14:40:03.0357 4600 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
14:40:03.0359 4600 KSecPkg - ok
14:40:03.0386 4600 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
14:40:03.0387 4600 ksthunk - ok
14:40:03.0429 4600 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
14:40:03.0437 4600 KtmRm - ok
14:40:03.0493 4600 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
14:40:03.0500 4600 LanmanServer - ok
14:40:03.0531 4600 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:40:03.0537 4600 LanmanWorkstation - ok
14:40:03.0563 4600 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
14:40:03.0565 4600 lltdio - ok
14:40:03.0614 4600 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
14:40:03.0621 4600 lltdsvc - ok
14:40:03.0642 4600 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
14:40:03.0645 4600 lmhosts - ok
14:40:03.0683 4600 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
14:40:03.0685 4600 LSI_FC - ok
14:40:03.0712 4600 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
14:40:03.0715 4600 LSI_SAS - ok
14:40:03.0738 4600 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
14:40:03.0740 4600 LSI_SAS2 - ok
14:40:03.0759 4600 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
14:40:03.0761 4600 LSI_SCSI - ok
14:40:03.0790 4600 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
14:40:03.0792 4600 luafv - ok
14:40:03.0825 4600 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
14:40:03.0830 4600 Mcx2Svc - ok
14:40:03.0867 4600 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
14:40:03.0869 4600 megasas - ok
14:40:03.0891 4600 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
14:40:03.0896 4600 MegaSR - ok
14:40:03.0932 4600 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
14:40:03.0936 4600 MMCSS - ok
14:40:03.0956 4600 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
14:40:03.0958 4600 Modem - ok
14:40:03.0978 4600 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
14:40:03.0979 4600 monitor - ok
14:40:04.0000 4600 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
14:40:04.0001 4600 mouclass - ok
14:40:04.0014 4600 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
14:40:04.0016 4600 mouhid - ok
14:40:04.0033 4600 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
14:40:04.0035 4600 mountmgr - ok
14:40:04.0082 4600 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:40:04.0084 4600 MozillaMaintenance - ok
14:40:04.0118 4600 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
14:40:04.0121 4600 MpFilter - ok
14:40:04.0147 4600 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
14:40:04.0150 4600 mpio - ok
14:40:04.0186 4600 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
14:40:04.0187 4600 mpsdrv - ok
14:40:04.0239 4600 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
14:40:04.0251 4600 MpsSvc - ok
14:40:04.0271 4600 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
14:40:04.0273 4600 MRxDAV - ok
14:40:04.0303 4600 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
14:40:04.0306 4600 mrxsmb - ok
14:40:04.0346 4600 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
14:40:04.0351 4600 mrxsmb10 - ok
14:40:04.0376 4600 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
14:40:04.0378 4600 mrxsmb20 - ok
14:40:04.0402 4600 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
14:40:04.0403 4600 msahci - ok
14:40:04.0428 4600 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
14:40:04.0430 4600 msdsm - ok
14:40:04.0453 4600 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
14:40:04.0458 4600 MSDTC - ok
14:40:04.0498 4600 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
14:40:04.0500 4600 Msfs - ok
14:40:04.0533 4600 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
14:40:04.0538 4600 mshidkmdf - ok
14:40:04.0569 4600 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
14:40:04.0571 4600 msisadrv - ok
14:40:04.0606 4600 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
14:40:04.0610 4600 MSiSCSI - ok
14:40:04.0621 4600 msiserver - ok
14:40:04.0640 4600 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
14:40:04.0641 4600 MSKSSRV - ok
14:40:04.0712 4600 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:40:04.0713 4600 MsMpSvc - ok
14:40:04.0752 4600 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
14:40:04.0754 4600 MSPCLOCK - ok
14:40:04.0773 4600 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
14:40:04.0774 4600 MSPQM - ok
14:40:04.0804 4600 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
14:40:04.0809 4600 MsRPC - ok
14:40:04.0837 4600 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
14:40:04.0838 4600 mssmbios - ok
14:40:04.0849 4600 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
14:40:04.0851 4600 MSTEE - ok
14:40:04.0874 4600 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
14:40:04.0876 4600 MTConfig - ok
14:40:04.0904 4600 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
14:40:04.0906 4600 Mup - ok
14:40:04.0945 4600 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
14:40:04.0954 4600 napagent - ok
14:40:04.0990 4600 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
14:40:04.0995 4600 NativeWifiP - ok
14:40:05.0060 4600 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
14:40:05.0071 4600 NDIS - ok
14:40:05.0098 4600 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
14:40:05.0100 4600 NdisCap - ok
14:40:05.0119 4600 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
14:40:05.0120 4600 NdisTapi - ok
14:40:05.0138 4600 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
14:40:05.0140 4600 Ndisuio - ok
14:40:05.0172 4600 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
14:40:05.0175 4600 NdisWan - ok
14:40:05.0201 4600 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
14:40:05.0203 4600 NDProxy - ok
14:40:05.0236 4600 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:40:05.0239 4600 Net Driver HPZ12 - ok
14:40:05.0271 4600 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
14:40:05.0273 4600 NetBIOS - ok
14:40:05.0295 4600 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
14:40:05.0300 4600 NetBT - ok
14:40:05.0322 4600 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
14:40:05.0325 4600 Netlogon - ok
14:40:05.0367 4600 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
14:40:05.0374 4600 Netman - ok
14:40:05.0406 4600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:40:05.0408 4600 NetMsmqActivator - ok
14:40:05.0420 4600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:40:05.0423 4600 NetPipeActivator - ok
14:40:05.0460 4600 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
14:40:05.0469 4600 netprofm - ok
14:40:05.0553 4600 [ B330CE846D1C672F640D3B3647CEF86D ] netr28ux C:\windows\system32\DRIVERS\netr28ux.sys
14:40:05.0571 4600 netr28ux - ok
14:40:05.0595 4600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:40:05.0597 4600 NetTcpActivator - ok
14:40:05.0608 4600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:40:05.0611 4600 NetTcpPortSharing - ok
14:40:05.0646 4600 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
14:40:05.0648 4600 nfrd960 - ok
14:40:05.0684 4600 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:40:05.0687 4600 NisDrv - ok
14:40:05.0716 4600 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
14:40:05.0722 4600 NisSrv - ok
14:40:05.0763 4600 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
14:40:05.0770 4600 NlaSvc - ok
14:40:05.0808 4600 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
14:40:05.0810 4600 Npfs - ok
14:40:05.0842 4600 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
14:40:05.0846 4600 nsi - ok
14:40:05.0864 4600 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
14:40:05.0865 4600 nsiproxy - ok
14:40:05.0944 4600 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
14:40:05.0962 4600 Ntfs - ok
14:40:05.0995 4600 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
14:40:05.0996 4600 Null - ok
14:40:06.0022 4600 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
14:40:06.0025 4600 nvraid - ok
14:40:06.0043 4600 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
14:40:06.0046 4600 nvstor - ok
14:40:06.0064 4600 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
14:40:06.0066 4600 nv_agp - ok
14:40:06.0109 4600 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
14:40:06.0111 4600 ohci1394 - ok
14:40:06.0171 4600 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:40:06.0173 4600 ose64 - ok
14:40:06.0349 4600 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:40:06.0402 4600 osppsvc - ok
14:40:06.0463 4600 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
14:40:06.0470 4600 p2pimsvc - ok
14:40:06.0504 4600 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
14:40:06.0513 4600 p2psvc - ok
14:40:06.0563 4600 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
14:40:06.0565 4600 Parport - ok
14:40:06.0599 4600 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
14:40:06.0601 4600 partmgr - ok
14:40:06.0647 4600 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
14:40:06.0653 4600 PcaSvc - ok
14:40:06.0682 4600 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
14:40:06.0685 4600 pci - ok
14:40:06.0704 4600 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
14:40:06.0706 4600 pciide - ok
14:40:06.0735 4600 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
14:40:06.0739 4600 pcmcia - ok
14:40:06.0773 4600 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
14:40:06.0775 4600 pcw - ok
14:40:06.0811 4600 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
14:40:06.0819 4600 PEAUTH - ok
14:40:06.0925 4600 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
14:40:06.0928 4600 PerfHost - ok
14:40:06.0981 4600 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
14:40:06.0983 4600 PGEffect - ok
14:40:07.0048 4600 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
14:40:07.0067 4600 pla - ok
14:40:07.0111 4600 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
14:40:07.0122 4600 PlugPlay - ok
14:40:07.0158 4600 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:40:07.0161 4600 Pml Driver HPZ12 - ok
14:40:07.0196 4600 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
14:40:07.0200 4600 PNRPAutoReg - ok
14:40:07.0230 4600 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
14:40:07.0237 4600 PNRPsvc - ok
14:40:07.0278 4600 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
14:40:07.0286 4600 PolicyAgent - ok
14:40:07.0311 4600 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
14:40:07.0317 4600 Power - ok
14:40:07.0348 4600 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
14:40:07.0351 4600 PptpMiniport - ok
14:40:07.0377 4600 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
14:40:07.0379 4600 Processor - ok
14:40:07.0421 4600 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
14:40:07.0427 4600 ProfSvc - ok
14:40:07.0445 4600 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
14:40:07.0449 4600 ProtectedStorage - ok
14:40:07.0469 4600 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
14:40:07.0472 4600 Psched - ok
14:40:07.0528 4600 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
14:40:07.0546 4600 ql2300 - ok
14:40:07.0586 4600 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
14:40:07.0590 4600 ql40xx - ok
14:40:07.0632 4600 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
14:40:07.0638 4600 QWAVE - ok
14:40:07.0658 4600 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
14:40:07.0659 4600 QWAVEdrv - ok
14:40:07.0691 4600 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
14:40:07.0692 4600 RasAcd - ok
14:40:07.0715 4600 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
14:40:07.0716 4600 RasAgileVpn - ok
14:40:07.0757 4600 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
14:40:07.0762 4600 RasAuto - ok
14:40:07.0778 4600 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
14:40:07.0780 4600 Rasl2tp - ok
14:40:07.0803 4600 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
14:40:07.0812 4600 RasMan - ok
14:40:07.0838 4600 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
14:40:07.0841 4600 RasPppoe - ok
14:40:07.0859 4600 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
14:40:07.0861 4600 RasSstp - ok
14:40:07.0898 4600 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
14:40:07.0902 4600 rdbss - ok
14:40:07.0923 4600 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
14:40:07.0924 4600 rdpbus - ok
14:40:07.0945 4600 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
14:40:07.0946 4600 RDPCDD - ok
14:40:07.0969 4600 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
14:40:07.0970 4600 RDPENCDD - ok
14:40:07.0994 4600 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
14:40:07.0996 4600 RDPREFMP - ok
14:40:08.0040 4600 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
14:40:08.0043 4600 RDPWD - ok
14:40:08.0072 4600 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
14:40:08.0076 4600 rdyboost - ok
14:40:08.0114 4600 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
14:40:08.0118 4600 RemoteAccess - ok
14:40:08.0152 4600 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
14:40:08.0158 4600 RemoteRegistry - ok
14:40:08.0180 4600 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
14:40:08.0185 4600 RpcEptMapper - ok
14:40:08.0201 4600 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
14:40:08.0204 4600 RpcLocator - ok
14:40:08.0231 4600 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
14:40:08.0241 4600 RpcSs - ok
14:40:08.0272 4600 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
14:40:08.0274 4600 rspndr - ok
14:40:08.0311 4600 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
14:40:08.0315 4600 RSUSBSTOR - ok
14:40:08.0355 4600 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
14:40:08.0361 4600 RTL8167 - ok
14:40:08.0431 4600 [ FA088015155C4C6DAB5D1D9E68EB9D6B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
14:40:08.0445 4600 RTL8192Ce - ok
14:40:08.0468 4600 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
14:40:08.0471 4600 SamSs - ok
14:40:08.0514 4600 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
14:40:08.0516 4600 sbp2port - ok
14:40:08.0526 4600 SBRE - ok
14:40:08.0580 4600 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
14:40:08.0586 4600 SCardSvr - ok
14:40:08.0606 4600 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
14:40:08.0608 4600 scfilter - ok
14:40:08.0648 4600 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
14:40:08.0664 4600 Schedule - ok
14:40:08.0698 4600 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
14:40:08.0700 4600 SCPolicySvc - ok
14:40:08.0737 4600 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
14:40:08.0744 4600 SDRSVC - ok
14:40:08.0773 4600 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
14:40:08.0775 4600 secdrv - ok
14:40:08.0803 4600 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
14:40:08.0808 4600 seclogon - ok
14:40:08.0823 4600 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
14:40:08.0828 4600 SENS - ok
14:40:08.0848 4600 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
14:40:08.0852 4600 SensrSvc - ok
14:40:08.0878 4600 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
14:40:08.0879 4600 Serenum - ok
14:40:08.0899 4600 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
14:40:08.0901 4600 Serial - ok
14:40:08.0919 4600 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
14:40:08.0921 4600 sermouse - ok
14:40:08.0975 4600 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
14:40:08.0981 4600 SessionEnv - ok
14:40:09.0001 4600 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
14:40:09.0003 4600 sffdisk - ok
14:40:09.0042 4600 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
14:40:09.0043 4600 sffp_mmc - ok
14:40:09.0056 4600 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
14:40:09.0057 4600 sffp_sd - ok
14:40:09.0078 4600 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
14:40:09.0080 4600 sfloppy - ok
14:40:09.0105 4600 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
14:40:09.0113 4600 SharedAccess - ok
14:40:09.0147 4600 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:40:09.0155 4600 ShellHWDetection - ok
14:40:09.0177 4600 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
14:40:09.0179 4600 SiSRaid2 - ok
14:40:09.0214 4600 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
14:40:09.0216 4600 SiSRaid4 - ok
14:40:09.0241 4600 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
14:40:09.0244 4600 Smb - ok
14:40:09.0278 4600 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
14:40:09.0283 4600 SNMPTRAP - ok
14:40:09.0304 4600 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
14:40:09.0305 4600 spldr - ok
14:40:09.0355 4600 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
14:40:09.0365 4600 Spooler - ok
14:40:09.0486 4600 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
14:40:09.0531 4600 sppsvc - ok
14:40:09.0568 4600 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
14:40:09.0573 4600 sppuinotify - ok
14:40:09.0620 4600 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
14:40:09.0627 4600 srv - ok
14:40:09.0663 4600 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
14:40:09.0668 4600 srv2 - ok
14:40:09.0689 4600 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
14:40:09.0692 4600 srvnet - ok
14:40:09.0725 4600 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
14:40:09.0732 4600 SSDPSRV - ok
14:40:09.0757 4600 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
14:40:09.0762 4600 SstpSvc - ok
14:40:09.0791 4600 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
14:40:09.0792 4600 stexstor - ok
14:40:09.0839 4600 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
14:40:09.0849 4600 stisvc - ok
14:40:09.0872 4600 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
14:40:09.0873 4600 swenum - ok
14:40:09.0923 4600 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
14:40:09.0933 4600 swprv - ok
14:40:10.0003 4600 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
14:40:10.0019 4600 SynTP - ok
14:40:10.0101 4600 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
14:40:10.0124 4600 SysMain - ok
14:40:10.0150 4600 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
14:40:10.0155 4600 TabletInputService - ok
14:40:10.0200 4600 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
14:40:10.0208 4600 TapiSrv - ok
14:40:10.0228 4600 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
14:40:10.0233 4600 TBS - ok
14:40:10.0305 4600 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
14:40:10.0326 4600 Tcpip - ok
14:40:10.0374 4600 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
14:40:10.0395 4600 TCPIP6 - ok
14:40:10.0442 4600 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
14:40:10.0444 4600 tcpipreg - ok
14:40:10.0483 4600 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
14:40:10.0484 4600 tdcmdpst - ok
14:40:10.0494 4600 TDEIO - ok
14:40:10.0525 4600 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
14:40:10.0526 4600 TDPIPE - ok
14:40:10.0573 4600 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
14:40:10.0575 4600 TDTCP - ok
14:40:10.0602 4600 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
14:40:10.0605 4600 tdx - ok
14:40:10.0632 4600 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
14:40:10.0634 4600 TermDD - ok
14:40:10.0676 4600 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
14:40:10.0688 4600 TermService - ok
14:40:10.0708 4600 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
14:40:10.0714 4600 Themes - ok
14:40:10.0744 4600 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
14:40:10.0748 4600 THREADORDER - ok
14:40:10.0813 4600 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
14:40:10.0815 4600 TMachInfo - ok
14:40:10.0856 4600 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
14:40:10.0862 4600 TODDSrv - ok
14:40:10.0918 4600 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
14:40:10.0925 4600 TosCoSrv - ok
14:40:10.0980 4600 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:40:10.0983 4600 TOSHIBA HDD SSD Alert Service - ok
14:40:11.0002 4600 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
14:40:11.0008 4600 TrkWks - ok
14:40:11.0074 4600 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:40:11.0077 4600 TrustedInstaller - ok
14:40:11.0099 4600 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
14:40:11.0100 4600 tssecsrv - ok
14:40:11.0121 4600 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
14:40:11.0123 4600 TsUsbFlt - ok
14:40:11.0165 4600 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
14:40:11.0167 4600 TsUsbGD - ok
14:40:11.0187 4600 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
14:40:11.0189 4600 tunnel - ok
14:40:11.0226 4600 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
14:40:11.0227 4600 TVALZ - ok
14:40:11.0266 4600 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
14:40:11.0268 4600 uagp35 - ok
14:40:11.0295 4600 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
14:40:11.0301 4600 udfs - ok
14:40:11.0345 4600 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
14:40:11.0350 4600 UI0Detect - ok
14:40:11.0389 4600 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
14:40:11.0390 4600 uliagpkx - ok
14:40:11.0429 4600 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
14:40:11.0430 4600 umbus - ok
14:40:11.0450 4600 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
14:40:11.0451 4600 UmPass - ok
14:40:11.0483 4600 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
14:40:11.0492 4600 upnphost - ok
14:40:11.0510 4600 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
14:40:11.0512 4600 usbaudio - ok
14:40:11.0541 4600 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
14:40:11.0544 4600 usbccgp - ok
14:40:11.0570 4600 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
14:40:11.0572 4600 usbcir - ok
14:40:11.0602 4600 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
14:40:11.0604 4600 usbehci - ok
14:40:11.0645 4600 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
14:40:11.0650 4600 usbhub - ok
14:40:11.0670 4600 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
14:40:11.0671 4600 usbohci - ok
14:40:11.0695 4600 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
14:40:11.0697 4600 usbprint - ok
14:40:11.0718 4600 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
14:40:11.0720 4600 USBSTOR - ok
14:40:11.0738 4600 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
14:40:11.0740 4600 usbuhci - ok
14:40:11.0769 4600 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
14:40:11.0772 4600 usbvideo - ok
14:40:11.0798 4600 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
14:40:11.0803 4600 UxSms - ok
14:40:11.0823 4600 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
14:40:11.0826 4600 VaultSvc - ok
14:40:11.0859 4600 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
14:40:11.0861 4600 vdrvroot - ok
14:40:11.0898 4600 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
14:40:11.0908 4600 vds - ok
14:40:11.0930 4600 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
14:40:11.0932 4600 vga - ok
14:40:11.0949 4600 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
14:40:11.0951 4600 VgaSave - ok
14:40:11.0976 4600 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
14:40:11.0979 4600 vhdmp - ok
14:40:12.0018 4600 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
14:40:12.0019 4600 viaide - ok
14:40:12.0038 4600 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
14:40:12.0040 4600 volmgr - ok
14:40:12.0064 4600 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
14:40:12.0070 4600 volmgrx - ok
14:40:12.0097 4600 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
14:40:12.0102 4600 volsnap - ok
14:40:12.0131 4600 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
14:40:12.0135 4600 vsmraid - ok
14:40:12.0202 4600 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
14:40:12.0223 4600 VSS - ok
14:40:12.0254 4600 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
14:40:12.0256 4600 vwifibus - ok
14:40:12.0271 4600 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
14:40:12.0273 4600 vwififlt - ok
14:40:12.0292 4600 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
14:40:12.0293 4600 vwifimp - ok
14:40:12.0338 4600 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
14:40:12.0347 4600 W32Time - ok
14:40:12.0391 4600 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
14:40:12.0392 4600 WacomPen - ok
14:40:12.0415 4600 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
14:40:12.0418 4600 WANARP - ok
14:40:12.0429 4600 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
14:40:12.0431 4600 Wanarpv6 - ok
14:40:12.0494 4600 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
14:40:12.0512 4600 WatAdminSvc - ok
14:40:12.0612 4600 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
14:40:12.0633 4600 wbengine - ok
14:40:12.0672 4600 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
14:40:12.0678 4600 WbioSrvc - ok
14:40:12.0707 4600 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
14:40:12.0716 4600 wcncsvc - ok
14:40:12.0742 4600 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:40:12.0747 4600 WcsPlugInService - ok
14:40:12.0788 4600 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
14:40:12.0790 4600 Wd - ok
14:40:12.0832 4600 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
14:40:12.0841 4600 Wdf01000 - ok
14:40:12.0856 4600 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
14:40:12.0862 4600 WdiServiceHost - ok
14:40:12.0871 4600 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
14:40:12.0877 4600 WdiSystemHost - ok
14:40:12.0922 4600 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
14:40:12.0929 4600 WebClient - ok
14:40:12.0957 4600 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
14:40:12.0964 4600 Wecsvc - ok
14:40:12.0988 4600 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
14:40:12.0993 4600 wercplsupport - ok
14:40:13.0025 4600 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
14:40:13.0030 4600 WerSvc - ok
14:40:13.0062 4600 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
14:40:13.0063 4600 WfpLwf - ok
14:40:13.0080 4600 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
14:40:13.0082 4600 WIMMount - ok
14:40:13.0099 4600 WinDefend - ok
14:40:13.0120 4600 WinHttpAutoProxySvc - ok
14:40:13.0182 4600 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
14:40:13.0185 4600 Winmgmt - ok
14:40:13.0262 4600 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
14:40:13.0288 4600 WinRM - ok
14:40:13.0338 4600 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
14:40:13.0352 4600 Wlansvc - ok
14:40:13.0403 4600 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:40:13.0405 4600 wlcrasvc - ok
14:40:13.0514 4600 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:40:13.0541 4600 wlidsvc - ok
14:40:13.0576 4600 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
14:40:13.0577 4600 WmiAcpi - ok
14:40:13.0615 4600 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
14:40:13.0619 4600 wmiApSrv - ok
14:40:13.0659 4600 WMPNetworkSvc - ok
14:40:13.0689 4600 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
14:40:13.0694 4600 WPCSvc - ok
14:40:13.0714 4600 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
14:40:13.0720 4600 WPDBusEnum - ok
14:40:13.0741 4600 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
14:40:13.0743 4600 ws2ifsl - ok
14:40:13.0768 4600 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
14:40:13.0775 4600 wscsvc - ok
14:40:13.0784 4600 WSearch - ok
14:40:13.0885 4600 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
14:40:13.0916 4600 wuauserv - ok
14:40:13.0947 4600 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
14:40:13.0950 4600 WudfPf - ok
14:40:13.0988 4600 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
14:40:13.0994 4600 wudfsvc - ok
14:40:14.0015 4600 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
14:40:14.0023 4600 WwanSvc - ok
14:40:14.0057 4600 ================ Scan global ===============================
14:40:14.0079 4600 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
14:40:14.0129 4600 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
14:40:14.0146 4600 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
14:40:14.0182 4600 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
14:40:14.0209 4600 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
14:40:14.0217 4600 [Global] - ok
14:40:14.0218 4600 ================ Scan MBR ==================================
14:40:14.0232 4600 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
14:40:14.0524 4600 \Device\Harddisk0\DR0 - ok
14:40:14.0525 4600 ================ Scan VBR ==================================
14:40:14.0541 4600 [ 8260A09DFBE29E60819C0CEF7179B131 ] \Device\Harddisk0\DR0\Partition1
14:40:14.0545 4600 \Device\Harddisk0\DR0\Partition1 - ok
14:40:14.0546 4600 ============================================================
14:40:14.0546 4600 Scan finished
14:40:14.0546 4600 ============================================================
14:40:14.0574 3496 Detected object count: 0
14:40:14.0575 3496 Actual detected object count: 0
14:41:32.0982 2204 Deinitialize success
Satchfan's Avatar
Satchfan Satchfan is offline Satchfan is authorized to help remove malware.
Computer Specs
Malware Removal Specialist with 580 posts.
 
Join Date: Jan 2009
Location: Devon, UK
29-Oct-2012, 10:58 AM #28
Thanks for those.

How are you doing with Rogue Killer?
isasooner's Avatar
isasooner isasooner is offline
Computer Specs
Member with 111 posts.
THREAD STARTER
 
Join Date: Oct 2012
Experience: Intermediate
29-Oct-2012, 05:32 PM #29
roguekiller report
Everything seems to be running faster and smoother but, I still had the adware searchengine come up win I open firefox web browser so I just changed my homepage to another website. My DVD drive is still missing. I could normally locate it in my computer the same place as my hard-drive but it has disappeared and i can't locate it. Do you know how to relocate my DVD drive?
Satchfan's Avatar
Satchfan Satchfan is offline Satchfan is authorized to help remove malware.
Computer Specs
Malware Removal Specialist with 580 posts.
 
Join Date: Jan 2009
Location: Devon, UK
29-Oct-2012, 06:26 PM #30
The Rogue Killer instructions that I sent have still not been followed. Rogue Killer found an important problem and which needs to be fixed.

Please let me know why you are having a problem dealing with this.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑

Content Relevant URLs by vBSEO 3.3.2