Inactive Malware CLTRDA Pop Up

khelms829 · 2012/05/30

[Inactive] Malware CLTRDA Pop Up

I have been getting an IE pop up frequently that has CLTRDA.... I was reading on another thread about someone who was having the same issue and I followed the first step of downloading Combofix and ran it (after I disabled the Malaware and McAfee Antivirus Plus) and I noticed that it did NOT ever disconnect from the Internet... It did its thing and after the first blow box disappeared another poped up and said that further scanning was necesarry.... So I let it continue and then the computer rebooted and after I entered my password I allowed it to do its thing but my McAfree automatically restarted and I hit close and when it poped up again I hit allow.... Then it ran its course and I got the following log:

ComboFix 12-05-30.04 - Kendra Jackson He 05/30/2012 22:40:22.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2008.788 [GMT -4:00]
Running from: c:\users\Kendra Jackson He\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kendra Jackson He\GoToAssistDownloadHelper.exe
c:\windows\dasetup.log
c:\windows\system32\fxsst.dll . . . . Failed to delete
c:\windows\system32\slwga.dll . . . . Failed to delete
c:\windows\system32\srrstr.dll . . . . Failed to delete
c:\windows\system32\systemcpl.dll . . . . Failed to delete
c:\windows\system32\termsrv.dll . . . . Failed to delete
.
.
((((((((((((((((((((((((( Files Created from 2012-04-28 to 2012-05-31 )))))))))))))))))))))))))))))))
.
.
2012-05-31 02:52 . 2012-05-31 02:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-28 20:56 . 2012-05-28 20:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-24 17:15 . 2012-05-24 17:15 -------- d-----w- c:\users\Kendra Jackson He\AppData\Roaming\RealNetworks
2012-05-10 22:46 . 2012-05-10 22:46 -------- d-----w- c:\users\Admin
2012-05-10 20:56 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-10 20:56 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-10 20:56 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-10 20:56 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-10 20:56 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-10 20:56 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-10 20:55 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-10 20:55 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-10 20:55 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-10 20:55 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 20:55 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 20:55 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-10 20:55 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-07 00:08 . 2012-05-07 00:08 -------- d-----w- c:\windows\en
2012-05-07 00:03 . 2012-03-08 22:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-05-07 00:02 . 2012-05-07 00:02 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a74c63e51cd2be401\DSETUP.dll
2012-05-07 00:02 . 2012-05-07 00:02 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a74c63e51cd2be401\DXSETUP.exe
2012-05-07 00:02 . 2012-05-07 00:02 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a74c63e51cd2be401\dsetup32.dll
2012-05-07 00:02 . 2012-05-07 00:02 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a79e07871cd2be402\MeshBetaRemover.exe
2012-05-06 23:17 . 2012-05-06 23:17 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2012-05-06 23:17 . 2012-05-06 23:17 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-05-06 23:17 . 2012-05-06 23:17 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-07 00:12 . 2012-03-31 18:06 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-07 00:12 . 2011-05-13 16:24 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-06 20:47 . 2012-04-22 01:47 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-04 19:56 . 2011-10-15 00:05 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-20 17:11 . 2011-05-15 21:30 162192 ----a-w- c:\windows\system32\mfevtps.exe
2012-03-08 22:50 . 2012-03-08 22:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2012-03-08 22:37 . 2012-03-08 22:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9 "= "c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut "= "c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 50472]
"mcui_exe "= "c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]
"APSDaemon "= "c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"hpqSRMon "= "c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"TkBellExe "= "c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2012-05-06 296056]
"Malwarebytes' Anti-Malware "= "c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=" "
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=" "
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@= "Driver "
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-11 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 257696]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-11 136176]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [2009-03-02 89600]
S2 Agent;Agent;c:\windows\agent_x64.exe [2011-08-24 102912]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 00:12]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-11 17:28]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-11 17:28]
.
2012-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3925237004-2122748687-1299086239-1002Core.job
- c:\users\Kendra Jackson He\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-30 21:30]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3925237004-2122748687-1299086239-1002UA.job
- c:\users\Kendra Jackson He\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-30 21:30]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint "= "c:\program files\DellTPad\Apoint.exe" [2010-04-05 384296]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence "= "c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"SysTrayApp "= "c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs "=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\131364851303039303238343: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\2656C6B696E6E2232663: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\44562637E45647: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\4456661657C6473537964623D213: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\96261686E6: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\C4F65796567437: NameServer = 8.8.8.8,8.8.4.4
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-Neat ADF Scanner 2008 - reg copy HKLM\Software\Wow6432Node\The Neat Company\Neat ADF Scanner 2008 HKCU\Software\The Neat Company\Neat ADF Scanner 2008
Toolbar-Locked - (no file)
AddRemove-RealPlayer 15.0 - c:\program files (x86)\Real\RealPlayer\Update\r1puninst.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3925237004-2122748687-1299086239-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "WindowsLiveMail.Email.1 "
.
[HKEY_USERS\S-1-5-21-3925237004-2122748687-1299086239-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid "= "WindowsLiveMail.VCard.1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Shockwave Flash Object "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@= "0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@= "ShockwaveFlash.ShockwaveFlash.11 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "ShockwaveFlash.ShockwaveFlash "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Macromedia Flash Factory Object "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@= "FlashFactory.FlashFactory.1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "FlashFactory.FlashFactory "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker4 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue "=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-05-30 23:07:36 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-31 03:07
.
Pre-Run: 172,816,592,896 bytes free
Post-Run: 175,739,518,976 bytes free
.
- - End Of File - - 4FDBA19B854164A83D080A8D6BA36A7B

At the top it says that it wasn't able to delete.... So I tried to post on the OP thread, because I am new to this board, and found that I could not so I am coming and starting a new one... What do I need to do from step 1 in order to get my computer cleaned??? Thank you for your assistance and I will follow every direction....

Kendra

I have a Windows 7 operating system

Admin. · 2012/05/31

Hi,

You'll need to post more logs, read this post as indicated at the top of this forum & follow the instructions.

khelms829 · 2012/05/31

Sorry... When I did the intial search and came across the board I had read where it said to follow the instructions above before posting so that is what I did.... HAHA, except it was the instructions for the OP who had already done the steps you referred me to..... So I did them today and here is the information....

Malware Log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7950

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 9.0.8112.16421

10/14/2011 8:19:05 PM
mbam-log-2011-10-14 (20-19-05).txt

Scan type: Quick scan
Objects scanned: 192668
Time elapsed: 5 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

GMER LOG:

"GMER hasn't found any system modification" when I saved the log and opened it it was blank.....

MBRCheck:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-31 17:27:59
-----------------------------
17:27:59.949 OS Version: Windows x64 6.1.7601 Service Pack 1
17:27:59.949 Number of processors: 2 586 0x170A
17:27:59.949 ComputerName: MININT-M9P85CB UserName:
17:28:03.069 Initialize success
17:28:28.060 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:28:28.060 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 238475MB BusType: 3
17:28:28.076 Disk 0 MBR read successfully
17:28:28.076 Disk 0 MBR scan
17:28:28.091 Disk 0 Windows 7 default MBR code
17:28:28.091 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 224472 MB offset 2048
17:28:28.122 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 14001 MB offset 459720704
17:28:28.185 Disk 0 scanning C:\Windows\system32\drivers
17:28:43.334 Service scanning
17:28:58.936 Modules scanning
17:28:58.936 Disk 0 trace - called modules:
17:28:58.952 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:28:58.967 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80025a2060]
17:28:58.967 3 CLASSPNP.SYS[fffff88001d9143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002254050]
17:28:58.983 Scan finished successfully
17:29:50.539 Disk 0 MBR has been saved successfully to "C:\Users\Kendra Jackson He\Desktop\MBR.dat "
17:29:50.539 The log file has been saved successfully to "C:\Users\Kendra Jackson He\Desktop\aswMBR.txt "

DDS:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Kendra Jackson He at 17:31:06 on 2012-05-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2008.868 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\agent_x64.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120430113413.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe "
mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe "
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe "
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851} : DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\131364851303039303238343 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\131364851303039303238343 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\2656C6B696E6E2232663 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\2656C6B696E6E2232663 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\44562637E45647 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\44562637E45647 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\4456661657C6473537964623D213 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\4456661657C6473537964623D213 : DhcpNameServer = 24.178.162.3 97.81.22.195
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\96261686E6 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\96261686E6 : DhcpNameServer = 172.16.2.5 4.2.2.2
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\C4F65796567437 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71559B66-1847-47A9-B9F1-8C1F4EB6E851}\C4F65796567437 : DhcpNameServer = 192.168.2.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120430113413.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe "
mRun-x64: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe "
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe "
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [2011-3-4 89600]
R2 Agent;Agent;C:\Windows\agent_x64.exe [2012-4-4 102912]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-28 654408]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-15 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-15 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-15 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-15 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-5-15 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-5-15 210584]
R2 mfevtp;McAfee Validation Trust Protection Service; "C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-11 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 257696]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-11 136176]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\system32\DRIVERS\lvpopf64.sys --> C:\Windows\system32\DRIVERS\lvpopf64.sys [?]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-05-31 02:57:28 -------- d-----w- C:\$RECYCLE.BIN
2012-05-31 02:37:43 98816 ----a-w- C:\Windows\sed.exe
2012-05-31 02:37:43 518144 ----a-w- C:\Windows\SWREG.exe
2012-05-31 02:37:43 256000 ----a-w- C:\Windows\PEV.exe
2012-05-31 02:37:43 208896 ----a-w- C:\Windows\MBR.exe
2012-05-28 20:56:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-24 17:15:14 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Roaming\RealNetworks
2012-05-24 17:07:53 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Local\{4501CD5E-B6A9-470C-A9F9-DC92BA67910C}
2012-05-24 17:07:35 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Local\{965292B9-2B0F-4493-B764-FCD74D688F69}
2012-05-22 23:12:21 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Local\{E5CB7060-0596-4950-A195-E65334A0AE40}
2012-05-10 20:56:33 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-10 20:56:32 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-10 20:56:25 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-10 20:56:23 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-10 20:56:21 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-10 20:56:20 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-10 20:55:33 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-10 20:55:10 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-10 20:55:03 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-10 20:55:03 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 20:55:02 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 20:55:01 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-10 20:55:01 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-07 16:01:49 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Local\{E954890D-498D-41E2-93E8-06FF156B2BE5}
2012-05-07 16:01:36 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Local\{1BDDCB96-A934-4FD4-B1CF-50E1D5393E6F}
2012-05-07 00:14:20 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Local\{36DF6F6A-731E-4F83-AE19-98AEB6051D41}
2012-05-07 00:13:58 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Local\{A58792D7-9970-45BD-9C5C-E24DD01C6B51}
2012-05-07 00:08:01 -------- d-----w- C:\Windows\en
2012-05-07 00:03:59 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2012-05-07 00:02:12 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a74c63e51cd2be401\DSETUP.dll
2012-05-07 00:02:12 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a74c63e51cd2be401\DXSETUP.exe
2012-05-07 00:02:12 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a74c63e51cd2be401\dsetup32.dll
2012-05-07 00:02:12 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a79e07871cd2be402\MeshBetaRemover.exe
2012-05-06 23:58:26 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Local\{0899E448-A3C4-4D1B-AC6D-EB3F4F3117C6}
2012-05-06 23:45:02 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Local\{5463FF08-6ADE-4F44-8F50-471FE395C4DC}
2012-05-06 23:44:44 -------- d-----w- C:\Users\Kendra Jackson He\AppData\Local\{E61381BC-25A2-43E8-89FD-45E0D1C32012}
2012-05-06 23:17:47 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2012-05-06 23:17:04 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-05-06 23:17:04 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
.
==================== Find3M ====================
.
2012-05-07 00:12:52 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-07 00:12:52 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-06 20:47:16 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-20 17:11:30 162192 ----a-w- C:\Windows\System32\mfevtps.exe
2012-03-08 22:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-03-08 22:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
.
============= FINISH: 17:32:15.94 ===============

ATTACH:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/6/2011 5:23:53 PM
System Uptime: 5/31/2012 4:45:18 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0G848F
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz | Microprocessor | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 219 GiB total, 163.583 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 7.877 GiB free.
E: is CDROM (CDFS)
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP51: 5/6/2012 7:00:45 PM - Windows Backup
RP52: 5/13/2012 7:00:50 PM - Windows Backup
RP53: 5/20/2012 7:03:22 PM - Windows Backup
RP54: 5/28/2012 12:25:09 PM - Windows Backup
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
4500_G510gm_Help_Web
4500G510gm_Software_Min
4500G510gm_web
Adobe AIR
Adobe Photoshop Elements 7.0
Adobe Photoshop.com Inspiration Browser
Adobe Reader X (10.1.0)
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_Scan
Apple Application Support
Apple Software Update
BufferChm
C4100
c4100_Help
CameraHelperMsi
Clone2Go Video Converter Professional 1.9.7
Copy
CyberLink PowerDVD 9.5
D3DX10
Destinations
DeviceDiscovery
DocProc
DV to DVD Converter 1.00
erLT
Fax
FormatFactory 2.60
Free Mp3 Wma Converter V 1.91
Google Chrome
Google Earth
Google Update Helper
GPBaseService2
HP Update
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
LG USB Modem driver
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
McAfee AntiVirus Plus
Mesh Runtime
Messenger Companion
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Neat
Neat Core Files
PhotoshopdotcomInspirationBrowser
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Roxio Burn
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Skype Click to Call
Skypeâ„¢ 5.5
SmartWebPrinting
SolutionCenter
Status
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Messenger
Yahoo! Toolbar
YouTube Downloader 2.7.2
.
==== Event Viewer Messages From Past Week ========
.
5/31/2012 12:06:34 AM, Error: Service Control Manager [7023] - The McAfee VirusScan Announcer service terminated with the following error: Incorrect function.
5/30/2012 10:56:53 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
5/30/2012 10:55:29 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
5/30/2012 10:51:22 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
5/30/2012 10:37:03 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
5/30/2012 10:37:03 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
5/29/2012 6:14:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
5/29/2012 6:14:37 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/29/2012 5:18:51 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
5/29/2012 4:07:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Agent service.
5/29/2012 10:33:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNASvc service.
5/28/2012 3:27:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
5/28/2012 11:14:12 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
5/28/2012 11:14:12 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.
5/27/2012 7:47:37 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
.
==== End Of File ===========================

broni · 2012/05/31

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.

If you're stuck, or you're not sure about certain step, always ask before doing anything else.

Please refrain from running tools or applying updates other than those I suggest.

Never run more than one scan at a time.

Keep updating me regarding your computer behavior, good, or bad.

The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.

If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.

I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=====================================================================

Pleas update MBAM, re-run it in NORMAL mode and post new log.

Next...

Download Bootkit Remover to your desktop.

Unzip downloaded file to your Desktop.

Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).

It will show a Black screen with some data on it.

Right click on the screen and click Select All.

Press CTRL+C

Open a Notepad and press CTRL+V

Post the output back here.

khelms829 · 2012/05/31

MBAM? Malwareabytes AntiMalware?? If so I just downloaded it the day before yesterday and it was running in normal mode, I think? Is this what you are talking about??

broni · 2012/05/31

MBAM = Malwarebytes

Malware Log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7950

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Click to expand...

It doesn't matter when you downloaded it. There are always new definitions to download.

khelms829 · 2012/05/31

I just updated MBAM and ran the scan and below is the log...... How do I check to see what verison I updated to?? Tell me if I am to proceed with the 2nd part of that reply......

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.31.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kendra Jackson He :: MININT-M9P85CB [administrator]

Protection: Enabled

5/31/2012 7:44:45 PM
mbam-log-2012-05-31 (19-44-45).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232474
Time elapsed: 12 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Thanks!!!

broni · 2012/05/31

Download Bootkit Remover to your desktop.

Unzip downloaded file to your Desktop.

Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).

It will show a Black screen with some data on it.

Right click on the screen and click Select All.

Press CTRL+C

Open a Notepad and press CTRL+V

Post the output back here.

khelms829 · 2012/05/31

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Home Premium Edition Service Pack 1 (build 7601)
, 64-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00100000

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Controlled by rootkit!

Boot code on some of your physical disks is hidden by a rootkit.
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]

Done;
Press any key to quit...

broni · 2012/06/01

Download TDSSKiller and save it to your desktop.

Extract (unzip) its contents to your desktop.

Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

If an infected file is detected, the default action will be Cure, click on Continue.

If a suspicious file is detected, the default action will be Skip, click on Continue.

It may ask you to reboot the computer to complete the process. Click on Reboot Now.

If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.

If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

broni · 2012/06/06

Topic reopened.

khelms829 · 2012/06/08

I am now doing the last request... I will post the log asap!! thanks!!

khelms829 · 2012/06/08

12:07:47.0704 1176 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
12:07:49.0201 1176 ============================================================
12:07:49.0201 1176 Current date / time: 2012/06/08 12:07:49.0201
12:07:49.0201 1176 SystemInfo:
12:07:49.0201 1176
12:07:49.0201 1176 OS Version: 6.1.7601 ServicePack: 1.0
12:07:49.0201 1176 Product type: Workstation
12:07:49.0201 1176 ComputerName: MININT-M9P85CB
12:07:49.0201 1176 UserName: Kendra Jackson He
12:07:49.0201 1176 Windows directory: C:\Windows
12:07:49.0201 1176 System windows directory: C:\Windows
12:07:49.0201 1176 Running under WOW64
12:07:49.0201 1176 Processor architecture: Intel x64
12:07:49.0201 1176 Number of processors: 2
12:07:49.0201 1176 Page size: 0x1000
12:07:49.0201 1176 Boot type: Normal boot
12:07:49.0201 1176 ============================================================
12:07:50.0794 1176 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:07:50.0809 1176 ============================================================
12:07:50.0809 1176 \Device\Harddisk0\DR0:
12:07:50.0809 1176 MBR partitions:
12:07:50.0809 1176 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1B66C000
12:07:50.0809 1176 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B66C800, BlocksNum 0x1B58800
12:07:50.0809 1176 ============================================================
12:07:50.0840 1176 C: <-> \Device\Harddisk0\DR0\Partition0
12:07:50.0887 1176 D: <-> \Device\Harddisk0\DR0\Partition1
12:07:50.0887 1176 ============================================================
12:07:50.0887 1176 Initialize success
12:07:50.0887 1176 ============================================================
12:07:53.0539 4412 ============================================================
12:07:53.0539 4412 Scan started
12:07:53.0539 4412 Mode: Manual;
12:07:53.0539 4412 ============================================================
12:07:57.0049 4412 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:07:57.0096 4412 1394ohci - ok
12:07:57.0158 4412 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:07:57.0158 4412 ACPI - ok
12:07:57.0205 4412 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:07:57.0268 4412 AcpiPmi - ok
12:07:57.0439 4412 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
12:07:57.0517 4412 AdobeActiveFileMonitor7.0 - ok
12:07:57.0673 4412 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:07:57.0736 4412 AdobeARMservice - ok

khelms829 · 2012/06/08

12:07:57.0907 4412 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:07:57.0907 4412 AdobeFlashPlayerUpdateSvc - ok
12:07:57.0970 4412 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:07:58.0063 4412 adp94xx - ok
12:07:58.0110 4412 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:07:58.0126 4412 adpahci - ok
12:07:58.0157 4412 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:07:58.0172 4412 adpu320 - ok
12:07:58.0219 4412 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:07:58.0219 4412 AeLookupSvc - ok
12:07:58.0328 4412 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe
12:07:58.0391 4412 AESTFilters - ok
12:07:58.0438 4412 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:07:58.0438 4412 AFD - ok
12:07:58.0500 4412 Agent (6953d8d79a275ead9da145982981236b) C:\Windows\agent_x64.exe
12:07:58.0547 4412 Agent - ok
12:07:58.0594 4412 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:07:58.0609 4412 agp440 - ok
12:07:58.0640 4412 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:07:58.0640 4412 ALG - ok
12:07:58.0687 4412 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:07:58.0687 4412 aliide - ok
12:07:58.0703 4412 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:07:58.0703 4412 amdide - ok
12:07:58.0734 4412 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:07:58.0750 4412 AmdK8 - ok
12:07:58.0750 4412 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:07:58.0750 4412 AmdPPM - ok
12:07:58.0828 4412 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:07:58.0890 4412 amdsata - ok
12:07:58.0937 4412 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:07:58.0937 4412 amdsbs - ok
12:07:58.0968 4412 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:07:59.0015 4412 amdxata - ok
12:07:59.0093 4412 ApfiltrService (98449a2957778a6f025c418438a380f4) C:\Windows\system32\DRIVERS\Apfiltr.sys
12:07:59.0155 4412 ApfiltrService - ok
12:07:59.0202 4412 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:07:59.0249 4412 AppID - ok
12:07:59.0280 4412 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:07:59.0280 4412 AppIDSvc - ok
12:07:59.0342 4412 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:07:59.0389 4412 Appinfo - ok
12:07:59.0530 4412 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:07:59.0608 4412 Apple Mobile Device - ok
12:07:59.0670 4412 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:07:59.0686 4412 arc - ok
12:07:59.0717 4412 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:07:59.0717 4412 arcsas - ok
12:07:59.0748 4412 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:07:59.0748 4412 AsyncMac - ok
12:07:59.0797 4412 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:07:59.0813 4412 atapi - ok
12:07:59.0891 4412 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:07:59.0969 4412 AudioEndpointBuilder - ok
12:08:00.0000 4412 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:08:00.0000 4412 AudioSrv - ok
12:08:00.0078 4412 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:08:00.0130 4412 AxInstSV - ok
12:08:00.0177 4412 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:08:00.0192 4412 b06bdrv - ok
12:08:00.0239 4412 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:08:00.0239 4412 b57nd60a - ok
12:08:00.0382 4412 BCM43XX (6f1bbcc35e33ad4404e0cd782d47caf3) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:08:00.0413 4412 BCM43XX - ok
12:08:00.0507 4412 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:08:00.0522 4412 BDESVC - ok
12:08:00.0600 4412 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:08:00.0616 4412 Beep - ok
12:08:00.0728 4412 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:08:00.0775 4412 BFE - ok
12:08:00.0899 4412 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
12:08:00.0993 4412 BITS - ok
12:08:01.0071 4412 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:08:01.0071 4412 blbdrive - ok
12:08:01.0196 4412 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:08:01.0258 4412 Bonjour Service - ok

khelms829 · 2012/06/08

12:08:01.0305 4412 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:08:01.0352 4412 bowser - ok
12:08:01.0399 4412 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:08:01.0399 4412 BrFiltLo - ok
12:08:01.0414 4412 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:08:01.0414 4412 BrFiltUp - ok
12:08:01.0508 4412 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:08:01.0508 4412 BridgeMP - ok
12:08:01.0570 4412 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:08:01.0617 4412 Browser - ok
12:08:01.0695 4412 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:08:01.0711 4412 Brserid - ok
12:08:01.0711 4412 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:08:01.0726 4412 BrSerWdm - ok
12:08:01.0742 4412 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:08:01.0757 4412 BrUsbMdm - ok
12:08:01.0757 4412 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:08:01.0757 4412 BrUsbSer - ok
12:08:01.0804 4412 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:08:01.0804 4412 BTHMODEM - ok
12:08:01.0867 4412 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:08:01.0882 4412 bthserv - ok
12:08:01.0913 4412 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys
12:08:01.0976 4412 btwavdt - ok
12:08:01.0976 4412 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
12:08:02.0038 4412 btwrchid - ok
12:08:02.0069 4412 catchme - ok
12:08:02.0101 4412 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:08:02.0101 4412 cdfs - ok
12:08:02.0147 4412 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:08:02.0194 4412 cdrom - ok
12:08:02.0241 4412 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:08:02.0272 4412 CertPropSvc - ok
12:08:02.0350 4412 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
12:08:02.0413 4412 cfwids - ok
12:08:02.0444 4412 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:08:02.0444 4412 circlass - ok
12:08:02.0475 4412 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:08:02.0491 4412 CLFS - ok
12:08:02.0569 4412 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:08:02.0584 4412 clr_optimization_v2.0.50727_32 - ok
12:08:02.0709 4412 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:08:02.0709 4412 clr_optimization_v2.0.50727_64 - ok
12:08:02.0787 4412 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:08:02.0849 4412 clr_optimization_v4.0.30319_32 - ok
12:08:02.0974 4412 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:08:03.0021 4412 clr_optimization_v4.0.30319_64 - ok
12:08:03.0068 4412 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:08:03.0068 4412 CmBatt - ok
12:08:03.0099 4412 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:08:03.0099 4412 cmdide - ok
12:08:03.0146 4412 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:08:03.0193 4412 CNG - ok
12:08:03.0255 4412 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:08:03.0255 4412 Compbatt - ok
12:08:03.0302 4412 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:08:03.0349 4412 CompositeBus - ok
12:08:03.0380 4412 COMSysApp - ok
12:08:03.0395 4412 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:08:03.0395 4412 crcdisk - ok
12:08:03.0442 4412 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
12:08:03.0489 4412 CryptSvc - ok
12:08:03.0536 4412 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:08:03.0536 4412 DcomLaunch - ok
12:08:03.0583 4412 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:08:03.0598 4412 defragsvc - ok
12:08:03.0629 4412 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:08:03.0676 4412 DfsC - ok
12:08:03.0723 4412 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:08:03.0770 4412 Dhcp - ok
12:08:03.0801 4412 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:08:03.0817 4412 discache - ok
12:08:03.0848 4412 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:08:03.0848 4412 Disk - ok
12:08:03.0895 4412 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:08:03.0926 4412 Dnscache - ok
12:08:03.0973 4412 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:08:04.0004 4412 dot3svc - ok
12:08:04.0066 4412 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
12:08:04.0066 4412 Dot4 - ok
12:08:04.0129 4412 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:08:04.0175 4412 Dot4Print - ok
12:08:04.0207 4412 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
12:08:04.0207 4412 dot4usb - ok
12:08:04.0285 4412 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:08:04.0285 4412 DPS - ok
12:08:04.0316 4412 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:08:04.0331 4412 drmkaud - ok
12:08:04.0409 4412 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:08:04.0472 4412 DXGKrnl - ok
12:08:04.0534 4412 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:08:04.0534 4412 EapHost - ok
12:08:04.0659 4412 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:08:04.0706 4412 ebdrv - ok

khelms829 · 2012/06/08

12:08:04.0815 4412 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:08:04.0877 4412 EFS - ok
12:08:05.0018 4412 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:08:05.0096 4412 ehRecvr - ok
12:08:05.0143 4412 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:08:05.0143 4412 ehSched - ok
12:08:05.0221 4412 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:08:05.0221 4412 elxstor - ok
12:08:05.0252 4412 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:08:05.0252 4412 ErrDev - ok
12:08:05.0314 4412 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:08:05.0314 4412 EventSystem - ok
12:08:05.0345 4412 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:08:05.0345 4412 exfat - ok
12:08:05.0377 4412 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:08:05.0392 4412 fastfat - ok
12:08:05.0439 4412 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:08:05.0501 4412 Fax - ok
12:08:05.0548 4412 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:08:05.0564 4412 fdc - ok
12:08:05.0611 4412 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:08:05.0611 4412 fdPHost - ok
12:08:05.0642 4412 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:08:05.0642 4412 FDResPub - ok
12:08:05.0657 4412 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:08:05.0657 4412 FileInfo - ok
12:08:05.0673 4412 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:08:05.0673 4412 Filetrace - ok
12:08:05.0782 4412 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:08:05.0860 4412 FLEXnet Licensing Service - ok
12:08:05.0891 4412 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:08:05.0891 4412 flpydisk - ok
12:08:05.0923 4412 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:08:05.0969 4412 FltMgr - ok
12:08:06.0032 4412 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:08:06.0079 4412 FontCache - ok
12:08:06.0172 4412 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:08:06.0250 4412 FontCache3.0.0.0 - ok
12:08:06.0297 4412 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:08:06.0313 4412 FsDepends - ok
12:08:06.0344 4412 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
12:08:06.0406 4412 fssfltr - ok
12:08:06.0562 4412 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:08:06.0656 4412 fsssvc - ok
12:08:06.0749 4412 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:08:06.0812 4412 Fs_Rec - ok
12:08:06.0859 4412 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:08:06.0859 4412 fvevol - ok
12:08:06.0890 4412 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:08:06.0905 4412 gagp30kx - ok
12:08:06.0937 4412 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:08:06.0983 4412 GEARAspiWDM - ok
12:08:07.0046 4412 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:08:07.0093 4412 gpsvc - ok
12:08:07.0233 4412 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:08:07.0233 4412 gupdate - ok
12:08:07.0264 4412 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:08:07.0264 4412 gupdatem - ok
12:08:07.0311 4412 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:08:07.0327 4412 hcw85cir - ok
12:08:07.0358 4412 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:08:07.0358 4412 HDAudBus - ok
12:08:07.0373 4412 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:08:07.0373 4412 HidBatt - ok
12:08:07.0389 4412 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:08:07.0405 4412 HidBth - ok
12:08:07.0405 4412 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:08:07.0405 4412 HidIr - ok
12:08:07.0451 4412 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:08:07.0451 4412 hidserv - ok
12:08:07.0483 4412 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
12:08:07.0529 4412 HidUsb - ok
12:08:07.0561 4412 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:08:07.0592 4412 hkmsvc - ok
12:08:07.0654 4412 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:08:07.0701 4412 HomeGroupListener - ok
12:08:07.0748 4412 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:08:07.0779 4412 HomeGroupProvider - ok
12:08:07.0935 4412 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:08:07.0935 4412 hpqcxs08 - ok
12:08:07.0966 4412 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:08:08.0013 4412 hpqddsvc - ok
12:08:08.0075 4412 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:08:08.0122 4412 HpSAMD - ok
12:08:08.0216 4412 HPSLPSVC (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:08:08.0231 4412 HPSLPSVC - ok
12:08:08.0294 4412 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:08:08.0309 4412 HTTP - ok
12:08:08.0341 4412 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:08:08.0341 4412 hwpolicy - ok
12:08:08.0387 4412 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:08:08.0403 4412 i8042prt - ok
12:08:08.0450 4412 iaStor (4f6fb2cdbdeefc47e7d2066e78254580) C:\Windows\system32\DRIVERS\iaStor.sys
12:08:08.0465 4412 iaStor - ok
12:08:08.0497 4412 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:08:08.0560 4412 iaStorV - ok
12:08:08.0669 4412 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:08:08.0747 4412 idsvc - ok
12:08:08.0997 4412 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:08:09.0153 4412 igfx - ok
12:08:09.0278 4412 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:08:09.0293 4412 iirsp - ok
12:08:09.0356 4412 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:08:09.0402 4412 IKEEXT - ok
12:08:09.0465 4412 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:08:09.0465 4412 intelide - ok
12:08:09.0496 4412 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:08:09.0512 4412 intelppm - ok
12:08:09.0543 4412 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:08:09.0543 4412 IPBusEnum - ok
12:08:09.0591 4412 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:08:09.0637 4412 IpFilterDriver - ok
12:08:09.0684 4412 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
12:08:09.0747 4412 iphlpsvc - ok
12:08:09.0778 4412 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:08:09.0825 4412 IPMIDRV - ok
12:08:09.0856 4412 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:08:09.0856 4412 IPNAT - ok
12:08:09.0934 4412 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
12:08:09.0996 4412 iPod Service - ok
12:08:10.0027 4412 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:08:10.0043 4412 IRENUM - ok
12:08:10.0074 4412 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:08:10.0074 4412 isapnp - ok
12:08:10.0105 4412 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:08:10.0152 4412 iScsiPrt - ok
12:08:10.0183 4412 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:08:10.0183 4412 kbdclass - ok
12:08:10.0230 4412 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:08:10.0293 4412 kbdhid - ok
12:08:10.0308 4412 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:08:10.0308 4412 KeyIso - ok
12:08:10.0339 4412 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:08:10.0371 4412 KSecDD - ok
12:08:10.0386 4412 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:08:10.0449 4412 KSecPkg - ok
12:08:10.0464 4412 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:08:10.0480 4412 ksthunk - ok
12:08:10.0511 4412 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:08:10.0527 4412 KtmRm - ok
12:08:10.0573 4412 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
12:08:10.0606 4412 LanmanServer - ok
12:08:10.0652 4412 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:08:10.0699 4412 LanmanWorkstation - ok
12:08:10.0746 4412 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:08:10.0746 4412 lltdio - ok
12:08:10.0777 4412 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:08:10.0793 4412 lltdsvc - ok
12:08:10.0808 4412 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:08:10.0808 4412 lmhosts - ok
12:08:10.0840 4412 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:08:10.0855 4412 LSI_FC - ok
12:08:10.0871 4412 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:08:10.0886 4412 LSI_SAS - ok
12:08:10.0886 4412 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:08:10.0886 4412 LSI_SAS2 - ok
12:08:10.0902 4412 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:08:10.0902 4412 LSI_SCSI - ok
12:08:10.0949 4412 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:08:10.0949 4412 luafv - ok
12:08:10.0996 4412 lvpopf64 (a014e25d95f7091000b60ff8a1c2e988) C:\Windows\system32\DRIVERS\lvpopf64.sys
12:08:11.0058 4412 lvpopf64 - ok
12:08:11.0105 4412 LVPr2M64 (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
12:08:11.0152 4412 LVPr2M64 - ok
12:08:11.0183 4412 LVPr2Mon (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
12:08:11.0183 4412 LVPr2Mon - ok

khelms829 · 2012/06/08

12:08:11.0245 4412 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
12:08:11.0292 4412 LVRS64 - ok
12:08:11.0479 4412 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
12:08:11.0620 4412 LVUVC64 - ok
12:08:11.0776 4412 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
12:08:11.0838 4412 MBAMProtector - ok
12:08:11.0947 4412 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:08:12.0041 4412 MBAMService - ok
12:08:12.0134 4412 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:08:12.0134 4412 McAfee SiteAdvisor Service - ok
12:08:12.0150 4412 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:08:12.0166 4412 McMPFSvc - ok
12:08:12.0181 4412 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:08:12.0181 4412 mcmscsvc - ok
12:08:12.0197 4412 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:08:12.0197 4412 McNaiAnn - ok
12:08:12.0212 4412 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:08:12.0212 4412 McNASvc - ok
12:08:12.0368 4412 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
12:08:12.0446 4412 McODS - ok
12:08:12.0462 4412 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:08:12.0462 4412 McProxy - ok
12:08:12.0540 4412 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
12:08:12.0587 4412 McShield - ok
12:08:12.0680 4412 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:08:12.0727 4412 Mcx2Svc - ok
12:08:12.0774 4412 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:08:12.0790 4412 megasas - ok
12:08:12.0821 4412 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:08:12.0836 4412 MegaSR - ok
12:08:12.0868 4412 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
12:08:12.0930 4412 mfeapfk - ok
12:08:13.0102 4412 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
12:08:13.0164 4412 mfeavfk - ok
12:08:13.0195 4412 mfeavfk01 - ok
12:08:13.0258 4412 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:08:13.0304 4412 mfefire - ok
12:08:13.0382 4412 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
12:08:13.0429 4412 mfefirek - ok
12:08:13.0507 4412 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
12:08:13.0554 4412 mfehidk - ok
12:08:13.0616 4412 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
12:08:13.0679 4412 mfenlfk - ok
12:08:13.0710 4412 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
12:08:13.0757 4412 mferkdet - ok
12:08:13.0819 4412 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
12:08:13.0882 4412 mfevtp - ok
12:08:13.0960 4412 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
12:08:14.0006 4412 mfewfpk - ok
12:08:14.0038 4412 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:08:14.0038 4412 MMCSS - ok
12:08:14.0069 4412 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:08:14.0069 4412 Modem - ok
12:08:14.0100 4412 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:08:14.0100 4412 monitor - ok
12:08:14.0147 4412 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
12:08:14.0147 4412 mouclass - ok
12:08:14.0162 4412 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:08:14.0178 4412 mouhid - ok
12:08:14.0209 4412 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:08:14.0209 4412 mountmgr - ok
12:08:14.0240 4412 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:08:14.0287 4412 mpio - ok
12:08:14.0318 4412 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:08:14.0334 4412 mpsdrv - ok
12:08:14.0381 4412 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:08:14.0428 4412 MpsSvc - ok
12:08:14.0459 4412 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:08:14.0506 4412 MRxDAV - ok
12:08:14.0552 4412 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:08:14.0662 4412 mrxsmb - ok
12:08:14.0693 4412 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:08:14.0740 4412 mrxsmb10 - ok
12:08:14.0755 4412 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:08:14.0802 4412 mrxsmb20 - ok
12:08:14.0849 4412 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:08:14.0896 4412 msahci - ok
12:08:14.0927 4412 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:08:14.0989 4412 msdsm - ok
12:08:15.0020 4412 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:08:15.0020 4412 MSDTC - ok
12:08:15.0067 4412 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:08:15.0067 4412 Msfs - ok
12:08:15.0083 4412 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:08:15.0083 4412 mshidkmdf - ok
12:08:15.0114 4412 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:08:15.0130 4412 msisadrv - ok
12:08:15.0145 4412 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:08:15.0161 4412 MSiSCSI - ok
12:08:15.0161 4412 msiserver - ok
12:08:15.0208 4412 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:08:15.0208 4412 MSKSSRV - ok
12:08:15.0208 4412 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:08:15.0223 4412 MSPCLOCK - ok
12:08:15.0223 4412 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:08:15.0239 4412 MSPQM - ok
12:08:15.0270 4412 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:08:15.0317 4412 MsRPC - ok
12:08:15.0364 4412 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:08:15.0364 4412 mssmbios - ok
12:08:15.0395 4412 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:08:15.0395 4412 MSTEE - ok
12:08:15.0442 4412 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:08:15.0442 4412 MTConfig - ok
12:08:15.0488 4412 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:08:15.0488 4412 Mup - ok
12:08:15.0535 4412 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:08:15.0551 4412 napagent - ok
12:08:15.0707 4412 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:08:15.0722 4412 NativeWifiP - ok
12:08:15.0785 4412 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:08:15.0800 4412 NDIS - ok
12:08:15.0863 4412 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:08:15.0878 4412 NdisCap - ok
12:08:15.0910 4412 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:08:15.0910 4412 NdisTapi - ok
12:08:15.0941 4412 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:08:15.0988 4412 Ndisuio - ok
12:08:16.0128 4412 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:08:16.0190 4412 NdisWan - ok
12:08:16.0331 4412 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:08:16.0393 4412 NDProxy - ok
12:08:16.0440 4412 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
12:08:16.0487 4412 Net Driver HPZ12 - ok
12:08:16.0534 4412 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:08:16.0549 4412 NetBIOS - ok
12:08:16.0580 4412 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:08:16.0580 4412 NetBT - ok
12:08:16.0627 4412 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:08:16.0627 4412 Netlogon - ok
12:08:16.0674 4412 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:08:16.0674 4412 Netman - ok
12:08:16.0721 4412 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:08:16.0721 4412 netprofm - ok
12:08:16.0799 4412 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:08:16.0799 4412 NetTcpPortSharing - ok
12:08:16.0846 4412 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:08:16.0846 4412 nfrd960 - ok
12:08:16.0924 4412 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:08:16.0986 4412 NlaSvc - ok
12:08:17.0017 4412 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:08:17.0017 4412 Npfs - ok
12:08:17.0048 4412 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:08:17.0048 4412 nsi - ok
12:08:17.0064 4412 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:08:17.0064 4412 nsiproxy - ok
12:08:17.0142 4412 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:08:17.0204 4412 Ntfs - ok
12:08:17.0329 4412 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:08:17.0345 4412 Null - ok
12:08:17.0376 4412 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:08:17.0438 4412 nvraid - ok
12:08:17.0470 4412 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:08:17.0532 4412 nvstor - ok
12:08:17.0563 4412 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:08:17.0563 4412 nv_agp - ok
12:08:17.0704 4412 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:08:17.0782 4412 odserv - ok
12:08:17.0828 4412 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:08:17.0828 4412 ohci1394 - ok
12:08:17.0891 4412 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:08:17.0938 4412 ose - ok
12:08:17.0984 4412 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:08:17.0984 4412 p2pimsvc - ok
12:08:18.0016 4412 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:08:18.0031 4412 p2psvc - ok
12:08:18.0047 4412 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:08:18.0062 4412 Parport - ok
12:08:18.0094 4412 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:08:18.0140 4412 partmgr - ok
12:08:18.0156 4412 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:08:18.0172 4412 PcaSvc - ok
12:08:18.0203 4412 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:08:18.0250 4412 pci - ok
12:08:18.0265 4412 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:08:18.0281 4412 pciide - ok
12:08:18.0296 4412 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:08:18.0312 4412 pcmcia - ok
12:08:18.0328 4412 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:08:18.0328 4412 pcw - ok
12:08:18.0359 4412 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:08:18.0374 4412 PEAUTH - ok
12:08:18.0452 4412 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:08:18.0452 4412 PerfHost - ok
12:08:18.0546 4412 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:08:18.0593 4412 pla - ok
12:08:18.0640 4412 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:08:18.0671 4412 PlugPlay - ok
12:08:18.0749 4412 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
12:08:18.0827 4412 Pml Driver HPZ12 - ok
12:08:18.0858 4412 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:08:18.0874 4412 PNRPAutoReg - ok
12:08:18.0889 4412 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:08:18.0905 4412 PNRPsvc - ok
12:08:18.0936 4412 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:08:18.0983 4412 PolicyAgent - ok
12:08:19.0030 4412 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:08:19.0030 4412 Power - ok
12:08:19.0092 4412 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:08:19.0154 4412 PptpMiniport - ok
12:08:19.0186 4412 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:08:19.0186 4412 Processor - ok
12:08:19.0248 4412 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
12:08:19.0279 4412 ProfSvc - ok
12:08:19.0342 4412 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:08:19.0342 4412 ProtectedStorage - ok
12:08:19.0373 4412 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:08:19.0388 4412 Psched - ok
12:08:19.0435 4412 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
12:08:19.0498 4412 PxHlpa64 - ok
12:08:19.0563 4412 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:08:19.0594 4412 ql2300 - ok
12:08:19.0719 4412 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:08:19.0734 4412 ql40xx - ok
12:08:19.0765 4412 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:08:19.0781 4412 QWAVE - ok
12:08:19.0797 4412 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:08:19.0812 4412 QWAVEdrv - ok
12:08:19.0843 4412 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:08:19.0843 4412 RasAcd - ok
12:08:19.0893 4412 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:08:19.0893 4412 RasAgileVpn - ok
12:08:19.0924 4412 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:08:19.0924 4412 RasAuto - ok
12:08:19.0955 4412 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:08:20.0002 4412 Rasl2tp - ok
12:08:20.0049 4412 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:08:20.0095 4412 RasMan - ok
12:08:20.0127 4412 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:08:20.0142 4412 RasPppoe - ok
12:08:20.0158 4412 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:08:20.0158 4412 RasSstp - ok
12:08:20.0205 4412 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:08:20.0251 4412 rdbss - ok
12:08:20.0267 4412 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:08:20.0283 4412 rdpbus - ok
12:08:20.0298 4412 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:08:20.0298 4412 RDPCDD - ok
12:08:20.0329 4412 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:08:20.0329 4412 RDPENCDD - ok
12:08:20.0345 4412 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:08:20.0345 4412 RDPREFMP - ok
12:08:20.0392 4412 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
12:08:20.0439 4412 RDPWD - ok
12:08:20.0485 4412 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:08:20.0532 4412 rdyboost - ok
12:08:20.0563 4412 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:08:20.0563 4412 RemoteAccess - ok
12:08:20.0610 4412 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:08:20.0610 4412 RemoteRegistry - ok
12:08:20.0626 4412 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:08:20.0641 4412 RpcEptMapper - ok
12:08:20.0673 4412 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:08:20.0673 4412 RpcLocator - ok
12:08:20.0720 4412 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:08:20.0720 4412 RpcSs - ok
12:08:20.0767 4412 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:08:20.0767 4412 rspndr - ok
12:08:20.0814 4412 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
12:08:20.0814 4412 RSUSBSTOR - ok
12:08:20.0845 4412 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:08:20.0845 4412 SamSs - ok
12:08:20.0876 4412 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:08:20.0923 4412 sbp2port - ok
12:08:20.0954 4412 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:08:20.0970 4412 SCardSvr - ok
12:08:21.0001 4412 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:08:21.0079 4412 scfilter - ok
12:08:21.0251 4412 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:08:21.0266 4412 Schedule - ok
12:08:21.0329 4412 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:08:21.0344 4412 SCPolicySvc - ok
12:08:21.0376 4412 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:08:21.0391 4412 SDRSVC - ok
12:08:21.0469 4412 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:08:21.0469 4412 secdrv - ok
12:08:21.0516 4412 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:08:21.0547 4412 seclogon - ok
12:08:21.0594 4412 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:08:21.0594 4412 SENS - ok
12:08:21.0610 4412 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:08:21.0625 4412 SensrSvc - ok
12:08:21.0656 4412 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:08:21.0656 4412 Serenum - ok
12:08:21.0703 4412 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:08:21.0703 4412 Serial - ok
12:08:21.0734 4412 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:08:21.0734 4412 sermouse - ok
12:08:21.0781 4412 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:08:21.0844 4412 SessionEnv - ok
12:08:21.0875 4412 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:08:21.0875 4412 sffdisk - ok
12:08:21.0890 4412 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:08:21.0906 4412 sffp_mmc - ok
12:08:21.0906 4412 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:08:21.0953 4412 sffp_sd - ok
12:08:21.0984 4412 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:08:21.0984 4412 sfloppy - ok
12:08:22.0046 4412 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:08:22.0062 4412 SharedAccess - ok
12:08:22.0109 4412 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:08:22.0140 4412 ShellHWDetection - ok
12:08:22.0156 4412 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:08:22.0171 4412 SiSRaid2 - ok
12:08:22.0202 4412 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:08:22.0202 4412 SiSRaid4 - ok
12:08:22.0234 4412 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:08:22.0234 4412 Smb - ok
12:08:22.0280 4412 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:08:22.0296 4412 SNMPTRAP - ok
12:08:22.0312 4412 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:08:22.0312 4412 spldr - ok
12:08:22.0358 4412 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:08:22.0421 4412 Spooler - ok
12:08:22.0561 4412 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:08:22.0577 4412 sppsvc - ok
12:08:22.0686 4412 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:08:22.0686 4412 sppuinotify - ok
12:08:22.0764 4412 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:08:22.0842 4412 srv - ok
12:08:22.0873 4412 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:08:22.0936 4412 srv2 - ok
12:08:22.0951 4412 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:08:22.0998 4412 srvnet - ok
12:08:23.0029 4412 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:08:23.0045 4412 SSDPSRV - ok
12:08:23.0060 4412 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:08:23.0076 4412 SstpSvc - ok
12:08:23.0170 4412 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
12:08:23.0232 4412 STacSV - ok
12:08:23.0263 4412 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:08:23.0263 4412 stexstor - ok
12:08:23.0326 4412 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
12:08:23.0388 4412 STHDA - ok
12:08:23.0466 4412 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:08:23.0528 4412 stisvc - ok
12:08:23.0560 4412 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:08:23.0560 4412 swenum - ok
12:08:23.0606 4412 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:08:23.0622 4412 swprv - ok
12:08:23.0716 4412 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:08:23.0762 4412 SysMain - ok
12:08:23.0856 4412 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:08:23.0918 4412 TabletInputService - ok
12:08:23.0950 4412 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:08:23.0981 4412 TapiSrv - ok
12:08:24.0028 4412 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:08:24.0028 4412 TBS - ok
12:08:24.0184 4412 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:08:24.0262 4412 Tcpip - ok
12:08:24.0542 4412 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:08:24.0558 4412 TCPIP6 - ok
12:08:24.0683 4412 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:08:24.0745 4412 tcpipreg - ok
12:08:24.0792 4412 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:08:24.0808 4412 TDPIPE - ok
12:08:24.0839 4412 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:08:24.0886 4412 TDTCP - ok
12:08:24.0917 4412 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:08:24.0964 4412 tdx - ok
12:08:24.0979 4412 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:08:25.0026 4412 TermDD - ok
12:08:25.0073 4412 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:08:25.0120 4412 TermService - ok
12:08:25.0151 4412 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:08:25.0151 4412 Themes - ok
12:08:25.0182 4412 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:08:25.0182 4412 THREADORDER - ok
12:08:25.0198 4412 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:08:25.0213 4412 TrkWks - ok
12:08:25.0276 4412 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:08:25.0276 4412 TrustedInstaller - ok
12:08:25.0322 4412 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:08:25.0385 4412 tssecsrv - ok
12:08:25.0447 4412 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:08:25.0510 4412 TsUsbFlt - ok
12:08:25.0572 4412 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:08:25.0619 4412 tunnel - ok
12:08:25.0650 4412 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:08:25.0666 4412 uagp35 - ok
12:08:25.0697 4412 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:08:25.0759 4412 udfs - ok
12:08:25.0806 4412 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:08:25.0806 4412 UI0Detect - ok
12:08:25.0853 4412 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:08:25.0853 4412 uliagpkx - ok
12:08:25.0884 4412 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:08:25.0931 4412 umbus - ok
12:08:25.0978 4412 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:08:25.0978 4412 UmPass - ok
12:08:26.0118 4412 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
12:08:26.0196 4412 UMVPFSrv - ok
12:08:26.0227 4412 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:08:26.0243 4412 upnphost - ok
12:08:26.0274 4412 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
12:08:26.0321 4412 usbaudio - ok
12:08:26.0368 4412 usbbus (5fcc71487888589a9244af54cfefab29) C:\Windows\system32\DRIVERS\lgx64bus.sys
12:08:26.0414 4412 usbbus - ok
12:08:26.0446 4412 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:08:26.0508 4412 usbccgp - ok
12:08:26.0539 4412 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:08:26.0555 4412 usbcir - ok
12:08:26.0602 4412 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\Windows\system32\DRIVERS\lgx64diag.sys
12:08:26.0648 4412 UsbDiag - ok
12:08:26.0664 4412 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:08:26.0711 4412 usbehci - ok
12:08:26.0758 4412 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:08:26.0820 4412 usbhub - ok
12:08:26.0867 4412 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\Windows\system32\DRIVERS\lgx64modem.sys
12:08:26.0914 4412 USBModem - ok
12:08:26.0929 4412 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:08:26.0976 4412 usbohci - ok
12:08:27.0007 4412 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:08:27.0007 4412 usbprint - ok
12:08:27.0054 4412 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:08:27.0054 4412 usbscan - ok
12:08:27.0101 4412 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:08:27.0148 4412 USBSTOR - ok
12:08:27.0163 4412 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:08:27.0226 4412 usbuhci - ok
12:08:27.0241 4412 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:08:27.0241 4412 UxSms - ok
12:08:27.0272 4412 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:08:27.0272 4412 VaultSvc - ok
12:08:27.0304 4412 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:08:27.0319 4412 vdrvroot - ok
12:08:27.0366 4412 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:08:27.0413 4412 vds - ok
12:08:27.0460 4412 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:08:27.0460 4412 vga - ok
12:08:27.0475 4412 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:08:27.0475 4412 VgaSave - ok
12:08:27.0522 4412 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:08:27.0569 4412 vhdmp - ok
12:08:27.0616 4412 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:08:27.0616 4412 viaide - ok
12:08:27.0647 4412 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:08:27.0694 4412 volmgr - ok
12:08:27.0725 4412 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:08:27.0740 4412 volmgrx - ok
12:08:27.0772 4412 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:08:27.0834 4412 volsnap - ok
12:08:27.0881 4412 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:08:27.0896 4412 vsmraid - ok
12:08:27.0959 4412 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:08:28.0021 4412 VSS - ok
12:08:28.0146 4412 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:08:28.0146 4412 vwifibus - ok
12:08:28.0193 4412 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:08:28.0193 4412 vwififlt - ok
12:08:28.0240 4412 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:08:28.0255 4412 W32Time - ok
12:08:28.0302 4412 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:08:28.0318 4412 WacomPen - ok
12:08:28.0364 4412 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:08:28.0427 4412 WANARP - ok
12:08:28.0427 4412 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:08:28.0427 4412 Wanarpv6 - ok
12:08:28.0505 4412 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:08:28.0583 4412 WatAdminSvc - ok
12:08:28.0645 4412 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:08:28.0708 4412 wbengine - ok
12:08:28.0817 4412 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:08:28.0832 4412 WbioSrvc - ok
12:08:28.0879 4412 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:08:28.0942 4412 wcncsvc - ok
12:08:28.0988 4412 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:08:28.0988 4412 WcsPlugInService - ok
12:08:29.0051 4412 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:08:29.0051 4412 Wd - ok
12:08:29.0098 4412 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:08:29.0113 4412 Wdf01000 - ok
12:08:29.0129 4412 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:08:29.0144 4412 WdiServiceHost - ok
12:08:29.0144 4412 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:08:29.0144 4412 WdiSystemHost - ok
12:08:29.0191 4412 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:08:29.0222 4412 WebClient - ok
12:08:29.0332 4412 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:08:29.0347 4412 Wecsvc - ok
12:08:29.0378 4412 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:08:29.0394 4412 wercplsupport - ok
12:08:29.0410 4412 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:08:29.0425 4412 WerSvc - ok
12:08:29.0503 4412 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:08:29.0503 4412 WfpLwf - ok
12:08:29.0534 4412 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:08:29.0534 4412 WIMMount - ok
12:08:29.0581 4412 WinDefend - ok
12:08:29.0597 4412 WinHttpAutoProxySvc - ok
12:08:29.0675 4412 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:08:29.0690 4412 Winmgmt - ok
12:08:29.0800 4412 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:08:29.0862 4412 WinRM - ok
12:08:30.0018 4412 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:08:30.0065 4412 WinUsb - ok
12:08:30.0112 4412 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:08:30.0127 4412 Wlansvc - ok
12:08:30.0221 4412 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:08:30.0268 4412 wlcrasvc - ok
12:08:30.0455 4412 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:08:30.0548 4412 wlidsvc - ok
12:08:30.0660 4412 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:08:30.0660 4412 WmiAcpi - ok
12:08:30.0707 4412 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:08:30.0723 4412 wmiApSrv - ok
12:08:30.0801 4412 WMPNetworkSvc - ok
12:08:30.0832 4412 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:08:30.0847 4412 WPCSvc - ok

khelms829 · 2012/06/08

12:08:30.0879 4412 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:08:30.0925 4412 WPDBusEnum - ok
12:08:30.0941 4412 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:08:30.0941 4412 ws2ifsl - ok
12:08:30.0972 4412 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
12:08:30.0972 4412 wscsvc - ok
12:08:30.0988 4412 WSearch - ok
12:08:31.0097 4412 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
12:08:31.0128 4412 wuauserv - ok
12:08:31.0362 4412 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:08:31.0440 4412 WudfPf - ok
12:08:31.0674 4412 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:08:31.0752 4412 WUDFRd - ok
12:08:32.0392 4412 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:08:32.0454 4412 wudfsvc - ok
12:08:34.0217 4412 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:08:34.0326 4412 WwanSvc - ok
12:08:35.0793 4412 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
12:08:35.0793 4412 yukonw7 - ok
12:08:35.0855 4412 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:08:36.0136 4412 \Device\Harddisk0\DR0 - ok
12:08:36.0136 4412 Boot (0x1200) (5c6cdd4a487d94d99e1bbf23ee10d384) \Device\Harddisk0\DR0\Partition0
12:08:36.0136 4412 \Device\Harddisk0\DR0\Partition0 - ok
12:08:36.0183 4412 Boot (0x1200) (8ebf86568b352f2e3ef90104b6ce0a16) \Device\Harddisk0\DR0\Partition1
12:08:36.0183 4412 \Device\Harddisk0\DR0\Partition1 - ok
12:08:36.0183 4412 ============================================================
12:08:36.0183 4412 Scan finished
12:08:36.0183 4412 ============================================================
12:08:36.0198 2704 Detected object count: 0
12:08:36.0198 2704 Actual detected object count: 0
12:13:18.0175 1176 ============================================================
12:13:18.0175 1176 Scan started
12:13:18.0175 1176 Mode: Manual;
12:13:18.0175 1176 ============================================================
12:13:19.0419 1176 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:13:19.0419 1176 1394ohci - ok
12:13:19.0449 1176 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:13:19.0449 1176 ACPI - ok
12:13:19.0479 1176 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:13:19.0489 1176 AcpiPmi - ok
12:13:19.0619 1176 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
12:13:19.0619 1176 AdobeActiveFileMonitor7.0 - ok
12:13:19.0719 1176 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:13:19.0719 1176 AdobeARMservice - ok
12:13:19.0849 1176 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:13:19.0849 1176 AdobeFlashPlayerUpdateSvc - ok
12:13:19.0909 1176 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:13:19.0909 1176 adp94xx - ok
12:13:19.0939 1176 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:13:19.0939 1176 adpahci - ok
12:13:19.0959 1176 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:13:19.0959 1176 adpu320 - ok
12:13:20.0029 1176 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:13:20.0029 1176 AeLookupSvc - ok
12:13:20.0189 1176 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe
12:13:20.0189 1176 AESTFilters - ok
12:13:20.0241 1176 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:13:20.0241 1176 AFD - ok
12:13:20.0281 1176 Agent (6953d8d79a275ead9da145982981236b) C:\Windows\agent_x64.exe
12:13:20.0281 1176 Agent - ok
12:13:20.0321 1176 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:13:20.0321 1176 agp440 - ok
12:13:20.0351 1176 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:13:20.0351 1176 ALG - ok
12:13:20.0411 1176 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:13:20.0411 1176 aliide - ok
12:13:20.0421 1176 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:13:20.0421 1176 amdide - ok
12:13:20.0451 1176 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:13:20.0451 1176 AmdK8 - ok
12:13:20.0461 1176 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:13:20.0461 1176 AmdPPM - ok
12:13:20.0501 1176 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:13:20.0501 1176 amdsata - ok
12:13:20.0571 1176 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:13:20.0571 1176 amdsbs - ok
12:13:20.0611 1176 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:13:20.0611 1176 amdxata - ok
12:13:20.0651 1176 ApfiltrService (98449a2957778a6f025c418438a380f4) C:\Windows\system32\DRIVERS\Apfiltr.sys
12:13:20.0651 1176 ApfiltrService - ok
12:13:20.0691 1176 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:13:20.0691 1176 AppID - ok
12:13:20.0711 1176 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:13:20.0721 1176 AppIDSvc - ok
12:13:20.0751 1176 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:13:20.0751 1176 Appinfo - ok
12:13:20.0871 1176 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:13:20.0871 1176 Apple Mobile Device - ok
12:13:20.0911 1176 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:13:20.0911 1176 arc - ok
12:13:20.0931 1176 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:13:20.0931 1176 arcsas - ok
12:13:20.0951 1176 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:13:20.0951 1176 AsyncMac - ok
12:13:20.0991 1176 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:13:21.0001 1176 atapi - ok
12:13:21.0081 1176 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:13:21.0091 1176 AudioEndpointBuilder - ok
12:13:21.0111 1176 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:13:21.0111 1176 AudioSrv - ok
12:13:21.0141 1176 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:13:21.0141 1176 AxInstSV - ok
12:13:21.0221 1176 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:13:21.0221 1176 b06bdrv - ok
12:13:21.0241 1176 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:13:21.0241 1176 b57nd60a - ok
12:13:21.0421 1176 BCM43XX (6f1bbcc35e33ad4404e0cd782d47caf3) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:13:21.0441 1176 BCM43XX - ok
12:13:21.0521 1176 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:13:21.0531 1176 BDESVC - ok
12:13:21.0581 1176 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:13:21.0581 1176 Beep - ok
12:13:21.0671 1176 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:13:21.0681 1176 BFE - ok
12:13:21.0743 1176 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
12:13:21.0753 1176 BITS - ok
12:13:21.0793 1176 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:13:21.0793 1176 blbdrive - ok
12:13:21.0903 1176 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:13:21.0913 1176 Bonjour Service - ok
12:13:21.0943 1176 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:13:21.0943 1176 bowser - ok
12:13:21.0973 1176 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:13:21.0973 1176 BrFiltLo - ok
12:13:21.0983 1176 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:13:21.0983 1176 BrFiltUp - ok
12:13:21.0993 1176 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:13:21.0993 1176 BridgeMP - ok
12:13:22.0033 1176 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:13:22.0043 1176 Browser - ok
12:13:22.0123 1176 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:13:22.0123 1176 Brserid - ok
12:13:22.0143 1176 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:13:22.0143 1176 BrSerWdm - ok
12:13:22.0163 1176 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:13:22.0163 1176 BrUsbMdm - ok
12:13:22.0173 1176 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:13:22.0173 1176 BrUsbSer - ok
12:13:22.0183 1176 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:13:22.0193 1176 BTHMODEM - ok
12:13:22.0223 1176 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:13:22.0223 1176 bthserv - ok
12:13:22.0253 1176 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys
12:13:22.0253 1176 btwavdt - ok
12:13:22.0273 1176 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
12:13:22.0273 1176 btwrchid - ok
12:13:22.0283 1176 catchme - ok
12:13:22.0322 1176 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:13:22.0323 1176 cdfs - ok
12:13:22.0345 1176 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:13:22.0355 1176 cdrom - ok
12:13:22.0385 1176 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:13:22.0385 1176 CertPropSvc - ok
12:13:22.0445 1176 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
12:13:22.0445 1176 cfwids - ok
12:13:22.0475 1176 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:13:22.0475 1176 circlass - ok
12:13:22.0543 1176 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:13:22.0546 1176 CLFS - ok
12:13:22.0647 1176 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:13:22.0647 1176 clr_optimization_v2.0.50727_32 - ok
12:13:22.0747 1176 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:13:22.0747 1176 clr_optimization_v2.0.50727_64 - ok
12:13:22.0797 1176 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:13:22.0807 1176 clr_optimization_v4.0.30319_32 - ok
12:13:22.0847 1176 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:13:22.0847 1176 clr_optimization_v4.0.30319_64 - ok
12:13:22.0887 1176 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:13:22.0897 1176 CmBatt - ok
12:13:22.0927 1176 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:13:22.0927 1176 cmdide - ok
12:13:22.0977 1176 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:13:22.0987 1176 CNG - ok
12:13:23.0027 1176 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:13:23.0027 1176 Compbatt - ok
12:13:23.0057 1176 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:13:23.0067 1176 CompositeBus - ok
12:13:23.0077 1176 COMSysApp - ok
12:13:23.0116 1176 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:13:23.0117 1176 crcdisk - ok
12:13:23.0139 1176 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
12:13:23.0139 1176 CryptSvc - ok
12:13:23.0199 1176 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:13:23.0199 1176 DcomLaunch - ok
12:13:23.0239 1176 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:13:23.0239 1176 defragsvc - ok
12:13:23.0289 1176 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:13:23.0299 1176 DfsC - ok
12:13:23.0329 1176 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:13:23.0329 1176 Dhcp - ok
12:13:23.0359 1176 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:13:23.0359 1176 discache - ok
12:13:23.0369 1176 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:13:23.0369 1176 Disk - ok
12:13:23.0419 1176 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:13:23.0419 1176 Dnscache - ok
12:13:23.0459 1176 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:13:23.0459 1176 dot3svc - ok
12:13:23.0509 1176 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
12:13:23.0509 1176 Dot4 - ok
12:13:23.0549 1176 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:13:23.0549 1176 Dot4Print - ok
12:13:23.0559 1176 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
12:13:23.0559 1176 dot4usb - ok
12:13:23.0599 1176 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:13:23.0599 1176 DPS - ok
12:13:23.0629 1176 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:13:23.0629 1176 drmkaud - ok
12:13:23.0679 1176 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:13:23.0679 1176 DXGKrnl - ok
12:13:23.0709 1176 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:13:23.0709 1176 EapHost - ok
12:13:24.0039 1176 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:13:24.0059 1176 ebdrv - ok
12:13:24.0172 1176 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:13:24.0172 1176 EFS - ok
12:13:24.0292 1176 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:13:24.0302 1176 ehRecvr - ok
12:13:24.0402 1176 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:13:24.0412 1176 ehSched - ok
12:13:24.0482 1176 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:13:24.0482 1176 elxstor - ok
12:13:24.0512 1176 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:13:24.0512 1176 ErrDev - ok
12:13:24.0562 1176 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:13:24.0562 1176 EventSystem - ok
12:13:24.0602 1176 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:13:24.0602 1176 exfat - ok
12:13:24.0652 1176 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:13:24.0652 1176 fastfat - ok
12:13:24.0702 1176 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:13:24.0712 1176 Fax - ok
12:13:24.0742 1176 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:13:24.0742 1176 fdc - ok
12:13:24.0772 1176 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:13:24.0772 1176 fdPHost - ok
12:13:24.0822 1176 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:13:24.0822 1176 FDResPub - ok
12:13:24.0832 1176 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:13:24.0832 1176 FileInfo - ok
12:13:24.0852 1176 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:13:24.0852 1176 Filetrace - ok
12:13:24.0932 1176 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:13:24.0932 1176 FLEXnet Licensing Service - ok
12:13:24.0962 1176 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:13:24.0962 1176 flpydisk - ok
12:13:25.0022 1176 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:13:25.0022 1176 FltMgr - ok
12:13:25.0092 1176 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:13:25.0102 1176 FontCache - ok
12:13:25.0202 1176 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:13:25.0202 1176 FontCache3.0.0.0 - ok
12:13:25.0302 1176 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:13:25.0302 1176 FsDepends - ok
12:13:25.0322 1176 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
12:13:25.0332 1176 fssfltr - ok
12:13:25.0552 1176 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:13:25.0572 1176 fsssvc - ok
12:13:25.0704 1176 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:13:25.0704 1176 Fs_Rec - ok
12:13:25.0744 1176 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:13:25.0744 1176 fvevol - ok
12:13:25.0784 1176 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:13:25.0794 1176 gagp30kx - ok
12:13:25.0854 1176 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:13:25.0854 1176 GEARAspiWDM - ok
12:13:25.0914 1176 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:13:25.0924 1176 gpsvc - ok
12:13:26.0004 1176 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:13:26.0004 1176 gupdate - ok
12:13:26.0014 1176 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:13:26.0014 1176 gupdatem - ok
12:13:26.0034 1176 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:13:26.0034 1176 hcw85cir - ok
12:13:26.0064 1176 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:13:26.0074 1176 HDAudBus - ok
12:13:26.0144 1176 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:13:26.0144 1176 HidBatt - ok
12:13:26.0154 1176 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:13:26.0154 1176 HidBth - ok
12:13:26.0184 1176 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:13:26.0184 1176 HidIr - ok
12:13:26.0224 1176 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:13:26.0224 1176 hidserv - ok
12:13:26.0254 1176 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
12:13:26.0254 1176 HidUsb - ok
12:13:26.0294 1176 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:13:26.0304 1176 hkmsvc - ok
12:13:26.0364 1176 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:13:26.0364 1176 HomeGroupListener - ok
12:13:26.0414 1176 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:13:26.0414 1176 HomeGroupProvider - ok
12:13:26.0524 1176 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:13:26.0524 1176 hpqcxs08 - ok
12:13:26.0554 1176 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:13:26.0554 1176 hpqddsvc - ok
12:13:26.0594 1176 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:13:26.0594 1176 HpSAMD - ok
12:13:26.0694 1176 HPSLPSVC (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:13:26.0704 1176 HPSLPSVC - ok
12:13:26.0774 1176 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:13:26.0784 1176 HTTP - ok
12:13:26.0864 1176 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:13:26.0864 1176 hwpolicy - ok
12:13:26.0924 1176 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:13:26.0924 1176 i8042prt - ok
12:13:26.0974 1176 iaStor (4f6fb2cdbdeefc47e7d2066e78254580) C:\Windows\system32\DRIVERS\iaStor.sys

khelms829 · 2012/06/08

12:13:26.0984 1176 iaStor - ok
12:13:27.0044 1176 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:13:27.0054 1176 iaStorV - ok
12:13:27.0214 1176 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:13:27.0214 1176 idsvc - ok
12:13:27.0594 1176 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:13:27.0644 1176 igfx - ok
12:13:27.0834 1176 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:13:27.0844 1176 iirsp - ok
12:13:27.0884 1176 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:13:27.0894 1176 IKEEXT - ok
12:13:27.0924 1176 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:13:27.0934 1176 intelide - ok
12:13:27.0994 1176 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:13:27.0994 1176 intelppm - ok
12:13:28.0024 1176 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:13:28.0034 1176 IPBusEnum - ok
12:13:28.0064 1176 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:13:28.0064 1176 IpFilterDriver - ok
12:13:28.0114 1176 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
12:13:28.0114 1176 iphlpsvc - ok
12:13:28.0154 1176 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:13:28.0154 1176 IPMIDRV - ok
12:13:28.0244 1176 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:13:28.0244 1176 IPNAT - ok
12:13:28.0354 1176 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
12:13:28.0364 1176 iPod Service - ok
12:13:28.0384 1176 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:13:28.0394 1176 IRENUM - ok
12:13:28.0424 1176 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:13:28.0424 1176 isapnp - ok
12:13:28.0454 1176 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:13:28.0454 1176 iScsiPrt - ok
12:13:28.0484 1176 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:13:28.0484 1176 kbdclass - ok
12:13:28.0514 1176 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:13:28.0524 1176 kbdhid - ok
12:13:28.0554 1176 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:13:28.0554 1176 KeyIso - ok
12:13:28.0604 1176 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:13:28.0604 1176 KSecDD - ok
12:13:28.0624 1176 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:13:28.0624 1176 KSecPkg - ok
12:13:28.0654 1176 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:13:28.0654 1176 ksthunk - ok
12:13:28.0704 1176 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:13:28.0704 1176 KtmRm - ok
12:13:28.0754 1176 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
12:13:28.0764 1176 LanmanServer - ok
12:13:28.0804 1176 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:13:28.0804 1176 LanmanWorkstation - ok
12:13:28.0824 1176 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:13:28.0824 1176 lltdio - ok
12:13:28.0864 1176 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:13:28.0864 1176 lltdsvc - ok
12:13:28.0914 1176 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:13:28.0914 1176 lmhosts - ok
12:13:28.0944 1176 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:13:28.0954 1176 LSI_FC - ok
12:13:28.0974 1176 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:13:28.0984 1176 LSI_SAS - ok
12:13:28.0994 1176 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:13:28.0994 1176 LSI_SAS2 - ok
12:13:29.0004 1176 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:13:29.0004 1176 LSI_SCSI - ok
12:13:29.0024 1176 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:13:29.0024 1176 luafv - ok
12:13:29.0054 1176 lvpopf64 (a014e25d95f7091000b60ff8a1c2e988) C:\Windows\system32\DRIVERS\lvpopf64.sys
12:13:29.0054 1176 lvpopf64 - ok
12:13:29.0084 1176 LVPr2M64 (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
12:13:29.0084 1176 LVPr2M64 - ok
12:13:29.0094 1176 LVPr2Mon (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
12:13:29.0094 1176 LVPr2Mon - ok
12:13:29.0174 1176 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
12:13:29.0174 1176 LVRS64 - ok
12:13:29.0354 1176 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
12:13:29.0384 1176 LVUVC64 - ok
12:13:29.0496 1176 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
12:13:29.0496 1176 MBAMProtector - ok
12:13:29.0586 1176 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:13:29.0596 1176 MBAMService - ok
12:13:29.0736 1176 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:13:29.0736 1176 McAfee SiteAdvisor Service - ok
12:13:29.0736 1176 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:13:29.0746 1176 McMPFSvc - ok
12:13:29.0746 1176 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:13:29.0756 1176 mcmscsvc - ok
12:13:29.0756 1176 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:13:29.0756 1176 McNaiAnn - ok
12:13:29.0766 1176 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:13:29.0776 1176 McNASvc - ok
12:13:29.0936 1176 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
12:13:29.0936 1176 McODS - ok
12:13:29.0946 1176 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:13:29.0956 1176 McProxy - ok
12:13:30.0016 1176 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
12:13:30.0026 1176 McShield - ok
12:13:30.0166 1176 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:13:30.0166 1176 Mcx2Svc - ok
12:13:30.0226 1176 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:13:30.0226 1176 megasas - ok
12:13:30.0246 1176 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:13:30.0246 1176 MegaSR - ok
12:13:30.0276 1176 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
12:13:30.0286 1176 mfeapfk - ok
12:13:30.0336 1176 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
12:13:30.0336 1176 mfeavfk - ok
12:13:30.0336 1176 mfeavfk01 - ok
12:13:30.0376 1176 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:13:30.0376 1176 mfefire - ok
12:13:30.0416 1176 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
12:13:30.0416 1176 mfefirek - ok
12:13:30.0476 1176 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
12:13:30.0486 1176 mfehidk - ok
12:13:30.0526 1176 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
12:13:30.0526 1176 mfenlfk - ok
12:13:30.0556 1176 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
12:13:30.0556 1176 mferkdet - ok
12:13:30.0626 1176 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
12:13:30.0636 1176 mfevtp - ok
12:13:30.0676 1176 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
12:13:30.0686 1176 mfewfpk - ok
12:13:30.0726 1176 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:13:30.0726 1176 MMCSS - ok
12:13:30.0756 1176 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:13:30.0756 1176 Modem - ok
12:13:30.0777 1176 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:13:30.0777 1176 monitor - ok
12:13:30.0807 1176 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
12:13:30.0807 1176 mouclass - ok
12:13:30.0817 1176 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:13:30.0817 1176 mouhid - ok
12:13:30.0887 1176 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:13:30.0887 1176 mountmgr - ok
12:13:30.0917 1176 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:13:30.0927 1176 mpio - ok
12:13:30.0957 1176 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:13:30.0957 1176 mpsdrv - ok
12:13:31.0047 1176 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:13:31.0057 1176 MpsSvc - ok
12:13:31.0107 1176 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:13:31.0117 1176 MRxDAV - ok
12:13:31.0177 1176 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:13:31.0177 1176 mrxsmb - ok
12:13:31.0227 1176 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:13:31.0227 1176 mrxsmb10 - ok
12:13:31.0247 1176 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:13:31.0247 1176 mrxsmb20 - ok
12:13:31.0287 1176 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:13:31.0287 1176 msahci - ok
12:13:31.0327 1176 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:13:31.0327 1176 msdsm - ok
12:13:31.0367 1176 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:13:31.0367 1176 MSDTC - ok
12:13:31.0429 1176 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:13:31.0429 1176 Msfs - ok
12:13:31.0449 1176 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:13:31.0449 1176 mshidkmdf - ok
12:13:31.0489 1176 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:13:31.0489 1176 msisadrv - ok
12:13:31.0509 1176 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:13:31.0509 1176 MSiSCSI - ok
12:13:31.0519 1176 msiserver - ok
12:13:31.0539 1176 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:13:31.0539 1176 MSKSSRV - ok
12:13:31.0539 1176 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:13:31.0549 1176 MSPCLOCK - ok
12:13:31.0549 1176 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:13:31.0549 1176 MSPQM - ok
12:13:31.0609 1176 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:13:31.0609 1176 MsRPC - ok
12:13:31.0649 1176 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:13:31.0649 1176 mssmbios - ok
12:13:31.0669 1176 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:13:31.0669 1176 MSTEE - ok
12:13:31.0699 1176 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:13:31.0699 1176 MTConfig - ok
12:13:31.0729 1176 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:13:31.0739 1176 Mup - ok
12:13:31.0819 1176 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:13:31.0829 1176 napagent - ok
12:13:31.0859 1176 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:13:31.0859 1176 NativeWifiP - ok
12:13:31.0919 1176 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:13:31.0929 1176 NDIS - ok
12:13:31.0949 1176 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:13:31.0949 1176 NdisCap - ok
12:13:31.0979 1176 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:13:31.0979 1176 NdisTapi - ok
12:13:32.0039 1176 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:13:32.0039 1176 Ndisuio - ok
12:13:32.0089 1176 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:13:32.0089 1176 NdisWan - ok
12:13:32.0119 1176 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:13:32.0119 1176 NDProxy - ok
12:13:32.0159 1176 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
12:13:32.0159 1176 Net Driver HPZ12 - ok
12:13:32.0199 1176 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:13:32.0199 1176 NetBIOS - ok
12:13:32.0229 1176 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:13:32.0239 1176 NetBT - ok
12:13:32.0289 1176 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:13:32.0289 1176 Netlogon - ok
12:13:32.0339 1176 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:13:32.0349 1176 Netman - ok
12:13:32.0379 1176 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:13:32.0379 1176 netprofm - ok
12:13:32.0459 1176 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:13:32.0459 1176 NetTcpPortSharing - ok
12:13:32.0541 1176 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:13:32.0541 1176 nfrd960 - ok
12:13:32.0601 1176 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:13:32.0601 1176 NlaSvc - ok
12:13:32.0621 1176 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:13:32.0631 1176 Npfs - ok
12:13:32.0681 1176 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:13:32.0681 1176 nsi - ok
12:13:32.0711 1176 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:13:32.0711 1176 nsiproxy - ok
12:13:32.0801 1176 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:13:32.0811 1176 Ntfs - ok
12:13:32.0971 1176 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:13:32.0971 1176 Null - ok
12:13:33.0021 1176 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:13:33.0021 1176 nvraid - ok
12:13:33.0051 1176 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:13:33.0051 1176 nvstor - ok
12:13:33.0111 1176 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:13:33.0121 1176 nv_agp - ok
12:13:33.0261 1176 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:13:33.0271 1176 odserv - ok
12:13:33.0320 1176 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:13:33.0323 1176 ohci1394 - ok
12:13:33.0353 1176 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:13:33.0363 1176 ose - ok
12:13:33.0423 1176 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:13:33.0423 1176 p2pimsvc - ok
12:13:33.0443 1176 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:13:33.0453 1176 p2psvc - ok
12:13:33.0473 1176 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:13:33.0473 1176 Parport - ok
12:13:33.0513 1176 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:13:33.0513 1176 partmgr - ok
12:13:33.0593 1176 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:13:33.0593 1176 PcaSvc - ok
12:13:33.0633 1176 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:13:33.0633 1176 pci - ok
12:13:33.0653 1176 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:13:33.0663 1176 pciide - ok
12:13:33.0733 1176 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:13:33.0733 1176 pcmcia - ok
12:13:33.0753 1176 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:13:33.0753 1176 pcw - ok
12:13:33.0793 1176 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:13:33.0793 1176 PEAUTH - ok
12:13:33.0853 1176 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:13:33.0863 1176 PerfHost - ok
12:13:34.0005 1176 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:13:34.0015 1176 pla - ok
12:13:34.0065 1176 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:13:34.0065 1176 PlugPlay - ok
12:13:34.0115 1176 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
12:13:34.0115 1176 Pml Driver HPZ12 - ok
12:13:34.0245 1176 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:13:34.0255 1176 PNRPAutoReg - ok
12:13:34.0305 1176 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:13:34.0305 1176 PNRPsvc - ok
12:13:34.0355 1176 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:13:34.0365 1176 PolicyAgent - ok
12:13:34.0425 1176 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:13:34.0435 1176 Power - ok
12:13:34.0495 1176 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:13:34.0495 1176 PptpMiniport - ok
12:13:34.0515 1176 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:13:34.0525 1176 Processor - ok
12:13:34.0585 1176 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
12:13:34.0595 1176 ProfSvc - ok
12:13:34.0625 1176 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:13:34.0625 1176 ProtectedStorage - ok
12:13:34.0655 1176 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:13:34.0655 1176 Psched - ok
12:13:34.0685 1176 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
12:13:34.0685 1176 PxHlpa64 - ok
12:13:34.0745 1176 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:13:34.0755 1176 ql2300 - ok
12:13:34.0915 1176 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:13:34.0915 1176 ql40xx - ok
12:13:34.0955 1176 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:13:34.0955 1176 QWAVE - ok
12:13:34.0975 1176 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:13:34.0975 1176 QWAVEdrv - ok
12:13:35.0015 1176 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:13:35.0015 1176 RasAcd - ok
12:13:35.0055 1176 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:13:35.0065 1176 RasAgileVpn - ok
12:13:35.0115 1176 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:13:35.0125 1176 RasAuto - ok
12:13:35.0155 1176 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:13:35.0155 1176 Rasl2tp - ok
12:13:35.0215 1176 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:13:35.0225 1176 RasMan - ok
12:13:35.0245 1176 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:13:35.0255 1176 RasPppoe - ok
12:13:35.0265 1176 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:13:35.0265 1176 RasSstp - ok
12:13:35.0315 1176 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:13:35.0315 1176 rdbss - ok
12:13:35.0355 1176 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:13:35.0365 1176 rdpbus - ok
12:13:35.0405 1176 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:13:35.0405 1176 RDPCDD - ok
12:13:35.0455 1176 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:13:35.0455 1176 RDPENCDD - ok
12:13:35.0505 1176 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:13:35.0505 1176 RDPREFMP - ok
12:13:35.0545 1176 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
12:13:35.0555 1176 RDPWD - ok
12:13:35.0595 1176 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:13:35.0595 1176 rdyboost - ok
12:13:35.0625 1176 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:13:35.0625 1176 RemoteAccess - ok
12:13:35.0655 1176 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:13:35.0665 1176 RemoteRegistry - ok
12:13:35.0695 1176 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:13:35.0695 1176 RpcEptMapper - ok
12:13:35.0723 1176 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:13:35.0725 1176 RpcLocator - ok
12:13:35.0767 1176 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:13:35.0767 1176 RpcSs - ok
12:13:35.0807 1176 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:13:35.0807 1176 rspndr - ok
12:13:35.0877 1176 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
12:13:35.0877 1176 RSUSBSTOR - ok
12:13:35.0917 1176 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:13:35.0917 1176 SamSs - ok
12:13:35.0937 1176 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:13:35.0937 1176 sbp2port - ok
12:13:35.0977 1176 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:13:35.0977 1176 SCardSvr - ok
12:13:36.0047 1176 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:13:36.0112 1176 scfilter - ok
12:13:36.0189 1176 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:13:36.0199 1176 Schedule - ok
12:13:36.0319 1176 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:13:36.0319 1176 SCPolicySvc - ok
12:13:36.0339 1176 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:13:36.0349 1176 SDRSVC - ok
12:13:36.0459 1176 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:13:36.0459 1176 secdrv - ok
12:13:36.0529 1176 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:13:36.0529 1176 seclogon - ok
12:13:36.0559 1176 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:13:36.0559 1176 SENS - ok
12:13:36.0589 1176 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:13:36.0589 1176 SensrSvc - ok
12:13:36.0619 1176 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:13:36.0619 1176 Serenum - ok
12:13:36.0659 1176 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:13:36.0659 1176 Serial - ok
12:13:36.0699 1176 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:13:36.0699 1176 sermouse - ok
12:13:36.0781 1176 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:13:36.0781 1176 SessionEnv - ok
12:13:36.0811 1176 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:13:36.0811 1176 sffdisk - ok
12:13:36.0821 1176 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:13:36.0831 1176 sffp_mmc - ok
12:13:36.0831 1176 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:13:36.0831 1176 sffp_sd - ok
12:13:36.0881 1176 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:13:36.0891 1176 sfloppy - ok
12:13:36.0921 1176 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:13:36.0931 1176 SharedAccess - ok
12:13:36.0971 1176 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:13:36.0971 1176 ShellHWDetection - ok
12:13:37.0001 1176 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:13:37.0001 1176 SiSRaid2 - ok
12:13:37.0031 1176 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:13:37.0031 1176 SiSRaid4 - ok
12:13:37.0041 1176 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:13:37.0051 1176 Smb - ok
12:13:37.0101 1176 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:13:37.0111 1176 SNMPTRAP - ok
12:13:37.0151 1176 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:13:37.0151 1176 spldr - ok
12:13:37.0201 1176 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:13:37.0201 1176 Spooler - ok
12:13:37.0331 1176 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:13:37.0421 1176 sppsvc - ok
12:13:37.0511 1176 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:13:37.0511 1176 sppuinotify - ok
12:13:37.0581 1176 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:13:37.0581 1176 srv - ok
12:13:37.0611 1176 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:13:37.0611 1176 srv2 - ok
12:13:37.0641 1176 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:13:37.0641 1176 srvnet - ok
12:13:37.0671 1176 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:13:37.0671 1176 SSDPSRV - ok
12:13:37.0691 1176 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:13:37.0701 1176 SstpSvc - ok
12:13:37.0821 1176 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
12:13:37.0821 1176 STacSV - ok
12:13:37.0841 1176 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:13:37.0851 1176 stexstor - ok
12:13:37.0881 1176 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
12:13:37.0891 1176 STHDA - ok
12:13:37.0941 1176 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:13:37.0951 1176 stisvc - ok
12:13:37.0981 1176 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:13:37.0981 1176 swenum - ok
12:13:38.0021 1176 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:13:38.0031 1176 swprv - ok
12:13:38.0111 1176 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:13:38.0121 1176 SysMain - ok
12:13:38.0231 1176 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:13:38.0231 1176 TabletInputService - ok
12:13:38.0261 1176 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:13:38.0261 1176 TapiSrv - ok
12:13:38.0301 1176 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:13:38.0301 1176 TBS - ok
12:13:38.0411 1176 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:13:38.0431 1176 Tcpip - ok
12:13:38.0661 1176 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:13:38.0671 1176 TCPIP6 - ok
12:13:38.0811 1176 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:13:38.0811 1176 tcpipreg - ok
12:13:38.0841 1176 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:13:38.0841 1176 TDPIPE - ok
12:13:38.0881 1176 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:13:38.0881 1176 TDTCP - ok
12:13:38.0911 1176 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:13:38.0911 1176 tdx - ok
12:13:38.0941 1176 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:13:38.0941 1176 TermDD - ok
12:13:38.0991 1176 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:13:39.0001 1176 TermService - ok
12:13:39.0021 1176 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:13:39.0031 1176 Themes - ok
12:13:39.0061 1176 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:13:39.0061 1176 THREADORDER - ok
12:13:39.0091 1176 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:13:39.0091 1176 TrkWks - ok
12:13:39.0151 1176 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:13:39.0161 1176 TrustedInstaller - ok
12:13:39.0201 1176 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:13:39.0201 1176 tssecsrv - ok
12:13:39.0231 1176 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:13:39.0231 1176 TsUsbFlt - ok
12:13:39.0261 1176 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:13:39.0261 1176 tunnel - ok
12:13:39.0291 1176 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:13:39.0301 1176 uagp35 - ok
12:13:39.0341 1176 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:13:39.0341 1176 udfs - ok
12:13:39.0371 1176 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:13:39.0381 1176 UI0Detect - ok
12:13:39.0411 1176 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:13:39.0421 1176 uliagpkx - ok
12:13:39.0441 1176 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:13:39.0441 1176 umbus - ok
12:13:39.0471 1176 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:13:39.0471 1176 UmPass - ok
12:13:39.0621 1176 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
12:13:39.0621 1176 UMVPFSrv - ok
12:13:39.0671 1176 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:13:39.0671 1176 upnphost - ok
12:13:39.0711 1176 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
12:13:39.0711 1176 usbaudio - ok
12:13:39.0741 1176 usbbus (5fcc71487888589a9244af54cfefab29) C:\Windows\system32\DRIVERS\lgx64bus.sys
12:13:39.0741 1176 usbbus - ok
12:13:39.0771 1176 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:13:39.0771 1176 usbccgp - ok
12:13:39.0821 1176 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:13:39.0821 1176 usbcir - ok
12:13:39.0851 1176 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\Windows\system32\DRIVERS\lgx64diag.sys
12:13:39.0851 1176 UsbDiag - ok
12:13:39.0871 1176 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:13:39.0871 1176 usbehci - ok
12:13:39.0901 1176 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:13:39.0911 1176 usbhub - ok
12:13:39.0951 1176 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\Windows\system32\DRIVERS\lgx64modem.sys
12:13:39.0951 1176 USBModem - ok
12:13:39.0991 1176 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:13:39.0991 1176 usbohci - ok
12:13:40.0031 1176 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:13:40.0031 1176 usbprint - ok
12:13:40.0061 1176 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:13:40.0061 1176 usbscan - ok
12:13:40.0091 1176 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:13:40.0101 1176 USBSTOR - ok
12:13:40.0111 1176 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:13:40.0111 1176 usbuhci - ok
12:13:40.0141 1176 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:13:40.0141 1176 UxSms - ok
12:13:40.0191 1176 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:13:40.0191 1176 VaultSvc - ok
12:13:40.0201 1176 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:13:40.0201 1176 vdrvroot - ok
12:13:40.0271 1176 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:13:40.0271 1176 vds - ok
12:13:40.0291 1176 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:13:40.0301 1176 vga - ok
12:13:40.0321 1176 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:13:40.0321 1176 VgaSave - ok
12:13:40.0351 1176 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:13:40.0351 1176 vhdmp - ok
12:13:40.0381 1176 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:13:40.0391 1176 viaide - ok
12:13:40.0411 1176 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:13:40.0411 1176 volmgr - ok
12:13:40.0451 1176 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:13:40.0461 1176 volmgrx - ok
12:13:40.0491 1176 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:13:40.0491 1176 volsnap - ok
12:13:40.0531 1176 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:13:40.0531 1176 vsmraid - ok
12:13:40.0601 1176 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:13:40.0611 1176 VSS - ok
12:13:40.0721 1176 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:13:40.0721 1176 vwifibus - ok
12:13:40.0731 1176 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:13:40.0731 1176 vwififlt - ok
12:13:40.0771 1176 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:13:40.0771 1176 W32Time - ok
12:13:40.0801 1176 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:13:40.0801 1176 WacomPen - ok
12:13:40.0831 1176 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:13:40.0831 1176 WANARP - ok
12:13:40.0841 1176 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:13:40.0841 1176 Wanarpv6 - ok
12:13:40.0921 1176 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:13:40.0931 1176 WatAdminSvc - ok
12:13:41.0011 1176 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:13:41.0021 1176 wbengine - ok
12:13:41.0111 1176 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:13:41.0111 1176 WbioSrvc - ok
12:13:41.0161 1176 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:13:41.0171 1176 wcncsvc - ok
12:13:41.0233 1176 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:13:41.0233 1176 WcsPlugInService - ok
12:13:41.0313 1176 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:13:41.0313 1176 Wd - ok
12:13:41.0343 1176 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:13:41.0353 1176 Wdf01000 - ok
12:13:41.0363 1176 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:13:41.0373 1176 WdiServiceHost - ok
12:13:41.0383 1176 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:13:41.0383 1176 WdiSystemHost - ok
12:13:41.0423 1176 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:13:41.0433 1176 WebClient - ok
12:13:41.0463 1176 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:13:41.0463 1176 Wecsvc - ok
12:13:41.0483 1176 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:13:41.0493 1176 wercplsupport - ok
12:13:41.0512 1176 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:13:41.0515 1176 WerSvc - ok
12:13:41.0575 1176 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:13:41.0575 1176 WfpLwf - ok
12:13:41.0605 1176 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:13:41.0605 1176 WIMMount - ok
12:13:41.0655 1176 WinDefend - ok
12:13:41.0675 1176 WinHttpAutoProxySvc - ok
12:13:41.0747 1176 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:13:41.0747 1176 Winmgmt - ok
12:13:41.0897 1176 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:13:41.0907 1176 WinRM - ok
12:13:42.0027 1176 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:13:42.0027 1176 WinUsb - ok
12:13:42.0077 1176 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:13:42.0087 1176 Wlansvc - ok
12:13:42.0157 1176 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:13:42.0167 1176 wlcrasvc - ok
12:13:42.0417 1176 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:13:42.0437 1176 wlidsvc - ok
12:13:42.0537 1176 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:13:42.0537 1176 WmiAcpi - ok
12:13:42.0597 1176 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:13:42.0597 1176 wmiApSrv - ok
12:13:42.0647 1176 WMPNetworkSvc - ok
12:13:42.0687 1176 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:13:42.0697 1176 WPCSvc - ok
12:13:42.0737 1176 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:13:42.0737 1176 WPDBusEnum - ok
12:13:42.0757 1176 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:13:42.0767 1176 ws2ifsl - ok
12:13:42.0787 1176 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
12:13:42.0787 1176 wscsvc - ok
12:13:42.0797 1176 WSearch - ok
12:13:42.0897 1176 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
12:13:42.0917 1176 wuauserv - ok
12:13:43.0017 1176 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:13:43.0027 1176 WudfPf - ok
12:13:43.0037 1176 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:13:43.0037 1176 WUDFRd - ok
12:13:43.0077 1176 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:13:43.0077 1176 wudfsvc - ok
12:13:43.0117 1176 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:13:43.0117 1176 WwanSvc - ok
12:13:43.0157 1176 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
12:13:43.0167 1176 yukonw7 - ok
12:13:43.0197 1176 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:13:43.0387 1176 \Device\Harddisk0\DR0 - ok
12:13:43.0397 1176 Boot (0x1200) (5c6cdd4a487d94d99e1bbf23ee10d384) \Device\Harddisk0\DR0\Partition0
12:13:43.0397 1176 \Device\Harddisk0\DR0\Partition0 - ok
12:13:43.0437 1176 Boot (0x1200) (8ebf86568b352f2e3ef90104b6ce0a16) \Device\Harddisk0\DR0\Partition1
12:13:43.0437 1176 \Device\Harddisk0\DR0\Partition1 - ok
12:13:43.0437 1176 ============================================================
12:13:43.0437 1176 Scan finished
12:13:43.0437 1176 ============================================================
12:13:43.0447 4484 Detected object count: 0
12:13:43.0447 4484 Actual detected object count: 0

broni · 2012/06/08

Download the FixTDSS.exe

Save the file to your Windows desktop.
Close all running programs.
If you are running Windows XP, turn off System Restore. How to turn off or turn on Windows XP System Restore
Double-click the FixTDSS.exe file to start the removal tool.
Click Start to begin the process, and then allow the tool to run.
OK any security prompts.
Restart the computer when prompted by the tool.
After the computer has started, the tool will inform you of the state of infection (make sure to let me know what it said)
If you are running Windows XP, re-enable System Restore.

Log in or Sign up

Inactive Malware CLTRDA Pop Up

khelms829 Inactive Thread Starter

Admin. Administrator Administrator Staff

khelms829 Inactive Thread Starter

broni Moderator Malware Analyst

khelms829 Inactive Thread Starter

broni Moderator Malware Analyst

khelms829 Inactive Thread Starter

broni Moderator Malware Analyst

khelms829 Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Inactive Malware CLTRDA Pop Up

khelms829 Inactive Thread Starter

Admin. Administrator Administrator Staff

khelms829 Inactive Thread Starter

broni Moderator Malware Analyst

khelms829 Inactive Thread Starter

broni Moderator Malware Analyst

khelms829 Inactive Thread Starter

broni Moderator Malware Analyst

khelms829 Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

khelms829 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches