Dropper.generic

**fireman4it** · 07-15-2012 05:08 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding

With Regards,
fireman4it

**cabelm1** · 07-15-2012 07:47 PM

Here is the log:

C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====

**fireman4it** · 07-15-2012 08:26 PM

Hello,

Now that we have those files replace and deleted we can move on with other tools.

1.
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.
If TDSSKiller does not run, try renaming it.
To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
Click the Start Scan button.
Do not use the computer during the scan
If the scan completes with nothing found, click Close to exit.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C.
Copy and paste the contents of that file in your next reply.

2.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2

Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
Close any open windows, including this one.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
If you did not have it installed, you will see the prompt below. Choose YES.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Things to include in your next reply::
TDssKiller log
Combofix.txt
How is your machine running now?

**cabelm1** · 07-17-2012 02:10 PM

Here is the new log and sorry for late reply I was very busy recently.

C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====

**fireman4it** · 07-17-2012 02:45 PM

Hello,

You gave me the fixlog again. I need the TdssKiller log and the Combofix.txt log

**cabelm1** · 07-17-2012 03:17 PM

Ohh sorry, I didnt realise there was a second page, my bad, I will post all the results soon

**cabelm1** · 07-17-2012 08:12 PM

Here is the Combofix Log:
ComboFix 12-07-16.01 - Dawid 2012-07-17 20:32:11.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.48.1045.18.4094.2473 [GMT 1:00]
Uruchomiony z: c:\users\Dawid\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Dawid\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\odbcad32.exe
c:\windows\SysWow64\tmpE540.tmp
c:\windows\SysWow64\tmpE551.tmp
.
Zainfekowana kopia c:\windows\System32\msinfo32.exe została znaleziona. Problem naprawiono
Plik odzyskano z - c:\windows\winsxs\amd64_microsoft-windows-msinfo32-exe-common_31bf3856ad364e35_6.1.7601.17514_none_e46b048a01806891\msinfo32.exe
.
.
((((((((((((((((((((((((( Pliki utworzone od 2012-06-17 do 2012-07-17 )))))))))))))))))))))))))))))))
.
.
2012-07-17 19:53 . 2012-07-17 19:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-17 19:53 . 2012-07-17 19:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-12 21:37 . 2012-07-12 21:37 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-07-12 21:37 . 2012-07-12 21:37 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-07-12 00:43 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 15:53 . 2012-07-11 15:53 -------- d-----w- C:\FRST
2012-07-11 10:31 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 10:31 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 10:31 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-11 10:31 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 10:31 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-11 10:31 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-10 19:54 . 2012-07-10 19:54 -------- d-----w- C:\Upload
2012-07-10 19:53 . 2012-07-10 20:06 -------- d-----w- C:\AllShare Play
2012-07-10 19:53 . 2012-07-10 19:53 -------- d-----w- c:\program files\jre
2012-07-10 19:53 . 2012-07-13 12:34 -------- d-----w- c:\program files\Samsung
2012-07-10 19:53 . 2012-07-10 19:53 -------- d--h--w- c:\program files\Zero G Registry
2012-07-10 19:53 . 2012-07-10 19:53 -------- d--h--w- c:\users\Dawid\InstallAnywhere
2012-07-09 00:25 . 2012-07-09 00:25 -------- d-----w- c:\users\Dawid\AppData\Roaming\Malwarebytes
2012-07-09 00:25 . 2012-07-09 00:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-09 00:25 . 2012-07-09 00:25 -------- d-----w- c:\programdata\Malwarebytes
2012-07-09 00:25 . 2012-04-04 14:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-09 00:10 . 2012-07-09 00:10 -------- d-----w- c:\program files (x86)\ToniArts
2012-07-09 00:10 . 2012-07-09 00:10 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-07-09 00:10 . 2012-07-09 00:10 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-07-09 00:10 . 2003-11-10 17:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-07-09 00:10 . 2003-11-10 17:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-07-09 00:10 . 2003-11-10 17:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-07-09 00:10 . 2003-11-10 17:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-07-09 00:10 . 2003-11-10 17:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-07-09 00:09 . 2012-07-09 00:09 -------- d-----w- c:\program files (x86)\Trend Micro
2012-07-08 23:55 . 2012-07-08 23:55 62976 ----a-w- c:\windows\SysWow64\PxSecure.dll
2012-07-08 23:55 . 2012-07-08 23:55 65736 ----a-w- c:\windows\system32\drivers\pxrts.sys
2012-07-08 23:55 . 2012-07-08 23:55 36384 ----a-w- c:\windows\system32\drivers\pxscan.sys
2012-07-08 23:55 . 2012-07-08 23:55 24024 ----a-w- c:\windows\system32\drivers\pxkbf.sys
2012-07-08 23:55 . 2012-07-08 23:55 -------- d-----w- c:\program files\Prevx
2012-07-08 23:55 . 2012-07-17 19:22 -------- d-----w- c:\programdata\PrevxCSI
2012-07-08 10:09 . 2012-07-08 10:09 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-07-02 18:58 . 2012-07-02 18:58 -------- d-----w- c:\program files (x86)\YouTube Downloader Toolbar
2012-07-02 18:58 . 2012-07-02 18:58 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2012-07-02 18:58 . 2012-07-02 18:58 -------- d-----w- c:\program files (x86)\Application Updater
2012-06-28 10:31 . 2012-06-28 10:31 -------- d-----w- c:\windows\en
2012-06-28 10:30 . 2012-06-28 10:30 -------- d-----w- c:\windows\pl
2012-06-28 10:28 . 2012-06-28 10:28 -------- d-----w- c:\program files\Windows Live
2012-06-23 13:21 . 2012-06-23 13:21 -------- d-----w- c:\users\Dawid\AppData\Local\Macromedia
2012-06-22 12:00 . 2012-06-22 12:00 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\acd3d0c91cd506e01\DSETUP.dll
2012-06-22 12:00 . 2012-06-22 12:00 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\acd3d0c91cd506e01\DXSETUP.exe
2012-06-22 12:00 . 2012-06-22 12:00 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\acd3d0c91cd506e01\dsetup32.dll
2012-06-21 10:14 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 10:14 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 10:14 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 10:14 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 10:14 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 10:14 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 10:14 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 10:13 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 10:13 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-08 09:59 . 2012-04-01 09:25 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-08 09:59 . 2011-06-09 19:41 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-29 07:38 . 2012-05-23 17:49 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-05-23 17:50 . 2012-05-18 13:54 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-05-23 17:49 . 2012-05-23 17:49 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-05-23 17:49 . 2012-05-23 17:49 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-05-23 17:49 . 2012-06-04 08:25 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-05-21 02:09 . 2012-06-04 08:26 203320 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-05-21 02:09 . 2012-06-04 08:26 99384 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-05-04 11:06 . 2012-06-13 12:59 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 12:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 12:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 12:59 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 05:32 . 2012-06-13 12:58 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-04-28 03:55 . 2012-06-13 12:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 12:59 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 12:59 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 12:59 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 12:58 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 12:58 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 12:58 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 12:58 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 12:58 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 12:58 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-05-30 21432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TV Card Remote Control Device Monitor"="c:\windows\713xRMT.exe" [2008-06-17 466944]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-02 1987976]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-05-30 3521464]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-06-27 1090440]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
Kreator menedżera zawartości dla PlayStation(R).lnk - c:\program files (x86)\Sony\Content Manager Assistant\CMA.exe [2012-1-26 2520504]
TV Expert Schedule Agent.lnk - c:\program files (x86)\TV Expert\ADTVScheduleAgent.exe [2011-6-13 32256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Usługa Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14 136176]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-05-21 99384]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-14 1431888]
R3 GES_CoreDriver;GES_CoreDriver;c:\windows\system32\drivers\GES_CoreDriver.sys [2011-11-19 259080]
R3 gupdatem;Usługa Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-12 113120]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-05-21 203320]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-06-12 1255736]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
S0 pxscan;pxscan;c:\windows\System32\drivers\pxscan.sys [2012-07-08 36384]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-12 283200]
S1 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [2012-07-08 65736]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AntUpdaterService;Ant Toolbar updater service;c:\program files (x86)\Ant.com\IE add-on\AntUpdaterService.exe [2011-06-29 520216]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-06-27 791488]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 CSIScanner;CSIScanner;c:\program files\Prevx\prevx.exe [2012-07-08 6724632]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-02 2343816]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-04-03 382272]
S3 3xHybr64;SAA713x TV Card Service;c:\windows\system32\DRIVERS\3xHybr64.sys [2010-12-01 1425920]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys [2012-04-03 398656]
S3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys [2012-07-08 24024]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
S3 SaiK0CEA;SaiK0CEA;c:\windows\system32\DRIVERS\SaiK0CEA.sys [2008-04-04 129024]
S3 SaiU0CEA;SaiU0CEA;c:\windows\system32\DRIVERS\SaiU0CEA.sys [2008-04-04 34432]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 09:14 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14 23:41]
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14 23:41]
.
2012-07-17 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-07-14 09:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2008-09-09 6477344]
"Skytel"="Skytel.exe" [2008-09-09 1833504]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Skan uzupełniający -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\0gvrsulb.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - wp.pl
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - prefs.js: network.proxy.type - 0
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
AddRemove-MinecraftCrack1.0 - c:\minecraftcrack\uninstall.exe
AddRemove-Test Drive Unlimited 2_is1 - c:\program files (x86)\Atari\TDU2\Uninstall\unins000.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1687463245-3712307744-3469026734-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1687463245-3712307744-3469026734-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
.
**************************************************************************
.
Czas ukończenia: 2012-07-17 21:20:04 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2012-07-17 20:19
.
Przed: 19*163*414*528 bajtów wolnych
Po: 26*517*614*592 bajtów wolnych
.
- - End Of File - - B7AC186FEBC76ECE88016569745193DA

**cabelm1** · 07-17-2012 08:12 PM

Here is the log from TDSSK:20:17:50.0929 14652 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
20:17:51.0039 14652 ============================================================
20:17:51.0039 14652 Current date / time: 2012/07/17 20:17:51.0039
20:17:51.0039 14652 SystemInfo:
20:17:51.0039 14652
20:17:51.0039 14652 OS Version: 6.1.7601 ServicePack: 1.0
20:17:51.0039 14652 Product type: Workstation
20:17:51.0039 14652 ComputerName: DAWID-KOMPUTER
20:17:51.0039 14652 UserName: Dawid
20:17:51.0039 14652 Windows directory: C:\Windows
20:17:51.0039 14652 System windows directory: C:\Windows
20:17:51.0039 14652 Running under WOW64
20:17:51.0039 14652 Processor architecture: Intel x64
20:17:51.0039 14652 Number of processors: 4
20:17:51.0039 14652 Page size: 0x1000
20:17:51.0039 14652 Boot type: Normal boot
20:17:51.0039 14652 ============================================================
20:17:52.0833 14652 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:17:52.0848 14652 Drive \Device\Harddisk1\DR1 - Size: 0x12A1E0DE00 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2861, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
20:17:52.0864 14652 ============================================================
20:17:52.0864 14652 \Device\Harddisk0\DR0:
20:17:52.0864 14652 MBR partitions:
20:17:52.0864 14652 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
20:17:52.0864 14652 \Device\Harddisk1\DR1:
20:17:52.0864 14652 MBR partitions:
20:17:52.0864 14652 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
20:17:52.0864 14652 ============================================================
20:17:52.0879 14652 C: <-> \Device\Harddisk1\DR1\Partition0
20:17:52.0895 14652 B: <-> \Device\Harddisk0\DR0\Partition0
20:17:52.0895 14652 ============================================================
20:17:52.0895 14652 Initialize success
20:17:52.0895 14652 ============================================================
20:17:54.0681 18548 ============================================================
20:17:54.0681 18548 Scan started
20:17:54.0681 18548 Mode: Manual;
20:17:54.0681 18548 ============================================================
20:17:55.0611 18548 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:17:55.0611 18548 1394ohci - ok
20:17:55.0881 18548 3xHybr64 (4d90fce4ad1b94cd44b77f75683ee6d4) C:\Windows\system32\DRIVERS\3xHybr64.sys
20:17:55.0911 18548 3xHybr64 - ok
20:17:56.0091 18548 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:17:56.0091 18548 ACPI - ok
20:17:56.0151 18548 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:17:56.0151 18548 AcpiPmi - ok
20:17:56.0261 18548 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:17:56.0261 18548 AdobeARMservice - ok
20:17:56.0341 18548 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:17:56.0341 18548 adp94xx - ok
20:17:56.0391 18548 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:17:56.0401 18548 adpahci - ok
20:17:56.0431 18548 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:17:56.0431 18548 adpu320 - ok
20:17:56.0471 18548 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:17:56.0471 18548 AeLookupSvc - ok
20:17:56.0561 18548 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:17:56.0571 18548 AFD - ok
20:17:56.0641 18548 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:17:56.0641 18548 agp440 - ok
20:17:56.0841 18548 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:17:56.0871 18548 ALG - ok
20:17:56.0891 18548 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:17:56.0891 18548 aliide - ok
20:17:56.0911 18548 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:17:56.0921 18548 amdide - ok
20:17:56.0961 18548 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:17:56.0961 18548 AmdK8 - ok
20:17:56.0971 18548 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:17:56.0971 18548 AmdPPM - ok
20:17:57.0051 18548 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:17:57.0051 18548 amdsata - ok
20:17:57.0081 18548 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:17:57.0091 18548 amdsbs - ok
20:17:57.0102 18548 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:17:57.0102 18548 amdxata - ok
20:17:57.0277 18548 AntUpdaterService (c710b5d634dccf966661939193175de4) C:\Program Files (x86)\Ant.com\IE add-on\AntUpdaterService.exe
20:17:57.0324 18548 AntUpdaterService - ok
20:17:57.0386 18548 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:17:57.0386 18548 AppID - ok
20:17:57.0433 18548 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:17:57.0433 18548 AppIDSvc - ok
20:17:57.0496 18548 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:17:57.0496 18548 Appinfo - ok
20:17:57.0636 18548 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:17:57.0636 18548 Apple Mobile Device - ok
20:17:57.0854 18548 Application Updater (b4a30f0a7494cdbec73f6bd30fb619d9) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
20:17:57.0870 18548 Application Updater - ok
20:17:57.0917 18548 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
20:17:57.0932 18548 AppMgmt - ok
20:17:57.0979 18548 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:17:57.0995 18548 arc - ok
20:17:58.0010 18548 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:17:58.0010 18548 arcsas - ok
20:17:58.0198 18548 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:17:58.0229 18548 aspnet_state - ok
20:17:58.0291 18548 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:17:58.0291 18548 AsyncMac - ok
20:17:58.0338 18548 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:17:58.0338 18548 atapi - ok
20:17:58.0416 18548 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:17:58.0432 18548 AudioEndpointBuilder - ok
20:17:58.0447 18548 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:17:58.0447 18548 AudioSrv - ok
20:17:58.0962 18548 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
20:17:59.0071 18548 AVGIDSAgent - ok
20:17:59.0258 18548 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
20:17:59.0258 18548 AVGIDSDriver - ok
20:17:59.0305 18548 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
20:17:59.0305 18548 AVGIDSFilter - ok
20:17:59.0368 18548 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
20:17:59.0368 18548 AVGIDSHA - ok
20:17:59.0430 18548 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
20:17:59.0430 18548 Avgldx64 - ok
20:17:59.0461 18548 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
20:17:59.0461 18548 Avgmfx64 - ok
20:17:59.0539 18548 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
20:17:59.0539 18548 Avgrkx64 - ok
20:17:59.0570 18548 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
20:17:59.0586 18548 Avgtdia - ok
20:17:59.0742 18548 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
20:17:59.0758 18548 avgwd - ok
20:17:59.0836 18548 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:17:59.0836 18548 AxInstSV - ok
20:17:59.0914 18548 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:17:59.0914 18548 b06bdrv - ok
20:17:59.0960 18548 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:17:59.0960 18548 b57nd60a - ok
20:18:00.0007 18548 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:18:00.0023 18548 BDESVC - ok
20:18:00.0023 18548 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:18:00.0023 18548 Beep - ok
20:18:00.0132 18548 BITCOMET_HELPER_SERVICE - ok
20:18:00.0243 18548 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:18:00.0263 18548 BITS - ok
20:18:00.0313 18548 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:18:00.0313 18548 blbdrive - ok
20:18:00.0463 18548 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
20:18:00.0463 18548 Bonjour Service - ok
20:18:00.0523 18548 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:18:00.0523 18548 bowser - ok
20:18:00.0543 18548 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:18:00.0543 18548 BrFiltLo - ok
20:18:00.0563 18548 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:18:00.0563 18548 BrFiltUp - ok
20:18:00.0613 18548 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:18:00.0613 18548 Browser - ok
20:18:00.0703 18548 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:18:00.0703 18548 Brserid - ok
20:18:00.0733 18548 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:18:00.0733 18548 BrSerWdm - ok
20:18:00.0743 18548 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:18:00.0743 18548 BrUsbMdm - ok
20:18:00.0753 18548 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:18:00.0753 18548 BrUsbSer - ok
20:18:00.0813 18548 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
20:18:00.0813 18548 BthEnum - ok
20:18:00.0833 18548 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:18:00.0833 18548 BTHMODEM - ok
20:18:00.0883 18548 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:18:00.0883 18548 BthPan - ok
20:18:00.0983 18548 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
20:18:00.0993 18548 BTHPORT - ok
20:18:01.0033 18548 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:18:01.0033 18548 bthserv - ok
20:18:01.0053 18548 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
20:18:01.0063 18548 BTHUSB - ok
20:18:01.0103 18548 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:18:01.0103 18548 cdfs - ok
20:18:01.0174 18548 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:18:01.0174 18548 cdrom - ok
20:18:01.0244 18548 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:18:01.0244 18548 CertPropSvc - ok
20:18:01.0294 18548 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:18:01.0304 18548 circlass - ok
20:18:01.0384 18548 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:18:01.0384 18548 CLFS - ok
20:18:01.0464 18548 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:18:01.0464 18548 clr_optimization_v2.0.50727_32 - ok
20:18:01.0524 18548 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:18:01.0534 18548 clr_optimization_v2.0.50727_64 - ok
20:18:01.0704 18548 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:18:01.0754 18548 clr_optimization_v4.0.30319_32 - ok
20:18:01.0814 18548 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:18:01.0814 18548 clr_optimization_v4.0.30319_64 - ok
20:18:01.0844 18548 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:18:01.0844 18548 CmBatt - ok
20:18:01.0904 18548 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:18:01.0904 18548 cmdide - ok
20:18:01.0964 18548 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
20:18:01.0974 18548 CNG - ok
20:18:01.0984 18548 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:18:01.0984 18548 Compbatt - ok
20:18:02.0044 18548 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:18:02.0044 18548 CompositeBus - ok
20:18:02.0054 18548 COMSysApp - ok
20:18:02.0074 18548 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:18:02.0074 18548 crcdisk - ok
20:18:02.0134 18548 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
20:18:02.0134 18548 CryptSvc - ok
20:18:02.0204 18548 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
20:18:02.0214 18548 CSC - ok
20:18:02.0240 18548 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
20:18:02.0255 18548 CscService - ok
20:18:02.0552 18548 CSIScanner (4f6b3fa5177fac806626b58ee1818996) C:\Program Files\Prevx\prevx.exe
20:18:02.0583 18548 CSIScanner - ok
20:18:02.0731 18548 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:18:02.0741 18548 DcomLaunch - ok
20:18:02.0781 18548 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:18:02.0791 18548 defragsvc - ok
20:18:02.0881 18548 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:18:02.0881 18548 DfsC - ok
20:18:02.0941 18548 dg_ssudbus (6060106ce00f32f63f1a73160e46e9d2) C:\Windows\system32\DRIVERS\ssudbus.sys
20:18:02.0951 18548 dg_ssudbus - ok
20:18:03.0051 18548 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:18:03.0051 18548 Dhcp - ok
20:18:03.0091 18548 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:18:03.0091 18548 discache - ok
20:18:03.0121 18548 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:18:03.0121 18548 Disk - ok
20:18:03.0181 18548 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:18:03.0181 18548 Dnscache - ok
20:18:03.0251 18548 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:18:03.0261 18548 dot3svc - ok
20:18:03.0321 18548 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:18:03.0321 18548 DPS - ok
20:18:03.0381 18548 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:18:03.0381 18548 drmkaud - ok
20:18:03.0471 18548 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:18:03.0471 18548 dtsoftbus01 - ok
20:18:03.0591 18548 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:18:03.0601 18548 DXGKrnl - ok
20:18:03.0641 18548 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:18:03.0651 18548 EapHost - ok
20:18:03.0881 18548 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:18:03.0931 18548 ebdrv - ok
20:18:04.0081 18548 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:18:04.0091 18548 EFS - ok
20:18:04.0191 18548 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:18:04.0201 18548 ehRecvr - ok
20:18:04.0231 18548 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:18:04.0231 18548 ehSched - ok
20:18:04.0331 18548 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:18:04.0341 18548 elxstor - ok
20:18:04.0391 18548 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:18:04.0391 18548 ErrDev - ok
20:18:04.0461 18548 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:18:04.0461 18548 EventSystem - ok
20:18:04.0501 18548 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:18:04.0501 18548 exfat - ok
20:18:04.0531 18548 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:18:04.0541 18548 fastfat - ok
20:18:05.0105 18548 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:18:05.0121 18548 Fax - ok
20:18:05.0137 18548 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:18:05.0152 18548 fdc - ok
20:18:05.0183 18548 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:18:05.0183 18548 fdPHost - ok
20:18:05.0199 18548 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:18:05.0199 18548 FDResPub - ok
20:18:05.0230 18548 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:18:05.0230 18548 FileInfo - ok
20:18:05.0246 18548 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:18:05.0246 18548 Filetrace - ok
20:18:05.0386 18548 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
20:18:05.0402 18548 FLEXnet Licensing Service 64 - ok
20:18:05.0542 18548 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:18:05.0542 18548 flpydisk - ok
20:18:05.0605 18548 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:18:05.0605 18548 FltMgr - ok
20:18:05.0698 18548 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:18:05.0714 18548 FontCache - ok
20:18:05.0823 18548 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:18:05.0839 18548 FontCache3.0.0.0 - ok
20:18:05.0885 18548 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:18:05.0885 18548 FsDepends - ok
20:18:05.0932 18548 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:18:05.0932 18548 Fs_Rec - ok
20:18:06.0010 18548 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:18:06.0010 18548 fvevol - ok
20:18:06.0041 18548 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:18:06.0041 18548 gagp30kx - ok
20:18:06.0073 18548 gdrv (6275303610285b57361f03a375062fba) C:\Windows\gdrv.sys
20:18:06.0073 18548 gdrv - ok
20:18:06.0119 18548 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:18:06.0119 18548 GEARAspiWDM - ok
20:18:06.0213 18548 GES_CoreDriver (f0dd17b58ca3c41e0a887489ab7b06f3) C:\Windows\system32\drivers\GES_CoreDriver.sys
20:18:06.0229 18548 GES_CoreDriver - ok
20:18:06.0322 18548 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:18:06.0322 18548 gpsvc - ok
20:18:06.0416 18548 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:18:06.0416 18548 gupdate - ok
20:18:06.0431 18548 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:18:06.0431 18548 gupdatem - ok
20:18:06.0494 18548 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
20:18:06.0494 18548 hamachi - ok
20:18:06.0728 18548 Hamachi2Svc (5f2e60af81607a4aedaa3801c843a51f) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:18:06.0743 18548 Hamachi2Svc - ok
20:18:06.0868 18548 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:18:06.0868 18548 hcw85cir - ok
20:18:07.0165 18548 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:18:07.0180 18548 HdAudAddService - ok
20:18:07.0227 18548 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:18:07.0227 18548 HDAudBus - ok
20:18:07.0243 18548 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:18:07.0243 18548 HidBatt - ok
20:18:07.0258 18548 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:18:07.0274 18548 HidBth - ok
20:18:07.0321 18548 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:18:07.0321 18548 HidIr - ok
20:18:07.0352 18548 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:18:07.0352 18548 hidserv - ok
20:18:07.0399 18548 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:18:07.0399 18548 HidUsb - ok
20:18:07.0461 18548 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:18:07.0461 18548 hkmsvc - ok
20:18:07.0523 18548 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:18:07.0523 18548 HomeGroupListener - ok
20:18:07.0586 18548 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:18:07.0586 18548 HomeGroupProvider - ok
20:18:07.0820 18548 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:18:07.0820 18548 hpqcxs08 - ok
20:18:07.0867 18548 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:18:07.0867 18548 hpqddsvc - ok
20:18:07.0929 18548 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:18:07.0929 18548 HpSAMD - ok
20:18:08.0038 18548 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:18:08.0054 18548 HPSLPSVC - ok
20:18:08.0132 18548 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:18:08.0147 18548 HTTP - ok
20:18:08.0194 18548 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:18:08.0194 18548 hwpolicy - ok
20:18:08.0257 18548 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:18:08.0257 18548 i8042prt - ok
20:18:08.0335 18548 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:18:08.0335 18548 iaStorV - ok
20:18:08.0475 18548 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:18:08.0491 18548 idsvc - ok
20:18:08.0522 18548 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:18:08.0522 18548 iirsp - ok
20:18:08.0600 18548 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:18:08.0615 18548 IKEEXT - ok
20:18:08.0737 18548 IntcAzAudAddService (fa6355ad5f6ddc5c213e995d4939dcae) C:\Windows\system32\drivers\RTKVHD64.sys
20:18:08.0757 18548 IntcAzAudAddService - ok
20:18:08.0907 18548 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:18:08.0907 18548 intelide - ok
20:18:08.0947 18548 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:18:08.0947 18548 intelppm - ok
20:18:08.0987 18548 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:18:08.0987 18548 IPBusEnum - ok
20:18:09.0037 18548 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:18:09.0047 18548 IpFilterDriver - ok
20:18:09.0097 18548 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:18:09.0107 18548 IPMIDRV - ok
20:18:09.0147 18548 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:18:09.0157 18548 IPNAT - ok
20:18:09.0287 18548 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
20:18:09.0297 18548 iPod Service - ok
20:18:09.0347 18548 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:18:09.0347 18548 IRENUM - ok
20:18:09.0387 18548 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:18:09.0387 18548 isapnp - ok
20:18:09.0417 18548 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:18:09.0427 18548 iScsiPrt - ok
20:18:09.0457 18548 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:18:09.0457 18548 kbdclass - ok
20:18:09.0487 18548 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:18:09.0487 18548 kbdhid - ok
20:18:09.0547 18548 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:18:09.0547 18548 KeyIso - ok
20:18:09.0597 18548 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
20:18:09.0597 18548 KSecDD - ok
20:18:09.0667 18548 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
20:18:09.0667 18548 KSecPkg - ok
20:18:09.0687 18548 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:18:09.0697 18548 ksthunk - ok
20:18:09.0757 18548 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:18:09.0767 18548 KtmRm - ok
20:18:09.0837 18548 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:18:09.0847 18548 LanmanServer - ok
20:18:09.0887 18548 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:18:09.0897 18548 LanmanWorkstation - ok
20:18:10.0047 18548 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:18:10.0087 18548 LightScribeService - ok
20:18:10.0137 18548 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:18:10.0137 18548 lltdio - ok
20:18:10.0197 18548 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:18:10.0197 18548 lltdsvc - ok
20:18:10.0217 18548 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:18:10.0217 18548 lmhosts - ok
20:18:10.0277 18548 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:18:10.0277 18548 LSI_FC - ok
20:18:10.0297 18548 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:18:10.0307 18548 LSI_SAS - ok
20:18:10.0337 18548 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:18:10.0337 18548 LSI_SAS2 - ok
20:18:10.0357 18548 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:18:10.0367 18548 LSI_SCSI - ok
20:18:10.0387 18548 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:18:10.0387 18548 luafv - ok
20:18:10.0427 18548 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
20:18:10.0437 18548 MBAMProtector - ok
20:18:10.0517 18548 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:18:10.0527 18548 MBAMService - ok
20:18:10.0577 18548 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:18:10.0577 18548 Mcx2Svc - ok
20:18:10.0597 18548 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:18:10.0597 18548 megasas - ok
20:18:10.0647 18548 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:18:10.0657 18548 MegaSR - ok
20:18:10.0737 18548 mf (8d0e52f36a153d099de7d5a1e233fac7) C:\Windows\system32\DRIVERS\mf.sys
20:18:10.0737 18548 mf - ok
20:18:10.0777 18548 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:18:10.0777 18548 MMCSS - ok
20:18:10.0797 18548 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:18:10.0797 18548 Modem - ok
20:18:10.0827 18548 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:18:10.0827 18548 monitor - ok
20:18:10.0887 18548 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:18:10.0897 18548 mouclass - ok
20:18:10.0937 18548 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:18:10.0937 18548 mouhid - ok
20:18:10.0987 18548 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:18:10.0987 18548 mountmgr - ok
20:18:11.0097 18548 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:18:11.0097 18548 MozillaMaintenance - ok
20:18:11.0167 18548 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:18:11.0167 18548 mpio - ok
20:18:11.0207 18548 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:18:11.0207 18548 mpsdrv - ok
20:18:11.0257 18548 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:18:11.0257 18548 MRxDAV - ok
20:18:11.0307 18548 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:18:11.0307 18548 mrxsmb - ok
20:18:11.0397 18548 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:18:11.0397 18548 mrxsmb10 - ok
20:18:11.0427 18548 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:18:11.0427 18548 mrxsmb20 - ok
20:18:11.0477 18548 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:18:11.0477 18548 msahci - ok
20:18:11.0527 18548 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:18:11.0537 18548 msdsm - ok
20:18:11.0587 18548 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:18:11.0587 18548 MSDTC - ok
20:18:11.0627 18548 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:18:11.0627 18548 Msfs - ok
20:18:11.0657 18548 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:18:11.0657 18548 mshidkmdf - ok
20:18:11.0707 18548 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:18:11.0707 18548 msisadrv - ok
20:18:11.0757 18548 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:18:11.0757 18548 MSiSCSI - ok
20:18:11.0757 18548 msiserver - ok
20:18:11.0787 18548 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:18:11.0787 18548 MSKSSRV - ok
20:18:11.0817 18548 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:18:11.0817 18548 MSPCLOCK - ok
20:18:11.0827 18548 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:18:11.0827 18548 MSPQM - ok
20:18:11.0887 18548 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:18:11.0897 18548 MsRPC - ok
20:18:11.0917 18548 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:18:11.0917 18548 mssmbios - ok
20:18:11.0947 18548 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:18:11.0947 18548 MSTEE - ok
20:18:11.0957 18548 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:18:11.0967 18548 MTConfig - ok
20:18:11.0997 18548 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:18:12.0007 18548 Mup - ok
20:18:12.0077 18548 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:18:12.0087 18548 napagent - ok
20:18:12.0137 18548 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:18:12.0147 18548 NativeWifiP - ok
20:18:12.0227 18548 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:18:12.0237 18548 NDIS - ok
20:18:12.0257 18548 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:18:12.0257 18548 NdisCap - ok
20:18:12.0288 18548 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:18:12.0288 18548 NdisTapi - ok
20:18:12.0319 18548 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:18:12.0335 18548 Ndisuio - ok
20:18:12.0381 18548 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:18:12.0381 18548 NdisWan - ok
20:18:12.0428 18548 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:18:12.0444 18548 NDProxy - ok
20:18:12.0662 18548 Nero BackItUp Scheduler 4.0 (c7f5c284b6f46fcaf6910ea4e644700b) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
20:18:12.0662 18548 Nero BackItUp Scheduler 4.0 - ok
20:18:12.0725 18548 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
20:18:12.0740 18548 Net Driver HPZ12 - ok
20:18:12.0771 18548 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:18:12.0771 18548 NetBIOS - ok
20:18:12.0818 18548 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:18:12.0818 18548 NetBT - ok
20:18:12.0865 18548 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:18:12.0881 18548 Netlogon - ok
20:18:12.0927 18548 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:18:12.0927 18548 Netman - ok
20:18:13.0099 18548 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:18:13.0099 18548 NetMsmqActivator - ok
20:18:13.0099 18548 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:18:13.0099 18548 NetPipeActivator - ok
20:18:13.0161 18548 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:18:13.0161 18548 netprofm - ok
20:18:13.0177 18548 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:18:13.0177 18548 NetTcpActivator - ok
20:18:13.0177 18548 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:18:13.0177 18548 NetTcpPortSharing - ok
20:18:13.0239 18548 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:18:13.0255 18548 nfrd960 - ok
20:18:13.0333 18548 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:18:13.0349 18548 NlaSvc - ok
20:18:13.0349 18548 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:18:13.0349 18548 Npfs - ok
20:18:13.0380 18548 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:18:13.0395 18548 nsi - ok
20:18:13.0395 18548 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:18:13.0395 18548 nsiproxy - ok
20:18:13.0536 18548 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:18:13.0551 18548 Ntfs - ok
20:18:13.0692 18548 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:18:13.0692 18548 Null - ok
20:18:13.0754 18548 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
20:18:13.0754 18548 NVHDA - ok
20:18:14.0659 18548 nvlddmkm (074c7c7841db4490b809b632cf192077) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:18:14.0987 18548 nvlddmkm - ok
20:18:15.0190 18548 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:18:15.0190 18548 nvraid - ok
20:18:15.0230 18548 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:18:15.0240 18548 nvstor - ok
20:18:15.0330 18548 NvStUSB (96f7e5c2f520c2416e96d658a2f80e84) C:\Windows\system32\DRIVERS\nvstusb.sys
20:18:15.0340 18548 NvStUSB - ok
20:18:15.0460 18548 NVSvc (27fd8889a5f3c13434d057b8e6409c7f) C:\Windows\system32\nvvsvc.exe
20:18:15.0470 18548 NVSvc - ok
20:18:15.0720 18548 nvUpdatusService (4472183de09f80cb1b56f217d8e0ab9b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:18:15.0730 18548 nvUpdatusService - ok
20:18:15.0890 18548 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:18:15.0890 18548 nv_agp - ok
20:18:16.0060 18548 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:18:16.0070 18548 odserv - ok
20:18:16.0120 18548 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:18:16.0120 18548 ohci1394 - ok
20:18:16.0190 18548 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:18:16.0190 18548 ose - ok
20:18:16.0240 18548 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:18:16.0250 18548 p2pimsvc - ok
20:18:16.0290 18548 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:18:16.0300 18548 p2psvc - ok
20:18:16.0350 18548 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:18:16.0350 18548 Parport - ok
20:18:16.0390 18548 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:18:16.0400 18548 partmgr - ok
20:18:16.0450 18548 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:18:16.0450 18548 PcaSvc - ok
20:18:16.0520 18548 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:18:16.0520 18548 pci - ok
20:18:16.0530 18548 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:18:16.0530 18548 pciide - ok
20:18:16.0560 18548 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:18:16.0560 18548 pcmcia - ok
20:18:16.0590 18548 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:18:16.0590 18548 pcw - ok
20:18:16.0670 18548 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:18:16.0680 18548 PEAUTH - ok
20:18:16.0780 18548 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
20:18:16.0800 18548 PeerDistSvc - ok
20:18:16.0880 18548 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:18:16.0880 18548 PerfHost - ok
20:18:17.0100 18548 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:18:17.0140 18548 pla - ok
20:18:17.0218 18548 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:18:17.0234 18548 PlugPlay - ok
20:18:17.0296 18548 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
20:18:17.0296 18548 Pml Driver HPZ12 - ok
20:18:17.0343 18548 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:18:17.0343 18548 PNRPAutoReg - ok
20:18:17.0374 18548 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:18:17.0374 18548 PNRPsvc - ok
20:18:17.0452 18548 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:18:17.0452 18548 PolicyAgent - ok
20:18:17.0499 18548 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:18:17.0499 18548 Power - ok
20:18:17.0577 18548 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:18:17.0593 18548 PptpMiniport - ok
20:18:17.0608 18548 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:18:17.0608 18548 Processor - ok
20:18:17.0671 18548 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
20:18:17.0671 18548 ProfSvc - ok
20:18:17.0733 18548 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:18:17.0733 18548 ProtectedStorage - ok
20:18:17.0811 18548 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:18:17.0811 18548 Psched - ok
20:18:17.0858 18548 pxkbf (14d82090b0ed422ccdeaf97eda60df4c) C:\Windows\system32\drivers\pxkbf.sys
20:18:17.0873 18548 pxkbf - ok
20:18:17.0873 18548 pxrts (a5000e7b2b1e2dd4a593a15774b943ac) C:\Windows\system32\drivers\pxrts.sys
20:18:17.0873 18548 pxrts - ok
20:18:17.0889 18548 pxscan (38ec941b5527b92cce4da88b45665445) C:\Windows\system32\drivers\pxscan.sys
20:18:17.0889 18548 pxscan - ok
20:18:18.0014 18548 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:18:18.0045 18548 ql2300 - ok
20:18:18.0185 18548 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:18:18.0185 18548 ql40xx - ok
20:18:18.0232 18548 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:18:18.0248 18548 QWAVE - ok
20:18:18.0248 18548 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:18:18.0248 18548 QWAVEdrv - ok
20:18:18.0341 18548 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
20:18:18.0341 18548 RapiMgr - ok
20:18:18.0373 18548 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:18:18.0373 18548 RasAcd - ok
20:18:18.0419 18548 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:18:18.0419 18548 RasAgileVpn - ok
20:18:18.0451 18548 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:18:18.0451 18548 RasAuto - ok
20:18:18.0497 18548 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:18:18.0497 18548 Rasl2tp - ok
20:18:18.0575 18548 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:18:18.0591 18548 RasMan - ok
20:18:18.0607 18548 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:18:18.0622 18548 RasPppoe - ok
20:18:18.0638 18548 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:18:18.0653 18548 RasSstp - ok
20:18:18.0700 18548 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:18:18.0716 18548 rdbss - ok
20:18:18.0731 18548 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:18:18.0731 18548 rdpbus - ok
20:18:18.0747 18548 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:18:18.0747 18548 RDPCDD - ok
20:18:18.0809 18548 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
20:18:18.0809 18548 RDPDR - ok
20:18:18.0825 18548 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:18:18.0825 18548 RDPENCDD - ok
20:18:18.0856 18548 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:18:18.0856 18548 RDPREFMP - ok
20:18:18.0965 18548 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
20:18:18.0965 18548 RdpVideoMiniport - ok
20:18:19.0012 18548 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
20:18:19.0028 18548 RDPWD - ok
20:18:19.0106 18548 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:18:19.0121 18548 rdyboost - ok
20:18:19.0168 18548 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:18:19.0168 18548 RemoteAccess - ok
20:18:19.0215 18548 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:18:19.0231 18548 RemoteRegistry - ok
20:18:19.0293 18548 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:18:19.0293 18548 RFCOMM - ok
20:18:19.0324 18548 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:18:19.0324 18548 RpcEptMapper - ok
20:18:19.0356 18548 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:18:19.0356 18548 RpcLocator - ok
20:18:19.0449 18548 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:18:19.0449 18548 RpcSs - ok
20:18:19.0496 18548 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:18:19.0496 18548 rspndr - ok
20:18:19.0574 18548 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:18:19.0574 18548 RTL8167 - ok
20:18:19.0621 18548 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
20:18:19.0621 18548 s3cap - ok
20:18:19.0714 18548 SaiK0CEA (b833acf0258cf9141d65edd64d81f99b) C:\Windows\system32\DRIVERS\SaiK0CEA.sys
20:18:19.0714 18548 SaiK0CEA - ok
20:18:19.0777 18548 SaiU0CEA (e98ea0182d96ea11e55a9e2e8dd33193) C:\Windows\system32\DRIVERS\SaiU0CEA.sys
20:18:19.0777 18548 SaiU0CEA - ok
20:18:19.0839 18548 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:18:19.0839 18548 SamSs - ok
20:18:19.0870 18548 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:18:19.0870 18548 sbp2port - ok
20:18:19.0902 18548 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:18:19.0902 18548 SCardSvr - ok
20:18:19.0948 18548 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:18:19.0948 18548 scfilter - ok
20:18:20.0058 18548 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:18:20.0073 18548 Schedule - ok
20:18:20.0120 18548 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:18:20.0120 18548 SCPolicySvc - ok
20:18:20.0182 18548 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:18:20.0198 18548 SDRSVC - ok
20:18:20.0260 18548 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:18:20.0260 18548 secdrv - ok
20:18:20.0323 18548 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:18:20.0323 18548 seclogon - ok
20:18:20.0370 18548 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:18:20.0370 18548 SENS - ok
20:18:20.0385 18548 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:18:20.0385 18548 SensrSvc - ok
20:18:20.0432 18548 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:18:20.0432 18548 Serenum - ok
20:18:20.0448 18548 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:18:20.0448 18548 Serial - ok
20:18:20.0510 18548 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:18:20.0510 18548 sermouse - ok
20:18:20.0588 18548 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:18:20.0588 18548 SessionEnv - ok
20:18:20.0635 18548 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:18:20.0635 18548 sffdisk - ok
20:18:20.0650 18548 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:18:20.0650 18548 sffp_mmc - ok
20:18:20.0682 18548 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:18:20.0682 18548 sffp_sd - ok
20:18:20.0697 18548 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:18:20.0697 18548 sfloppy - ok
20:18:20.0791 18548 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:18:20.0791 18548 ShellHWDetection - ok
20:18:20.0822 18548 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:18:20.0822 18548 SiSRaid2 - ok
20:18:20.0838 18548 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:18:20.0853 18548 SiSRaid4 - ok
20:18:20.0884 18548 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:18:20.0884 18548 Smb - ok
20:18:20.0931 18548 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:18:20.0931 18548 SNMPTRAP - ok
20:18:20.0978 18548 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:18:20.0978 18548 spldr - ok
20:18:21.0103 18548 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:18:21.0103 18548 Spooler - ok
20:18:21.0368 18548 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:18:21.0415 18548 sppsvc - ok
20:18:21.0540 18548 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:18:21.0555 18548 sppuinotify - ok
20:18:21.0649 18548 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:18:21.0664 18548 srv - ok
20:18:21.0727 18548 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:18:21.0742 18548 srv2 - ok
20:18:21.0758 18548 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:18:21.0758 18548 srvnet - ok
20:18:21.0820 18548 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:18:21.0820 18548 SSDPSRV - ok
20:18:21.0836 18548 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:18:21.0836 18548 SstpSvc - ok
20:18:21.0914 18548 ssudmdm (855335bf5792e56164f98c012e3d92dd) C:\Windows\system32\DRIVERS\ssudmdm.sys
20:18:21.0914 18548 ssudmdm - ok
20:18:22.0008 18548 Steam Client Service - ok
20:18:22.0210 18548 Stereo Service (a8f1a34f855887fc721dc9539223b543) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:18:22.0210 18548 Stereo Service - ok
20:18:22.0242 18548 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:18:22.0242 18548 stexstor - ok
20:18:22.0288 18548 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
20:18:22.0288 18548 StillCam - ok
20:18:22.0382 18548 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:18:22.0398 18548 stisvc - ok
20:18:22.0444 18548 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
20:18:22.0444 18548 storflt - ok
20:18:22.0460 18548 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
20:18:22.0460 18548 storvsc - ok
20:18:22.0491 18548 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:18:22.0491 18548 swenum - ok
20:18:22.0554 18548 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:18:22.0569 18548 swprv - ok
20:18:22.0585 18548 Synth3dVsc - ok
20:18:22.0741 18548 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:18:22.0756 18548 SysMain - ok
20:18:22.0912 18548 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:18:22.0912 18548 TabletInputService - ok
20:18:22.0944 18548 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:18:22.0959 18548 TapiSrv - ok
20:18:22.0990 18548 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:18:22.0990 18548 TBS - ok
20:18:23.0224 18548 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:18:23.0256 18548 Tcpip - ok
20:18:23.0521 18548 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:18:23.0536 18548 TCPIP6 - ok
20:18:23.0692 18548 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:18:23.0692 18548 tcpipreg - ok
20:18:23.0724 18548 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:18:23.0724 18548 TDPIPE - ok
20:18:23.0786 18548 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:18:23.0786 18548 TDTCP - ok
20:18:23.0833 18548 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:18:23.0833 18548 tdx - ok
20:18:23.0895 18548 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:18:23.0895 18548 TermDD - ok
20:18:23.0958 18548 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:18:23.0973 18548 TermService - ok
20:18:24.0020 18548 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:18:24.0020 18548 Themes - ok
20:18:24.0051 18548 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:18:24.0051 18548 THREADORDER - ok
20:18:24.0067 18548 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:18:24.0082 18548 TrkWks - ok
20:18:24.0160 18548 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:18:24.0176 18548 TrustedInstaller - ok
20:18:24.0223 18548 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:18:24.0223 18548 tssecsrv - ok
20:18:24.0285 18548 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:18:24.0285 18548 TsUsbFlt - ok
20:18:24.0285 18548 tsusbhub - ok
20:18:24.0363 18548 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:18:24.0363 18548 tunnel - ok
20:18:24.0394 18548 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:18:24.0410 18548 uagp35 - ok
20:18:24.0457 18548 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:18:24.0472 18548 udfs - ok
20:18:24.0519 18548 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:18:24.0519 18548 UI0Detect - ok
20:18:24.0566 18548 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:18:24.0566 18548 uliagpkx - ok
20:18:24.0628 18548 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:18:24.0628 18548 umbus - ok
20:18:24.0660 18548 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:18:24.0660 18548 UmPass - ok
20:18:24.0706 18548 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
20:18:24.0722 18548 UmRdpService - ok
20:18:24.0753 18548 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:18:24.0753 18548 upnphost - ok
20:18:24.0800 18548 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
20:18:24.0800 18548 USBAAPL64 - ok
20:18:24.0862 18548 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:18:24.0862 18548 usbaudio - ok
20:18:24.0909 18548 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:18:24.0909 18548 usbccgp - ok
20:18:24.0972 18548 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:18:24.0987 18548 usbcir - ok
20:18:25.0003 18548 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
20:18:25.0003 18548 usbehci - ok
20:18:25.0065 18548 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:18:25.0065 18548 usbhub - ok
20:18:25.0096 18548 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:18:25.0096 18548 usbohci - ok
20:18:25.0128 18548 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:18:25.0128 18548 usbprint - ok
20:18:25.0190 18548 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:18:25.0190 18548 USBSTOR - ok
20:18:25.0252 18548 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
20:18:25.0252 18548 usbuhci - ok
20:18:25.0330 18548 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
20:18:25.0330 18548 usb_rndisx - ok
20:18:25.0377 18548 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:18:25.0377 18548 UxSms - ok
20:18:25.0424 18548 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:18:25.0424 18548 VaultSvc - ok
20:18:25.0518 18548 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:18:25.0518 18548 vdrvroot - ok
20:18:25.0611 18548 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:18:25.0627 18548 vds - ok
20:18:25.0674 18548 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:18:25.0674 18548 vga - ok
20:18:25.0689 18548 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:18:25.0689 18548 VgaSave - ok
20:18:25.0705 18548 VGPU - ok
20:18:25.0767 18548 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:18:25.0783 18548 vhdmp - ok
20:18:25.0830 18548 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:18:25.0830 18548 viaide - ok
20:18:25.0861 18548 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
20:18:25.0861 18548 vmbus - ok
20:18:25.0876 18548 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
20:18:25.0876 18548 VMBusHID - ok
20:18:25.0908 18548 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:18:25.0908 18548 volmgr - ok
20:18:25.0970 18548 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:18:25.0970 18548 volmgrx - ok
20:18:26.0032 18548 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:18:26.0032 18548 volsnap - ok
20:18:26.0079 18548 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:18:26.0079 18548 vsmraid - ok
20:18:26.0220 18548 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:18:26.0235 18548 VSS - ok
20:18:26.0391 18548 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
20:18:26.0391 18548 vwifibus - ok
20:18:26.0438 18548 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:18:26.0454 18548 W32Time - ok
20:18:26.0469 18548 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:18:26.0485 18548 WacomPen - ok
20:18:26.0563 18548 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:18:26.0563 18548 WANARP - ok
20:18:26.0563 18548 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:18:26.0563 18548 Wanarpv6 - ok
20:18:26.0750 18548 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:18:26.0766 18548 WatAdminSvc - ok
20:18:26.0922 18548 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:18:26.0937 18548 wbengine - ok
20:18:27.0093 18548 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:18:27.0093 18548 WbioSrvc - ok
20:18:27.0249 18548 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
20:18:27.0249 18548 WcesComm - ok
20:18:27.0327 18548 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:18:27.0327 18548 wcncsvc - ok
20:18:27.0343 18548 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:18:27.0358 18548 WcsPlugInService - ok
20:18:27.0405 18548 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:18:27.0405 18548 Wd - ok
20:18:27.0452 18548 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:18:27.0468 18548 Wdf01000 - ok
20:18:27.0483 18548 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:18:27.0483 18548 WdiServiceHost - ok
20:18:27.0499 18548 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:18:27.0499 18548 WdiSystemHost - ok
20:18:27.0561 18548 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:18:27.0561 18548 WebClient - ok
20:18:27.0608 18548 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:18:27.0608 18548 Wecsvc - ok
20:18:27.0624 18548 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:18:27.0624 18548 wercplsupport - ok
20:18:27.0655 18548 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:18:27.0655 18548 WerSvc - ok
20:18:27.0717 18548 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:18:27.0733 18548 WfpLwf - ok
20:18:27.0733 18548 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:18:27.0748 18548 WIMMount - ok
20:18:27.0748 18548 WinHttpAutoProxySvc - ok
20:18:27.0842 18548 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:18:27.0842 18548 Winmgmt - ok
20:18:28.0014 18548 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:18:28.0045 18548 WinRM - ok
20:18:28.0232 18548 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:18:28.0232 18548 WinUSB - ok
20:18:28.0310 18548 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:18:28.0326 18548 Wlansvc - ok
20:18:28.0591 18548 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:18:28.0606 18548 wlidsvc - ok
20:18:28.0762 18548 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys
20:18:28.0762 18548 WmBEnum - ok
20:18:28.0809 18548 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys
20:18:28.0809 18548 WmFilter - ok
20:18:28.0840 18548 WmHidLo (ac4331af118a720f13c9c5cabbfe27bd) C:\Windows\system32\drivers\WmHidLo.sys
20:18:28.0840 18548 WmHidLo - ok
20:18:28.0887 18548 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:18:28.0887 18548 WmiAcpi - ok
20:18:28.0965 18548 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:18:28.0965 18548 wmiApSrv - ok
20:18:29.0012 18548 WMPNetworkSvc - ok
20:18:29.0059 18548 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys
20:18:29.0059 18548 WmVirHid - ok
20:18:29.0090 18548 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys
20:18:29.0090 18548 WmXlCore - ok
20:18:29.0246 18548 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
20:18:29.0262 18548 WMZuneComm - ok
20:18:29.0308 18548 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:18:29.0308 18548 WPCSvc - ok
20:18:29.0371 18548 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:18:29.0371 18548 WPDBusEnum - ok
20:18:29.0402 18548 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:18:29.0402 18548 ws2ifsl - ok
20:18:29.0418 18548 WSearch - ok
20:18:29.0605 18548 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
20:18:29.0636 18548 wuauserv - ok
20:18:29.0808 18548 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:18:29.0808 18548 WudfPf - ok
20:18:29.0839 18548 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:18:29.0839 18548 WUDFRd - ok
20:18:29.0901 18548 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:18:29.0901 18548 wudfsvc - ok
20:18:29.0932 18548 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:18:29.0948 18548 WwanSvc - ok
20:18:30.0010 18548 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
20:18:30.0010 18548 xusb21 - ok
20:18:30.0619 18548 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
20:18:30.0806 18548 ZuneNetworkSvc - ok
20:18:30.0993 18548 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
20:18:31.0009 18548 ZuneWlanCfgSvc - ok
20:18:31.0056 18548 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:18:31.0196 18548 \Device\Harddisk0\DR0 - ok
20:18:31.0212 18548 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
20:18:31.0290 18548 \Device\Harddisk1\DR1 - ok
20:18:31.0290 18548 Boot (0x1200) (72a45e8dff4e5b90e2cf3d3f8351137f) \Device\Harddisk0\DR0\Partition0
20:18:31.0290 18548 \Device\Harddisk0\DR0\Partition0 - ok
20:18:31.0290 18548 Boot (0x1200) (275862826d13724332dfafef5f4aa1e2) \Device\Harddisk1\DR1\Partition0
20:18:31.0290 18548 \Device\Harddisk1\DR1\Partition0 - ok
20:18:31.0290 18548 ============================================================
20:18:31.0290 18548 Scan finished
20:18:31.0290 18548 ============================================================
20:18:31.0305 3516 Detected object count: 0
20:18:31.0305 3516 Actual detected object count: 0
20:19:11.0227 14172 Deinitialize success

**cabelm1** · 07-17-2012 08:14 PM

My computer performs as before but Im still worried that it is still infected

**fireman4it** · 07-18-2012 06:37 PM

My computer performs as before but Im still worried that it is still infected

As in? Still getting popups?

Thread: Dropper.generic

LinkBack

Thread Tools