Need advice on anti-virus programs.

[paulcheung]

Hi all,

I have to goto the shop to help now and then, I have a laptop there. my next door neighbour give us the permission to use their internet, some how this laptop always manage to caught some virus or malwares. I currently use malwarebyte, super antispyware, avast and combofix now and then.

The computer will be disconnect to the internet and run slow sometime. when that happen I use malwarebyte and combofix to scan the laptop. it will be fine for a while and then it happen again.

I get 2 bars from the router most of the time and sometime 3 bars. I am not too sure if is virus or malware cause it drop the connections. when I carry it home I got all 5 bar and it work without any problem. I don't know if the distant at the shop to the router cause the problem. but yesterday I bought another computer there and it only have 1 bar yet it didn't drop the connection none at all for the whole day yet the original laptop keeping drop connection alot of times.

Is there any more scanning program I can try to see if a virus or malware cause this? I plan to use an old harddrive and do a fresh windows 7 install to this laptop to confirm this. I even have an external usb wireless adapter connect to this laptop sometime to rule out adapter problem. it happen same way with the extenal adapter.

Thank you .

 

[AntimatterAsh]

Hi all,

I have to goto the shop to help now and then, I have a laptop there. my next door neighbour give us the permission to use their internet, some how this laptop always manage to caught some virus or malwares. I currently use malwarebyte, super antispyware, avast and combofix now and then.

The computer will be disconnect to the internet and run slow sometime. when that happen I use malwarebyte and combofix to scan the laptop. it will be fine for a while and then it happen again.

I get 2 bars from the router most of the time and sometime 3 bars. I am not too sure if is virus or malware cause it drop the connections. when I carry it home I got all 5 bar and it work without any problem. I don't know if the distant at the shop to the router cause the problem. but yesterday I bought another computer there and it only have 1 bar yet it didn't drop the connection none at all for the whole day yet the original laptop keeping drop connection alot of times.

Is there any more scanning program I can try to see if a virus or malware cause this? I plan to use an old harddrive and do a fresh windows 7 install to this laptop to confirm this. I even have an external usb wireless adapter connect to this laptop sometime to rule out adapter problem. it happen same way with the extenal adapter.

Thank you .

Unless you are going on dodgy sites, you should not get new viruses, unless you did not clear the old ones off, or you are being targeted by hackers. MSE all the way if it is free. I run most of my computers without AV and have never had problems. In 8 years, I might have caught 3 viruses.

 

[Punk]

Hey there!

Combofix is a good malware killer but if it's a trojan horse, it will most likely come back afterwards. Let's see if you have any malware on your laptop. In order to do that, please follow the steps on this thread:

http://www.computerforum.com/131398-important-please-read-before-posting.html

Post your logs here and wait for either Johnb35 or me to answer

 

[paulcheung]

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.19.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Fay :: FAY [administrator]

8/19/2012 9:36:21 AM
mbam-log-2012-08-19 (09-36-21).txt

Scan type: Full scan (C:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 396793
Time elapsed: 51 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
F:\Downloads\TelevisionFanatic.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.

(end)

ComboFix 12-08-18.03 - Fay 08/19/2012 11:06:48.39.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3966.2760 [GMT -5:00]
Running from: c:\users\Fay\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Packet.dll
c:\windows\wpcap.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-07-19 to 2012-08-19 )))))))))))))))))))))))))))))))
.
.
2012-08-19 16:50 . 2012-08-19 16:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-08-19 16:50 . 2012-08-19 16:50 -------- d-----w- c:\users\Paul\AppData\Local\temp
2012-08-19 16:50 . 2012-08-19 16:50 -------- d-----w- c:\users\Ken-Chun Cheung\AppData\Local\temp
2012-08-19 16:50 . 2012-08-19 16:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-19 16:50 . 2012-08-19 16:50 -------- d-----w- c:\users\AppData\AppData\Local\temp
2012-08-18 15:46 . 2012-08-18 15:46 -------- d-----w- c:\program files\Core Temp
2012-08-09 18:37 . 2012-08-09 18:37 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-03 18:46 . 2011-11-18 04:06 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 16:21 . 2012-04-02 15:33 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-01-25 04:51 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-01-25 04:51 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-01-25 04:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-01-25 04:51 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-01-25 04:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-01-25 04:51 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-01-25 04:51 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2012-01-25 04:51 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-12 15:07 . 2012-06-12 15:07 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-12 15:07 . 2011-11-18 12:03 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-26 17:36 . 2012-06-19 13:22 204800 ----a-w- c:\windows\system32\unrar64.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-07-12_16.34.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-08-19 16:54 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-12 14:06 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-19 16:54 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-12 14:06 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-12 14:06 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-19 16:54 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-05 04:48 . 2012-08-19 16:54 53230 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-19 15:49 48696 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-04-10 13:46 . 2012-08-19 15:49 11996 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1101767067-31939241-3861765655-1015_UserData.bin
+ 2010-09-04 08:32 . 2012-08-19 15:12 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-04 08:32 . 2012-07-12 15:10 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-04 08:32 . 2012-07-12 15:10 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-04 08:32 . 2012-08-19 15:12 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-19 15:12 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-12 15:10 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-04 13:24 . 2012-08-19 15:48 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-04 13:24 . 2012-07-12 14:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-08-19 16:12 89968 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 04:46 . 2012-06-15 14:06 89968 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-09-04 13:24 . 2012-08-19 15:48 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-09-04 13:24 . 2012-07-12 14:04 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-04 13:24 . 2012-08-19 15:48 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-04 13:24 . 2012-07-12 14:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-04 13:24 . 2012-08-19 15:53 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-04 13:24 . 2012-07-12 16:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-04 13:24 . 2012-07-12 16:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-04 13:24 . 2012-08-19 15:53 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-05 22:52 . 2012-08-06 18:08 6510 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-07-12 16:32 . 2012-07-12 16:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-19 16:51 . 2012-08-19 16:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-12 16:32 . 2012-07-12 16:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-08-19 16:51 . 2012-08-19 16:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-29 14:00 . 2012-07-02 13:27 372736 c:\windows\SysWOW64\SupportWimax\Setup\setup.exe
+ 2012-06-29 14:00 . 2012-08-18 15:25 372736 c:\windows\SysWOW64\SupportWimax\Setup\setup.exe
- 2012-06-29 14:00 . 2012-07-02 13:27 535552 c:\windows\SysWOW64\SupportWimax\Setup\ISSetup.dll
+ 2012-06-29 14:00 . 2012-08-18 15:25 535552 c:\windows\SysWOW64\SupportWimax\Setup\ISSetup.dll
+ 2012-06-29 14:00 . 2012-08-18 15:25 156616 c:\windows\SysWOW64\SupportWimax\Setup\_Setup.dll
- 2012-06-29 14:00 . 2012-07-02 13:27 156616 c:\windows\SysWOW64\SupportWimax\Setup\_Setup.dll
+ 2010-09-04 15:14 . 2012-08-01 22:34 200180 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-09-05 21:28 . 2012-08-16 14:38 290630 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2012-08-19 16:02 624178 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-07-12 15:00 624178 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-08-19 16:02 106522 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-07-12 15:00 106522 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:12 . 2012-08-18 01:42 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-07-09 00:44 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-07-12 16:32 417648 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-19 16:51 417648 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-04-19 02:25 . 2012-07-12 16:32 1023660 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1101767067-31939241-3861765655-1015-8192.dat
+ 2012-04-19 02:25 . 2012-07-16 18:20 1023660 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1101767067-31939241-3861765655-1015-8192.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 17:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UIExec"="c:\program files (x86)\Digicel Broadband CM\cm\UIExec.exe" [2010-04-06 132096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
.
c:\users\Ken-Chun Cheung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2010-9-5 576000]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 257696]
R3 ALSysIO;ALSysIO;c:\users\Fay\AppData\Local\Temp\ALSysIO64.sys [x]
R3 bcm;ZTE WiMAX BCM1000;c:\windows\system32\DRIVERS\drxvi314.sys [2010-04-06 216576]
R3 bcmbusctr;ZTE Devices' Enumerator;c:\windows\system32\DRIVERS\BcmBusCtr.sys [2010-04-06 34816]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 rt70x64;Linksys Home Wireless-G USB Adaptor Driver;c:\windows\system32\DRIVERS\netr7064.sys [2010-04-27 388448]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 usbws320;ZTE USB WiMAX NIC Switch Driver;c:\windows\system32\DRIVERS\usbws320.sys [2010-04-06 10752]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-20 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 15:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 65.183.0.76 65.183.0.86
FF - ProfilePath - c:\users\Fay\AppData\Roaming\Mozilla\Firefox\Profiles\onkepb3z.default\
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
.
**************************************************************************
.
Completion time: 2012-08-19 11:57:31 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-19 16:57
ComboFix2.txt 2012-08-18 15:20
ComboFix3.txt 2012-08-15 15:01
ComboFix4.txt 2012-08-05 16:03
ComboFix5.txt 2012-08-19 16:05
.
Pre-Run: 72,107,696,128 bytes free
Post-Run: 71,929,081,856 bytes free
.
- - End Of File - - 4DC8BD6E425FAADDE98302D091488EB3

 

[Punk]

Can you post the Hijackthis log asked in the post?

 

[paulcheung]

It will have to wait till this evening. sorry didnot see that. I have changed the hard drive to the original one that come with the computer. I carry it and use it from this morning without any issue, so definitely something is there.
thank you.

 

[paulcheung]

At lunch time the laptop act up with issues. I found out my partner use it went to facebook, Is it possible catch something from facebook links?
Thanks.

 

[ayan]

I don't want to flood you with pertinent remarks about various antiviruses, i just want to point out that i've been using avast's free version, and i haven't had a single problem in years. And i do tend to get on dubious sites, since i work as a webdesigner, and we sometimes scour the depths of some god-forgotten servers..

 

[johnb35]

At lunch time the laptop act up with issues. I found out my partner use it went to facebook, Is it possible catch something from facebook links?
Thanks.

Very possible especially if you click on the external links on the side. Lets make sure you don't have a rootkit.

Please download and run TDSSkiller

When the program opens, click on the start scan button.

TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.

To remove the infection simply click on the Continue button and TDSSKiller will attempt to clean the infection.

When it has finished cleaning the infection you will see a report stating whether or not it was successful as shown below.

If the log says will be cured after reboot, please reboot the system by pressing the reboot now button.

After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it. Please open the log and copy and paste it back here.

 

[paulcheung]

17:19:00.0715 3596 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
17:19:02.0718 3596 ============================================================
17:19:02.0718 3596 Current date / time: 2012/08/22 17:19:02.0718
17:19:02.0718 3596 SystemInfo:
17:19:02.0718 3596
17:19:02.0718 3596 OS Version: 6.1.7601 ServicePack: 1.0
17:19:02.0718 3596 Product type: Workstation
17:19:02.0718 3596 ComputerName: Paul
17:19:02.0718 3596 UserName: PaulCheung
17:19:02.0718 3596 Windows directory: C:\Windows
17:19:02.0718 3596 System windows directory: C:\Windows
17:19:02.0718 3596 Running under WOW64
17:19:02.0718 3596 Processor architecture: Intel x64
17:19:02.0718 3596 Number of processors: 2
17:19:02.0718 3596 Page size: 0x1000
17:19:02.0718 3596 Boot type: Normal boot
17:19:02.0719 3596 ============================================================
17:19:04.0027 3596 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:19:04.0037 3596 ============================================================
17:19:04.0037 3596 \Device\Harddisk0\DR0:
17:19:04.0038 3596 MBR partitions:
17:19:04.0038 3596 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x32000
17:19:04.0038 3596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x320800, BlocksNum 0x126F8800
17:19:04.0038 3596 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12A19800, BlocksNum 0x44B2C000
17:19:04.0038 3596 ============================================================
17:19:04.0060 3596 C: <-> \Device\Harddisk0\DR0\Partition1
17:19:04.0080 3596 F: <-> \Device\Harddisk0\DR0\Partition2
17:19:04.0080 3596 ============================================================
17:19:04.0080 3596 Initialize success
17:19:04.0080 3596 ============================================================
17:22:14.0831 3948 ============================================================
17:22:14.0831 3948 Scan started
17:22:14.0831 3948 Mode: Manual;
17:22:14.0831 3948 ============================================================
17:22:16.0643 3948 !SASCORE (a0709b82fa3b5afad1467e565b8b3ba0) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:22:16.0645 3948 !SASCORE - ok
17:22:16.0809 3948 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:22:16.0813 3948 1394ohci - ok
17:22:16.0853 3948 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:22:16.0857 3948 ACPI - ok
17:22:16.0888 3948 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:22:16.0889 3948 AcpiPmi - ok
17:22:16.0951 3948 Adobe LM Service (6d182c31acf16213407f2768f1107fe3) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:22:16.0955 3948 Adobe LM Service - ok
17:22:17.0117 3948 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:22:17.0125 3948 AdobeFlashPlayerUpdateSvc - ok
17:22:17.0184 3948 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:22:17.0195 3948 adp94xx - ok
17:22:17.0231 3948 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:22:17.0247 3948 adpahci - ok
17:22:17.0273 3948 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:22:17.0285 3948 adpu320 - ok
17:22:17.0322 3948 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:22:17.0325 3948 AeLookupSvc - ok
17:22:17.0419 3948 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:22:17.0425 3948 AFD - ok
17:22:17.0533 3948 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
17:22:17.0557 3948 AgereSoftModem - ok
17:22:17.0594 3948 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:22:17.0598 3948 agp440 - ok
17:22:17.0627 3948 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:22:17.0630 3948 ALG - ok
17:22:17.0645 3948 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:22:17.0647 3948 aliide - ok
17:22:17.0802 3948 ALSysIO - ok
17:22:17.0835 3948 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:22:17.0837 3948 amdide - ok
17:22:17.0868 3948 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:22:17.0870 3948 AmdK8 - ok
17:22:17.0892 3948 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:22:17.0894 3948 AmdPPM - ok
17:22:17.0920 3948 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:22:17.0923 3948 amdsata - ok
17:22:17.0951 3948 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:22:17.0961 3948 amdsbs - ok
17:22:17.0979 3948 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:22:17.0980 3948 amdxata - ok
17:22:18.0041 3948 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:22:18.0044 3948 AppID - ok
17:22:18.0065 3948 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:22:18.0067 3948 AppIDSvc - ok
17:22:18.0117 3948 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:22:18.0120 3948 Appinfo - ok
17:22:18.0172 3948 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
17:22:18.0183 3948 AppMgmt - ok
17:22:18.0216 3948 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:22:18.0218 3948 arc - ok
17:22:18.0245 3948 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:22:18.0247 3948 arcsas - ok
17:22:18.0284 3948 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
17:22:18.0285 3948 aswFsBlk - ok
17:22:18.0310 3948 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
17:22:18.0312 3948 aswMonFlt - ok
17:22:18.0369 3948 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
17:22:18.0370 3948 aswRdr - ok
17:22:18.0455 3948 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
17:22:18.0467 3948 aswSnx - ok
17:22:18.0524 3948 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
17:22:18.0540 3948 aswSP - ok
17:22:18.0559 3948 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
17:22:18.0561 3948 aswTdi - ok
17:22:18.0583 3948 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:22:18.0585 3948 AsyncMac - ok
17:22:18.0618 3948 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:22:18.0619 3948 atapi - ok
17:22:18.0740 3948 athr (88a02b6046356e6be4e387faa7451439) C:\Windows\system32\DRIVERS\athrx.sys
17:22:18.0757 3948 athr - ok
17:22:18.0942 3948 Ati External Event Utility (9f9e73327c456f418eb6b0cc98d1e3f4) C:\Windows\system32\Ati2evxx.exe
17:22:18.0949 3948 Ati External Event Utility - ok
17:22:19.0233 3948 atikmdag (2ec33a384281fddfd5954caa327d361b) C:\Windows\system32\DRIVERS\atikmdag.sys
17:22:19.0316 3948 atikmdag - ok
17:22:19.0440 3948 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:22:19.0458 3948 AudioEndpointBuilder - ok
17:22:19.0484 3948 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:22:19.0492 3948 AudioSrv - ok
17:22:19.0564 3948 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:22:19.0566 3948 avast! Antivirus - ok
17:22:19.0626 3948 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:22:19.0628 3948 AxInstSV - ok
17:22:19.0688 3948 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:22:19.0712 3948 b06bdrv - ok
17:22:19.0763 3948 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:22:19.0771 3948 b57nd60a - ok
17:22:19.0826 3948 bcm (ae4cbbbf2e48de86673d4d8e74678d01) C:\Windows\system32\DRIVERS\drxvi314.sys
17:22:19.0830 3948 bcm - ok
17:22:19.0844 3948 bcmbusctr (a5b133a6271aaca178b24ffdbd85afb9) C:\Windows\system32\DRIVERS\BcmBusCtr.sys
17:22:19.0846 3948 bcmbusctr - ok
17:22:19.0870 3948 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:22:19.0873 3948 BDESVC - ok
17:22:19.0887 3948 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:22:19.0888 3948 Beep - ok
17:22:19.0962 3948 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:22:19.0986 3948 BFE - ok
17:22:20.0061 3948 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
17:22:20.0079 3948 BITS - ok
17:22:20.0107 3948 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:22:20.0109 3948 blbdrive - ok
17:22:20.0147 3948 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:22:20.0148 3948 bowser - ok
17:22:20.0169 3948 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:22:20.0171 3948 BrFiltLo - ok
17:22:20.0189 3948 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:22:20.0191 3948 BrFiltUp - ok
17:22:20.0220 3948 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:22:20.0222 3948 BridgeMP - ok
17:22:20.0257 3948 Browser (05f5a0d14a2ee1d8255c2aa0e9e8e694) C:\Windows\System32\browser.dll
17:22:20.0259 3948 Browser - ok
17:22:20.0279 3948 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:22:20.0286 3948 Brserid - ok
17:22:20.0308 3948 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:22:20.0309 3948 BrSerWdm - ok
17:22:20.0319 3948 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:22:20.0320 3948 BrUsbMdm - ok
17:22:20.0331 3948 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:22:20.0332 3948 BrUsbSer - ok
17:22:20.0353 3948 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:22:20.0355 3948 BTHMODEM - ok
17:22:20.0380 3948 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:22:20.0383 3948 bthserv - ok
17:22:20.0408 3948 catchme - ok
17:22:20.0434 3948 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:22:20.0436 3948 cdfs - ok
17:22:20.0491 3948 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:22:20.0506 3948 cdrom - ok
17:22:20.0538 3948 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:22:20.0538 3948 CertPropSvc - ok
17:22:20.0569 3948 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:22:20.0569 3948 circlass - ok
17:22:20.0600 3948 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:22:20.0616 3948 CLFS - ok
17:22:20.0709 3948 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:22:20.0709 3948 clr_optimization_v2.0.50727_32 - ok
17:22:20.0740 3948 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:22:20.0740 3948 clr_optimization_v2.0.50727_64 - ok
17:22:20.0818 3948 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:22:20.0834 3948 clr_optimization_v4.0.30319_32 - ok
17:22:20.0865 3948 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:22:20.0865 3948 clr_optimization_v4.0.30319_64 - ok
17:22:20.0881 3948 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:22:20.0881 3948 CmBatt - ok
17:22:20.0912 3948 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:22:20.0912 3948 cmdide - ok
17:22:20.0974 3948 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
17:22:20.0974 3948 CNG - ok
17:22:21.0006 3948 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:22:21.0006 3948 Compbatt - ok
17:22:21.0068 3948 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:22:21.0068 3948 CompositeBus - ok
17:22:21.0115 3948 COMSysApp - ok
17:22:21.0146 3948 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:22:21.0146 3948 crcdisk - ok
17:22:21.0208 3948 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:22:21.0208 3948 CryptSvc - ok
17:22:21.0286 3948 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
17:22:21.0302 3948 CSC - ok
17:22:21.0364 3948 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
17:22:21.0380 3948 CscService - ok
17:22:21.0442 3948 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:22:21.0458 3948 DcomLaunch - ok
17:22:21.0505 3948 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:22:21.0520 3948 defragsvc - ok
17:22:21.0692 3948 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:22:21.0739 3948 DfsC - ok
17:22:21.0801 3948 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:22:21.0817 3948 Dhcp - ok
17:22:21.0848 3948 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:22:21.0848 3948 discache - ok
17:22:21.0895 3948 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:22:21.0895 3948 Disk - ok
17:22:21.0942 3948 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:22:21.0957 3948 Dnscache - ok
17:22:22.0004 3948 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:22:22.0020 3948 dot3svc - ok
17:22:22.0051 3948 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:22:22.0066 3948 DPS - ok
17:22:22.0098 3948 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:22:22.0098 3948 drmkaud - ok
17:22:22.0176 3948 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:22:22.0222 3948 DXGKrnl - ok
17:22:22.0269 3948 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:22:22.0269 3948 EapHost - ok
17:22:22.0441 3948 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:22:22.0503 3948 ebdrv - ok
17:22:22.0612 3948 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:22:22.0612 3948 EFS - ok
17:22:22.0690 3948 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:22:22.0706 3948 ehRecvr - ok
17:22:22.0753 3948 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:22:22.0753 3948 ehSched - ok
17:22:22.0815 3948 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:22:22.0831 3948 elxstor - ok
17:22:22.0862 3948 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:22:22.0862 3948 ErrDev - ok
17:22:22.0924 3948 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:22:22.0940 3948 EventSystem - ok
17:22:22.0971 3948 ew_hwusbdev - ok
17:22:23.0002 3948 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:22:23.0002 3948 exfat - ok
17:22:23.0034 3948 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:22:23.0049 3948 fastfat - ok
17:22:23.0127 3948 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:22:23.0127 3948 Fax - ok
17:22:23.0158 3948 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:22:23.0158 3948 fdc - ok
17:22:23.0174 3948 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:22:23.0174 3948 fdPHost - ok
17:22:23.0190 3948 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:22:23.0205 3948 FDResPub - ok
17:22:23.0221 3948 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:22:23.0221 3948 FileInfo - ok
17:22:23.0236 3948 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:22:23.0236 3948 Filetrace - ok
17:22:23.0252 3948 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:22:23.0252 3948 flpydisk - ok
17:22:23.0299 3948 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:22:23.0299 3948 FltMgr - ok
17:22:23.0392 3948 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:22:23.0408 3948 FontCache - ok
17:22:23.0486 3948 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:22:23.0486 3948 FontCache3.0.0.0 - ok
17:22:23.0533 3948 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:22:23.0548 3948 FsDepends - ok
17:22:23.0580 3948 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
17:22:23.0580 3948 fssfltr - ok
17:22:23.0720 3948 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:22:23.0751 3948 fsssvc - ok
17:22:23.0860 3948 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:22:23.0860 3948 Fs_Rec - ok
17:22:23.0923 3948 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:22:23.0938 3948 fvevol - ok
17:22:23.0954 3948 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:22:23.0954 3948 gagp30kx - ok
17:22:24.0032 3948 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:22:24.0063 3948 gpsvc - ok
17:22:24.0079 3948 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:22:24.0079 3948 hcw85cir - ok
17:22:24.0141 3948 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:22:24.0157 3948 HdAudAddService - ok
17:22:24.0219 3948 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:22:24.0235 3948 HDAudBus - ok
17:22:24.0250 3948 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:22:24.0250 3948 HidBatt - ok
17:22:24.0266 3948 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:22:24.0266 3948 HidBth - ok
17:22:24.0297 3948 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:22:24.0297 3948 HidIr - ok
17:22:24.0328 3948 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
17:22:24.0344 3948 hidserv - ok
17:22:24.0360 3948 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
17:22:24.0360 3948 HidUsb - ok
17:22:24.0406 3948 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:22:24.0406 3948 hkmsvc - ok
17:22:24.0453 3948 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:22:24.0453 3948 HomeGroupListener - ok
17:22:24.0516 3948 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:22:24.0516 3948 HomeGroupProvider - ok
17:22:24.0640 3948 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:22:24.0640 3948 hpqcxs08 - ok
17:22:24.0672 3948 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:22:24.0672 3948 hpqddsvc - ok
17:22:24.0687 3948 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:22:24.0687 3948 HpSAMD - ok
17:22:24.0765 3948 HPSLPSVC (d4f91cf4de215d6f14a06087d46725e4) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:22:24.0765 3948 HPSLPSVC - ok
17:22:24.0859 3948 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:22:24.0859 3948 HTTP - ok
17:22:24.0874 3948 huawei_enumerator - ok
17:22:24.0890 3948 hwdatacard - ok
17:22:24.0906 3948 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:22:24.0906 3948 hwpolicy - ok
17:22:24.0968 3948 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:22:24.0968 3948 i8042prt - ok
17:22:25.0030 3948 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:22:25.0046 3948 iaStorV - ok
17:22:25.0124 3948 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:22:25.0124 3948 IDriverT - ok
17:22:25.0233 3948 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:22:25.0249 3948 idsvc - ok
17:22:25.0358 3948 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:22:25.0358 3948 iirsp - ok
17:22:25.0452 3948 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:22:25.0467 3948 IKEEXT - ok
17:22:25.0483 3948 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:22:25.0483 3948 intelide - ok
17:22:25.0530 3948 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:22:25.0530 3948 intelppm - ok
17:22:25.0561 3948 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:22:25.0561 3948 IPBusEnum - ok
17:22:25.0576 3948 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:22:25.0576 3948 IpFilterDriver - ok
17:22:25.0639 3948 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:22:25.0654 3948 iphlpsvc - ok
17:22:25.0686 3948 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:22:25.0686 3948 IPMIDRV - ok
17:22:25.0701 3948 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:22:25.0701 3948 IPNAT - ok
17:22:25.0732 3948 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:22:25.0732 3948 IRENUM - ok
17:22:25.0748 3948 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:22:25.0748 3948 isapnp - ok
17:22:25.0795 3948 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:22:25.0810 3948 iScsiPrt - ok
17:22:25.0826 3948 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:22:25.0842 3948 kbdclass - ok
17:22:25.0873 3948 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:22:25.0873 3948 kbdhid - ok
17:22:25.0904 3948 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:22:25.0904 3948 KeyIso - ok
17:22:25.0951 3948 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
17:22:25.0951 3948 KSecDD - ok
17:22:25.0982 3948 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
17:22:25.0982 3948 KSecPkg - ok
17:22:25.0998 3948 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:22:25.0998 3948 ksthunk - ok
17:22:26.0044 3948 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:22:26.0060 3948 KtmRm - ok
17:22:26.0107 3948 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
17:22:26.0138 3948 LanmanServer - ok
17:22:26.0200 3948 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:22:26.0216 3948 LanmanWorkstation - ok
17:22:26.0247 3948 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:22:26.0247 3948 lltdio - ok
17:22:26.0278 3948 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:22:26.0294 3948 lltdsvc - ok
17:22:26.0310 3948 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:22:26.0325 3948 lmhosts - ok
17:22:26.0356 3948 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:22:26.0356 3948 LSI_FC - ok
17:22:26.0388 3948 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:22:26.0388 3948 LSI_SAS - ok
17:22:26.0403 3948 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:22:26.0403 3948 LSI_SAS2 - ok
17:22:26.0419 3948 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:22:26.0419 3948 LSI_SCSI - ok
17:22:26.0450 3948 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:22:26.0450 3948 luafv - ok
17:22:26.0497 3948 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
17:22:26.0512 3948 mcdbus - ok
17:22:26.0544 3948 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:22:26.0544 3948 Mcx2Svc - ok
17:22:26.0668 3948 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
17:22:26.0668 3948 MDM - ok
17:22:26.0684 3948 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:22:26.0684 3948 megasas - ok
17:22:26.0731 3948 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:22:26.0746 3948 MegaSR - ok
17:22:26.0840 3948 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:22:26.0840 3948 Microsoft Office Groove Audit Service - ok
17:22:26.0871 3948 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:22:26.0871 3948 MMCSS - ok
17:22:26.0887 3948 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:22:26.0887 3948 Modem - ok
17:22:26.0918 3948 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:22:26.0918 3948 monitor - ok
17:22:26.0949 3948 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:22:26.0965 3948 mouclass - ok
17:22:26.0980 3948 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:22:26.0980 3948 mouhid - ok
17:22:27.0027 3948 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:22:27.0027 3948 mountmgr - ok
17:22:27.0074 3948 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:22:27.0074 3948 mpio - ok
17:22:27.0105 3948 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:22:27.0105 3948 mpsdrv - ok
17:22:27.0183 3948 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:22:27.0199 3948 MpsSvc - ok
17:22:27.0246 3948 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:22:27.0261 3948 MRxDAV - ok
17:22:27.0308 3948 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:22:27.0308 3948 mrxsmb - ok
17:22:27.0339 3948 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:22:27.0339 3948 mrxsmb10 - ok
17:22:27.0386 3948 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:22:27.0386 3948 mrxsmb20 - ok
17:22:27.0417 3948 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:22:27.0417 3948 msahci - ok
17:22:27.0464 3948 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:22:27.0464 3948 msdsm - ok
17:22:27.0495 3948 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:22:27.0495 3948 MSDTC - ok
17:22:27.0526 3948 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:22:27.0526 3948 Msfs - ok
17:22:27.0542 3948 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:22:27.0542 3948 mshidkmdf - ok
17:22:27.0573 3948 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:22:27.0589 3948 msisadrv - ok
17:22:27.0620 3948 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:22:27.0636 3948 MSiSCSI - ok
17:22:27.0636 3948 msiserver - ok
17:22:27.0667 3948 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:22:27.0667 3948 MSKSSRV - ok
17:22:27.0682 3948 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:22:27.0682 3948 MSPCLOCK - ok
17:22:27.0698 3948 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:22:27.0698 3948 MSPQM - ok
17:22:27.0760 3948 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:22:27.0760 3948 MsRPC - ok
17:22:27.0792 3948 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:22:27.0792 3948 mssmbios - ok
17:22:27.0807 3948 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:22:27.0807 3948 MSTEE - ok
17:22:27.0823 3948 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:22:27.0823 3948 MTConfig - ok
17:22:27.0854 3948 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:22:27.0854 3948 Mup - ok
17:22:27.0916 3948 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:22:27.0948 3948 napagent - ok
17:22:27.0994 3948 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:22:28.0010 3948 NativeWifiP - ok
17:22:28.0104 3948 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:22:28.0119 3948 NDIS - ok
17:22:28.0150 3948 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:22:28.0150 3948 NdisCap - ok
17:22:28.0166 3948 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:22:28.0166 3948 NdisTapi - ok
17:22:28.0182 3948 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:22:28.0182 3948 Ndisuio - ok
17:22:28.0213 3948 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:22:28.0213 3948 NdisWan - ok
17:22:28.0244 3948 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:22:28.0244 3948 NDProxy - ok
17:22:28.0306 3948 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
17:22:28.0322 3948 Net Driver HPZ12 - ok
17:22:28.0338 3948 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:22:28.0338 3948 NetBIOS - ok
17:22:28.0369 3948 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:22:28.0384 3948 NetBT - ok
17:22:28.0416 3948 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:22:28.0416 3948 Netlogon - ok
17:22:28.0478 3948 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:22:28.0494 3948 Netman - ok
17:22:28.0525 3948 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:22:28.0540 3948 netprofm - ok
17:22:28.0618 3948 netr28ux (618c55b392238b9467f9113e13525c49) C:\Windows\system32\DRIVERS\netr28ux.sys
17:22:28.0634 3948 netr28ux - ok
17:22:28.0712 3948 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:22:28.0712 3948 NetTcpPortSharing - ok
17:22:28.0743 3948 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:22:28.0743 3948 nfrd960 - ok
17:22:28.0806 3948 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:22:28.0821 3948 NlaSvc - ok
17:22:28.0837 3948 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:22:28.0837 3948 Npfs - ok
17:22:28.0852 3948 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:22:28.0868 3948 nsi - ok
17:22:28.0868 3948 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:22:28.0868 3948 nsiproxy - ok
17:22:29.0008 3948 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:22:29.0040 3948 Ntfs - ok
17:22:29.0196 3948 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:22:29.0196 3948 Null - ok
17:22:29.0227 3948 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:22:29.0242 3948 nvraid - ok
17:22:29.0258 3948 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:22:29.0258 3948 nvstor - ok
17:22:29.0320 3948 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:22:29.0320 3948 nv_agp - ok
17:22:29.0430 3948 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:22:29.0445 3948 odserv - ok
17:22:29.0492 3948 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:22:29.0492 3948 ohci1394 - ok
17:22:29.0539 3948 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:22:29.0554 3948 ose - ok
17:22:29.0601 3948 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:22:29.0601 3948 p2pimsvc - ok
17:22:29.0648 3948 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:22:29.0664 3948 p2psvc - ok
17:22:29.0710 3948 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:22:29.0710 3948 Parport - ok
17:22:29.0742 3948 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:22:29.0742 3948 partmgr - ok
17:22:29.0773 3948 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:22:29.0788 3948 PcaSvc - ok
17:22:29.0835 3948 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:22:29.0835 3948 pci - ok
17:22:29.0851 3948 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:22:29.0851 3948 pciide - ok
17:22:29.0882 3948 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:22:29.0882 3948 pcmcia - ok
17:22:29.0913 3948 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:22:29.0913 3948 pcw - ok
17:22:29.0960 3948 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:22:29.0976 3948 PEAUTH - ok
17:22:30.0085 3948 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
17:22:30.0100 3948 PeerDistSvc - ok
17:22:30.0210 3948 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:22:30.0210 3948 PerfHost - ok
17:22:30.0381 3948 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:22:30.0428 3948 pla - ok
17:22:30.0506 3948 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:22:30.0522 3948 PlugPlay - ok
17:22:30.0568 3948 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
17:22:30.0568 3948 Pml Driver HPZ12 - ok
17:22:30.0584 3948 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:22:30.0600 3948 PNRPAutoReg - ok
17:22:30.0631 3948 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:22:30.0646 3948 PNRPsvc - ok
17:22:30.0709 3948 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:22:30.0724 3948 PolicyAgent - ok
17:22:30.0771 3948 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:22:30.0771 3948 Power - ok
17:22:30.0802 3948 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:22:30.0802 3948 PptpMiniport - ok
17:22:30.0849 3948 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:22:30.0849 3948 Processor - ok
17:22:30.0896 3948 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:22:30.0896 3948 ProfSvc - ok
17:22:30.0912 3948 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:22:30.0912 3948 ProtectedStorage - ok
17:22:30.0974 3948 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:22:30.0974 3948 Psched - ok
17:22:31.0083 3948 QBCFMonitorService (5956b7be76dd7681768bc56e342d1d94)

 

[paulcheung]

c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
17:22:31.0083 3948 QBCFMonitorService - ok
17:22:31.0146 3948 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) c:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
17:22:31.0146 3948 QBFCService - ok
17:22:31.0255 3948 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:22:31.0286 3948 ql2300 - ok
17:22:31.0380 3948 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:22:31.0380 3948 ql40xx - ok
17:22:31.0426 3948 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:22:31.0426 3948 QWAVE - ok
17:22:31.0458 3948 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:22:31.0458 3948 QWAVEdrv - ok
17:22:31.0473 3948 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:22:31.0473 3948 RasAcd - ok
17:22:31.0504 3948 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:22:31.0520 3948 RasAgileVpn - ok
17:22:31.0536 3948 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:22:31.0536 3948 RasAuto - ok
17:22:31.0582 3948 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:22:31.0582 3948 Rasl2tp - ok
17:22:31.0629 3948 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:22:31.0645 3948 RasMan - ok
17:22:31.0660 3948 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:22:31.0660 3948 RasPppoe - ok
17:22:31.0676 3948 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:22:31.0676 3948 RasSstp - ok
17:22:31.0723 3948 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:22:31.0723 3948 rdbss - ok
17:22:31.0738 3948 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:22:31.0738 3948 rdpbus - ok
17:22:31.0754 3948 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:22:31.0754 3948 RDPCDD - ok
17:22:32.0082 3948 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
17:22:32.0097 3948 RDPDR - ok
17:22:32.0113 3948 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:22:32.0113 3948 RDPENCDD - ok
17:22:32.0128 3948 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:22:32.0128 3948 RDPREFMP - ok
17:22:32.0206 3948 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
17:22:32.0206 3948 RdpVideoMiniport - ok
17:22:32.0238 3948 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:22:32.0253 3948 RDPWD - ok
17:22:32.0316 3948 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:22:32.0316 3948 rdyboost - ok
17:22:32.0347 3948 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:22:32.0362 3948 RemoteAccess - ok
17:22:32.0394 3948 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:22:32.0394 3948 RemoteRegistry - ok
17:22:32.0425 3948 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
17:22:32.0440 3948 RimUsb - ok
17:22:32.0472 3948 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
17:22:32.0472 3948 RimVSerPort - ok
17:22:32.0487 3948 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
17:22:32.0487 3948 ROOTMODEM - ok
17:22:32.0518 3948 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:22:32.0518 3948 RpcEptMapper - ok
17:22:32.0534 3948 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:22:32.0534 3948 RpcLocator - ok
17:22:32.0596 3948 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:22:32.0612 3948 RpcSs - ok
17:22:32.0628 3948 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:22:32.0628 3948 rspndr - ok
17:22:32.0690 3948 rt70x64 (3641e624c8c5d5ea089ae9b5340b5b79) C:\Windows\system32\DRIVERS\netr7064.sys
17:22:32.0690 3948 rt70x64 - ok
17:22:32.0737 3948 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:22:32.0752 3948 RTL8167 - ok
17:22:32.0768 3948 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
17:22:32.0768 3948 s3cap - ok
17:22:32.0799 3948 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:22:32.0815 3948 SamSs - ok
17:22:32.0893 3948 SASDIFSV (99df79c258b3342b6c8a5f802998de56) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:22:32.0893 3948 SASDIFSV - ok
17:22:32.0908 3948 SASKUTIL (2859c35c0651e8eb0d86d48e740388f2) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:22:32.0908 3948 SASKUTIL - ok
17:22:32.0940 3948 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:22:32.0940 3948 sbp2port - ok
17:22:32.0971 3948 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:22:32.0986 3948 SCardSvr - ok
17:22:33.0018 3948 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:22:33.0018 3948 scfilter - ok
17:22:33.0111 3948 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:22:33.0127 3948 Schedule - ok
17:22:33.0158 3948 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:22:33.0158 3948 SCPolicySvc - ok
17:22:33.0205 3948 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
17:22:33.0205 3948 sdbus - ok
17:22:33.0252 3948 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:22:33.0267 3948 SDRSVC - ok
17:22:33.0298 3948 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:22:33.0298 3948 secdrv - ok
17:22:33.0314 3948 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:22:33.0314 3948 seclogon - ok
17:22:33.0345 3948 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
17:22:33.0345 3948 SENS - ok
17:22:33.0361 3948 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:22:33.0361 3948 SensrSvc - ok
17:22:33.0376 3948 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:22:33.0376 3948 Serenum - ok
17:22:33.0408 3948 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:22:33.0408 3948 Serial - ok
17:22:33.0408 3948 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:22:33.0423 3948 sermouse - ok
17:22:33.0470 3948 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:22:33.0470 3948 SessionEnv - ok
17:22:33.0486 3948 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
17:22:33.0486 3948 sffdisk - ok
17:22:33.0501 3948 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:22:33.0501 3948 sffp_mmc - ok
17:22:33.0517 3948 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:22:33.0517 3948 sffp_sd - ok
17:22:33.0532 3948 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:22:33.0532 3948 sfloppy - ok
17:22:33.0595 3948 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:22:33.0610 3948 SharedAccess - ok
17:22:33.0657 3948 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:22:33.0673 3948 ShellHWDetection - ok
17:22:33.0704 3948 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:22:33.0704 3948 SiSRaid2 - ok
17:22:33.0720 3948 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:22:33.0720 3948 SiSRaid4 - ok
17:22:33.0751 3948 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:22:33.0751 3948 Smb - ok
17:22:33.0798 3948 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:22:33.0798 3948 SNMPTRAP - ok
17:22:33.0813 3948 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:22:33.0813 3948 spldr - ok
17:22:33.0891 3948 Spooler (85daa09a98c9286d4ea2ba8d0e644377) C:\Windows\System32\spoolsv.exe
17:22:33.0891 3948 Spooler - ok
17:22:34.0094 3948 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:22:34.0125 3948 sppsvc - ok
17:22:34.0219 3948 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:22:34.0234 3948 sppuinotify - ok
17:22:34.0297 3948 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:22:34.0297 3948 srv - ok
17:22:34.0328 3948 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:22:34.0344 3948 srv2 - ok
17:22:34.0390 3948 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:22:34.0390 3948 srvnet - ok
17:22:34.0422 3948 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:22:34.0437 3948 SSDPSRV - ok
17:22:34.0453 3948 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:22:34.0468 3948 SstpSvc - ok
17:22:34.0484 3948 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:22:34.0484 3948 stexstor - ok
17:22:34.0531 3948 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:22:34.0531 3948 StillCam - ok
17:22:34.0593 3948 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:22:34.0609 3948 stisvc - ok
17:22:34.0656 3948 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
17:22:34.0656 3948 storflt - ok
17:22:34.0671 3948 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
17:22:34.0671 3948 storvsc - ok
17:22:34.0702 3948 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:22:34.0702 3948 swenum - ok
17:22:34.0749 3948 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:22:34.0765 3948 swprv - ok
17:22:34.0812 3948 Synth3dVsc - ok
17:22:34.0936 3948 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:22:34.0983 3948 SysMain - ok
17:22:35.0092 3948 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:22:35.0108 3948 TabletInputService - ok
17:22:35.0155 3948 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:22:35.0170 3948 TapiSrv - ok
17:22:35.0186 3948 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:22:35.0202 3948 TBS - ok
17:22:35.0342 3948 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:22:35.0373 3948 Tcpip - ok
17:22:35.0545 3948 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:22:35.0560 3948 TCPIP6 - ok
17:22:35.0638 3948 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:22:35.0638 3948 tcpipreg - ok
17:22:35.0670 3948 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:22:35.0685 3948 TDPIPE - ok
17:22:35.0716 3948 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:22:35.0716 3948 TDTCP - ok
17:22:35.0763 3948 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:22:35.0763 3948 tdx - ok
17:22:35.0794 3948 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:22:35.0810 3948 TermDD - ok
17:22:35.0872 3948 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:22:35.0904 3948 TermService - ok
17:22:35.0935 3948 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:22:35.0935 3948 Themes - ok
17:22:35.0966 3948 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:22:35.0982 3948 THREADORDER - ok
17:22:36.0060 3948 tifm21 (a940e1ece8a54b3516b22a6b3545ff3d) C:\Windows\system32\drivers\tifm21.sys
17:22:36.0075 3948 tifm21 - ok
17:22:36.0106 3948 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:22:36.0122 3948 TrkWks - ok
17:22:36.0169 3948 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:22:36.0184 3948 TrustedInstaller - ok
17:22:36.0247 3948 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:22:36.0247 3948 tssecsrv - ok
17:22:36.0278 3948 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:22:36.0278 3948 TsUsbFlt - ok
17:22:36.0278 3948 tsusbhub - ok
17:22:36.0340 3948 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:22:36.0356 3948 tunnel - ok
17:22:36.0372 3948 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
17:22:36.0372 3948 TVALZ - ok
17:22:36.0418 3948 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:22:36.0418 3948 uagp35 - ok
17:22:36.0465 3948 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:22:36.0481 3948 udfs - ok
17:22:36.0512 3948 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:22:36.0512 3948 UI0Detect - ok
17:22:36.0559 3948 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:22:36.0559 3948 uliagpkx - ok
17:22:36.0606 3948 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:22:36.0606 3948 umbus - ok
17:22:36.0621 3948 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:22:36.0621 3948 UmPass - ok
17:22:36.0668 3948 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
17:22:36.0699 3948 UmRdpService - ok
17:22:36.0746 3948 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:22:36.0793 3948 upnphost - ok
17:22:36.0840 3948 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:22:36.0855 3948 usbaudio - ok
17:22:36.0886 3948 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:22:36.0886 3948 usbccgp - ok
17:22:36.0918 3948 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:22:36.0918 3948 usbcir - ok
17:22:36.0964 3948 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:22:36.0964 3948 usbehci - ok
17:22:36.0996 3948 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:22:37.0011 3948 usbhub - ok
17:22:37.0058 3948 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:22:37.0058 3948 usbohci - ok
17:22:37.0105 3948 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:22:37.0105 3948 usbprint - ok
17:22:37.0276 3948 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:22:37.0276 3948 usbscan - ok
17:22:37.0292 3948 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:22:37.0292 3948 USBSTOR - ok
17:22:37.0308 3948 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
17:22:37.0308 3948 usbuhci - ok
17:22:37.0323 3948 usbws320 (ef0d7b2c75e67d29cb5325939bb0eaf8) C:\Windows\system32\DRIVERS\usbws320.sys
17:22:37.0339 3948 usbws320 - ok
17:22:37.0354 3948 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:22:37.0354 3948 UxSms - ok
17:22:37.0386 3948 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:22:37.0401 3948 VaultSvc - ok
17:22:37.0432 3948 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:22:37.0432 3948 vdrvroot - ok
17:22:37.0495 3948 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:22:37.0526 3948 vds - ok
17:22:37.0542 3948 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:22:37.0542 3948 vga - ok
17:22:37.0557 3948 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:22:37.0557 3948 VgaSave - ok
17:22:37.0557 3948 VGPU - ok
17:22:37.0620 3948 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:22:37.0635 3948 vhdmp - ok
17:22:37.0666 3948 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:22:37.0666 3948 viaide - ok
17:22:37.0698 3948 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
17:22:37.0698 3948 vmbus - ok
17:22:37.0713 3948 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
17:22:37.0713 3948 VMBusHID - ok
17:22:37.0729 3948 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:22:37.0744 3948 volmgr - ok
17:22:37.0776 3948 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:22:37.0791 3948 volmgrx - ok
17:22:37.0822 3948 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:22:37.0822 3948 volsnap - ok
17:22:37.0854 3948 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:22:37.0854 3948 vsmraid - ok
17:22:37.0978 3948 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:22:38.0025 3948 VSS - ok
17:22:38.0119 3948 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:22:38.0119 3948 vwifibus - ok
17:22:38.0150 3948 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:22:38.0150 3948 vwififlt - ok
17:22:38.0197 3948 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:22:38.0197 3948 vwifimp - ok
17:22:38.0259 3948 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:22:38.0290 3948 W32Time - ok
17:22:38.0306 3948 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:22:38.0306 3948 WacomPen - ok
17:22:38.0368 3948 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:22:38.0368 3948 WANARP - ok
17:22:38.0368 3948 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:22:38.0368 3948 Wanarpv6 - ok
17:22:38.0493 3948 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:22:38.0509 3948 WatAdminSvc - ok
17:22:38.0634 3948 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:22:38.0665 3948 wbengine - ok
17:22:38.0774 3948 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:22:38.0774 3948 WbioSrvc - ok
17:22:38.0836 3948 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:22:38.0852 3948 wcncsvc - ok
17:22:38.0868 3948 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:22:38.0868 3948 WcsPlugInService - ok
17:22:38.0899 3948 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:22:38.0899 3948 Wd - ok
17:22:38.0946 3948 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
17:22:38.0946 3948 WDC_SAM - ok
17:22:38.0992 3948 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:22:38.0992 3948 Wdf01000 - ok
17:22:39.0024 3948 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:22:39.0024 3948 WdiServiceHost - ok
17:22:39.0024 3948 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:22:39.0039 3948 WdiSystemHost - ok
17:22:39.0055 3948 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:22:39.0070 3948 WebClient - ok
17:22:39.0102 3948 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:22:39.0117 3948 Wecsvc - ok
17:22:39.0133 3948 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:22:39.0148 3948 wercplsupport - ok
17:22:39.0180 3948 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:22:39.0180 3948 WerSvc - ok
17:22:39.0211 3948 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:22:39.0211 3948 WfpLwf - ok
17:22:39.0226 3948 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:22:39.0226 3948 WIMMount - ok
17:22:39.0273 3948 WinDefend - ok
17:22:39.0273 3948 WinHttpAutoProxySvc - ok
17:22:39.0367 3948 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:22:39.0367 3948 Winmgmt - ok
17:22:39.0507 3948 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:22:39.0554 3948 WinRM - ok
17:22:39.0679 3948 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:22:39.0679 3948 WinUsb - ok
17:22:39.0741 3948 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:22:39.0788 3948 Wlansvc - ok
17:22:39.0819 3948 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:22:39.0819 3948 wlcrasvc - ok
17:22:39.0975 3948 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:22:40.0038 3948 wlidsvc - ok
17:22:40.0100 3948 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:22:40.0100 3948 WmiAcpi - ok
17:22:40.0256 3948 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:22:40.0272 3948 wmiApSrv - ok
17:22:40.0303 3948 WMPNetworkSvc - ok
17:22:40.0334 3948 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:22:40.0334 3948 WPCSvc - ok
17:22:40.0381 3948 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:22:40.0381 3948 WPDBusEnum - ok
17:22:40.0443 3948 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:22:40.0443 3948 ws2ifsl - ok
17:22:40.0459 3948 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
17:22:40.0459 3948 wscsvc - ok
17:22:40.0474 3948 WSearch - ok
17:22:40.0630 3948 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:22:40.0677 3948 wuauserv - ok
17:22:40.0833 3948 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:22:40.0833 3948 WudfPf - ok
17:22:40.0864 3948 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:22:40.0880 3948 WUDFRd - ok
17:22:40.0896 3948 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:22:40.0896 3948 wudfsvc - ok
17:22:40.0942 3948 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:22:40.0974 3948 WwanSvc - ok
17:22:41.0036 3948 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:22:41.0114 3948 \Device\Harddisk0\DR0 - ok
17:22:41.0114 3948 Boot (0x1200) (25edd647f2f73219f2fbada7689563ce) \Device\Harddisk0\DR0\Partition0
17:22:41.0114 3948 \Device\Harddisk0\DR0\Partition0 - ok
17:22:41.0130 3948 Boot (0x1200) (8d392bc18ae0501079a744a209f2daa5) \Device\Harddisk0\DR0\Partition1
17:22:41.0130 3948 \Device\Harddisk0\DR0\Partition1 - ok
17:22:41.0145 3948 Boot (0x1200) (34ba16afa4e4904029696000ba132158) \Device\Harddisk0\DR0\Partition2
17:22:41.0161 3948 \Device\Harddisk0\DR0\Partition2 - ok
17:22:41.0161 3948 ============================================================
17:22:41.0161 3948 Scan finished
17:22:41.0161 3948 ============================================================
17:22:41.0176 1224 Detected object count: 0
17:22:41.0176 1224 Actual detected object count: 0
17:23:08.0882 4604 Deinitialize success

 

[paulcheung]

17:18:00.0042 4616 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
17:18:02.0045 4616 ============================================================
17:18:02.0045 4616 Current date / time: 2012/08/22 17:18:02.0045
17:18:02.0045 4616 SystemInfo:
17:18:02.0045 4616
17:18:02.0045 4616 OS Version: 6.1.7601 ServicePack: 1.0
17:18:02.0045 4616 Product type: Workstation
17:18:02.0045 4616 ComputerName: Paul
17:18:02.0045 4616 UserName: PaulCheung
17:18:02.0045 4616 Windows directory: C:\Windows
17:18:02.0045 4616 System windows directory: C:\Windows
17:18:02.0045 4616 Running under WOW64
17:18:02.0046 4616 Processor architecture: Intel x64
17:18:02.0046 4616 Number of processors: 2
17:18:02.0046 4616 Page size: 0x1000
17:18:02.0046 4616 Boot type: Normal boot
17:18:02.0046 4616 ============================================================
17:18:03.0355 4616 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:18:03.0366 4616 ============================================================
17:18:03.0366 4616 \Device\Harddisk0\DR0:
17:18:03.0367 4616 MBR partitions:
17:18:03.0367 4616 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x32000
17:18:03.0367 4616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x320800, BlocksNum 0x126F8800
17:18:03.0384 4616 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12A19800, BlocksNum 0x44B2C000
17:18:03.0384 4616 ============================================================
17:18:03.0418 4616 C: <-> \Device\Harddisk0\DR0\Partition1
17:18:03.0471 4616 F: <-> \Device\Harddisk0\DR0\Partition2
17:18:03.0471 4616 ============================================================
17:18:03.0471 4616 Initialize success
17:18:03.0471 4616 ============================================================
17:18:55.0720 3440 Deinitialize success

 

[johnb35]

You are using an outdated version of the program please redownload and run the latest version here.

http://support.kaspersky.com/downloads/utils/tdsskiller.exe

 

[paulcheung]

21:45:37.0562 2924 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
21:45:37.0968 2924 ============================================================
21:45:37.0968 2924 Current date / time: 2012/08/22 21:45:37.0968
21:45:37.0968 2924 SystemInfo:
21:45:37.0968 2924
21:45:37.0968 2924 OS Version: 6.1.7601 ServicePack: 1.0
21:45:37.0968 2924 Product type: Workstation
21:45:37.0968 2924 ComputerName: Paul
21:45:37.0968 2924 UserName: PaulCheung
21:45:37.0968 2924 Windows directory: C:\Windows
21:45:37.0968 2924 System windows directory: C:\Windows
21:45:37.0968 2924 Running under WOW64
21:45:37.0968 2924 Processor architecture: Intel x64
21:45:37.0968 2924 Number of processors: 2
21:45:37.0968 2924 Page size: 0x1000
21:45:37.0968 2924 Boot type: Normal boot
21:45:37.0968 2924 ============================================================
21:45:39.0387 2924 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:45:39.0403 2924 ============================================================
21:45:39.0403 2924 \Device\Harddisk0\DR0:
21:45:39.0403 2924 MBR partitions:
21:45:39.0403 2924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x32000
21:45:39.0403 2924 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x320800, BlocksNum 0x126F8800
21:45:39.0419 2924 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x12A19800, BlocksNum 0x44B2C000
21:45:39.0419 2924 ============================================================
21:45:39.0450 2924 C: <-> \Device\Harddisk0\DR0\Partition2
21:45:39.0497 2924 F: <-> \Device\Harddisk0\DR0\Partition3
21:45:39.0497 2924 ============================================================
21:45:39.0497 2924 Initialize success
21:45:39.0497 2924 ============================================================
21:45:41.0681 5092 ============================================================
21:45:41.0681 5092 Scan started
21:45:41.0681 5092 Mode: Manual;
21:45:41.0681 5092 ============================================================
21:45:42.0695 5092 ================ Scan system memory ========================
21:45:42.0695 5092 System memory - ok
21:45:42.0695 5092 ================ Scan services =============================
21:45:42.0773 5092 [ A0709B82FA3B5AFAD1467E565B8B3BA0 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:45:42.0788 5092 !SASCORE - ok
21:45:42.0929 5092 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:45:42.0929 5092 1394ohci - ok
21:45:42.0960 5092 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:45:42.0975 5092 ACPI - ok
21:45:43.0007 5092 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:45:43.0007 5092 AcpiPmi - ok
21:45:43.0069 5092 [ 6D182C31ACF16213407F2768F1107FE3 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
21:45:43.0069 5092 Adobe LM Service - ok
21:45:43.0225 5092 [ 76D5A3D2A50402A0B9B6ED13C4371E79 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:45:43.0225 5092 AdobeFlashPlayerUpdateSvc - ok
21:45:43.0256 5092 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:45:43.0272 5092 adp94xx - ok
21:45:43.0287 5092 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:45:43.0303 5092 adpahci - ok
21:45:43.0319 5092 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:45:43.0319 5092 adpu320 - ok
21:45:43.0350 5092 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:45:43.0365 5092 AeLookupSvc - ok
21:45:43.0412 5092 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:45:43.0428 5092 AFD - ok
21:45:43.0475 5092 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
21:45:43.0506 5092 AgereSoftModem - ok
21:45:43.0537 5092 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:45:43.0537 5092 agp440 - ok
21:45:43.0553 5092 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:45:43.0553 5092 ALG - ok
21:45:43.0584 5092 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:45:43.0584 5092 aliide - ok
21:45:43.0724 5092 ALSysIO - ok
21:45:43.0755 5092 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:45:43.0755 5092 amdide - ok
21:45:43.0787 5092 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:45:43.0787 5092 AmdK8 - ok
21:45:43.0802 5092 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:45:43.0818 5092 AmdPPM - ok
21:45:43.0833 5092 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:45:43.0833 5092 amdsata - ok
21:45:43.0865 5092 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:45:43.0865 5092 amdsbs - ok
21:45:43.0880 5092 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:45:43.0896 5092 amdxata - ok
21:45:43.0927 5092 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:45:43.0927 5092 AppID - ok
21:45:43.0958 5092 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:45:43.0958 5092 AppIDSvc - ok
21:45:43.0974 5092 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:45:43.0974 5092 Appinfo - ok
21:45:44.0021 5092 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:45:44.0021 5092 AppMgmt - ok
21:45:44.0036 5092 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:45:44.0052 5092 arc - ok
21:45:44.0067 5092 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:45:44.0067 5092 arcsas - ok
21:45:44.0099 5092 [ DF59B8E8DF0BD2E0E303778A3806A17D ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:45:44.0099 5092 aswFsBlk - ok
21:45:44.0114 5092 [ F8E6AB4F876FEFF69250F2E0C29EF004 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:45:44.0114 5092 aswMonFlt - ok
21:45:44.0161 5092 [ AA92BC4BCBA40CA3AA3FFD1BE24F0C09 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:45:44.0161 5092 aswRdr - ok
21:45:44.0223 5092 [ F06E230E1E8CA9437A6474B7B551CD37 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:45:44.0223 5092 aswSnx - ok
21:45:44.0286 5092 [ 3610CA74A69E380424F0452DEC5C1317 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:45:44.0286 5092 aswSP - ok
21:45:44.0301 5092 [ 87DE3E31CB0091D22351349869324065 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:45:44.0301 5092 aswTdi - ok
21:45:44.0317 5092 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:45:44.0317 5092 AsyncMac - ok
21:45:44.0348 5092 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:45:44.0348 5092 atapi - ok
21:45:44.0395 5092 [ 88A02B6046356E6BE4E387FAA7451439 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:45:44.0442 5092 athr - ok
21:45:44.0489 5092 [ 9F9E73327C456F418EB6B0CC98D1E3F4 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
21:45:44.0504 5092 Ati External Event Utility - ok
21:45:44.0629 5092 [ 2EC33A384281FDDFD5954CAA327D361B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:45:44.0707 5092 atikmdag - ok
21:45:44.0754 5092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:45:44.0769 5092 AudioEndpointBuilder - ok
21:45:44.0785 5092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:45:44.0801 5092 AudioSrv - ok
21:45:44.0832 5092 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:45:44.0832 5092 avast! Antivirus - ok
21:45:44.0879 5092 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:45:44.0879 5092 AxInstSV - ok
21:45:44.0925 5092 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:45:44.0941 5092 b06bdrv - ok
21:45:44.0972 5092 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:45:44.0972 5092 b57nd60a - ok
21:45:45.0019 5092 [ AE4CBBBF2E48DE86673D4D8E74678D01 ] bcm C:\Windows\system32\DRIVERS\drxvi314.sys
21:45:45.0019 5092 bcm - ok
21:45:45.0035 5092 [ A5B133A6271AACA178B24FFDBD85AFB9 ] bcmbusctr C:\Windows\system32\DRIVERS\BcmBusCtr.sys
21:45:45.0035 5092 bcmbusctr - ok
21:45:45.0050 5092 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:45:45.0050 5092 BDESVC - ok
21:45:45.0081 5092 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:45:45.0081 5092 Beep - ok
21:45:45.0128 5092 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:45:45.0144 5092 BFE - ok
21:45:45.0175 5092 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
21:45:45.0206 5092 BITS - ok
21:45:45.0206 5092 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:45:45.0206 5092 blbdrive - ok
21:45:45.0253 5092 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:45:45.0253 5092 bowser - ok
21:45:45.0269 5092 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:45:45.0269 5092 BrFiltLo - ok
21:45:45.0284 5092 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:45:45.0284 5092 BrFiltUp - ok
21:45:45.0315 5092 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:45:45.0315 5092 BridgeMP - ok
21:45:45.0347 5092 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:45:45.0347 5092 Browser - ok
21:45:45.0362 5092 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:45:45.0362 5092 Brserid - ok
21:45:45.0393 5092 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:45:45.0393 5092 BrSerWdm - ok
21:45:45.0409 5092 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:45:45.0425 5092 BrUsbMdm - ok
21:45:45.0440 5092 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:45:45.0440 5092 BrUsbSer - ok
21:45:45.0456 5092 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:45:45.0456 5092 BTHMODEM - ok
21:45:45.0487 5092 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:45:45.0487 5092 bthserv - ok
21:45:45.0518 5092 catchme - ok
21:45:45.0534 5092 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:45:45.0534 5092 cdfs - ok
21:45:45.0581 5092 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:45:45.0581 5092 cdrom - ok
21:45:45.0612 5092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:45:45.0627 5092 CertPropSvc - ok
21:45:45.0643 5092 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:45:45.0643 5092 circlass - ok
21:45:45.0674 5092 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:45:45.0674 5092 CLFS - ok
21:45:45.0752 5092 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:45:45.0752 5092 clr_optimization_v2.0.50727_32 - ok
21:45:45.0799 5092 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:45:45.0799 5092 clr_optimization_v2.0.50727_64 - ok
21:45:45.0861 5092 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:45:45.0877 5092 clr_optimization_v4.0.30319_32 - ok
21:45:45.0908 5092 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:45:45.0908 5092 clr_optimization_v4.0.30319_64 - ok
21:45:45.0924 5092 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:45:45.0924 5092 CmBatt - ok
21:45:45.0955 5092 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:45:45.0955 5092 cmdide - ok
21:45:45.0986 5092 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:45:46.0002 5092 CNG - ok
21:45:46.0017 5092 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:45:46.0017 5092 Compbatt - ok
21:45:46.0064 5092 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:45:46.0064 5092 CompositeBus - ok
21:45:46.0080 5092 COMSysApp - ok
21:45:46.0095 5092 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:45:46.0095 5092 crcdisk - ok
21:45:46.0142 5092 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:45:46.0142 5092 CryptSvc - ok
21:45:46.0189 5092 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
21:45:46.0189 5092 CSC - ok
21:45:46.0236 5092 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
21:45:46.0251 5092 CscService - ok
21:45:46.0314 5092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:45:46.0314 5092 DcomLaunch - ok
21:45:46.0361 5092 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:45:46.0361 5092 defragsvc - ok
21:45:46.0407 5092 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:45:46.0407 5092 DfsC - ok
21:45:46.0423 5092 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:45:46.0423 5092 Dhcp - ok
21:45:46.0439 5092 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:45:46.0439 5092 discache - ok
21:45:46.0485 5092 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:45:46.0485 5092 Disk - ok
21:45:46.0517 5092 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:45:46.0517 5092 Dnscache - ok
21:45:46.0579 5092 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:45:46.0579 5092 dot3svc - ok
21:45:46.0626 5092 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:45:46.0626 5092 DPS - ok
21:45:46.0641 5092 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:45:46.0657 5092 drmkaud - ok
21:45:46.0704 5092 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:45:46.0704 5092 DXGKrnl - ok
21:45:46.0735 5092 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:45:46.0735 5092 EapHost - ok
21:45:46.0813 5092 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:45:46.0875 5092 ebdrv - ok
21:45:46.0907 5092 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:45:46.0907 5092 EFS - ok
21:45:46.0953 5092 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:45:46.0969 5092 ehRecvr - ok
21:45:47.0000 5092 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:45:47.0000 5092 ehSched - ok
21:45:47.0031 5092 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:45:47.0031 5092 elxstor - ok
21:45:47.0063 5092 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:45:47.0063 5092 ErrDev - ok
21:45:47.0094 5092 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:45:47.0109 5092 EventSystem - ok
21:45:47.0125 5092 ew_hwusbdev - ok
21:45:47.0141 5092 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:45:47.0156 5092 exfat - ok
21:45:47.0172 5092 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:45:47.0172 5092 fastfat - ok
21:45:47.0219 5092 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:45:47.0234 5092 Fax - ok
21:45:47.0250 5092 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:45:47.0250 5092 fdc - ok
21:45:47.0265 5092 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:45:47.0265 5092 fdPHost - ok
21:45:47.0281 5092 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:45:47.0297 5092 FDResPub - ok
21:45:47.0312 5092 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:45:47.0312 5092 FileInfo - ok
21:45:47.0328 5092 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:45:47.0343 5092 Filetrace - ok
21:45:47.0406 5092 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:45:47.0437 5092 flpydisk - ok
21:45:47.0562 5092 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:45:47.0562 5092 FltMgr - ok
21:45:47.0609 5092 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:45:47.0640 5092 FontCache - ok
21:45:47.0702 5092 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:45:47.0702 5092 FontCache3.0.0.0 - ok
21:45:47.0733 5092 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:45:47.0733 5092 FsDepends - ok
21:45:47.0780 5092 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
21:45:47.0780 5092 fssfltr - ok
21:45:47.0843 5092 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:45:47.0874 5092 fsssvc - ok
21:45:47.0921 5092 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:45:47.0921 5092 Fs_Rec - ok
21:45:47.0967 5092 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:45:47.0967 5092 fvevol - ok
21:45:47.0999 5092 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:45:47.0999 5092 gagp30kx - ok
21:45:48.0045 5092 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:45:48.0061 5092 gpsvc - ok
21:45:48.0077 5092 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:45:48.0077 5092 hcw85cir - ok
21:45:48.0123 5092 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:45:48.0139 5092 HdAudAddService - ok
21:45:48.0186 5092 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:45:48.0186 5092 HDAudBus - ok
21:45:48.0201 5092 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:45:48.0201 5092 HidBatt - ok
21:45:48.0217 5092 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:45:48.0217 5092 HidBth - ok
21:45:48.0233 5092 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:45:48.0233 5092 HidIr - ok
21:45:48.0279 5092 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
21:45:48.0279 5092 hidserv - ok
21:45:48.0311 5092 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:45:48.0311 5092 HidUsb - ok
21:45:48.0342 5092 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:45:48.0342 5092 hkmsvc - ok
21:45:48.0389 5092 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:45:48.0389 5092 HomeGroupListener - ok
21:45:48.0420 5092 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:45:48.0420 5092 HomeGroupProvider - ok
21:45:48.0498 5092 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:45:48.0498 5092 hpqcxs08 - ok
21:45:48.0513 5092 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:45:48.0529 5092 hpqddsvc - ok
21:45:48.0545 5092 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:45:48.0545 5092 HpSAMD - ok
21:45:48.0576 5092 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:45:48.0591 5092 HPSLPSVC - ok
21:45:48.0638 5092 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:45:48.0654 5092 HTTP - ok
21:45:48.0669 5092 huawei_enumerator - ok
21:45:48.0669 5092 hwdatacard - ok
21:45:48.0716 5092 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:45:48.0716 5092 hwpolicy - ok
21:45:48.0763 5092 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:45:48.0779 5092 i8042prt - ok
21:45:48.0825 5092 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:45:48.0825 5092 iaStorV - ok
21:45:48.0903 5092 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:45:48.0903 5092 IDriverT - ok
21:45:48.0966 5092 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:45:48.0981 5092 idsvc - ok
21:45:49.0013 5092 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:45:49.0013 5092 iirsp - ok
21:45:49.0059 5092 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:45:49.0075 5092 IKEEXT - ok
21:45:49.0122 5092 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:45:49.0122 5092 intelide - ok
21:45:49.0137 5092 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:45:49.0137 5092 intelppm - ok
21:45:49.0169 5092 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:45:49.0169 5092 IPBusEnum - ok
21:45:49.0184 5092 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:45:49.0200 5092 IpFilterDriver - ok
21:45:49.0247 5092 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:45:49.0262 5092 iphlpsvc - ok
21:45:49.0293 5092 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:45:49.0293 5092 IPMIDRV - ok
21:45:49.0325 5092 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:45:49.0325 5092 IPNAT - ok
21:45:49.0340 5092 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:45:49.0340 5092 IRENUM - ok
21:45:49.0371 5092 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:45:49.0371 5092 isapnp - ok
21:45:49.0403 5092 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:45:49.0418 5092 iScsiPrt - ok
21:45:49.0434 5092 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:45:49.0434 5092 kbdclass - ok
21:45:49.0465 5092 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:45:49.0465 5092 kbdhid - ok
21:45:49.0481 5092 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:45:49.0496 5092 KeyIso - ok
21:45:49.0527 5092 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:45:49.0527 5092 KSecDD - ok
21:45:49.0559 5092 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:45:49.0559 5092 KSecPkg - ok
21:45:49.0574 5092 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:45:49.0574 5092 ksthunk - ok
21:45:49.0605 5092 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:45:49.0605 5092 KtmRm - ok
21:45:49.0652 5092 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:45:49.0652 5092 LanmanServer - ok
21:45:49.0683 5092 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:45:49.0699 5092 LanmanWorkstation - ok
21:45:49.0730 5092 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:45:49.0730 5092 lltdio - ok
21:45:49.0761 5092 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:45:49.0761 5092 lltdsvc - ok
21:45:49.0793 5092 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:45:49.0793 5092 lmhosts - ok
21:45:49.0824 5092 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:45:49.0824 5092 LSI_FC - ok
21:45:49.0855 5092 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:45:49.0855 5092 LSI_SAS - ok
21:45:49.0871 5092 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:45:49.0871 5092 LSI_SAS2 - ok
21:45:49.0886 5092 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:45:49.0886 5092 LSI_SCSI - ok
21:45:49.0902 5092 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:45:49.0917 5092 luafv - ok
21:45:49.0964 5092 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
21:45:49.0964 5092 mcdbus - ok
21:45:49.0995 5092 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:45:49.0995 5092 Mcx2Svc - ok
21:45:50.0073 5092 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:45:50.0073 5092 MDM - ok
21:45:50.0089 5092 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:45:50.0089 5092 megasas - ok
21:45:50.0120 5092 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:45:50.0136 5092 MegaSR - ok
21:45:50.0214 5092 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:45:50.0214 5092 Microsoft Office Groove Audit Service - ok
21:45:50.0245 5092 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:45:50.0245 5092 MMCSS - ok
21:45:50.0261 5092 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:45:50.0261 5092 Modem - ok
21:45:50.0276 5092 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:45:50.0276 5092 monitor - ok
21:45:50.0307 5092 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:45:50.0307 5092 mouclass - ok
21:45:50.0323 5092 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:45:50.0339 5092 mouhid - ok
21:45:50.0370 5092 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:45:50.0370 5092 mountmgr - ok
21:45:50.0417 5092 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:45:50.0417 5092 mpio - ok
21:45:50.0448 5092 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:45:50.0448 5092 mpsdrv - ok
21:45:50.0495 5092 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:45:50.0510 5092 MpsSvc - ok
21:45:50.0557 5092 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:45:50.0573 5092 MRxDAV - ok
21:45:50.0604 5092 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:45:50.0604 5092 mrxsmb - ok
21:45:50.0619 5092 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:45:50.0619 5092 mrxsmb10 - ok
21:45:50.0651 5092 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:45:50.0666 5092 mrxsmb20 - ok
21:45:50.0682 5092 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:45:50.0682 5092 msahci - ok
21:45:50.0729 5092 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:45:50.0729 5092 msdsm - ok
21:45:50.0760 5092 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:45:50.0760 5092 MSDTC - ok
21:45:50.0791 5092 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:45:50.0791 5092 Msfs - ok
21:45:50.0807 5092 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:45:50.0807 5092 mshidkmdf - ok
21:45:50.0838 5092 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:45:50.0838 5092 msisadrv - ok
21:45:50.0869 5092 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:45:50.0869 5092 MSiSCSI - ok
21:45:50.0885 5092 msiserver - ok
21:45:50.0900 5092 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:45:50.0916 5092 MSKSSRV - ok
21:45:50.0916 5092 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:45:50.0916 5092 MSPCLOCK - ok
21:45:50.0947 5092 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:45:50.0947 5092 MSPQM - ok
21:45:50.0978 5092 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:45:50.0978 5092 MsRPC - ok
21:45:50.0994 5092 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:45:50.0994 5092 mssmbios - ok
21:45:51.0025 5092 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:45:51.0025 5092 MSTEE - ok
21:45:51.0041 5092 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:45:51.0041 5092 MTConfig - ok
21:45:51.0072 5092 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:45:51.0072 5092 Mup - ok
21:45:51.0119 5092 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:45:51.0134 5092 napagent - ok
21:45:51.0150 5092 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:45:51.0165 5092 NativeWifiP - ok
21:45:51.0228 5092 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:45:51.0243 5092 NDIS - ok
21:45:51.0259 5092 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:45:51.0259 5092 NdisCap - ok
21:45:51.0275 5092 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:45:51.0275 5092 NdisTapi - ok
21:45:51.0290 5092 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:45:51.0290 5092 Ndisuio - ok
21:45:51.0321 5092 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:45:51.0321 5092 NdisWan - ok
21:45:51.0353 5092 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:45:51.0353 5092 NDProxy - ok
21:45:51.0399 5092 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:45:51.0399 5092 Net Driver HPZ12 - ok
21:45:51.0431 5092 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:45:51.0431 5092 NetBIOS - ok
21:45:51.0462 5092 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:45:51.0462 5092 NetBT - ok
21:45:51.0477 5092 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:45:51.0477 5092 Netlogon - ok
21:45:51.0524 5092 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:45:51.0540 5092 Netman - ok
21:45:51.0555 5092 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:45:51.0571 5092 netprofm - ok
21:45:51.0618 5092 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
21:45:51.0633 5092 netr28ux - ok
21:45:51.0649 5092 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:45:51.0649 5092 NetTcpPortSharing - ok
21:45:51.0680 5092 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:45:51.0680 5092 nfrd960 - ok
21:45:51.0727 5092 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:45:51.0743 5092 NlaSvc - ok
21:45:51.0743 5092 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:45:51.0743 5092 Npfs - ok
21:45:51.0758 5092 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:45:51.0758 5092 nsi - ok
21:45:51.0774 5092 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:45:51.0774 5092 nsiproxy - ok
21:45:51.0852 5092 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:45:51.0883 5092 Ntfs - ok
21:45:51.0883 5092 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:45:51.0899 5092 Null - ok
21:45:51.0914 5092 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:45:51.0930 5092 nvraid - ok
21:45:51.0945 5092 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:45:51.0945 5092 nvstor - ok
21:45:51.0977 5092 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:45:51.0977 5092 nv_agp - ok
21:45:52.0039 5092 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:45:52.0055 5092 odserv - ok
21:45:52.0086 5092 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:45:52.0086 5092 ohci1394 - ok
21:45:52.0133 5092 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:45:52.0133 5092 ose - ok
21:45:52.0164 5092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:45:52.0179 5092 p2pimsvc - ok
21:45:52.0211 5092 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:45:52.0226 5092 p2psvc - ok
21:45:52.0242 5092 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:45:52.0257 5092 Parport - ok
21:45:52.0289 5092 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:45:52.0289 5092 partmgr - ok
21:45:52.0320 5092 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:45:52.0320 5092 PcaSvc - ok
21:45:52.0351 5092 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:45:52.0351 5092 pci - ok
21:45:52.0367 5092 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:45:52.0367 5092 pciide - ok
21:45:52.0382 5092 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:45:52.0382 5092 pcmcia - ok
21:45:52.0413 5092 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:45:52.0413 5092 pcw - ok
21:45:52.0429 5092 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:45:52.0445 5092 PEAUTH - ok
21:45:52.0507 5092 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:45:52.0538 5092 PeerDistSvc - ok
21:45:52.0928 5092 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:45:52.0944 5092 PerfHost - ok
21:45:53.0006 5092 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:45:53.0037 5092 pla - ok
21:45:53.0084 5092 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:45:53.0100 5092 PlugPlay - ok
21:45:53.0147 5092 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:45:53.0147 5092 Pml Driver HPZ12 - ok
21:45:53.0162 5092 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:45:53.0178 5092 PNRPAutoReg - ok
21:45:53.0193 5092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:45:53.0209 5092 PNRPsvc - ok
21:45:53.0256 5092 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:45:53.0256 5092 PolicyAgent - ok
21:45:53.0303 5092 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:45:53.0303 5092 Power - ok
21:45:53.0334 5092 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:45:53.0334 5092 PptpMiniport - ok
21:45:53.0349 5092 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:45:53.0349 5092 Processor - ok
21:45:53.0396 5092 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:45:53.0396 5092 ProfSvc - ok
21:45:53.0427 5092 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:45:53.0427 5092 ProtectedStorage - ok
21:45:53.0474 5092 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:45:53.0474 5092 Psched - ok
21:45:53.0552 5092 [ 5956B7BE76DD7681768BC56E342D1D94 ] QBCFMonitorService c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
21:45:53.0552 5092 QBCFMonitorService - ok
21:45:53.0599 5092 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService c:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
21:45:53.0599 5092 QBFCService - ok
21:45:53.0646 5092 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:45:53.0677 5092 ql2300 - ok
21:45:53.0708 5092 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:45:53.0708 5092 ql40xx - ok
21:45:53.0724 5092 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:45:53.0739 5092 QWAVE - ok
21:45:53.0755 5092 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:45:53.0755 5092 QWAVEdrv - ok
21:45:53.0771 5092 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:45:53.0771 5092 RasAcd - ok
21:45:53.0786 5092 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:45:53.0786 5092 RasAgileVpn - ok
21:45:53.0786 5092 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:45:53.0802 5092 RasAuto - ok
21:45:53.0833 5092 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:45:53.0833 5092 Rasl2tp - ok
21:45:53.0849 5092 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:45:53.0864 5092 RasMan - ok
21:45:53.0880 5092 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:45:53.0880 5092 RasPppoe - ok
21:45:53.0911 5092 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:45:53.0911 5092 RasSstp - ok
21:45:53.0927 5092 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:45:53.0927 5092 rdbss - ok
21:45:53.0942 5092 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:45:53.0942 5092 rdpbus - ok
21:45:53.0958 5092 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:45:53.0973 5092 RDPCDD - ok
21:45:54.0005 5092 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:45:54.0005 5092 RDPDR - ok
21:45:54.0020 5092 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:45:54.0020 5092 RDPENCDD - ok
21:45:54.0036 5092 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:45:54.0036 5092 RDPREFMP - ok
21:45:54.0114 5092 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:45:54.0114 5092 RdpVideoMiniport - ok
21:45:54.0161 5092 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:45:54.0161 5092 RDPWD - ok
21:45:54.0192 5092 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:45:54.0192 5092 rdyboost - ok
21:45:54.0223 5092 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:45:54.0223 5092 RemoteAccess - ok
21:45:54.0239 5092 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:45:54.0239 5092 RemoteRegistry - ok
21:45:54.0270 5092 [ 71B48DDAF5E9C2B40E64DE5C405F5AAC ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
21:45:54.0285 5092 RimUsb - ok
21:45:54.0317 5092 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
21:45:54.0317 5092 RimVSerPort - ok
21:45:54.0317 5092 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
21:45:54.0317 5092 ROOTMODEM - ok
21:45:54.0348 5092 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:45:54.0348 5092 RpcEptMapper - ok
21:45:54.0379 5092 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:45:54.0379 5092 RpcLocator - ok
21:45:54.0410 5092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:45:54.0426 5092 RpcSs - ok
21:45:54.0441 5092 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:45:54.0441 5092 rspndr - ok
21:45:54.0488 5092 [ 3641E624C8C5D5EA089AE9B5340B5B79 ] rt70x64 C:\Windows\system32\DRIVERS\netr7064.sys
21:45:54.0504 5092 rt70x64 - ok
21:45:54.0535 5092 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:45:54.0535 5092 RTL8167 - ok
21:45:54.0566 5092 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:45:54.0566 5092 s3cap - ok
21:45:54.0582 5092 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:45:54.0582 5092 SamSs - ok
21:45:54.0660 5092 [ 99DF79C258B3342B6C8A5F802998DE56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:45:54.0675 5092 SASDIFSV - ok
21:45:54.0691 5092 [ 2859C35C0651E8EB0D86D48E740388F2 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:45:54.0691 5092 SASKUTIL - ok
21:45:54.0722 5092 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:45:54.0722 5092 sbp2port - ok
21:45:54.0738 5092 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:45:54.0753 5092 SCardSvr - ok
21:45:54.0785 5092 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:45:54.0785 5092 scfilter - ok
21:45:54.0831 5092 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:45:54.0863 5092 Schedule - ok
21:45:54.0909 5092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:45:54.0909 5092 SCPolicySvc - ok
21:45:54.0941 5092 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
21:45:54.0956 5092 sdbus - ok
21:45:54.0987 5092 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:45:55.0003 5092 SDRSVC - ok
21:45:55.0019 5092 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:45:55.0019 5092 secdrv - ok
21:45:55.0034 5092 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:45:55.0034 5092 seclogon - ok
21:45:55.0050 5092 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
21:45:55.0050 5092 SENS - ok
21:45:55.0065 5092 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:45:55.0081 5092 SensrSvc - ok
21:45:55.0097 5092 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:45:55.0097 5092 Serenum - ok
21:45:55.0112 5092 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:45:55.0112 5092 Serial - ok
21:45:55.0159 5092 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:45:55.0159 5092 sermouse - ok
21:45:55.0206 5092 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:45:55.0221 5092 SessionEnv - ok
21:45:55.0253 5092 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:45:55.0253 5092 sffdisk - ok
21:45:55.0253 5092 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:45:55.0253 5092 sffp_mmc - ok
21:45:55.0284 5092 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:45:55.0284 5092 sffp_sd - ok
21:45:55.0284 5092 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:45:55.0299 5092 sfloppy - ok
21:45:55.0331 5092 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:45:55.0346 5092 SharedAccess - ok
21:45:55.0377 5092 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:45:55.0393 5092 ShellHWDetection - ok
21:45:55.0424 5092 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:45:55.0424 5092 SiSRaid2 - ok
21:45:55.0440 5092 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:45:55.0440 5092 SiSRaid4 - ok
21:45:55.0471 5092 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:45:55.0471 5092 Smb - ok
21:45:55.0502 5092 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:45:55.0518 5092 SNMPTRAP - ok
21:45:55.0533 5092 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:45:55.0549 5092 spldr - ok
21:45:55.0580 5092 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:45:55.0596 5092 Spooler - ok
21:45:55.0689 5092 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:45:55.0721 5092 sppsvc - ok
21:45:55.0736 5092 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:45:55.0736 5092 sppuinotify - ok
21:45:55.0783 5092 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:45:55.0799 5092 srv - ok
21:45:55.0814 5092 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:45:55.0830 5092 srv2 - ok
21:45:55.0861 5092 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:45:55.0861 5092 srvnet - ok
21:45:55.0892 5092 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:45:55.0908 5092 SSDPSRV - ok
21:45:55.0923 5092 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:45:55.0923 5092 SstpSvc - ok
21:45:55.0939 5092 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:45:55.0939 5092 stexstor - ok
21:45:55.0986 5092 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:45:55.0986 5092 StillCam - ok
21:45:56.0033 5092 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:45:56.0048 5092 stisvc - ok
21:45:56.0079 5092 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:45:56.0079 5092 storflt - ok
21:45:56.0095 5092 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:45:56.0095 5092 storvsc - ok
21:45:56.0142 5092 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:45:56.0142 5092 swenum - ok
21:45:56.0157 5092 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:45:56.0173 5092 swprv - ok
21:45:56.0204 5092 Synth3dVsc - ok
21:45:56.0298 5092 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:45:56.0345 5092 SysMain - ok
21:45:56.0376 5092 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:45:56.0376 5092 TabletInputService - ok
21:45:56.0423 5092 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:45:56.0423 5092 TapiSrv - ok
21:45:56.0454 5092 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:45:56.0469 5092 TBS - ok
21:45:56.0532 5092 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:45:56.0579 5092 Tcpip - ok
21:45:56.0641 5092 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:45:56.0657 5092 TCPIP6 - ok
21:45:56.0703 5092 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:45:56.0703 5092 tcpipreg - ok
21:45:56.0735 5092 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:45:56.0735 5092 TDPIPE - ok
21:45:56.0766 5092 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:45:56.0781 5092 TDTCP - ok
21:45:56.0828 5092 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:45:56.0828 5092 tdx - ok
21:45:56.0828 5092 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:45:56.0844 5092 TermDD - ok
21:45:56.0875 5092 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:45:56.0906 5092 TermService - ok
21:45:56.0922 5092 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:45:56.0922 5092 Themes - ok
21:45:56.0953 5092 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:45:56.0953 5092 THREADORDER - ok
21:45:57.0015 5092 [ A940E1ECE8A54B3516B22A6B3545FF3D ] tifm21 C:\Windows\system32\drivers\tifm21.sys
21:45:57.0015 5092 tifm21 - ok
21:45:57.0031 5092 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:45:57.0031 5092 TrkWks - ok
21:45:57.0078 5092 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:45:57.0078 5092 TrustedInstaller - ok
21:45:57.0125 5092 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:45:57.0125 5092 tssecsrv - ok
21:45:57.0156 5092 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:45:57.0156 5092 TsUsbFlt - ok
21:45:57.0171 5092 tsusbhub - ok
21:45:57.0218 5092 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:45:57.0218 5092 tunnel - ok
21:45:57.0265 5092 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
21:45:57.0265 5092 TVALZ - ok
21:45:57.0265 5092 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:45:57.0281 5092 uagp35 - ok
21:45:57.0312 5092 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:45:57.0312 5092 udfs - ok
21:45:57.0343 5092 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:45:57.0343 5092 UI0Detect - ok
21:45:57.0374 5092 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:45:57.0374 5092 uliagpkx - ok
21:45:57.0421 5092 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:45:57.0421 5092 umbus - ok
21:45:57.0437 5092 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:45:57.0437 5092 UmPass - ok
21:45:57.0468 5092 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
21:45:57.0483 5092 UmRdpService - ok
21:45:57.0499 5092 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:45:57.0515 5092 upnphost - ok
21:45:57.0561 5092 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:45:57.0561 5092 usbaudio - ok
21:45:57.0577 5092 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:45:57.0577 5092 usbccgp - ok
21:45:57.0624 5092 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:45:57.0624 5092 usbcir - ok
21:45:57.0639 5092 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:45:57.0639 5092 usbehci - ok
21:45:57.0671 5092 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:45:57.0671 5092 usbhub - ok
21:45:57.0686 5092 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:45:57.0686 5092 usbohci - ok
21:45:57.0717 5092 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:45:57.0717 5092 usbprint - ok
21:45:57.0764 5092 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:45:57.0764 5092 usbscan - ok
21:45:57.0780 5092 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:45:57.0780 5092 USBSTOR - ok
21:45:57.0795 5092 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:45:57.0811 5092 usbuhci - ok
21:45:57.0827 5092 [ EF0D7B2C75E67D29CB5325939BB0EAF8 ] usbws320 C:\Windows\system32\DRIVERS\usbws320.sys
21:45:57.0827 5092 usbws320 - ok
21:45:57.0842 5092 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:45:57.0842 5092 UxSms - ok
21:45:57.0858 5092 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:45:57.0873 5092 VaultSvc - ok
21:45:57.0905 5092 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:45:57.0905 5092 vdrvroot - ok
21:45:57.0967 5092 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:45:57.0967 5092 vds - ok
21:45:57.0983 5092 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:45:57.0983 5092 vga - ok
21:45:57.0998 5092 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:45:57.0998 5092 VgaSave - ok
21:45:58.0014 5092 VGPU - ok
21:45:58.0061 5092 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:45:58.0061 5092 vhdmp - ok
21:45:58.0107 5092 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:45:58.0107 5092 viaide - ok
21:45:58.0123 5092 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:45:58.0123 5092 vmbus - ok
21:45:58.0139 5092 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:45:58.0139 5092 VMBusHID - ok
21:45:58.0154 5092 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:45:58.0154 5092 volmgr - ok
21:45:58.0185 5092 [ A255814907C89BE58B79EF2F189B843B ] volmgrx

 

[paulcheung]

C:\Windows\system32\drivers\volmgrx.sys
21:45:58.0201 5092 volmgrx - ok
21:45:58.0217 5092 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:45:58.0232 5092 volsnap - ok
21:45:58.0248 5092 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:45:58.0248 5092 vsmraid - ok
21:45:58.0326 5092 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:45:58.0373 5092 VSS - ok
21:45:58.0373 5092 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:45:58.0388 5092 vwifibus - ok
21:45:58.0419 5092 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:45:58.0419 5092 vwififlt - ok
21:45:58.0466 5092 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:45:58.0466 5092 vwifimp - ok
21:45:58.0497 5092 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:45:58.0513 5092 W32Time - ok
21:45:58.0529 5092 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:45:58.0529 5092 WacomPen - ok
21:45:58.0575 5092 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:45:58.0575 5092 WANARP - ok
21:45:58.0575 5092 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:45:58.0591 5092 Wanarpv6 - ok
21:45:58.0653 5092 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:45:58.0685 5092 WatAdminSvc - ok
21:45:58.0747 5092 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:45:58.0794 5092 wbengine - ok
21:45:58.0809 5092 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:45:58.0825 5092 WbioSrvc - ok
21:45:58.0856 5092 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:45:58.0872 5092 wcncsvc - ok
21:45:58.0872 5092 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:45:58.0887 5092 WcsPlugInService - ok
21:45:58.0903 5092 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:45:58.0903 5092 Wd - ok
21:45:58.0950 5092 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
21:45:58.0950 5092 WDC_SAM - ok
21:45:58.0981 5092 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:45:58.0981 5092 Wdf01000 - ok
21:45:58.0997 5092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:45:59.0012 5092 WdiServiceHost - ok
21:45:59.0012 5092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:45:59.0012 5092 WdiSystemHost - ok
21:45:59.0028 5092 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:45:59.0043 5092 WebClient - ok
21:45:59.0059 5092 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:45:59.0075 5092 Wecsvc - ok
21:45:59.0090 5092 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:45:59.0106 5092 wercplsupport - ok
21:45:59.0106 5092 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:45:59.0121 5092 WerSvc - ok
21:45:59.0137 5092 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:45:59.0137 5092 WfpLwf - ok
21:45:59.0153 5092 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:45:59.0153 5092 WIMMount - ok
21:45:59.0199 5092 WinDefend - ok
21:45:59.0199 5092 WinHttpAutoProxySvc - ok
21:45:59.0277 5092 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:45:59.0277 5092 Winmgmt - ok
21:45:59.0340 5092 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:45:59.0387 5092 WinRM - ok
21:45:59.0480 5092 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:45:59.0496 5092 WinUsb - ok
21:45:59.0511 5092 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:45:59.0543 5092 Wlansvc - ok
21:45:59.0589 5092 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:45:59.0589 5092 wlcrasvc - ok
21:45:59.0683 5092 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:45:59.0730 5092 wlidsvc - ok
21:45:59.0761 5092 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:45:59.0761 5092 WmiAcpi - ok
21:45:59.0792 5092 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:45:59.0792 5092 wmiApSrv - ok
21:45:59.0823 5092 WMPNetworkSvc - ok
21:45:59.0839 5092 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:45:59.0855 5092 WPCSvc - ok
21:45:59.0886 5092 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:45:59.0901 5092 WPDBusEnum - ok
21:45:59.0933 5092 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:45:59.0933 5092 ws2ifsl - ok
21:45:59.0948 5092 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
21:45:59.0948 5092 wscsvc - ok
21:45:59.0964 5092 WSearch - ok
21:46:00.0042 5092 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:46:00.0089 5092 wuauserv - ok
21:46:00.0120 5092 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:46:00.0120 5092 WudfPf - ok
21:46:00.0151 5092 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:46:00.0151 5092 WUDFRd - ok
21:46:00.0182 5092 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:46:00.0182 5092 wudfsvc - ok
21:46:00.0198 5092 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:46:00.0213 5092 WwanSvc - ok
21:46:00.0260 5092 ================ Scan global ===============================
21:46:00.0307 5092 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:46:00.0338 5092 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:46:00.0354 5092 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:46:00.0385 5092 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:46:00.0432 5092 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:46:00.0432 5092 [Global] - ok
21:46:00.0432 5092 ================ Scan MBR ==================================
21:46:00.0447 5092 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:46:00.0900 5092 \Device\Harddisk0\DR0 - ok
21:46:00.0900 5092 ================ Scan VBR ==================================
21:46:00.0900 5092 [ 25EDD647F2F73219F2FBADA7689563CE ] \Device\Harddisk0\DR0\Partition1
21:46:00.0900 5092 \Device\Harddisk0\DR0\Partition1 - ok
21:46:00.0915 5092 [ 8D392BC18AE0501079A744A209F2DAA5 ] \Device\Harddisk0\DR0\Partition2
21:46:00.0915 5092 \Device\Harddisk0\DR0\Partition2 - ok
21:46:00.0947 5092 [ 34BA16AFA4E4904029696000BA132158 ] \Device\Harddisk0\DR0\Partition3
21:46:00.0947 5092 \Device\Harddisk0\DR0\Partition3 - ok
21:46:00.0947 5092 ============================================================
21:46:00.0947 5092 Scan finished
21:46:00.0947 5092 ============================================================
21:46:00.0962 4044 Detected object count: 0
21:46:00.0962 4044 Actual detected object count: 0
21:46:05.0970 3760 Deinitialize success

 

[paulcheung]

It didnot find anything, is there any other program I can try?

Thank you.

 

[johnb35]

What kind of issues are you having now? Besides the internet dropping out, which is most likely due to bad signal strength.

 

[paulcheung]

That is the only issue I have. I carry another laptop there and it only have one bar on the system tray but it doesn't drop connection at all. So something is cause this computer to drop connections.
Thanks.

 

[johnb35]

Update the wireless driver is all I can think of then. Other than maybe the card may be starting to die.

 

[paulcheung]

I have tried that and won't help. I also tried an external USB Linksys Wireless-G adapter and it does the same thing. it stay connect but have this yellow triangle with this '!" in it and say no internet connection. but the little MSI netbook I carry sit side by side work without any problems at all. That is what I use to reply. and the big toshiba just look at me with that big yellow triangle thing. refuse to work. I guess I have to do a clean install on windows 7 again to see if it will help.
Thanks.