Jump to content


Photo
- - - - -

Am I infected?

Think so

  • This topic is locked This topic is locked
11 replies to this topic

#1 Beerfart

Beerfart

    New Member

  • Members
  • Pip
  • 7 posts

Posted 24 April 2012 - 08:27 PM

Worried. Computer ignoramus. Any help is appreciated.

Attached Files



#2 MrCharlie

MrCharlie

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 28,256 posts
  • Gender:Male
  • Location:So. Plainfield, New Jersey, USA

Posted 25 April 2012 - 02:59 PM

Welcome to the forum. What are your concerns?

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.
For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options)
Post back the report.

MrC

Malware Removal Expert


Posted Image


I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.

Posted Image Thanks MrC & crew

#3 Beerfart

Beerfart

    New Member

  • Members
  • Pip
  • 7 posts

Posted 25 April 2012 - 08:27 PM

My concern is someone knows my banking/financial info.

thanks for the RogueKiller. I'll post the report.

#4 Beerfart

Beerfart

    New Member

  • Members
  • Pip
  • 7 posts

Posted 25 April 2012 - 08:34 PM

RogueKiller V7.3.3 [04/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: [Admin rights]
Mode: Scan -- Date: 04/25/2012 21:28:26

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤
SSDT[334] : unknown @ 0x84FF5153 -> HOOKED (\SystemRoot\system32\drivers\TfSysMon.sys @ 0x8D2B9420)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM320JI +++++
--- User ---
[MBR] dea894371e4d0eb8552387f8e927d43b
[BSP] 8d527f0925c429137dfa00addcf14190 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 10000 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20561920 | Size: 292644 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 619898880 | Size: 2559 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

#5 MrCharlie

MrCharlie

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 28,256 posts
  • Gender:Male
  • Location:So. Plainfield, New Jersey, USA

Posted 25 April 2012 - 08:41 PM

That scan is clean, all we can do is run a couple of more scans and see if anything shows:

Please make sure system restore is running and create a new restore point before continuing.

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.


Posted Image

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

Posted Image

------------------------

Click the Start Scan button.

Posted Image

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

Posted Image

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


Posted Image


--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

-------------------

Here's a summary of what to do if you would like to print it out:


If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

Malware Removal Expert


Posted Image


I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.

Posted Image Thanks MrC & crew

#6 Beerfart

Beerfart

    New Member

  • Members
  • Pip
  • 7 posts

Posted 25 April 2012 - 09:12 PM

BTW, PC Tools Spyware Doctor, which I run regularly, found a crapload of stuff-infections high and medium and elevated threat levels. I just looked at the log. It was saturday.

#7 Beerfart

Beerfart

    New Member

  • Members
  • Pip
  • 7 posts

Posted 25 April 2012 - 10:22 PM

It found somwething called Akamai. Only thing. Let me post the report/log thing

#8 Beerfart

Beerfart

    New Member

  • Members
  • Pip
  • 7 posts

Posted 25 April 2012 - 10:24 PM

22:53:23.0332 4980 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
22:53:24.0216 4980 ============================================================
22:53:24.0216 4980 Current date / time: 2012/04/25 22:53:24.0216
22:53:24.0216 4980 SystemInfo:
22:53:24.0216 4980
22:53:24.0217 4980 OS Version: 6.0.6002 ServicePack: 2.0
22:53:24.0217 4980 Product type: Workstation
22:53:24.0217 4980 ComputerName:
22:53:24.0217 4980 UserName:
22:53:24.0217 4980 Windows directory: C:\Windows
22:53:24.0217 4980 System windows directory: C:\Windows
22:53:24.0217 4980 Processor architecture: Intel x86
22:53:24.0217 4980 Number of processors: 2
22:53:24.0217 4980 Page size: 0x1000
22:53:24.0217 4980 Boot type: Normal boot
22:53:24.0217 4980 ============================================================
22:53:24.0932 4980 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders:

0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:53:24.0938 4980 ============================================================
22:53:24.0939 4980 \Device\Harddisk0\DR0:
22:53:24.0939 4980 MBR partitions:
22:53:24.0939 4980 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
22:53:24.0939 4980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0x23B922A8
22:53:25.0009 4980 ============================================================
22:53:25.0103 4980 C: <-> \Device\Harddisk0\DR0\Partition1
22:53:25.0162 4980 D: <-> \Device\Harddisk0\DR0\Partition0
22:53:25.0162 4980 ============================================================
22:53:25.0162 4980 Initialize success
22:53:25.0162 4980 ============================================================
22:54:15.0272 5000 ============================================================
22:54:15.0272 5000 Scan started
22:54:15.0272 5000 Mode: Manual; SigCheck; TDLFS;
22:54:15.0272 5000 ============================================================
22:54:15.0930 5000 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:54:16.0223 5000 ACPI - ok
22:54:16.0380 5000 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:54:16.0456 5000 adp94xx - ok
22:54:16.0551 5000 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:54:16.0584 5000 adpahci - ok
22:54:16.0686 5000 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:54:16.0712 5000 adpu160m - ok
22:54:16.0770 5000 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:54:16.0798 5000 adpu320 - ok
22:54:16.0919 5000 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
22:54:17.0072 5000 AeLookupSvc - ok
22:54:17.0159 5000 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\system32\aestsrv.exe
22:54:17.0247 5000 AESTFilters - ok
22:54:17.0383 5000 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:54:17.0483 5000 AFD - ok
22:54:17.0562 5000 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:54:17.0586 5000 agp440 - ok
22:54:17.0630 5000 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:54:17.0655 5000 aic78xx - ok
22:54:18.0177 5000 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common

files\akamai/netsession_win_6c825ce.dll
22:54:18.0177 5000 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll.

md5: 1125c7d9fb8898015829c387c1bc87c7
22:54:18.0189 5000 Akamai ( HiddenFile.Multi.Generic ) - warning
22:54:18.0189 5000 Akamai - detected HiddenFile.Multi.Generic (1)
22:54:18.0452 5000 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
22:54:18.0622 5000 ALG - ok
22:54:18.0753 5000 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:54:18.0777 5000 aliide - ok
22:54:18.0903 5000 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:54:18.0926 5000 amdagp - ok
22:54:18.0956 5000 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:54:18.0984 5000 amdide - ok
22:54:19.0057 5000 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:54:19.0178 5000 AmdK7 - ok
22:54:19.0219 5000 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
22:54:19.0284 5000 AmdK8 - ok
22:54:19.0459 5000 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common

Files\AOL\ACS\AOLAcsd.exe
22:54:19.0479 5000 AOL ACS - ok
22:54:19.0579 5000 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
22:54:19.0707 5000 ApfiltrService - ok
22:54:19.0817 5000 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
22:54:19.0899 5000 Appinfo - ok
22:54:19.0954 5000 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:54:19.0978 5000 arc - ok
22:54:20.0045 5000 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:54:20.0069 5000 arcsas - ok
22:54:20.0147 5000 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:54:20.0223 5000 AsyncMac - ok
22:54:20.0286 5000 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:54:20.0310 5000 atapi - ok
22:54:20.0452 5000 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:54:20.0521 5000 AudioEndpointBuilder - ok
22:54:20.0526 5000 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:54:20.0565 5000 Audiosrv - ok
22:54:20.0646 5000 BCM42RLY (7bd70aeed0d975285a1b20bd012ebf4e) C:\Windows\system32\drivers\BCM42RLY.sys
22:54:20.0666 5000 BCM42RLY - ok
22:54:20.0857 5000 BCM43XX (fa6707a346cd122407f3b0bad1c47639) C:\Windows\system32\DRIVERS\bcmwl6.sys
22:54:21.0019 5000 BCM43XX - ok
22:54:21.0124 5000 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:54:21.0201 5000 Beep - ok
22:54:21.0316 5000 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
22:54:21.0415 5000 BFE - ok
22:54:21.0567 5000 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
22:54:21.0675 5000 BITS - ok
22:54:21.0738 5000 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:54:21.0798 5000 blbdrive - ok
22:54:21.0875 5000 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:54:21.0958 5000 bowser - ok
22:54:22.0058 5000 BRCMDECO (1ecc60a7bcaccebdddb9c20dedeaf054) C:\Windows\system32\DRIVERS\BRCMHD32.sys
22:54:22.0128 5000 BRCMDECO - ok
22:54:22.0238 5000 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:54:22.0296 5000 BrFiltLo - ok
22:54:22.0330 5000 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:54:22.0391 5000 BrFiltUp - ok
22:54:22.0452 5000 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
22:54:22.0515 5000 Browser - ok
22:54:22.0769 5000 Browser Defender Update Service (703a815f29fbd618d1a516bf5335bc1a) C:\Program Files\PC

Tools Security\BDT\BDTUpdateService.exe
22:54:22.0791 5000 Browser Defender Update Service - ok
22:54:22.0909 5000 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:54:23.0122 5000 Brserid - ok
22:54:23.0164 5000 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:54:23.0249 5000 BrSerWdm - ok
22:54:23.0283 5000 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:54:23.0373 5000 BrUsbMdm - ok
22:54:23.0407 5000 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:54:23.0487 5000 BrUsbSer - ok
22:54:23.0540 5000 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:54:23.0636 5000 BTHMODEM - ok
22:54:23.0712 5000 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:54:23.0786 5000 cdfs - ok
22:54:23.0997 5000 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:54:24.0060 5000 cdrom - ok
22:54:24.0167 5000 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:54:24.0251 5000 CertPropSvc - ok
22:54:24.0357 5000 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:54:24.0449 5000 circlass - ok
22:54:24.0612 5000 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:54:24.0641 5000 CLFS - ok
22:54:24.0880 5000 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194)

C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:54:24.0903 5000 clr_optimization_v2.0.50727_32 - ok
22:54:25.0123 5000 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841)

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:54:25.0146 5000 clr_optimization_v4.0.30319_32 - ok
22:54:25.0318 5000 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
22:54:25.0381 5000 CmBatt - ok
22:54:25.0458 5000 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:54:25.0480 5000 cmdide - ok
22:54:25.0503 5000 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
22:54:25.0525 5000 Compbatt - ok
22:54:25.0529 5000 COMSysApp - ok
22:54:25.0540 5000 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:54:25.0565 5000 crcdisk - ok
22:54:25.0626 5000 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:54:25.0688 5000 Crusoe - ok
22:54:25.0775 5000 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
22:54:25.0833 5000 CryptSvc - ok
22:54:25.0971 5000 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:54:26.0069 5000 DcomLaunch - ok
22:54:26.0128 5000 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:54:26.0196 5000 DfsC - ok
22:54:26.0514 5000 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
22:54:26.0752 5000 DFSR - ok
22:54:27.0096 5000 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
22:54:27.0157 5000 Dhcp - ok
22:54:27.0260 5000 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:54:27.0283 5000 disk - ok
22:54:27.0366 5000 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
22:54:27.0460 5000 Dnscache - ok
22:54:27.0528 5000 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
22:54:27.0586 5000 dot3svc - ok
22:54:27.0662 5000 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
22:54:27.0732 5000 DPS - ok
22:54:27.0797 5000 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:54:27.0860 5000 drmkaud - ok
22:54:27.0961 5000 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:54:28.0006 5000 DXGKrnl - ok
22:54:28.0075 5000 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
22:54:28.0118 5000 e1express - ok
22:54:28.0185 5000 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:54:28.0226 5000 E1G60 - ok
22:54:28.0273 5000 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
22:54:28.0333 5000 EapHost - ok
22:54:28.0449 5000 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:54:28.0475 5000 Ecache - ok
22:54:28.0600 5000 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
22:54:28.0643 5000 ehRecvr - ok
22:54:28.0674 5000 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
22:54:28.0748 5000 ehSched - ok
22:54:28.0816 5000 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
22:54:28.0861 5000 ehstart - ok
22:54:28.0959 5000 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:54:28.0992 5000 elxstor - ok
22:54:29.0206 5000 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
22:54:29.0318 5000 EMDMgmt - ok
22:54:29.0334 5000 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:54:29.0401 5000 ErrDev - ok
22:54:29.0494 5000 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
22:54:29.0562 5000 EventSystem - ok
22:54:29.0654 5000 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:54:29.0735 5000 exfat - ok
22:54:29.0781 5000 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:54:29.0842 5000 fastfat - ok
22:54:29.0912 5000 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:54:29.0981 5000 fdc - ok
22:54:30.0024 5000 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
22:54:30.0065 5000 fdPHost - ok
22:54:30.0124 5000 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
22:54:30.0214 5000 FDResPub - ok
22:54:30.0250 5000 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:54:30.0273 5000 FileInfo - ok
22:54:30.0328 5000 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32

\drivers\filetrace.sys
22:54:30.0397 5000 Filetrace - ok
22:54:30.0432 5000 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:54:30.0497 5000 flpydisk - ok
22:54:30.0607 5000 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:54:30.0634 5000 FltMgr - ok
22:54:30.0847 5000 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
22:54:30.0969 5000 FontCache - ok
22:54:31.0153 5000 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3)

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:54:31.0174 5000 FontCache3.0.0.0 - ok
22:54:31.0240 5000 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
22:54:31.0345 5000 Fs_Rec - ok
22:54:31.0447 5000 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:54:31.0470 5000 gagp30kx - ok
22:54:31.0619 5000 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514

\g2aservice.exe
22:54:31.0638 5000 GoToAssist - ok
22:54:31.0810 5000 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
22:54:31.0887 5000 gpsvc - ok
22:54:31.0997 5000 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:54:32.0096 5000 HDAudBus - ok
22:54:32.0149 5000 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:54:32.0228 5000 HidBth - ok
22:54:32.0292 5000 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:54:32.0378 5000 HidIr - ok
22:54:32.0482 5000 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
22:54:32.0562 5000 hidserv - ok
22:54:32.0610 5000 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:54:32.0672 5000 HidUsb - ok
22:54:32.0741 5000 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
22:54:32.0822 5000 hkmsvc - ok
22:54:32.0900 5000 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:54:32.0922 5000 HpCISSs - ok
22:54:33.0183 5000 HSF_DPV (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:54:33.0325 5000 HSF_DPV - ok
22:54:33.0454 5000 HSXHWAZL (cfbc2b81972e298f0e19ee68fa9e73da) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
22:54:33.0504 5000 HSXHWAZL - ok
22:54:33.0593 5000 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
22:54:33.0697 5000 HTTP - ok
22:54:33.0777 5000 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:54:33.0799 5000 i2omp - ok
22:54:33.0895 5000 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:54:33.0960 5000 i8042prt - ok
22:54:34.0182 5000 IAANTMON (ae38a12f79a4980ddb88f36514f8a1da) C:\Program Files\Intel\Intel Matrix

Storage Manager\Iaantmon.exe
22:54:34.0211 5000 IAANTMON - ok
22:54:34.0290 5000 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
22:54:34.0313 5000 iaStor - ok
22:54:34.0425 5000 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:54:34.0454 5000 iaStorV - ok
22:54:34.0703 5000 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0

\Windows Communication Foundation\infocard.exe
22:54:34.0815 5000 idsvc - ok
22:54:35.0079 5000 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
22:54:35.0352 5000 igfx - ok
22:54:35.0659 5000 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:54:35.0680 5000 iirsp - ok
22:54:35.0816 5000 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
22:54:35.0863 5000 IKEEXT - ok
22:54:35.0963 5000 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32

\drivers\IntcHdmi.sys
22:54:36.0047 5000 IntcHdmiAddService - ok
22:54:36.0081 5000 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
22:54:36.0103 5000 intelide - ok
22:54:36.0206 5000 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:54:36.0272 5000 intelppm - ok
22:54:36.0351 5000 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
22:54:36.0392 5000 IPBusEnum - ok
22:54:36.0463 5000 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:54:36.0525 5000 IpFilterDriver - ok
22:54:36.0612 5000 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
22:54:36.0696 5000 iphlpsvc - ok
22:54:36.0701 5000 IpInIp - ok
22:54:36.0788 5000 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:54:36.0858 5000 IPMIDRV - ok
22:54:36.0914 5000 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:54:36.0974 5000 IPNAT - ok
22:54:37.0018 5000 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:54:37.0080 5000 IRENUM - ok
22:54:37.0090 5000 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:54:37.0115 5000 isapnp - ok
22:54:37.0218 5000 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:54:37.0244 5000 iScsiPrt - ok
22:54:37.0290 5000 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:54:37.0312 5000 iteatapi - ok
22:54:37.0375 5000 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:54:37.0397 5000 iteraid - ok
22:54:37.0413 5000 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:54:37.0436 5000 kbdclass - ok
22:54:37.0505 5000 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:54:37.0562 5000 kbdhid - ok
22:54:37.0609 5000 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:54:37.0652 5000 KeyIso - ok
22:54:37.0780 5000 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
22:54:37.0817 5000 KSecDD - ok
22:54:37.0923 5000 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
22:54:38.0042 5000 KtmRm - ok
22:54:38.0098 5000 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
22:54:38.0178 5000 LanmanServer - ok
22:54:38.0236 5000 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
22:54:38.0337 5000 LanmanWorkstation - ok
22:54:38.0385 5000 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:54:38.0424 5000 lltdio - ok
22:54:38.0532 5000 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
22:54:38.0598 5000 lltdsvc - ok
22:54:38.0646 5000 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
22:54:38.0723 5000 lmhosts - ok
22:54:38.0760 5000 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:54:38.0785 5000 LSI_FC - ok
22:54:38.0843 5000 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:54:38.0867 5000 LSI_SAS - ok
22:54:38.0934 5000 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:54:38.0958 5000 LSI_SCSI - ok
22:54:39.0045 5000 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:54:39.0109 5000 luafv - ok
22:54:39.0207 5000 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:54:39.0231 5000 MBAMProtector - ok
22:54:39.0458 5000 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-

Malware\mbamservice.exe
22:54:39.0516 5000 MBAMService - ok
22:54:39.0624 5000 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32

\drivers\mbamswissarmy.sys
22:54:39.0645 5000 MBAMSwissArmy - ok
22:54:39.0922 5000 mcmscsvc (cb3a8976de2f65349322da7627cea223) C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
22:54:39.0961 5000 mcmscsvc - ok
22:54:40.0370 5000 McNASvc (c69e71e00b30b60556d3e096699bd423) c:\PROGRA~1\COMMON~1

\mcafee\mna\mcnasvc.exe
22:54:40.0677 5000 McNASvc - ok
22:54:40.0846 5000 McProxy (57eaa1ca50af8ccdfb26807807f2ba7c) c:\PROGRA~1\COMMON~1

\mcafee\mcproxy\mcproxy.exe
22:54:40.0903 5000 McProxy - ok
22:54:41.0126 5000 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
22:54:41.0183 5000 Mcx2Svc - ok
22:54:41.0274 5000 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:54:41.0299 5000 mdmxsdk - ok
22:54:41.0366 5000 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:54:41.0389 5000 megasas - ok
22:54:41.0512 5000 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:54:41.0561 5000 MegaSR - ok
22:54:41.0632 5000 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:54:41.0700 5000 MMCSS - ok
22:54:41.0727 5000 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:54:41.0789 5000 Modem - ok
22:54:41.0849 5000 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:54:41.0918 5000 monitor - ok
22:54:41.0972 5000 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:54:41.0995 5000 mouclass - ok
22:54:42.0078 5000 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:54:42.0145 5000 mouhid - ok
22:54:42.0260 5000 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:54:42.0283 5000 MountMgr - ok
22:54:42.0346 5000 MPFP (96cf5286bc370b558735a7b891232d92) C:\Windows\system32\Drivers\Mpfp.sys
22:54:42.0368 5000 MPFP - ok
22:54:42.0649 5000 MpfService (346f30f1ff73553aa466f4ae7948da00) C:\Program Files\McAfee\MPF\MPFSrv.exe
22:54:42.0773 5000 MpfService - ok
22:54:42.0823 5000 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:54:42.0852 5000 mpio - ok
22:54:42.0873 5000 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:54:42.0933 5000 mpsdrv - ok
22:54:43.0040 5000 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
22:54:43.0087 5000 MpsSvc - ok
22:54:43.0227 5000 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:54:43.0248 5000 Mraid35x - ok
22:54:43.0307 5000 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:54:43.0371 5000 MRxDAV - ok
22:54:43.0435 5000 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:54:43.0511 5000 mrxsmb - ok
22:54:43.0596 5000 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:54:43.0657 5000 mrxsmb10 - ok
22:54:43.0732 5000 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:54:43.0801 5000 mrxsmb20 - ok
22:54:43.0866 5000 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
22:54:43.0887 5000 msahci - ok
22:54:43.0948 5000 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:54:43.0974 5000 msdsm - ok
22:54:44.0013 5000 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
22:54:44.0080 5000 MSDTC - ok
22:54:44.0122 5000 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:54:44.0190 5000 Msfs - ok
22:54:44.0209 5000 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:54:44.0263 5000 msisadrv - ok
22:54:44.0370 5000 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
22:54:44.0411 5000 MSiSCSI - ok
22:54:44.0415 5000 msiserver - ok
22:54:44.0678 5000 MSK80Service (a05de3535884270b8d292dcbdd6ded20) C:\Program Files\McAfee\MSK\MskSrver.exe
22:54:44.0695 5000 MSK80Service - ok
22:54:44.0761 5000 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:54:44.0875 5000 MSKSSRV - ok
22:54:45.0007 5000 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:54:45.0069 5000 MSPCLOCK - ok
22:54:45.0103 5000 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:54:45.0167 5000 MSPQM - ok
22:54:45.0206 5000 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:54:45.0233 5000 MsRPC - ok
22:54:45.0273 5000 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:54:45.0295 5000 mssmbios - ok
22:54:45.0313 5000 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:54:45.0352 5000 MSTEE - ok
22:54:45.0474 5000 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:54:45.0498 5000 Mup - ok
22:54:45.0645 5000 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
22:54:45.0713 5000 napagent - ok
22:54:45.0830 5000 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:54:45.0906 5000 NativeWifiP - ok
22:54:46.0191 5000 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:54:46.0230 5000 NDIS - ok
22:54:46.0276 5000 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:54:46.0343 5000 NdisTapi - ok
22:54:46.0389 5000 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:54:46.0449 5000 Ndisuio - ok
22:54:46.0523 5000 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:54:46.0587 5000 NdisWan - ok
22:54:46.0655 5000 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:54:46.0689 5000 NDProxy - ok
22:54:46.0783 5000 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:54:46.0824 5000 NetBIOS - ok
22:54:46.0921 5000 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:54:47.0018 5000 netbt - ok
22:54:47.0080 5000 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:54:47.0107 5000 Netlogon - ok
22:54:47.0206 5000 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
22:54:47.0279 5000 Netman - ok
22:54:47.0330 5000 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
22:54:47.0400 5000 netprofm - ok
22:54:47.0592 5000 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248)

C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:54:47.0615 5000 NetTcpPortSharing - ok
22:54:47.0671 5000 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:54:47.0692 5000 nfrd960 - ok
22:54:47.0784 5000 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
22:54:47.0865 5000 NlaSvc - ok
22:54:47.0988 5000 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:54:48.0047 5000 Npfs - ok
22:54:48.0102 5000 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
22:54:48.0169 5000 nsi - ok
22:54:48.0221 5000 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:54:48.0289 5000 nsiproxy - ok
22:54:48.0471 5000 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:54:48.0619 5000 Ntfs - ok
22:54:48.0691 5000 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32

\drivers\ntrigdigi.sys
22:54:48.0771 5000 ntrigdigi - ok
22:54:48.0806 5000 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:54:48.0881 5000 Null - ok
22:54:48.0941 5000 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:54:48.0966 5000 nvraid - ok
22:54:48.0995 5000 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:54:49.0018 5000 nvstor - ok
22:54:49.0049 5000 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:54:49.0073 5000 nv_agp - ok
22:54:49.0078 5000 NwlnkFlt - ok
22:54:49.0086 5000 NwlnkFwd - ok
22:54:49.0172 5000 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
22:54:49.0207 5000 ohci1394 - ok
22:54:49.0372 5000 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:49.0475 5000 p2pimsvc - ok
22:54:49.0485 5000 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:49.0573 5000 p2psvc - ok
22:54:49.0650 5000 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:54:49.0738 5000 Parport - ok
22:54:49.0788 5000 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:54:49.0811 5000 partmgr - ok
22:54:49.0865 5000 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:54:49.0948 5000 Parvdm - ok
22:54:50.0005 5000 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
22:54:50.0082 5000 PcaSvc - ok
22:54:50.0200 5000 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:54:50.0227 5000 pci - ok
22:54:50.0309 5000 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
22:54:50.0331 5000 pciide - ok
22:54:50.0426 5000 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:54:50.0451 5000 pcmcia - ok
22:54:50.0580 5000 PCTCore (6ef125721a9f1f7dbf3229786f7decd0) C:\Windows\system32\drivers\PCTCore.sys
22:54:50.0603 5000 PCTCore - ok
22:54:50.0758 5000 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\Windows\system32\drivers\pctDS.sys
22:54:50.0824 5000 pctDS - ok
22:54:50.0940 5000 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\Windows\system32\drivers\pctEFA.sys
22:54:51.0018 5000 pctEFA - ok
22:54:51.0122 5000 pctgntdi (b76c829f00b9b534405b4ed5f58b8f52) C:\Windows\System32\drivers\pctgntdi.sys
22:54:51.0144 5000 pctgntdi - ok
22:54:51.0250 5000 pctplsg (c5c488e6232b29f5744b8f7988a20730) C:\Windows\System32\drivers\pctplsg.sys
22:54:51.0268 5000 pctplsg - ok
22:54:51.0518 5000 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:54:51.0665 5000 PEAUTH - ok
22:54:51.0934 5000 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
22:54:52.0084 5000 pla - ok
22:54:52.0367 5000 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
22:54:52.0437 5000 PlugPlay - ok
22:54:52.0659 5000 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:52.0763 5000 PNRPAutoReg - ok
22:54:52.0774 5000 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:52.0914 5000 PNRPsvc - ok
22:54:53.0090 5000 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
22:54:53.0215 5000 PolicyAgent - ok
22:54:53.0362 5000 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:54:53.0451 5000 PptpMiniport - ok
22:54:53.0517 5000 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:54:53.0555 5000 Processor - ok
22:54:53.0695 5000 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
22:54:53.0732 5000 ProfSvc - ok
22:54:53.0772 5000 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:54:53.0797 5000 ProtectedStorage - ok
22:54:53.0850 5000 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:54:53.0883 5000 PSched - ok
22:54:53.0931 5000 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
22:54:53.0950 5000 PxHelp20 - ok
22:54:54.0167 5000 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:54:54.0232 5000 ql2300 - ok
22:54:54.0366 5000 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:54:54.0389 5000 ql40xx - ok
22:54:54.0473 5000 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
22:54:54.0527 5000 QWAVE - ok
22:54:54.0610 5000 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:54:54.0678 5000 QWAVEdrv - ok
22:54:55.0013 5000 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
22:54:55.0186 5000 R300 - ok
22:54:55.0437 5000 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:54:55.0496 5000 RasAcd - ok
22:54:55.0566 5000 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
22:54:55.0608 5000 RasAuto - ok
22:54:55.0631 5000 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:54:55.0672 5000 Rasl2tp - ok
22:54:55.0749 5000 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
22:54:55.0821 5000 RasMan - ok
22:54:55.0883 5000 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:54:55.0941 5000 RasPppoe - ok
22:54:56.0012 5000 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:54:56.0039 5000 RasSstp - ok
22:54:56.0149 5000 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:54:56.0188 5000 rdbss - ok
22:54:56.0297 5000 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:54:56.0334 5000 RDPCDD - ok
22:54:56.0411 5000 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:54:56.0456 5000 rdpdr - ok
22:54:56.0461 5000 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:54:56.0544 5000 RDPENCDD - ok
22:54:56.0620 5000 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
22:54:56.0660 5000 RDPWD - ok
22:54:56.0726 5000 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
22:54:56.0770 5000 RemoteAccess - ok
22:54:56.0836 5000 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
22:54:56.0896 5000 RemoteRegistry - ok
22:54:56.0986 5000 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
22:54:57.0024 5000 rimmptsk - ok
22:54:57.0090 5000 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
22:54:57.0169 5000 rimsptsk - ok
22:54:57.0192 5000 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
22:54:57.0233 5000 rismxdp - ok
22:54:57.0479 5000 RoxLiveShare10 (fded778daf09235e4580f1b9046946b6) C:\Program Files\Common Files\Roxio

Shared\10.0\SharedCOM\RoxLiveShare10.exe
22:54:57.0502 5000 RoxLiveShare10 - ok
22:54:57.0720 5000 RoxMediaDB10 (e054a2caf0e2a55c9aac0bf1ccc558a5) C:\Program Files\Common Files\Roxio

Shared\10.0\SharedCOM\RoxMediaDB10.exe
22:54:57.0782 5000 RoxMediaDB10 - ok
22:54:57.0861 5000 RoxWatch10 (c75fda9ab3314e555123673e08f9d86d) C:\Program Files\Common Files\Roxio

Shared\10.0\SharedCOM\RoxWatch10.exe
22:54:57.0881 5000 RoxWatch10 - ok
22:54:58.0077 5000 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
22:54:58.0154 5000 RpcLocator - ok
22:54:58.0317 5000 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:54:58.0407 5000 RpcSs - ok
22:54:58.0488 5000 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:54:58.0570 5000 rspndr - ok
22:54:58.0621 5000 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:54:58.0647 5000 SamSs - ok
22:54:58.0669 5000 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:54:58.0692 5000 sbp2port - ok
22:54:59.0209 5000 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search &

Destroy\SDWinSec.exe
22:54:59.0401 5000 SBSDWSCService - ok
22:54:59.0547 5000 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
22:54:59.0583 5000 SCardSvr - ok
22:54:59.0880 5000 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
22:55:00.0034 5000 Schedule - ok
22:55:00.0216 5000 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:55:00.0250 5000 SCPolicySvc - ok
22:55:00.0558 5000 sdAuxService (a1089ac7683826e6c7c9fab9723dd80f) C:\Program Files\PC Tools

Security\pctsAuxs.exe
22:55:00.0697 5000 sdAuxService - ok
22:55:00.0952 5000 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
22:55:00.0986 5000 sdbus - ok
22:55:01.0253 5000 sdCoreService (ed6c2efeb47524bff4d5e5109fb1a2bb) C:\Program Files\PC Tools

Security\pctsSvc.exe
22:55:01.0397 5000 sdCoreService - ok
22:55:01.0512 5000 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
22:55:01.0665 5000 SDRSVC - ok
22:55:01.0827 5000 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:55:01.0946 5000 secdrv - ok
22:55:01.0962 5000 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
22:55:02.0002 5000 seclogon - ok
22:55:02.0102 5000 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
22:55:02.0176 5000 SENS - ok
22:55:02.0266 5000 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:55:02.0323 5000 Serenum - ok
22:55:02.0368 5000 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:55:02.0456 5000 Serial - ok
22:55:02.0493 5000 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:55:02.0532 5000 sermouse - ok
22:55:02.0605 5000 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
22:55:02.0646 5000 SessionEnv - ok
22:55:02.0694 5000 SessionLauncher - ok
22:55:02.0715 5000 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:55:02.0779 5000 sffdisk - ok
22:55:02.0828 5000 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:55:02.0891 5000 sffp_mmc - ok
22:55:02.0924 5000 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:55:03.0001 5000 sffp_sd - ok
22:55:03.0042 5000 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:55:03.0099 5000 sfloppy - ok
22:55:03.0181 5000 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
22:55:03.0249 5000 SharedAccess - ok
22:55:03.0324 5000 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
22:55:03.0405 5000 ShellHWDetection - ok
22:55:03.0490 5000 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:55:03.0513 5000 sisagp - ok
22:55:03.0610 5000 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:55:03.0633 5000 SiSRaid2 - ok
22:55:03.0696 5000 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:55:03.0720 5000 SiSRaid4 - ok
22:55:04.0140 5000 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
22:55:04.0361 5000 slsvc - ok
22:55:04.0630 5000 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
22:55:04.0664 5000 SLUINotify - ok
22:55:04.0829 5000 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:55:04.0915 5000 Smb - ok
22:55:05.0055 5000 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
22:55:05.0081 5000 SNMPTRAP - ok
22:55:05.0174 5000 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:55:05.0196 5000 spldr - ok
22:55:05.0267 5000 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
22:55:05.0317 5000 Spooler - ok
22:55:05.0449 5000 sprtsvc_dellsupportcenter - ok
22:55:05.0577 5000 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:55:05.0655 5000 srv - ok
22:55:05.0709 5000 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:55:05.0786 5000 srv2 - ok
22:55:05.0809 5000 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:55:05.0870 5000 srvnet - ok
22:55:05.0937 5000 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
22:55:05.0980 5000 SSDPSRV - ok
22:55:06.0063 5000 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
22:55:06.0141 5000 SstpSvc - ok
22:55:06.0214 5000 STacSV (7e6dd4b34acd36af6c711d2bde91b040) C:\Windows\system32\STacSV.exe
22:55:06.0268 5000 STacSV - ok
22:55:06.0334 5000 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
22:55:06.0391 5000 STHDA - ok
22:55:06.0507 5000 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
22:55:06.0548 5000 stisvc - ok
22:55:06.0760 5000 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing

Shared\stllssvr.exe
22:55:06.0780 5000 stllssvr - ok
22:55:06.0894 5000 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:55:06.0917 5000 swenum - ok
22:55:07.0040 5000 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
22:55:07.0117 5000 swprv - ok
22:55:07.0186 5000 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:55:07.0209 5000 Symc8xx - ok
22:55:07.0304 5000 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:55:07.0325 5000 Sym_hi - ok
22:55:07.0333 5000 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:55:07.0355 5000 Sym_u3 - ok
22:55:07.0492 5000 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
22:55:07.0587 5000 SysMain - ok
22:55:07.0642 5000 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
22:55:07.0675 5000 TabletInputService - ok
22:55:07.0778 5000 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
22:55:07.0847 5000 TapiSrv - ok
22:55:07.0894 5000 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
22:55:07.0954 5000 TBS - ok
22:55:08.0096 5000 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
22:55:08.0211 5000 Tcpip - ok
22:55:08.0224 5000 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
22:55:08.0315 5000 Tcpip6 - ok
22:55:08.0427 5000 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
22:55:08.0501 5000 tcpipreg - ok
22:55:08.0564 5000 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:55:08.0603 5000 TDPIPE - ok
22:55:08.0638 5000 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:55:08.0705 5000 TDTCP - ok
22:55:08.0828 5000 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:55:08.0890 5000 tdx - ok
22:55:08.0960 5000 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:55:08.0984 5000 TermDD - ok
22:55:09.0173 5000 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
22:55:09.0290 5000 TermService - ok
22:55:09.0360 5000 TfFsMon (18d09508877e3f697866b39e9d0e6dcf) C:\Windows\system32\drivers\TfFsMon.sys
22:55:09.0381 5000 TfFsMon - ok
22:55:09.0471 5000 TfNetMon (c657f352613d8e592efb54cc35f21f5e) C:\Windows\system32\drivers\TfNetMon.sys
22:55:09.0490 5000 TfNetMon - ok
22:55:09.0581 5000 TfSysMon (71e3073419cfda8d60813c1502acc420) C:\Windows\system32\drivers\TfSysMon.sys
22:55:09.0600 5000 TfSysMon - ok
22:55:09.0719 5000 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
22:55:09.0748 5000 Themes - ok
22:55:09.0836 5000 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:55:09.0876 5000 THREADORDER - ok
22:55:10.0038 5000 ThreatFire - ok
22:55:10.0139 5000 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
22:55:10.0255 5000 TrkWks - ok
22:55:10.0390 5000 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba)

C:\Windows\servicing\TrustedInstaller.exe
22:55:10.0444 5000 TrustedInstaller - ok
22:55:10.0523 5000 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:55:10.0631 5000 tssecsrv - ok
22:55:10.0693 5000 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:55:10.0742 5000 tunmp - ok
22:55:10.0804 5000 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:55:10.0852 5000 tunnel - ok
22:55:10.0884 5000 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:55:10.0907 5000 uagp35 - ok
22:55:11.0008 5000 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:55:11.0045 5000 udfs - ok
22:55:11.0192 5000 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
22:55:11.0255 5000 UI0Detect - ok
22:55:11.0317 5000 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:55:11.0339 5000 uliagpkx - ok
22:55:11.0440 5000 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:55:11.0468 5000 uliahci - ok
22:55:11.0512 5000 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:55:11.0535 5000 UlSata - ok
22:55:11.0576 5000 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:55:11.0601 5000 ulsata2 - ok
22:55:11.0640 5000 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:55:11.0678 5000 umbus - ok
22:55:11.0782 5000 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
22:55:11.0857 5000 upnphost - ok
22:55:11.0917 5000 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:55:11.0988 5000 usbccgp - ok
22:55:12.0028 5000 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:55:12.0086 5000 usbcir - ok
22:55:12.0149 5000 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:55:12.0183 5000 usbehci - ok
22:55:12.0325 5000 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:55:12.0383 5000 usbhub - ok
22:55:12.0437 5000 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
22:55:12.0493 5000 usbohci - ok
22:55:12.0516 5000 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
22:55:12.0604 5000 usbprint - ok
22:55:12.0609 5000 USBSTOR - ok
22:55:12.0642 5000 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:55:12.0674 5000 usbuhci - ok
22:55:12.0729 5000 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
22:55:12.0792 5000 UxSms - ok
22:55:12.0882 5000 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
22:55:12.0984 5000 vds - ok
22:55:13.0057 5000 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:55:13.0124 5000 vga - ok
22:55:13.0153 5000 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:55:13.0216 5000 VgaSave - ok
22:55:13.0251 5000 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:55:13.0273 5000 viaagp - ok
22:55:13.0294 5000 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:55:13.0364 5000 ViaC7 - ok
22:55:13.0424 5000 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:55:13.0446 5000 viaide - ok
22:55:13.0500 5000 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:55:13.0523 5000 volmgr - ok
22:55:13.0616 5000 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:55:13.0649 5000 volmgrx - ok
22:55:13.0749 5000 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:55:13.0777 5000 volsnap - ok
22:55:13.0859 5000 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:55:13.0885 5000 vsmraid - ok
22:55:14.0068 5000 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
22:55:14.0242 5000 VSS - ok
22:55:14.0328 5000 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
22:55:14.0368 5000 W32Time - ok
22:55:14.0467 5000 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:55:14.0524 5000 WacomPen - ok
22:55:14.0556 5000 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:55:14.0613 5000 Wanarp - ok
22:55:14.0630 5000 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:55:14.0666 5000 Wanarpv6 - ok
22:55:14.0761 5000 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
22:55:14.0848 5000 wanatw - ok
22:55:14.0953 5000 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
22:55:15.0052 5000 wcncsvc - ok
22:55:15.0087 5000 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32

\WcsPlugInService.dll
22:55:15.0153 5000 WcsPlugInService - ok
22:55:15.0201 5000 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:55:15.0223 5000 Wd - ok
22:55:15.0298 5000 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:55:15.0337 5000 Wdf01000 - ok
22:55:15.0392 5000 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:55:15.0433 5000 WdiServiceHost - ok
22:55:15.0438 5000 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:55:15.0478 5000 WdiSystemHost - ok
22:55:15.0552 5000 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
22:55:15.0586 5000 WebClient - ok
22:55:15.0653 5000 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
22:55:15.0736 5000 Wecsvc - ok
22:55:15.0817 5000 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
22:55:15.0874 5000 wercplsupport - ok
22:55:15.0945 5000 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
22:55:16.0011 5000 WerSvc - ok
22:55:16.0163 5000 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:55:16.0323 5000 winachsf - ok
22:55:16.0472 5000 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows

Defender\mpsvc.dll
22:55:16.0501 5000 WinDefend - ok
22:55:16.0508 5000 WinHttpAutoProxySvc - ok
22:55:16.0646 5000 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
22:55:16.0682 5000 Winmgmt - ok
22:55:16.0886 5000 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
22:55:17.0031 5000 WinRM - ok
22:55:17.0143 5000 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
22:55:17.0288 5000 Wlansvc - ok
22:55:17.0292 5000 wltrysvc - ok
22:55:17.0366 5000 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:55:17.0423 5000 WmiAcpi - ok
22:55:17.0606 5000 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
22:55:17.0678 5000 wmiApSrv - ok
22:55:17.0941 5000 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media

Player\wmpnetwk.exe
22:55:18.0112 5000 WMPNetworkSvc - ok
22:55:18.0211 5000 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
22:55:18.0295 5000 WPCSvc - ok
22:55:18.0374 5000 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
22:55:18.0460 5000 WPDBusEnum - ok
22:55:18.0752 5000 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795)

C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:55:18.0798 5000 WPFFontCache_v0400 - ok
22:55:18.0885 5000 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:55:18.0952 5000 ws2ifsl - ok
22:55:19.0105 5000 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
22:55:19.0136 5000 wscsvc - ok
22:55:19.0146 5000 WSearch - ok
22:55:19.0470 5000 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
22:55:19.0565 5000 wuauserv - ok
22:55:19.0854 5000 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
22:55:19.0940 5000 wudfsvc - ok
22:55:20.0021 5000 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
22:55:20.0061 5000 XAudio - ok
22:55:20.0122 5000 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
22:55:20.0188 5000 XAudioService - ok
22:55:20.0304 5000 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
22:55:20.0350 5000 yukonwlh - ok
22:55:20.0434 5000 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7} (8903c6979ea677a9af3d36e0d3709203) C:\Program

Files\Dell\MediaDirect\000.fcl
22:55:20.0453 5000 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7} - ok
22:55:20.0482 5000 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
22:55:20.0791 5000 \Device\Harddisk0\DR0 - ok
22:55:20.0822 5000 Boot (0x1200) (1c87bb41b794aa77b498067de1159056) \Device\Harddisk0\DR0\Partition0
22:55:20.0824 5000 \Device\Harddisk0\DR0\Partition0 - ok
22:55:20.0828 5000 Boot (0x1200) (0dab315a2c7196f0433f490871d6586f) \Device\Harddisk0\DR0\Partition1
22:55:20.0830 5000 \Device\Harddisk0\DR0\Partition1 - ok
22:55:20.0831 5000 ============================================================
22:55:20.0831 5000 Scan finished
22:55:20.0831 5000 ============================================================
22:55:20.0847 2576 Detected object count: 1
22:55:20.0848 2576 Actual detected object count: 1
22:56:28.0686 2576 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:56:28.0686 2576 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

#9 Beerfart

Beerfart

    New Member

  • Members
  • Pip
  • 7 posts

Posted 25 April 2012 - 10:26 PM

22:53:23.0332 4980 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
22:53:24.0216 4980 ============================================================
22:53:24.0216 4980 Current date / time: 2012/04/25 22:53:24.0216
22:53:24.0216 4980 SystemInfo:
22:53:24.0216 4980
22:53:24.0217 4980 OS Version: 6.0.6002 ServicePack: 2.0
22:53:24.0217 4980 Product type: Workstation
22:53:24.0217 4980 ComputerName:
22:53:24.0217 4980 UserName:
22:53:24.0217 4980 Windows directory: C:\Windows
22:53:24.0217 4980 System windows directory: C:\Windows
22:53:24.0217 4980 Processor architecture: Intel x86
22:53:24.0217 4980 Number of processors: 2
22:53:24.0217 4980 Page size: 0x1000
22:53:24.0217 4980 Boot type: Normal boot
22:53:24.0217 4980 ============================================================
22:53:24.0932 4980 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders:

0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:53:24.0938 4980 ============================================================
22:53:24.0939 4980 \Device\Harddisk0\DR0:
22:53:24.0939 4980 MBR partitions:
22:53:24.0939 4980 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
22:53:24.0939 4980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0x23B922A8
22:53:25.0009 4980 ============================================================
22:53:25.0103 4980 C: <-> \Device\Harddisk0\DR0\Partition1
22:53:25.0162 4980 D: <-> \Device\Harddisk0\DR0\Partition0
22:53:25.0162 4980 ============================================================
22:53:25.0162 4980 Initialize success
22:53:25.0162 4980 ============================================================
22:54:15.0272 5000 ============================================================
22:54:15.0272 5000 Scan started
22:54:15.0272 5000 Mode: Manual; SigCheck; TDLFS;
22:54:15.0272 5000 ============================================================
22:54:15.0930 5000 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:54:16.0223 5000 ACPI - ok
22:54:16.0380 5000 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:54:16.0456 5000 adp94xx - ok
22:54:16.0551 5000 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:54:16.0584 5000 adpahci - ok
22:54:16.0686 5000 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:54:16.0712 5000 adpu160m - ok
22:54:16.0770 5000 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:54:16.0798 5000 adpu320 - ok
22:54:16.0919 5000 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
22:54:17.0072 5000 AeLookupSvc - ok
22:54:17.0159 5000 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\system32\aestsrv.exe
22:54:17.0247 5000 AESTFilters - ok
22:54:17.0383 5000 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:54:17.0483 5000 AFD - ok
22:54:17.0562 5000 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:54:17.0586 5000 agp440 - ok
22:54:17.0630 5000 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:54:17.0655 5000 aic78xx - ok
22:54:18.0177 5000 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common

files\akamai/netsession_win_6c825ce.dll
22:54:18.0177 5000 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll.

md5: 1125c7d9fb8898015829c387c1bc87c7
22:54:18.0189 5000 Akamai ( HiddenFile.Multi.Generic ) - warning
22:54:18.0189 5000 Akamai - detected HiddenFile.Multi.Generic (1)
22:54:18.0452 5000 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
22:54:18.0622 5000 ALG - ok
22:54:18.0753 5000 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:54:18.0777 5000 aliide - ok
22:54:18.0903 5000 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:54:18.0926 5000 amdagp - ok
22:54:18.0956 5000 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:54:18.0984 5000 amdide - ok
22:54:19.0057 5000 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:54:19.0178 5000 AmdK7 - ok
22:54:19.0219 5000 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
22:54:19.0284 5000 AmdK8 - ok
22:54:19.0459 5000 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common

Files\AOL\ACS\AOLAcsd.exe
22:54:19.0479 5000 AOL ACS - ok
22:54:19.0579 5000 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
22:54:19.0707 5000 ApfiltrService - ok
22:54:19.0817 5000 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
22:54:19.0899 5000 Appinfo - ok
22:54:19.0954 5000 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:54:19.0978 5000 arc - ok
22:54:20.0045 5000 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:54:20.0069 5000 arcsas - ok
22:54:20.0147 5000 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:54:20.0223 5000 AsyncMac - ok
22:54:20.0286 5000 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:54:20.0310 5000 atapi - ok
22:54:20.0452 5000 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:54:20.0521 5000 AudioEndpointBuilder - ok
22:54:20.0526 5000 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:54:20.0565 5000 Audiosrv - ok
22:54:20.0646 5000 BCM42RLY (7bd70aeed0d975285a1b20bd012ebf4e) C:\Windows\system32\drivers\BCM42RLY.sys
22:54:20.0666 5000 BCM42RLY - ok
22:54:20.0857 5000 BCM43XX (fa6707a346cd122407f3b0bad1c47639) C:\Windows\system32\DRIVERS\bcmwl6.sys
22:54:21.0019 5000 BCM43XX - ok
22:54:21.0124 5000 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:54:21.0201 5000 Beep - ok
22:54:21.0316 5000 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
22:54:21.0415 5000 BFE - ok
22:54:21.0567 5000 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
22:54:21.0675 5000 BITS - ok
22:54:21.0738 5000 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:54:21.0798 5000 blbdrive - ok
22:54:21.0875 5000 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:54:21.0958 5000 bowser - ok
22:54:22.0058 5000 BRCMDECO (1ecc60a7bcaccebdddb9c20dedeaf054) C:\Windows\system32\DRIVERS\BRCMHD32.sys
22:54:22.0128 5000 BRCMDECO - ok
22:54:22.0238 5000 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:54:22.0296 5000 BrFiltLo - ok
22:54:22.0330 5000 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:54:22.0391 5000 BrFiltUp - ok
22:54:22.0452 5000 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
22:54:22.0515 5000 Browser - ok
22:54:22.0769 5000 Browser Defender Update Service (703a815f29fbd618d1a516bf5335bc1a) C:\Program Files\PC

Tools Security\BDT\BDTUpdateService.exe
22:54:22.0791 5000 Browser Defender Update Service - ok
22:54:22.0909 5000 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:54:23.0122 5000 Brserid - ok
22:54:23.0164 5000 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:54:23.0249 5000 BrSerWdm - ok
22:54:23.0283 5000 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:54:23.0373 5000 BrUsbMdm - ok
22:54:23.0407 5000 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:54:23.0487 5000 BrUsbSer - ok
22:54:23.0540 5000 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:54:23.0636 5000 BTHMODEM - ok
22:54:23.0712 5000 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:54:23.0786 5000 cdfs - ok
22:54:23.0997 5000 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:54:24.0060 5000 cdrom - ok
22:54:24.0167 5000 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:54:24.0251 5000 CertPropSvc - ok
22:54:24.0357 5000 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:54:24.0449 5000 circlass - ok
22:54:24.0612 5000 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:54:24.0641 5000 CLFS - ok
22:54:24.0880 5000 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194)

C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:54:24.0903 5000 clr_optimization_v2.0.50727_32 - ok
22:54:25.0123 5000 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841)

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:54:25.0146 5000 clr_optimization_v4.0.30319_32 - ok
22:54:25.0318 5000 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
22:54:25.0381 5000 CmBatt - ok
22:54:25.0458 5000 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:54:25.0480 5000 cmdide - ok
22:54:25.0503 5000 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
22:54:25.0525 5000 Compbatt - ok
22:54:25.0529 5000 COMSysApp - ok
22:54:25.0540 5000 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:54:25.0565 5000 crcdisk - ok
22:54:25.0626 5000 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:54:25.0688 5000 Crusoe - ok
22:54:25.0775 5000 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
22:54:25.0833 5000 CryptSvc - ok
22:54:25.0971 5000 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:54:26.0069 5000 DcomLaunch - ok
22:54:26.0128 5000 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:54:26.0196 5000 DfsC - ok
22:54:26.0514 5000 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
22:54:26.0752 5000 DFSR - ok
22:54:27.0096 5000 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
22:54:27.0157 5000 Dhcp - ok
22:54:27.0260 5000 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:54:27.0283 5000 disk - ok
22:54:27.0366 5000 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
22:54:27.0460 5000 Dnscache - ok
22:54:27.0528 5000 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
22:54:27.0586 5000 dot3svc - ok
22:54:27.0662 5000 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
22:54:27.0732 5000 DPS - ok
22:54:27.0797 5000 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:54:27.0860 5000 drmkaud - ok
22:54:27.0961 5000 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:54:28.0006 5000 DXGKrnl - ok
22:54:28.0075 5000 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
22:54:28.0118 5000 e1express - ok
22:54:28.0185 5000 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:54:28.0226 5000 E1G60 - ok
22:54:28.0273 5000 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
22:54:28.0333 5000 EapHost - ok
22:54:28.0449 5000 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:54:28.0475 5000 Ecache - ok
22:54:28.0600 5000 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
22:54:28.0643 5000 ehRecvr - ok
22:54:28.0674 5000 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
22:54:28.0748 5000 ehSched - ok
22:54:28.0816 5000 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
22:54:28.0861 5000 ehstart - ok
22:54:28.0959 5000 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:54:28.0992 5000 elxstor - ok
22:54:29.0206 5000 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
22:54:29.0318 5000 EMDMgmt - ok
22:54:29.0334 5000 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:54:29.0401 5000 ErrDev - ok
22:54:29.0494 5000 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
22:54:29.0562 5000 EventSystem - ok
22:54:29.0654 5000 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:54:29.0735 5000 exfat - ok
22:54:29.0781 5000 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:54:29.0842 5000 fastfat - ok
22:54:29.0912 5000 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:54:29.0981 5000 fdc - ok
22:54:30.0024 5000 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
22:54:30.0065 5000 fdPHost - ok
22:54:30.0124 5000 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
22:54:30.0214 5000 FDResPub - ok
22:54:30.0250 5000 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:54:30.0273 5000 FileInfo - ok
22:54:30.0328 5000 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32

\drivers\filetrace.sys
22:54:30.0397 5000 Filetrace - ok
22:54:30.0432 5000 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:54:30.0497 5000 flpydisk - ok
22:54:30.0607 5000 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:54:30.0634 5000 FltMgr - ok
22:54:30.0847 5000 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
22:54:30.0969 5000 FontCache - ok
22:54:31.0153 5000 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3)

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:54:31.0174 5000 FontCache3.0.0.0 - ok
22:54:31.0240 5000 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
22:54:31.0345 5000 Fs_Rec - ok
22:54:31.0447 5000 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:54:31.0470 5000 gagp30kx - ok
22:54:31.0619 5000 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514

\g2aservice.exe
22:54:31.0638 5000 GoToAssist - ok
22:54:31.0810 5000 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
22:54:31.0887 5000 gpsvc - ok
22:54:31.0997 5000 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:54:32.0096 5000 HDAudBus - ok
22:54:32.0149 5000 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:54:32.0228 5000 HidBth - ok
22:54:32.0292 5000 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:54:32.0378 5000 HidIr - ok
22:54:32.0482 5000 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
22:54:32.0562 5000 hidserv - ok
22:54:32.0610 5000 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:54:32.0672 5000 HidUsb - ok
22:54:32.0741 5000 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
22:54:32.0822 5000 hkmsvc - ok
22:54:32.0900 5000 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:54:32.0922 5000 HpCISSs - ok
22:54:33.0183 5000 HSF_DPV (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:54:33.0325 5000 HSF_DPV - ok
22:54:33.0454 5000 HSXHWAZL (cfbc2b81972e298f0e19ee68fa9e73da) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
22:54:33.0504 5000 HSXHWAZL - ok
22:54:33.0593 5000 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
22:54:33.0697 5000 HTTP - ok
22:54:33.0777 5000 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:54:33.0799 5000 i2omp - ok
22:54:33.0895 5000 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:54:33.0960 5000 i8042prt - ok
22:54:34.0182 5000 IAANTMON (ae38a12f79a4980ddb88f36514f8a1da) C:\Program Files\Intel\Intel Matrix

Storage Manager\Iaantmon.exe
22:54:34.0211 5000 IAANTMON - ok
22:54:34.0290 5000 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
22:54:34.0313 5000 iaStor - ok
22:54:34.0425 5000 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:54:34.0454 5000 iaStorV - ok
22:54:34.0703 5000 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0

\Windows Communication Foundation\infocard.exe
22:54:34.0815 5000 idsvc - ok
22:54:35.0079 5000 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
22:54:35.0352 5000 igfx - ok
22:54:35.0659 5000 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:54:35.0680 5000 iirsp - ok
22:54:35.0816 5000 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
22:54:35.0863 5000 IKEEXT - ok
22:54:35.0963 5000 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32

\drivers\IntcHdmi.sys
22:54:36.0047 5000 IntcHdmiAddService - ok
22:54:36.0081 5000 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
22:54:36.0103 5000 intelide - ok
22:54:36.0206 5000 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:54:36.0272 5000 intelppm - ok
22:54:36.0351 5000 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
22:54:36.0392 5000 IPBusEnum - ok
22:54:36.0463 5000 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:54:36.0525 5000 IpFilterDriver - ok
22:54:36.0612 5000 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
22:54:36.0696 5000 iphlpsvc - ok
22:54:36.0701 5000 IpInIp - ok
22:54:36.0788 5000 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:54:36.0858 5000 IPMIDRV - ok
22:54:36.0914 5000 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:54:36.0974 5000 IPNAT - ok
22:54:37.0018 5000 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:54:37.0080 5000 IRENUM - ok
22:54:37.0090 5000 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:54:37.0115 5000 isapnp - ok
22:54:37.0218 5000 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:54:37.0244 5000 iScsiPrt - ok
22:54:37.0290 5000 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:54:37.0312 5000 iteatapi - ok
22:54:37.0375 5000 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:54:37.0397 5000 iteraid - ok
22:54:37.0413 5000 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:54:37.0436 5000 kbdclass - ok
22:54:37.0505 5000 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:54:37.0562 5000 kbdhid - ok
22:54:37.0609 5000 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:54:37.0652 5000 KeyIso - ok
22:54:37.0780 5000 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
22:54:37.0817 5000 KSecDD - ok
22:54:37.0923 5000 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
22:54:38.0042 5000 KtmRm - ok
22:54:38.0098 5000 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
22:54:38.0178 5000 LanmanServer - ok
22:54:38.0236 5000 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
22:54:38.0337 5000 LanmanWorkstation - ok
22:54:38.0385 5000 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:54:38.0424 5000 lltdio - ok
22:54:38.0532 5000 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
22:54:38.0598 5000 lltdsvc - ok
22:54:38.0646 5000 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
22:54:38.0723 5000 lmhosts - ok
22:54:38.0760 5000 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:54:38.0785 5000 LSI_FC - ok
22:54:38.0843 5000 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:54:38.0867 5000 LSI_SAS - ok
22:54:38.0934 5000 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:54:38.0958 5000 LSI_SCSI - ok
22:54:39.0045 5000 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:54:39.0109 5000 luafv - ok
22:54:39.0207 5000 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:54:39.0231 5000 MBAMProtector - ok
22:54:39.0458 5000 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-

Malware\mbamservice.exe
22:54:39.0516 5000 MBAMService - ok
22:54:39.0624 5000 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32

\drivers\mbamswissarmy.sys
22:54:39.0645 5000 MBAMSwissArmy - ok
22:54:39.0922 5000 mcmscsvc (cb3a8976de2f65349322da7627cea223) C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
22:54:39.0961 5000 mcmscsvc - ok
22:54:40.0370 5000 McNASvc (c69e71e00b30b60556d3e096699bd423) c:\PROGRA~1\COMMON~1

\mcafee\mna\mcnasvc.exe
22:54:40.0677 5000 McNASvc - ok
22:54:40.0846 5000 McProxy (57eaa1ca50af8ccdfb26807807f2ba7c) c:\PROGRA~1\COMMON~1

\mcafee\mcproxy\mcproxy.exe
22:54:40.0903 5000 McProxy - ok
22:54:41.0126 5000 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
22:54:41.0183 5000 Mcx2Svc - ok
22:54:41.0274 5000 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:54:41.0299 5000 mdmxsdk - ok
22:54:41.0366 5000 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:54:41.0389 5000 megasas - ok
22:54:41.0512 5000 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:54:41.0561 5000 MegaSR - ok
22:54:41.0632 5000 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:54:41.0700 5000 MMCSS - ok
22:54:41.0727 5000 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:54:41.0789 5000 Modem - ok
22:54:41.0849 5000 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:54:41.0918 5000 monitor - ok
22:54:41.0972 5000 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:54:41.0995 5000 mouclass - ok
22:54:42.0078 5000 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:54:42.0145 5000 mouhid - ok
22:54:42.0260 5000 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:54:42.0283 5000 MountMgr - ok
22:54:42.0346 5000 MPFP (96cf5286bc370b558735a7b891232d92) C:\Windows\system32\Drivers\Mpfp.sys
22:54:42.0368 5000 MPFP - ok
22:54:42.0649 5000 MpfService (346f30f1ff73553aa466f4ae7948da00) C:\Program Files\McAfee\MPF\MPFSrv.exe
22:54:42.0773 5000 MpfService - ok
22:54:42.0823 5000 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:54:42.0852 5000 mpio - ok
22:54:42.0873 5000 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:54:42.0933 5000 mpsdrv - ok
22:54:43.0040 5000 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
22:54:43.0087 5000 MpsSvc - ok
22:54:43.0227 5000 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:54:43.0248 5000 Mraid35x - ok
22:54:43.0307 5000 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:54:43.0371 5000 MRxDAV - ok
22:54:43.0435 5000 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:54:43.0511 5000 mrxsmb - ok
22:54:43.0596 5000 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:54:43.0657 5000 mrxsmb10 - ok
22:54:43.0732 5000 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:54:43.0801 5000 mrxsmb20 - ok
22:54:43.0866 5000 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
22:54:43.0887 5000 msahci - ok
22:54:43.0948 5000 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:54:43.0974 5000 msdsm - ok
22:54:44.0013 5000 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
22:54:44.0080 5000 MSDTC - ok
22:54:44.0122 5000 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:54:44.0190 5000 Msfs - ok
22:54:44.0209 5000 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:54:44.0263 5000 msisadrv - ok
22:54:44.0370 5000 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
22:54:44.0411 5000 MSiSCSI - ok
22:54:44.0415 5000 msiserver - ok
22:54:44.0678 5000 MSK80Service (a05de3535884270b8d292dcbdd6ded20) C:\Program Files\McAfee\MSK\MskSrver.exe
22:54:44.0695 5000 MSK80Service - ok
22:54:44.0761 5000 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:54:44.0875 5000 MSKSSRV - ok
22:54:45.0007 5000 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:54:45.0069 5000 MSPCLOCK - ok
22:54:45.0103 5000 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:54:45.0167 5000 MSPQM - ok
22:54:45.0206 5000 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:54:45.0233 5000 MsRPC - ok
22:54:45.0273 5000 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:54:45.0295 5000 mssmbios - ok
22:54:45.0313 5000 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:54:45.0352 5000 MSTEE - ok
22:54:45.0474 5000 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:54:45.0498 5000 Mup - ok
22:54:45.0645 5000 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
22:54:45.0713 5000 napagent - ok
22:54:45.0830 5000 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:54:45.0906 5000 NativeWifiP - ok
22:54:46.0191 5000 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:54:46.0230 5000 NDIS - ok
22:54:46.0276 5000 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:54:46.0343 5000 NdisTapi - ok
22:54:46.0389 5000 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:54:46.0449 5000 Ndisuio - ok
22:54:46.0523 5000 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:54:46.0587 5000 NdisWan - ok
22:54:46.0655 5000 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:54:46.0689 5000 NDProxy - ok
22:54:46.0783 5000 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:54:46.0824 5000 NetBIOS - ok
22:54:46.0921 5000 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:54:47.0018 5000 netbt - ok
22:54:47.0080 5000 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:54:47.0107 5000 Netlogon - ok
22:54:47.0206 5000 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
22:54:47.0279 5000 Netman - ok
22:54:47.0330 5000 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
22:54:47.0400 5000 netprofm - ok
22:54:47.0592 5000 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248)

C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:54:47.0615 5000 NetTcpPortSharing - ok
22:54:47.0671 5000 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:54:47.0692 5000 nfrd960 - ok
22:54:47.0784 5000 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
22:54:47.0865 5000 NlaSvc - ok
22:54:47.0988 5000 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:54:48.0047 5000 Npfs - ok
22:54:48.0102 5000 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
22:54:48.0169 5000 nsi - ok
22:54:48.0221 5000 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:54:48.0289 5000 nsiproxy - ok
22:54:48.0471 5000 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:54:48.0619 5000 Ntfs - ok
22:54:48.0691 5000 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32

\drivers\ntrigdigi.sys
22:54:48.0771 5000 ntrigdigi - ok
22:54:48.0806 5000 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:54:48.0881 5000 Null - ok
22:54:48.0941 5000 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:54:48.0966 5000 nvraid - ok
22:54:48.0995 5000 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:54:49.0018 5000 nvstor - ok
22:54:49.0049 5000 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:54:49.0073 5000 nv_agp - ok
22:54:49.0078 5000 NwlnkFlt - ok
22:54:49.0086 5000 NwlnkFwd - ok
22:54:49.0172 5000 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
22:54:49.0207 5000 ohci1394 - ok
22:54:49.0372 5000 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:49.0475 5000 p2pimsvc - ok
22:54:49.0485 5000 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:49.0573 5000 p2psvc - ok
22:54:49.0650 5000 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:54:49.0738 5000 Parport - ok
22:54:49.0788 5000 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:54:49.0811 5000 partmgr - ok
22:54:49.0865 5000 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:54:49.0948 5000 Parvdm - ok
22:54:50.0005 5000 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
22:54:50.0082 5000 PcaSvc - ok
22:54:50.0200 5000 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:54:50.0227 5000 pci - ok
22:54:50.0309 5000 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
22:54:50.0331 5000 pciide - ok
22:54:50.0426 5000 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:54:50.0451 5000 pcmcia - ok
22:54:50.0580 5000 PCTCore (6ef125721a9f1f7dbf3229786f7decd0) C:\Windows\system32\drivers\PCTCore.sys
22:54:50.0603 5000 PCTCore - ok
22:54:50.0758 5000 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\Windows\system32\drivers\pctDS.sys
22:54:50.0824 5000 pctDS - ok
22:54:50.0940 5000 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\Windows\system32\drivers\pctEFA.sys
22:54:51.0018 5000 pctEFA - ok
22:54:51.0122 5000 pctgntdi (b76c829f00b9b534405b4ed5f58b8f52) C:\Windows\System32\drivers\pctgntdi.sys
22:54:51.0144 5000 pctgntdi - ok
22:54:51.0250 5000 pctplsg (c5c488e6232b29f5744b8f7988a20730) C:\Windows\System32\drivers\pctplsg.sys
22:54:51.0268 5000 pctplsg - ok
22:54:51.0518 5000 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:54:51.0665 5000 PEAUTH - ok
22:54:51.0934 5000 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
22:54:52.0084 5000 pla - ok
22:54:52.0367 5000 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
22:54:52.0437 5000 PlugPlay - ok
22:54:52.0659 5000 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:52.0763 5000 PNRPAutoReg - ok
22:54:52.0774 5000 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:52.0914 5000 PNRPsvc - ok
22:54:53.0090 5000 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
22:54:53.0215 5000 PolicyAgent - ok
22:54:53.0362 5000 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:54:53.0451 5000 PptpMiniport - ok
22:54:53.0517 5000 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:54:53.0555 5000 Processor - ok
22:54:53.0695 5000 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
22:54:53.0732 5000 ProfSvc - ok
22:54:53.0772 5000 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:54:53.0797 5000 ProtectedStorage - ok
22:54:53.0850 5000 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:54:53.0883 5000 PSched - ok
22:54:53.0931 5000 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
22:54:53.0950 5000 PxHelp20 - ok
22:54:54.0167 5000 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:54:54.0232 5000 ql2300 - ok
22:54:54.0366 5000 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:54:54.0389 5000 ql40xx - ok
22:54:54.0473 5000 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
22:54:54.0527 5000 QWAVE - ok
22:54:54.0610 5000 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:54:54.0678 5000 QWAVEdrv - ok
22:54:55.0013 5000 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
22:54:55.0186 5000 R300 - ok
22:54:55.0437 5000 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:54:55.0496 5000 RasAcd - ok
22:54:55.0566 5000 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
22:54:55.0608 5000 RasAuto - ok
22:54:55.0631 5000 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:54:55.0672 5000 Rasl2tp - ok
22:54:55.0749 5000 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
22:54:55.0821 5000 RasMan - ok
22:54:55.0883 5000 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:54:55.0941 5000 RasPppoe - ok
22:54:56.0012 5000 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:54:56.0039 5000 RasSstp - ok
22:54:56.0149 5000 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:54:56.0188 5000 rdbss - ok
22:54:56.0297 5000 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:54:56.0334 5000 RDPCDD - ok
22:54:56.0411 5000 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:54:56.0456 5000 rdpdr - ok
22:54:56.0461 5000 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:54:56.0544 5000 RDPENCDD - ok
22:54:56.0620 5000 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
22:54:56.0660 5000 RDPWD - ok
22:54:56.0726 5000 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
22:54:56.0770 5000 RemoteAccess - ok
22:54:56.0836 5000 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
22:54:56.0896 5000 RemoteRegistry - ok
22:54:56.0986 5000 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
22:54:57.0024 5000 rimmptsk - ok
22:54:57.0090 5000 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
22:54:57.0169 5000 rimsptsk - ok
22:54:57.0192 5000 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
22:54:57.0233 5000 rismxdp - ok
22:54:57.0479 5000 RoxLiveShare10 (fded778daf09235e4580f1b9046946b6) C:\Program Files\Common Files\Roxio

Shared\10.0\SharedCOM\RoxLiveShare10.exe
22:54:57.0502 5000 RoxLiveShare10 - ok
22:54:57.0720 5000 RoxMediaDB10 (e054a2caf0e2a55c9aac0bf1ccc558a5) C:\Program Files\Common Files\Roxio

Shared\10.0\SharedCOM\RoxMediaDB10.exe
22:54:57.0782 5000 RoxMediaDB10 - ok
22:54:57.0861 5000 RoxWatch10 (c75fda9ab3314e555123673e08f9d86d) C:\Program Files\Common Files\Roxio

Shared\10.0\SharedCOM\RoxWatch10.exe
22:54:57.0881 5000 RoxWatch10 - ok
22:54:58.0077 5000 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
22:54:58.0154 5000 RpcLocator - ok
22:54:58.0317 5000 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:54:58.0407 5000 RpcSs - ok
22:54:58.0488 5000 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:54:58.0570 5000 rspndr - ok
22:54:58.0621 5000 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:54:58.0647 5000 SamSs - ok
22:54:58.0669 5000 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:54:58.0692 5000 sbp2port - ok
22:54:59.0209 5000 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search &

Destroy\SDWinSec.exe
22:54:59.0401 5000 SBSDWSCService - ok
22:54:59.0547 5000 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
22:54:59.0583 5000 SCardSvr - ok
22:54:59.0880 5000 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
22:55:00.0034 5000 Schedule - ok
22:55:00.0216 5000 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:55:00.0250 5000 SCPolicySvc - ok
22:55:00.0558 5000 sdAuxService (a1089ac7683826e6c7c9fab9723dd80f) C:\Program Files\PC Tools

Security\pctsAuxs.exe
22:55:00.0697 5000 sdAuxService - ok
22:55:00.0952 5000 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
22:55:00.0986 5000 sdbus - ok
22:55:01.0253 5000 sdCoreService (ed6c2efeb47524bff4d5e5109fb1a2bb) C:\Program Files\PC Tools

Security\pctsSvc.exe
22:55:01.0397 5000 sdCoreService - ok
22:55:01.0512 5000 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
22:55:01.0665 5000 SDRSVC - ok
22:55:01.0827 5000 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:55:01.0946 5000 secdrv - ok
22:55:01.0962 5000 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
22:55:02.0002 5000 seclogon - ok
22:55:02.0102 5000 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
22:55:02.0176 5000 SENS - ok
22:55:02.0266 5000 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:55:02.0323 5000 Serenum - ok
22:55:02.0368 5000 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:55:02.0456 5000 Serial - ok
22:55:02.0493 5000 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:55:02.0532 5000 sermouse - ok
22:55:02.0605 5000 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
22:55:02.0646 5000 SessionEnv - ok
22:55:02.0694 5000 SessionLauncher - ok
22:55:02.0715 5000 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:55:02.0779 5000 sffdisk - ok
22:55:02.0828 5000 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:55:02.0891 5000 sffp_mmc - ok
22:55:02.0924 5000 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:55:03.0001 5000 sffp_sd - ok
22:55:03.0042 5000 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:55:03.0099 5000 sfloppy - ok
22:55:03.0181 5000 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
22:55:03.0249 5000 SharedAccess - ok
22:55:03.0324 5000 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
22:55:03.0405 5000 ShellHWDetection - ok
22:55:03.0490 5000 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:55:03.0513 5000 sisagp - ok
22:55:03.0610 5000 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:55:03.0633 5000 SiSRaid2 - ok
22:55:03.0696 5000 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:55:03.0720 5000 SiSRaid4 - ok
22:55:04.0140 5000 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
22:55:04.0361 5000 slsvc - ok
22:55:04.0630 5000 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
22:55:04.0664 5000 SLUINotify - ok
22:55:04.0829 5000 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:55:04.0915 5000 Smb - ok
22:55:05.0055 5000 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
22:55:05.0081 5000 SNMPTRAP - ok
22:55:05.0174 5000 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:55:05.0196 5000 spldr - ok
22:55:05.0267 5000 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
22:55:05.0317 5000 Spooler - ok
22:55:05.0449 5000 sprtsvc_dellsupportcenter - ok
22:55:05.0577 5000 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:55:05.0655 5000 srv - ok
22:55:05.0709 5000 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:55:05.0786 5000 srv2 - ok
22:55:05.0809 5000 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:55:05.0870 5000 srvnet - ok
22:55:05.0937 5000 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
22:55:05.0980 5000 SSDPSRV - ok
22:55:06.0063 5000 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
22:55:06.0141 5000 SstpSvc - ok
22:55:06.0214 5000 STacSV (7e6dd4b34acd36af6c711d2bde91b040) C:\Windows\system32\STacSV.exe
22:55:06.0268 5000 STacSV - ok
22:55:06.0334 5000 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
22:55:06.0391 5000 STHDA - ok
22:55:06.0507 5000 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
22:55:06.0548 5000 stisvc - ok
22:55:06.0760 5000 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing

Shared\stllssvr.exe
22:55:06.0780 5000 stllssvr - ok
22:55:06.0894 5000 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:55:06.0917 5000 swenum - ok
22:55:07.0040 5000 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
22:55:07.0117 5000 swprv - ok
22:55:07.0186 5000 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:55:07.0209 5000 Symc8xx - ok
22:55:07.0304 5000 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:55:07.0325 5000 Sym_hi - ok
22:55:07.0333 5000 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:55:07.0355 5000 Sym_u3 - ok
22:55:07.0492 5000 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
22:55:07.0587 5000 SysMain - ok
22:55:07.0642 5000 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
22:55:07.0675 5000 TabletInputService - ok
22:55:07.0778 5000 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
22:55:07.0847 5000 TapiSrv - ok
22:55:07.0894 5000 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
22:55:07.0954 5000 TBS - ok
22:55:08.0096 5000 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
22:55:08.0211 5000 Tcpip - ok
22:55:08.0224 5000 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
22:55:08.0315 5000 Tcpip6 - ok
22:55:08.0427 5000 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
22:55:08.0501 5000 tcpipreg - ok
22:55:08.0564 5000 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:55:08.0603 5000 TDPIPE - ok
22:55:08.0638 5000 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:55:08.0705 5000 TDTCP - ok
22:55:08.0828 5000 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:55:08.0890 5000 tdx - ok
22:55:08.0960 5000 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:55:08.0984 5000 TermDD - ok
22:55:09.0173 5000 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
22:55:09.0290 5000 TermService - ok
22:55:09.0360 5000 TfFsMon (18d09508877e3f697866b39e9d0e6dcf) C:\Windows\system32\drivers\TfFsMon.sys
22:55:09.0381 5000 TfFsMon - ok
22:55:09.0471 5000 TfNetMon (c657f352613d8e592efb54cc35f21f5e) C:\Windows\system32\drivers\TfNetMon.sys
22:55:09.0490 5000 TfNetMon - ok
22:55:09.0581 5000 TfSysMon (71e3073419cfda8d60813c1502acc420) C:\Windows\system32\drivers\TfSysMon.sys
22:55:09.0600 5000 TfSysMon - ok
22:55:09.0719 5000 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
22:55:09.0748 5000 Themes - ok
22:55:09.0836 5000 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:55:09.0876 5000 THREADORDER - ok
22:55:10.0038 5000 ThreatFire - ok
22:55:10.0139 5000 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
22:55:10.0255 5000 TrkWks - ok
22:55:10.0390 5000 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba)

C:\Windows\servicing\TrustedInstaller.exe
22:55:10.0444 5000 TrustedInstaller - ok
22:55:10.0523 5000 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:55:10.0631 5000 tssecsrv - ok
22:55:10.0693 5000 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:55:10.0742 5000 tunmp - ok
22:55:10.0804 5000 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:55:10.0852 5000 tunnel - ok
22:55:10.0884 5000 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:55:10.0907 5000 uagp35 - ok
22:55:11.0008 5000 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:55:11.0045 5000 udfs - ok
22:55:11.0192 5000 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
22:55:11.0255 5000 UI0Detect - ok
22:55:11.0317 5000 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:55:11.0339 5000 uliagpkx - ok
22:55:11.0440 5000 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:55:11.0468 5000 uliahci - ok
22:55:11.0512 5000 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:55:11.0535 5000 UlSata - ok
22:55:11.0576 5000 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:55:11.0601 5000 ulsata2 - ok
22:55:11.0640 5000 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:55:11.0678 5000 umbus - ok
22:55:11.0782 5000 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
22:55:11.0857 5000 upnphost - ok
22:55:11.0917 5000 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:55:11.0988 5000 usbccgp - ok
22:55:12.0028 5000 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:55:12.0086 5000 usbcir - ok
22:55:12.0149 5000 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:55:12.0183 5000 usbehci - ok
22:55:12.0325 5000 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:55:12.0383 5000 usbhub - ok
22:55:12.0437 5000 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
22:55:12.0493 5000 usbohci - ok
22:55:12.0516 5000 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
22:55:12.0604 5000 usbprint - ok
22:55:12.0609 5000 USBSTOR - ok
22:55:12.0642 5000 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:55:12.0674 5000 usbuhci - ok
22:55:12.0729 5000 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
22:55:12.0792 5000 UxSms - ok
22:55:12.0882 5000 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
22:55:12.0984 5000 vds - ok
22:55:13.0057 5000 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:55:13.0124 5000 vga - ok
22:55:13.0153 5000 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:55:13.0216 5000 VgaSave - ok
22:55:13.0251 5000 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:55:13.0273 5000 viaagp - ok
22:55:13.0294 5000 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:55:13.0364 5000 ViaC7 - ok
22:55:13.0424 5000 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:55:13.0446 5000 viaide - ok
22:55:13.0500 5000 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:55:13.0523 5000 volmgr - ok
22:55:13.0616 5000 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:55:13.0649 5000 volmgrx - ok
22:55:13.0749 5000 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:55:13.0777 5000 volsnap - ok
22:55:13.0859 5000 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:55:13.0885 5000 vsmraid - ok
22:55:14.0068 5000 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
22:55:14.0242 5000 VSS - ok
22:55:14.0328 5000 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
22:55:14.0368 5000 W32Time - ok
22:55:14.0467 5000 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:55:14.0524 5000 WacomPen - ok
22:55:14.0556 5000 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:55:14.0613 5000 Wanarp - ok
22:55:14.0630 5000 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:55:14.0666 5000 Wanarpv6 - ok
22:55:14.0761 5000 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
22:55:14.0848 5000 wanatw - ok
22:55:14.0953 5000 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
22:55:15.0052 5000 wcncsvc - ok
22:55:15.0087 5000 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32

\WcsPlugInService.dll
22:55:15.0153 5000 WcsPlugInService - ok
22:55:15.0201 5000 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:55:15.0223 5000 Wd - ok
22:55:15.0298 5000 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:55:15.0337 5000 Wdf01000 - ok
22:55:15.0392 5000 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:55:15.0433 5000 WdiServiceHost - ok
22:55:15.0438 5000 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:55:15.0478 5000 WdiSystemHost - ok
22:55:15.0552 5000 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
22:55:15.0586 5000 WebClient - ok
22:55:15.0653 5000 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
22:55:15.0736 5000 Wecsvc - ok
22:55:15.0817 5000 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
22:55:15.0874 5000 wercplsupport - ok
22:55:15.0945 5000 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
22:55:16.0011 5000 WerSvc - ok
22:55:16.0163 5000 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:55:16.0323 5000 winachsf - ok
22:55:16.0472 5000 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows

Defender\mpsvc.dll
22:55:16.0501 5000 WinDefend - ok
22:55:16.0508 5000 WinHttpAutoProxySvc - ok
22:55:16.0646 5000 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
22:55:16.0682 5000 Winmgmt - ok
22:55:16.0886 5000 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
22:55:17.0031 5000 WinRM - ok
22:55:17.0143 5000 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
22:55:17.0288 5000 Wlansvc - ok
22:55:17.0292 5000 wltrysvc - ok
22:55:17.0366 5000 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:55:17.0423 5000 WmiAcpi - ok
22:55:17.0606 5000 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
22:55:17.0678 5000 wmiApSrv - ok
22:55:17.0941 5000 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media

Player\wmpnetwk.exe
22:55:18.0112 5000 WMPNetworkSvc - ok
22:55:18.0211 5000 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
22:55:18.0295 5000 WPCSvc - ok
22:55:18.0374 5000 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
22:55:18.0460 5000 WPDBusEnum - ok
22:55:18.0752 5000 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795)

C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:55:18.0798 5000 WPFFontCache_v0400 - ok
22:55:18.0885 5000 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:55:18.0952 5000 ws2ifsl - ok
22:55:19.0105 5000 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
22:55:19.0136 5000 wscsvc - ok
22:55:19.0146 5000 WSearch - ok
22:55:19.0470 5000 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
22:55:19.0565 5000 wuauserv - ok
22:55:19.0854 5000 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
22:55:19.0940 5000 wudfsvc - ok
22:55:20.0021 5000 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
22:55:20.0061 5000 XAudio - ok
22:55:20.0122 5000 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
22:55:20.0188 5000 XAudioService - ok
22:55:20.0304 5000 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
22:55:20.0350 5000 yukonwlh - ok
22:55:20.0434 5000 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7} (8903c6979ea677a9af3d36e0d3709203) C:\Program

Files\Dell\MediaDirect\000.fcl
22:55:20.0453 5000 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7} - ok
22:55:20.0482 5000 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
22:55:20.0791 5000 \Device\Harddisk0\DR0 - ok
22:55:20.0822 5000 Boot (0x1200) (1c87bb41b794aa77b498067de1159056) \Device\Harddisk0\DR0\Partition0
22:55:20.0824 5000 \Device\Harddisk0\DR0\Partition0 - ok
22:55:20.0828 5000 Boot (0x1200) (0dab315a2c7196f0433f490871d6586f) \Device\Harddisk0\DR0\Partition1
22:55:20.0830 5000 \Device\Harddisk0\DR0\Partition1 - ok
22:55:20.0831 5000 ============================================================
22:55:20.0831 5000 Scan finished
22:55:20.0831 5000 ============================================================
22:55:20.0847 2576 Detected object count: 1
22:55:20.0848 2576 Actual detected object count: 1
22:56:28.0686 2576 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:56:28.0686 2576 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

#10 MrCharlie

MrCharlie

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 28,256 posts
  • Gender:Male
  • Location:So. Plainfield, New Jersey, USA

Posted 26 April 2012 - 08:11 AM

Akamai:
http://en.wikipedia....ai_Technologies

-------------------------------------

That scan was clean.

Please download and run ComboFix.
The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:
If you get the message Illegal operation attempted on registry key that has been marked for deletion. after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.
MrC

Malware Removal Expert


Posted Image


I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.

Posted Image Thanks MrC & crew

#11 MrCharlie

MrCharlie

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 28,256 posts
  • Gender:Male
  • Location:So. Plainfield, New Jersey, USA

Posted 28 April 2012 - 06:46 AM

Do you still need help or can I close this post??

MrC

Malware Removal Expert


Posted Image


I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.

Posted Image Thanks MrC & crew

#12 LDTate

LDTate

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 21,126 posts
  • Gender:Male
  • Location:Missouri, USA

Posted 30 April 2012 - 09:54 AM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Larry Tate
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users