no secure mode

Hello:

today when i looked my email and i noticed that the server was telling me that someone entered in a suspicious proxy to the account, so they hacked my google account and send spam to all my contacts, already changed my password but i wasnt sure if that was enough so i run the tdsskiller and it didnt detected anything, but when i try to run secure mode, after a long wait in logs it sends me right back to the normal operation system not permitting me to enter to secure mode, dont know if i have to worry

Hope you can help me, Merry christmas and a happy new year

Jairo

Hi there! Same to you...

ComboFix scan

Please download ComboFix by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix


After the download:

• Close any open browsers.
  
• Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  
• Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  
• If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
  

Running ComboFix:

• Double click on ComboFix.exe & follow the prompts.
  
• When ComboFix finishes, it will produce a report for you.
  
• Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.
  

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

here is the log of the combo fix

ComboFix 12-12-27.03 - Giselle Fiorillo 27/12/2012 15:10:22.3.2 - x86
Running from: c:\users\Giselle Fiorillo\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-27 to 2012-12-27 )))))))))))))))))))))))))))))))
.
.
2012-12-27 20:17 . 2012-12-27 20:17 -------- d-----w- c:\users\Giselle Fiorillo\AppData\Local\temp
2012-12-27 20:17 . 2012-12-27 20:17 -------- d-----w- c:\users\Desktop\AppData\Local\temp
2012-12-27 20:17 . 2012-12-27 20:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-27 20:07 . 2012-12-27 20:07 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A45091ED-14B4-4B4F-BEBE-AB5F09E83EC4}\MpKsldb6cd6f2.sys
2012-12-27 18:19 . 2012-11-08 15:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A45091ED-14B4-4B4F-BEBE-AB5F09E83EC4}\mpengine.dll
2012-12-26 15:27 . 2012-11-08 15:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-24 00:42 . 2012-12-24 00:45 -------- d-----w- c:\program files\Dropbox
2012-12-23 18:42 . 2012-12-23 18:42 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-21 15:13 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-21 15:13 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-21 15:13 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-21 15:13 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-21 15:13 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-21 15:13 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-21 15:12 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-21 15:12 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-21 15:12 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-21 15:12 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-21 15:12 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-21 15:07 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 15:07 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-20 19:48 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-20 19:48 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-20 19:48 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-20 19:48 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-20 19:47 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-02 05:37 . 2012-12-02 05:37 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9D0B1B76-5F9C-4A15-8737-10D718296A7F}\gapaengine.dll
2012-12-02 05:33 . 2012-12-02 05:33 -------- d-----w- c:\program files\Microsoft Security Client
2012-12-02 05:00 . 2012-11-19 06:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B593586D-774E-44E1-8BE2-BA52AB836E48}\mpengine.dll
2012-11-30 21:47 . 2012-11-30 21:47 -------- d-----w- c:\users\Giselle Fiorillo\AppData\Roaming\Malwarebytes
2012-11-30 21:46 . 2012-11-30 21:46 -------- d-----w- c:\programdata\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-13 00:09 . 2012-11-17 18:10 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Giselle Fiorillo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Giselle Fiorillo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Giselle Fiorillo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-25 490880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-12-21 217088]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-29 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-29 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-29 137752]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29191725.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Giselle Fiorillo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla e Inicio rápido de OneNote 2007.lnk]
path=c:\users\Giselle Fiorillo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk
backup=c:\windows\pss\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-11-15 01:14 323392 ----a-w- c:\users\Giselle Fiorillo\Program Files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-10-18 20:27 455968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2012-03-08 23:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 21:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 18:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-05-24 04:05 296056 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2007-08-17 04:13 218408 ----a-w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLDB6CD6F2
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 20:25 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-17 22:24]
.
2012-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-17 22:24]
.
2012-12-12 c:\windows\Tasks\Norton Security Scan for Giselle Fiorillo.job
- c:\progra~1\NORTON~2\Engine\353~1.1\Nss.exe [2012-05-24 07:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyServer = proxy.acueducto.com.co:8080
uInternet Settings,ProxyOverride = ;*.local
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: vizzed.com\www
TCP: DhcpNameServer = 190.157.2.140 200.118.2.91
TCP: Interfaces\{81ED88E7-6C42-4E25-BE34-42448239436A}: NameServer = 172.18.2.11,172.18.2.2
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-27 15:17
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4192403315-1937591299-151386682-1000\Software\SecuROM\License information*]
"datasecu"=hex:89,10,aa,c9,98,32,41,35,3f,4f,c2,1a,9c,26,8e,92,69,bf,45,2f,3a,
51,14,d4,f4,24,b3,d3,54,80,43,ab,e1,4b,d7,33,78,07,ed,bd,da,f7,17,3b,a7,37,\
"rkeysecu"=hex:ec,5b,d9,2e,2e,e3,99,25,e9,12,27,6e,78,6d,3f,e6
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3308)
c:\users\Giselle Fiorillo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
Completion time: 2012-12-27 15:20:41
ComboFix-quarantined-files.txt 2012-12-27 20:20
ComboFix2.txt 2012-12-21 17:40
ComboFix3.txt 2012-12-02 04:49
.
Pre-Run: 8.867.934.208 bytes libres
Post-Run: 9.242.595.328 bytes libres
.
- - End Of File - - F22E74851538A40AE99E6C126CC3933B

Also runned a tdsskiller analysis, dont know if it helps, here is the log of that one too.

21:25:08.0143 5204 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:25:08.0186 5204 ============================================================
21:25:08.0186 5204 Current date / time: 2012/12/26 21:25:08.0186
21:25:08.0186 5204 SystemInfo:
21:25:08.0186 5204
21:25:08.0186 5204 OS Version: 6.0.6002 ServicePack: 2.0
21:25:08.0186 5204 Product type: Workstation
21:25:08.0187 5204 ComputerName: PERSONAL
21:25:08.0187 5204 UserName: Giselle Fiorillo
21:25:08.0187 5204 Windows directory: C:\Windows
21:25:08.0187 5204 System windows directory: C:\Windows
21:25:08.0187 5204 Processor architecture: Intel x86
21:25:08.0187 5204 Number of processors: 2
21:25:08.0187 5204 Page size: 0x1000
21:25:08.0187 5204 Boot type: Normal boot
21:25:08.0187 5204 ============================================================
21:25:10.0593 5204 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:25:10.0595 5204 ============================================================
21:25:10.0595 5204 \Device\Harddisk0\DR0:
21:25:10.0595 5204 MBR partitions:
21:25:10.0595 5204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x61A8000
21:25:10.0595 5204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A8800, BlocksNum 0x1701C000
21:25:10.0595 5204 ============================================================
21:25:10.0613 5204 C: <-> \Device\Harddisk0\DR0\Partition1
21:25:10.0693 5204 D: <-> \Device\Harddisk0\DR0\Partition2
21:25:10.0694 5204 ============================================================
21:25:10.0694 5204 Initialize success
21:25:10.0694 5204 ============================================================
21:25:15.0844 4884 ============================================================
21:25:15.0844 4884 Scan started
21:25:15.0844 4884 Mode: Manual;
21:25:15.0844 4884 ============================================================
21:25:17.0076 4884 ================ Scan system memory ========================
21:25:17.0076 4884 System memory - ok
21:25:17.0077 4884 ================ Scan services =============================
21:25:17.0860 4884 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
21:25:17.0866 4884 ACPI - ok
21:25:18.0008 4884 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:25:18.0024 4884 adp94xx - ok
21:25:18.0068 4884 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:25:18.0096 4884 adpahci - ok
21:25:18.0133 4884 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
21:25:18.0136 4884 adpu160m - ok
21:25:18.0156 4884 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:25:18.0160 4884 adpu320 - ok
21:25:18.0238 4884 [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
21:25:18.0248 4884 AdvancedSystemCareService6 - ok
21:25:18.0272 4884 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:25:18.0273 4884 AeLookupSvc - ok
21:25:18.0302 4884 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
21:25:18.0308 4884 AFD - ok
21:25:18.0328 4884 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:25:18.0330 4884 agp440 - ok
21:25:18.0377 4884 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:25:18.0393 4884 aic78xx - ok
21:25:18.0425 4884 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
21:25:18.0426 4884 ALG - ok
21:25:18.0447 4884 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
21:25:18.0457 4884 aliide - ok
21:25:18.0477 4884 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:25:18.0479 4884 amdagp - ok
21:25:18.0495 4884 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
21:25:18.0497 4884 amdide - ok
21:25:18.0513 4884 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
21:25:18.0514 4884 AmdK7 - ok
21:25:18.0536 4884 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:25:18.0538 4884 AmdK8 - ok
21:25:18.0565 4884 [ E05C9BB1798B8C590F6592FABB03A93E ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
21:25:18.0569 4884 ApfiltrService - ok
21:25:18.0595 4884 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
21:25:18.0596 4884 Appinfo - ok
21:25:18.0670 4884 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:25:18.0682 4884 Apple Mobile Device - ok
21:25:18.0711 4884 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
21:25:18.0714 4884 arc - ok
21:25:18.0731 4884 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:25:18.0733 4884 arcsas - ok
21:25:18.0897 4884 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:25:18.0905 4884 aspnet_state - ok
21:25:18.0939 4884 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:25:18.0940 4884 AsyncMac - ok
21:25:18.0977 4884 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
21:25:18.0977 4884 atapi - ok
21:25:19.0227 4884 [ 600EFE56F37ADBD65A0FB076B50D1B8D ] athr C:\Windows\system32\DRIVERS\athr.sys
21:25:19.0315 4884 athr - ok
21:25:19.0355 4884 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:25:19.0377 4884 AudioEndpointBuilder - ok
21:25:19.0388 4884 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:25:19.0391 4884 Audiosrv - ok
21:25:19.0430 4884 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
21:25:19.0467 4884 Beep - ok
21:25:19.0513 4884 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
21:25:19.0520 4884 BFE - ok
21:25:19.0585 4884 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
21:25:19.0607 4884 BITS - ok
21:25:19.0615 4884 blbdrive - ok
21:25:19.0655 4884 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:25:19.0668 4884 bowser - ok
21:25:19.0692 4884 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
21:25:19.0718 4884 BrFiltLo - ok
21:25:19.0738 4884 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
21:25:19.0788 4884 BrFiltUp - ok
21:25:19.0826 4884 [ B1564976D98E91FC764D5DC28A0297DA ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
21:25:19.0829 4884 Bridge - ok
21:25:19.0847 4884 [ B1564976D98E91FC764D5DC28A0297DA ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:25:19.0848 4884 BridgeMP - ok
21:25:19.0888 4884 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
21:25:19.0902 4884 Browser - ok
21:25:19.0929 4884 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
21:25:19.0931 4884 Brserid - ok
21:25:19.0955 4884 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
21:25:19.0957 4884 BrSerWdm - ok
21:25:19.0979 4884 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
21:25:19.0980 4884 BrUsbMdm - ok
21:25:19.0995 4884 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
21:25:19.0996 4884 BrUsbSer - ok
21:25:20.0017 4884 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:25:20.0019 4884 BTHMODEM - ok
21:25:20.0119 4884 catchme - ok
21:25:20.0168 4884 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:25:20.0177 4884 cdfs - ok
21:25:20.0224 4884 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:25:20.0226 4884 cdrom - ok
21:25:20.0269 4884 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
21:25:20.0270 4884 CertPropSvc - ok
21:25:20.0286 4884 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
21:25:20.0288 4884 circlass - ok
21:25:20.0344 4884 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
21:25:20.0346 4884 CLFS - ok
21:25:20.0437 4884 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:25:20.0440 4884 clr_optimization_v2.0.50727_32 - ok
21:25:20.0474 4884 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:25:20.0498 4884 clr_optimization_v4.0.30319_32 - ok
21:25:20.0538 4884 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:25:20.0547 4884 CmBatt - ok
21:25:20.0565 4884 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:25:20.0566 4884 cmdide - ok
21:25:20.0587 4884 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:25:20.0589 4884 Compbatt - ok
21:25:20.0597 4884 COMSysApp - ok
21:25:20.0630 4884 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:25:20.0632 4884 crcdisk - ok
21:25:20.0653 4884 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
21:25:20.0655 4884 Crusoe - ok
21:25:20.0699 4884 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:25:20.0703 4884 CryptSvc - ok
21:25:20.0790 4884 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:25:20.0813 4884 DcomLaunch - ok
21:25:20.0867 4884 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:25:20.0874 4884 DfsC - ok
21:25:21.0189 4884 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
21:25:21.0206 4884 DFSR - ok
21:25:21.0250 4884 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
21:25:21.0255 4884 Dhcp - ok
21:25:21.0298 4884 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
21:25:21.0300 4884 disk - ok
21:25:21.0341 4884 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:25:21.0344 4884 Dnscache - ok
21:25:21.0383 4884 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:25:21.0387 4884 dot3svc - ok
21:25:21.0411 4884 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
21:25:21.0415 4884 DPS - ok
21:25:21.0435 4884 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:25:21.0437 4884 drmkaud - ok
21:25:21.0494 4884 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:25:21.0517 4884 DXGKrnl - ok
21:25:21.0555 4884 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
21:25:21.0558 4884 E1G60 - ok
21:25:21.0585 4884 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
21:25:21.0588 4884 EapHost - ok
21:25:21.0625 4884 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
21:25:21.0629 4884 Ecache - ok
21:25:21.0692 4884 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:25:21.0698 4884 ehRecvr - ok
21:25:21.0729 4884 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
21:25:21.0731 4884 ehSched - ok
21:25:21.0747 4884 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
21:25:21.0748 4884 ehstart - ok
21:25:21.0771 4884 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:25:21.0777 4884 elxstor - ok
21:25:21.0840 4884 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
21:25:21.0857 4884 EMDMgmt - ok
21:25:21.0924 4884 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
21:25:21.0930 4884 EventSystem - ok
21:25:21.0969 4884 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
21:25:21.0972 4884 exfat - ok
21:25:22.0007 4884 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:25:22.0011 4884 fastfat - ok
21:25:22.0036 4884 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:25:22.0038 4884 fdc - ok
21:25:22.0062 4884 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
21:25:22.0064 4884 fdPHost - ok
21:25:22.0100 4884 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
21:25:22.0102 4884 FDResPub - ok
21:25:22.0128 4884 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:25:22.0130 4884 FileInfo - ok
21:25:22.0166 4884 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:25:22.0167 4884 Filetrace - ok
21:25:22.0181 4884 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:25:22.0182 4884 flpydisk - ok
21:25:22.0214 4884 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:25:22.0218 4884 FltMgr - ok
21:25:22.0281 4884 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
21:25:22.0312 4884 FontCache - ok
21:25:22.0379 4884 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:25:22.0381 4884 FontCache3.0.0.0 - ok
21:25:22.0410 4884 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
21:25:22.0412 4884 fssfltr - ok
21:25:22.0522 4884 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
21:25:22.0566 4884 fsssvc - ok
21:25:22.0573 4884 FsUsbExDisk - ok
21:25:22.0603 4884 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:25:22.0604 4884 Fs_Rec - ok
21:25:22.0633 4884 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:25:22.0635 4884 gagp30kx - ok
21:25:22.0663 4884 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:25:22.0664 4884 GEARAspiWDM - ok
21:25:22.0721 4884 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
21:25:22.0740 4884 gpsvc - ok
21:25:22.0840 4884 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1cac620a027f725 C:\Program Files\Google\Update\GoogleUpdate.exe
21:25:22.0843 4884 gupdate1cac620a027f725 - ok
21:25:22.0859 4884 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:25:22.0861 4884 gupdatem - ok
21:25:22.0892 4884 [ DE15777902A5D9121857D155873A1D1B ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys
21:25:22.0894 4884 HBtnKey - ok
21:25:22.0928 4884 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:25:22.0933 4884 HdAudAddService - ok
21:25:22.0981 4884 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:25:23.0000 4884 HDAudBus - ok
21:25:23.0029 4884 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:25:23.0031 4884 HidBth - ok
21:25:23.0046 4884 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
21:25:23.0048 4884 HidIr - ok
21:25:23.0085 4884 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
21:25:23.0087 4884 hidserv - ok
21:25:23.0126 4884 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:25:23.0128 4884 HidUsb - ok
21:25:23.0162 4884 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:25:23.0165 4884 hkmsvc - ok
21:25:23.0181 4884 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
21:25:23.0182 4884 HpCISSs - ok
21:25:23.0227 4884 [ 1882827F41DEE51C70E24C567C35BFB5 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:25:23.0260 4884 HSF_DPV - ok
21:25:23.0277 4884 [ A44DDF3BA83E4664BF4DE9220097578C ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:25:23.0282 4884 HSXHWAZL - ok
21:25:23.0323 4884 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:25:23.0331 4884 HTTP - ok
21:25:23.0346 4884 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
21:25:23.0348 4884 i2omp - ok
21:25:23.0397 4884 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:25:23.0399 4884 i8042prt - ok
21:25:23.0452 4884 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
21:25:23.0488 4884 iaStorV - ok
21:25:23.0590 4884 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:25:23.0611 4884 idsvc - ok
21:25:23.0686 4884 [ 04E385059DA704EC6659DDB1526C4193 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
21:25:23.0730 4884 igfx - ok
21:25:23.0753 4884 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:25:23.0755 4884 iirsp - ok
21:25:23.0799 4884 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
21:25:23.0820 4884 IKEEXT - ok
21:25:23.0864 4884 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
21:25:23.0865 4884 intelide - ok
21:25:23.0901 4884 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:25:23.0902 4884 intelppm - ok
21:25:23.0923 4884 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:25:23.0927 4884 IPBusEnum - ok
21:25:23.0951 4884 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:25:23.0953 4884 IpFilterDriver - ok
21:25:23.0994 4884 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:25:23.0999 4884 iphlpsvc - ok
21:25:24.0008 4884 IpInIp - ok
21:25:24.0034 4884 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
21:25:24.0036 4884 IPMIDRV - ok
21:25:24.0076 4884 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
21:25:24.0079 4884 IPNAT - ok
21:25:24.0129 4884 [ B84A28B3984185EDA8867541AF14CDDB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:25:24.0149 4884 iPod Service - ok
21:25:24.0171 4884 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:25:24.0172 4884 IRENUM - ok
21:25:24.0197 4884 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:25:24.0199 4884 isapnp - ok
21:25:24.0234 4884 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:25:24.0239 4884 iScsiPrt - ok
21:25:24.0258 4884 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
21:25:24.0260 4884 iteatapi - ok
21:25:24.0283 4884 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
21:25:24.0284 4884 iteraid - ok
21:25:24.0317 4884 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:25:24.0318 4884 kbdclass - ok
21:25:24.0349 4884 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:25:24.0351 4884 kbdhid - ok
21:25:24.0393 4884 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
21:25:24.0395 4884 KeyIso - ok
21:25:24.0447 4884 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:25:24.0456 4884 KSecDD - ok
21:25:24.0508 4884 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:25:24.0516 4884 KtmRm - ok
21:25:24.0553 4884 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
21:25:24.0558 4884 LanmanServer - ok
21:25:24.0580 4884 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:25:24.0587 4884 LanmanWorkstation - ok
21:25:24.0645 4884 [ 8577CA80212A3EE1CF2FD1FC91E1CFF6 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:25:24.0647 4884 LightScribeService - ok
21:25:24.0672 4884 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:25:24.0673 4884 lltdio - ok
21:25:24.0697 4884 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:25:24.0702 4884 lltdsvc - ok
21:25:24.0737 4884 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:25:24.0739 4884 lmhosts - ok
21:25:24.0772 4884 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:25:24.0774 4884 LSI_FC - ok
21:25:24.0792 4884 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:25:24.0794 4884 LSI_SAS - ok
21:25:24.0810 4884 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:25:24.0812 4884 LSI_SCSI - ok
21:25:24.0838 4884 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
21:25:24.0840 4884 luafv - ok
21:25:24.0874 4884 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:25:24.0877 4884 Mcx2Svc - ok
21:25:24.0949 4884 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:25:24.0956 4884 MDM - ok
21:25:24.0985 4884 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:25:24.0986 4884 mdmxsdk - ok
21:25:25.0007 4884 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
21:25:25.0008 4884 megasas - ok
21:25:25.0039 4884 [ 1F334EB2A13816DF45671EBB98896DA7 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
21:25:25.0041 4884 mfeapfk - ok
21:25:25.0064 4884 [ 8A1DEDBBDAD33587F6FAD780CE4B34B5 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
21:25:25.0066 4884 mfeavfk - ok
21:25:25.0127 4884 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:25:25.0129 4884 Microsoft Office Groove Audit Service - ok
21:25:25.0151 4884 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
21:25:25.0154 4884 MMCSS - ok
21:25:25.0184 4884 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
21:25:25.0186 4884 Modem - ok
21:25:25.0223 4884 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:25:25.0224 4884 monitor - ok
21:25:25.0232 4884 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:25:25.0234 4884 mouclass - ok
21:25:25.0255 4884 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:25:25.0256 4884 mouhid - ok
21:25:25.0281 4884 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
21:25:25.0282 4884 MountMgr - ok
21:25:25.0338 4884 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:25:25.0342 4884 MpFilter - ok
21:25:25.0379 4884 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
21:25:25.0382 4884 mpio - ok
21:25:25.0515 4884 [ A69630D039C38018689190234F866D77 ] MpKslbf05cd2f C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{80AD71A3-00CB-43F8-973A-C28225D6D623}\MpKslbf05cd2f.sys
21:25:25.0516 4884 MpKslbf05cd2f - ok
21:25:25.0538 4884 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:25:25.0540 4884 mpsdrv - ok
21:25:25.0589 4884 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
21:25:25.0599 4884 MpsSvc - ok
21:25:25.0631 4884 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
21:25:25.0633 4884 Mraid35x - ok
21:25:25.0667 4884 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:25:25.0670 4884 MRxDAV - ok
21:25:25.0705 4884 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:25:25.0708 4884 mrxsmb - ok
21:25:25.0742 4884 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:25:25.0747 4884 mrxsmb10 - ok
21:25:25.0768 4884 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:25:25.0771 4884 mrxsmb20 - ok
21:25:25.0784 4884 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
21:25:25.0786 4884 msahci - ok
21:25:25.0805 4884 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:25:25.0807 4884 msdsm - ok
21:25:25.0851 4884 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
21:25:25.0855 4884 MSDTC - ok
21:25:25.0894 4884 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:25:25.0895 4884 Msfs - ok
21:25:25.0937 4884 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:25:25.0938 4884 msisadrv - ok
21:25:25.0969 4884 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:25:25.0973 4884 MSiSCSI - ok
21:25:25.0979 4884 msiserver - ok
21:25:26.0007 4884 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:25:26.0009 4884 MSKSSRV - ok
21:25:26.0060 4884 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:25:26.0061 4884 MsMpSvc - ok
21:25:26.0082 4884 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:25:26.0084 4884 MSPCLOCK - ok
21:25:26.0103 4884 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:25:26.0105 4884 MSPQM - ok
21:25:26.0147 4884 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:25:26.0151 4884 MsRPC - ok
21:25:26.0174 4884 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:25:26.0176 4884 mssmbios - ok
21:25:26.0199 4884 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:25:26.0200 4884 MSTEE - ok
21:25:26.0233 4884 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
21:25:26.0235 4884 Mup - ok
21:25:26.0273 4884 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
21:25:26.0282 4884 napagent - ok
21:25:26.0322 4884 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:25:26.0326 4884 NativeWifiP - ok
21:25:26.0387 4884 [ 2637F26312ECCEEB6F110E95F1ECE243 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
21:25:26.0410 4884 NBService - ok
21:25:26.0466 4884 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:25:26.0477 4884 NDIS - ok
21:25:26.0521 4884 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:25:26.0522 4884 NdisTapi - ok
21:25:26.0556 4884 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:25:26.0557 4884 Ndisuio - ok
21:25:26.0600 4884 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:25:26.0603 4884 NdisWan - ok
21:25:26.0633 4884 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:25:26.0635 4884 NDProxy - ok
21:25:26.0646 4884 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:25:26.0648 4884 NetBIOS - ok
21:25:26.0692 4884 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
21:25:26.0696 4884 netbt - ok
21:25:26.0708 4884 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
21:25:26.0710 4884 Netlogon - ok
21:25:26.0747 4884 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
21:25:26.0754 4884 Netman - ok
21:25:26.0789 4884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:25:26.0807 4884 NetMsmqActivator - ok
21:25:26.0814 4884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:25:26.0816 4884 NetPipeActivator - ok
21:25:26.0857 4884 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
21:25:26.0864 4884 netprofm - ok
21:25:26.0874 4884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:25:26.0876 4884 NetTcpActivator - ok
21:25:26.0884 4884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:25:26.0889 4884 NetTcpPortSharing - ok
21:25:26.0918 4884 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:25:26.0920 4884 nfrd960 - ok
21:25:26.0975 4884 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:25:26.0977 4884 NisDrv - ok
21:25:27.0010 4884 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
21:25:27.0017 4884 NisSrv - ok
21:25:27.0044 4884 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:25:27.0049 4884 NlaSvc - ok
21:25:27.0085 4884 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:25:27.0086 4884 Npfs - ok
21:25:27.0120 4884 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
21:25:27.0122 4884 nsi - ok
21:25:27.0160 4884 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:25:27.0161 4884 nsiproxy - ok
21:25:27.0398 4884 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:25:27.0516 4884 Ntfs - ok
21:25:27.0547 4884 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
21:25:27.0562 4884 ntrigdigi - ok
21:25:27.0584 4884 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
21:25:27.0601 4884 Null - ok
21:25:27.0629 4884 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:25:27.0646 4884 nvraid - ok
21:25:27.0669 4884 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:25:27.0671 4884 nvstor - ok
21:25:27.0699 4884 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:25:27.0717 4884 nv_agp - ok
21:25:27.0724 4884 NwlnkFlt - ok
21:25:27.0733 4884 NwlnkFwd - ok
21:25:27.0843 4884 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:25:27.0878 4884 odserv - ok
21:25:27.0907 4884 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:25:27.0918 4884 ohci1394 - ok
21:25:27.0962 4884 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:25:28.0001 4884 ose - ok
21:25:28.0125 4884 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
21:25:28.0157 4884 p2pimsvc - ok
21:25:28.0178 4884 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
21:25:28.0188 4884 p2psvc - ok
21:25:28.0246 4884 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
21:25:28.0267 4884 Parport - ok
21:25:28.0311 4884 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:25:28.0334 4884 partmgr - ok
21:25:28.0722 4884 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
21:25:28.0747 4884 Parvdm - ok
21:25:28.0800 4884 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
21:25:28.0830 4884 PcaSvc - ok
21:25:28.0883 4884 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
21:25:28.0971 4884 pccsmcfd - ok
21:25:29.0088 4884 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
21:25:29.0126 4884 pci - ok
21:25:29.0261 4884 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
21:25:29.0275 4884 pciide - ok
21:25:29.0478 4884 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:25:29.0496 4884 pcmcia - ok
21:25:29.0780 4884 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:25:29.0910 4884 PEAUTH - ok
21:25:30.0313 4884 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
21:25:30.0510 4884 pla - ok
21:25:30.0584 4884 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:25:30.0624 4884 PlugPlay - ok
21:25:30.0716 4884 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
21:25:30.0723 4884 PNRPAutoReg - ok
21:25:30.0764 4884 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
21:25:30.0771 4884 PNRPsvc - ok
21:25:30.0847 4884 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:25:30.0876 4884 PolicyAgent - ok
21:25:30.0913 4884 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:25:30.0929 4884 PptpMiniport - ok
21:25:30.0954 4884 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
21:25:30.0964 4884 Processor - ok
21:25:31.0017 4884 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
21:25:31.0028 4884 ProfSvc - ok
21:25:31.0058 4884 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:25:31.0060 4884 ProtectedStorage - ok
21:25:31.0115 4884 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
21:25:31.0130 4884 PSched - ok
21:25:31.0326 4884 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:25:31.0411 4884 ql2300 - ok
21:25:31.0437 4884 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:25:31.0450 4884 ql40xx - ok
21:25:31.0678 4884 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
21:25:31.0731 4884 QWAVE - ok
21:25:31.0775 4884 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:25:31.0794 4884 QWAVEdrv - ok
21:25:31.0842 4884 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:25:31.0855 4884 RasAcd - ok
21:25:31.0904 4884 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
21:25:31.0934 4884 RasAuto - ok
21:25:31.0988 4884 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:25:32.0010 4884 Rasl2tp - ok
21:25:32.0102 4884 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
21:25:32.0152 4884 RasMan - ok
21:25:32.0196 4884 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:25:32.0215 4884 RasPppoe - ok
21:25:32.0265 4884 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:25:32.0286 4884 RasSstp - ok
21:25:32.0374 4884 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:25:32.0423 4884 rdbss - ok
21:25:32.0483 4884 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:25:32.0501 4884 RDPCDD - ok
21:25:32.0587 4884 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
21:25:32.0634 4884 rdpdr - ok
21:25:32.0662 4884 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:25:32.0676 4884 RDPENCDD - ok
21:25:32.0762 4884 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:25:32.0797 4884 RDPWD - ok
21:25:32.0856 4884 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:25:32.0882 4884 RemoteAccess - ok
21:25:32.0944 4884 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:25:32.0972 4884 RemoteRegistry - ok
21:25:33.0022 4884 [ EEC7EE5675294B03E88AA868540007C1 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
21:25:33.0044 4884 RMCAST - ok
21:25:33.0112 4884 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
21:25:33.0114 4884 RpcLocator - ok
21:25:33.0273 4884 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
21:25:33.0280 4884 RpcSs - ok
21:25:33.0316 4884 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:25:33.0327 4884 rspndr - ok
21:25:33.0385 4884 [ 8DE22FB05E4A0F797B1E442EB4B3B51C ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
21:25:33.0399 4884 RTL8023xp - ok
21:25:33.0447 4884 [ 68180821FEDEBB2B373D83A2D8E4E16A ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
21:25:33.0448 4884 RTSTOR - ok
21:25:33.0472 4884 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
21:25:33.0474 4884 SamSs - ok
21:25:33.0526 4884 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:25:33.0538 4884 sbp2port - ok
21:25:33.0578 4884 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:25:33.0606 4884 SCardSvr - ok
21:25:33.0786 4884 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
21:25:33.0874 4884 Schedule - ok
21:25:33.0898 4884 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:25:33.0899 4884 SCPolicySvc - ok
21:25:33.0958 4884 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:25:33.0989 4884 SDRSVC - ok
21:25:34.0032 4884 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:25:34.0051 4884 secdrv - ok
21:25:34.0110 4884 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
21:25:34.0128 4884 seclogon - ok
21:25:34.0181 4884 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
21:25:34.0190 4884 SENS - ok
21:25:34.0214 4884 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:25:34.0225 4884 Serenum - ok
21:25:34.0253 4884 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
21:25:34.0267 4884 Serial - ok
21:25:34.0292 4884 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:25:34.0307 4884 sermouse - ok
21:25:34.0540 4884 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
21:25:34.0728 4884 ServiceLayer - ok
21:25:34.0780 4884 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
21:25:34.0799 4884 SessionEnv - ok
21:25:34.0825 4884 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:25:34.0840 4884 sffdisk - ok
21:25:34.0864 4884 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:25:34.0878 4884 sffp_mmc - ok
21:25:34.0899 4884 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:25:34.0909 4884 sffp_sd - ok
21:25:34.0937 4884 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:25:34.0952 4884 sfloppy - ok
21:25:35.0054 4884 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:25:35.0119 4884 SharedAccess - ok
21:25:35.0275 4884 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:25:35.0331 4884 ShellHWDetection - ok
21:25:35.0352 4884 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:25:35.0372 4884 sisagp - ok
21:25:35.0419 4884 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
21:25:35.0439 4884 SiSRaid2 - ok
21:25:35.0462 4884 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:25:35.0486 4884 SiSRaid4 - ok
21:25:35.0589 4884 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:25:35.0618 4884 SkypeUpdate - ok
21:25:36.0097 4884 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
21:25:36.0125 4884 slsvc - ok
21:25:36.0174 4884 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
21:25:36.0178 4884 SLUINotify - ok
21:25:36.0221 4884 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:25:36.0226 4884 Smb - ok
21:25:36.0278 4884 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:25:36.0281 4884 SNMPTRAP - ok
21:25:36.0315 4884 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
21:25:36.0326 4884 spldr - ok
21:25:36.0359 4884 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
21:25:36.0363 4884 Spooler - ok
21:25:36.0443 4884 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:25:36.0449 4884 srv - ok
21:25:36.0494 4884 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:25:36.0498 4884 srv2 - ok
21:25:36.0519 4884 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:25:36.0522 4884 srvnet - ok
21:25:36.0548 4884 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:25:36.0554 4884 SSDPSRV - ok
21:25:36.0582 4884 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:25:36.0587 4884 SstpSvc - ok
21:25:36.0630 4884 Steam Client Service - ok
21:25:36.0722 4884 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
21:25:36.0754 4884 stisvc - ok
21:25:36.0788 4884 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:25:36.0789 4884 swenum - ok
21:25:36.0850 4884 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
21:25:36.0858 4884 swprv - ok
21:25:36.0887 4884 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
21:25:36.0888 4884 Symc8xx - ok
21:25:36.0910 4884 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
21:25:36.0912 4884 Sym_hi - ok
21:25:36.0925 4884 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
21:25:36.0927 4884 Sym_u3 - ok
21:25:36.0970 4884 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
21:25:36.0993 4884 SysMain - ok
21:25:37.0030 4884 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:25:37.0034 4884 TabletInputService - ok
21:25:37.0083 4884 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:25:37.0090 4884 TapiSrv - ok
21:25:37.0113 4884 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
21:25:37.0117 4884 TBS - ok
21:25:37.0169 4884 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:25:37.0190 4884 Tcpip - ok
21:25:37.0213 4884 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
21:25:37.0220 4884 Tcpip6 - ok
21:25:37.0261 4884 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:25:37.0263 4884 tcpipreg - ok
21:25:37.0290 4884 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:25:37.0292 4884 TDPIPE - ok
21:25:37.0317 4884 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:25:37.0318 4884 TDTCP - ok
21:25:37.0354 4884 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:25:37.0356 4884 tdx - ok
21:25:37.0375 4884 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:25:37.0377 4884 TermDD - ok
21:25:37.0404 4884 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
21:25:37.0423 4884 TermService - ok
21:25:37.0455 4884 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
21:25:37.0460 4884 Themes - ok
21:25:37.0479 4884 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
21:25:37.0481 4884 THREADORDER - ok
21:25:37.0513 4884 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
21:25:37.0518 4884 TrkWks - ok
21:25:37.0559 4884 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:25:37.0561 4884 TrustedInstaller - ok
21:25:37.0605 4884 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:25:37.0606 4884 tssecsrv - ok
21:25:37.0638 4884 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
21:25:37.0639 4884 tunmp - ok
21:25:37.0651 4884 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:25:37.0653 4884 tunnel - ok
21:25:37.0682 4884 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:25:37.0684 4884 uagp35 - ok
21:25:37.0730 4884 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:25:37.0735 4884 udfs - ok
21:25:37.0774 4884 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:25:37.0777 4884 UI0Detect - ok
21:25:37.0796 4884 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:25:37.0798 4884 uliagpkx - ok
21:25:37.0824 4884 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
21:25:37.0829 4884 uliahci - ok
21:25:37.0854 4884 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
21:25:37.0857 4884 UlSata - ok
21:25:37.0876 4884 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
21:25:37.0879 4884 ulsata2 - ok
21:25:37.0907 4884 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:25:37.0908 4884 umbus - ok
21:25:37.0950 4884 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
21:25:37.0958 4884 upnphost - ok
21:25:38.0007 4884 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
21:25:38.0009 4884 USBAAPL - ok
21:25:38.0036 4884 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:25:38.0038 4884 usbccgp - ok
21:25:38.0060 4884 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:25:38.0063 4884 usbcir - ok
21:25:38.0105 4884 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:25:38.0118 4884 usbehci - ok
21:25:38.0161 4884 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:25:38.0165 4884 usbhub - ok
21:25:38.0182 4884 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:25:38.0184 4884 usbohci - ok
21:25:38.0212 4884 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:25:38.0213 4884 usbprint - ok
21:25:38.0231 4884 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:25:38.0234 4884 USBSTOR - ok
21:25:38.0266 4884 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:25:38.0280 4884 usbuhci - ok
21:25:38.0296 4884 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:25:38.0299 4884 usbvideo - ok
21:25:38.0342 4884 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
21:25:38.0354 4884 UxSms - ok
21:25:38.0402 4884 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
21:25:38.0409 4884 vds - ok
21:25:38.0445 4884 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:25:38.0447 4884 vga - ok
21:25:38.0473 4884 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
21:25:38.0474 4884 VgaSave - ok
21:25:38.0492 4884 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:25:38.0494 4884 viaagp - ok
21:25:38.0517 4884 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:25:38.0519 4884 ViaC7 - ok
21:25:38.0536 4884 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
21:25:38.0537 4884 viaide - ok
21:25:38.0560 4884 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:25:38.0562 4884 volmgr - ok
21:25:38.0615 4884 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:25:38.0621 4884 volmgrx - ok
21:25:38.0691 4884 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:25:38.0707 4884 volsnap - ok
21:25:38.0732 4884 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:25:38.0736 4884 vsmraid - ok
21:25:38.0810 4884 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
21:25:38.0823 4884 VSS - ok
21:25:38.0879 4884 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
21:25:38.0898 4884 W32Time - ok
21:25:38.0917 4884 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:25:38.0918 4884 WacomPen - ok
21:25:38.0950 4884 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:25:38.0958 4884 Wanarp - ok
21:25:38.0963 4884 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:25:38.0965 4884 Wanarpv6 - ok
21:25:38.0986 4884 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:25:38.0997 4884 wcncsvc - ok
21:25:39.0031 4884 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:25:39.0047 4884 WcsPlugInService - ok
21:25:39.0066 4884 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
21:25:39.0067 4884 Wd - ok
21:25:39.0110 4884 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:25:39.0129 4884 Wdf01000 - ok
21:25:39.0166 4884 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:25:39.0171 4884 WdiServiceHost - ok
21:25:39.0176 4884 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:25:39.0180 4884 WdiSystemHost - ok
21:25:39.0222 4884 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
21:25:39.0238 4884 WebClient - ok
21:25:39.0257 4884 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:25:39.0263 4884 Wecsvc - ok
21:25:39.0296 4884 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:25:39.0301 4884 wercplsupport - ok
21:25:39.0346 4884 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
21:25:39.0352 4884 WerSvc - ok
21:25:39.0399 4884 [ E096FFB754F1E45AE1BDDAC1275AE2C5 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
21:25:39.0422 4884 winachsf - ok
21:25:39.0501 4884 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:25:39.0507 4884 WinDefend - ok
21:25:39.0526 4884 WinHttpAutoProxySvc - ok
21:25:39.0585 4884 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:25:39.0588 4884 Winmgmt - ok
21:25:39.0727 4884 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
21:25:39.0879 4884 WinRM - ok
21:25:39.0945 4884 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:25:39.0959 4884 Wlansvc - ok
21:25:40.0062 4884 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:25:40.0124 4884 wlidsvc - ok
21:25:40.0152 4884 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:25:40.0158 4884 WmiAcpi - ok
21:25:40.0206 4884 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:25:40.0209 4884 wmiApSrv - ok
21:25:40.0342 4884 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:25:40.0364 4884 WMPNetworkSvc - ok
21:25:40.0440 4884 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:25:40.0446 4884 WPCSvc - ok
21:25:40.0484 4884 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:25:40.0489 4884 WPDBusEnum - ok
21:25:40.0552 4884 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
21:25:40.0565 4884 WpdUsb - ok
21:25:40.0666 4884 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:25:40.0690 4884 WPFFontCache_v0400 - ok
21:25:40.0717 4884 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:25:40.0719 4884 ws2ifsl - ok
21:25:40.0760 4884 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
21:25:40.0764 4884 wscsvc - ok
21:25:40.0771 4884 WSearch - ok
21:25:40.0913 4884 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:25:40.0993 4884 wuauserv - ok
21:25:41.0023 4884 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:25:41.0024 4884 WudfPf - ok
21:25:41.0046 4884 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:25:41.0113 4884 WUDFRd - ok
21:25:41.0150 4884 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:25:41.0155 4884 wudfsvc - ok
21:25:41.0186 4884 [ 19E7C173B6242AD7521E537AE54768BF ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
21:25:41.0195 4884 XAudio - ok
21:25:41.0218 4884 [ CDA0BC78672B50C43649FF34E1FD0FF8 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
21:25:41.0226 4884 XAudioService - ok
21:25:41.0251 4884 ================ Scan global ===============================
21:25:41.0308 4884 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
21:25:41.0441 4884 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:25:41.0460 4884 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:25:41.0556 4884 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
21:25:41.0560 4884 [Global] - ok
21:25:41.0561 4884 ================ Scan MBR ==================================
21:25:41.0587 4884 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:25:42.0179 4884 \Device\Harddisk0\DR0 - ok
21:25:42.0179 4884 ================ Scan VBR ==================================
21:25:42.0192 4884 [ 780E5E1010B5D6A7ECD37F18D5748CDF ] \Device\Harddisk0\DR0\Partition1
21:25:42.0216 4884 \Device\Harddisk0\DR0\Partition1 - ok
21:25:42.0269 4884 [ B03D3602B88B026206B856791DFF80E4 ] \Device\Harddisk0\DR0\Partition2
21:25:42.0295 4884 \Device\Harddisk0\DR0\Partition2 - ok
21:25:42.0295 4884 ============================================================
21:25:42.0295 4884 Scan finished
21:25:42.0295 4884 ============================================================
21:25:42.0312 5360 Detected object count: 0
21:25:42.0312 5360 Actual detected object count: 0
21:26:16.0238 6048 Deinitialize success

Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

• Warning! Once the scan is complete JRT will shut down your browser with NO warning.

• Shut down your protection software now to avoid potential conflicts.
  
• Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
  
• Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator
  
• The tool will open and start scanning your system.
  
• Please be patient as this can take a while to complete depending on your system's specifications.
  
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  
• Copy and Paste the JRT.txt log into your next message.

Adware Cleaning

Please download AdwCleaner by Xplode onto your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  
• Click on Delete.
  
• A logfile will automatically open after the scan has finished.
  
• Please post the content of that logfile in your reply.
  
• You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit and save it to your desktop.

• Be sure to print out and follow the instructions provided on that same page for performing a scan.
  
• Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  
• When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  
• If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  
• Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  
• Copy and paste the contents of these two log files in your next reply.
  

hello, here are the logs of the analysis of JRT aswell as the analysis of the adwcleaner.

# AdwCleaner v2.104 - Fichero creado el 30/12/2012 a 10:33:12
# Actualizado el 29/12/2012 por Xplode
# Sistema operativo : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Usuario : Giselle Fiorillo - PERSONAL
# Modo de inicio : Normal
# Ejecutado desde : C:\Users\Giselle Fiorillo\Desktop\adwcleaner.exe
# Opción [Supresión]


***** [Servicios] *****


***** [Ficheros / Carpetas] *****


***** [Registro] *****

Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

***** [Navegadores] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] El registro no contiene ninguna entrada ilegítima.

-\\ Google Chrome v23.0.1271.97

Fichero : C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

*************************

AdwCleaner[S1].txt - [1747 octets] - [30/12/2012 10:33:12]

########## EOF - C:\AdwCleaner[S1].txt - [1807 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.3.2 (12.29.2012:3)
OS: Windows Vista (TM) Home Premium x86
Ran by Giselle Fiorillo on 30/12/2012 at 10:26:14,60
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\1clickdownload
Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\default tab
Successfully deleted: [Registry Key] hkey_local_machine\software\default tab
Successfully deleted: [Registry Key] hkey_local_machine\software\iminent
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\systweak
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\defaulttab
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escort.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Giselle Fiorillo\AppData\Roaming\defaulttab"
Successfully deleted: [Folder] "C:\Users\Giselle Fiorillo\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Giselle Fiorillo\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Giselle Fiorillo\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Giselle Fiorillo\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files\fbphotozoom"



~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\dhkplhfnhceodhffomolpfigojocbpcb



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/12/2012 at 10:29:27,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I was hesitant of using the malware-bytes anti-root kit, i dont have any experience doing backups and it says that is a beta and that some damages can be done to functional things of the PC,

Although if you tell me that its fine and its necessary, I will execute it.

thanks a lot,
Jairo

Let's do this instead, please:

Hitman Pro

Please download Hitman Pro

• After the download completes please double click the program to run it.
  
• Accept the terms of the license agreement and click Next
  
• Let the scan run. It will not take long
  
• When the scan finishes, and all the files have been uploaded to the Scan Cloud, click Next
  
• Click Next again. At the bottom left you will see Export Scan Results To XML File. Click that and save it in a convenient location
  
• Upload log.xml here for review please
  

Here is the hitman pro analysis



Ps: should i keep this programs or its better to erase them and download them again when they are needed? thanks for the help.

Jairo

What other problems are there?

I think that was it, thanx a lot!

Hi there. It all appears to be good, so we will finish up to make sure your computer is protected from malware in the future.

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."

To manually create a new Restore Point

• Go to Control Panel and select System and Maintenance
  
• Select System
  
• On the left select Advance System Settings and accept the warning if you get one
  
• Select System Protection Tab
  
• Select Create at the bottom
  
• Type in a name I.e. Clean
  
• Select Create
  

Remove tools, temp files, old Restore Points

Please run OTL

• Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:
  
  

  :files
  ipconfig /flushdns /c
  
  :commands
  [CLEARALLRESTOREPOINTS]
  [emptyflash]
  [emptytemp]
  [emptyjava]
  [reboot]

  
  
  
• Then click the Run Fix button at the top.
  
• Note: The fix for OTL sometimes hides your Desktop and Start menu so the cleanup can be completed. Do not be alerted, as this is normal.
  
• It may open a log for you, but I don't need that.

To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

• Click the CleanUp button.
  
• Select Yes when the "Begin cleanup Process?" prompt appears.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.
  

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.


Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

here is the log of security check

Results of screen317's Security Check version 0.99.56
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java 7 Update 6
Java version out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

it says that i dont have an antivirus, but microsoft security essentials is not an antivirus?

well thanks again for all the asistance with this issue, pretty glad that there are people willing to help the less expirienced .

I will like to make a donation but dont know how...(I live in colombia and im pretty hesitant about making online transactions with credit cards).

Thanx Again,
Jairo

It doesn't show the antivirus because the tool is buggy in trying to find what antivirus is running. It attempts to check the WMI for reporting information, but some antivirus tools do not report info to the WMI. Therefore, it will not list it as an antivirus, but it is good enough to have. MSE should be fine!

Java Update!

Please download the newest version of Java from Java.com.

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

Read more about Java exploit problems


Adobe Reader Update!

Please download the newest version of Adobe Acrobat Reader from Adobe.com

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.


Personal Tips on Preventing Malware

See this page for more info about malware and prevention.


As for the donation, see the donation/contribution link in my signature. You can pay via PayPal, which is a very secure protecting way to send a donation. It will encrypt your credit card data so no one has any access to it, then when you go to make a donation, it connects straight to your bank to make the transaction complete. It's very simple to do. If you need anymore help, let me know.