trj killav.nh

[delia12]

Ciao a tutti,
nel mio computer si annida trj killAV.NH. Ho provato ad eliminarlo con diversi programmi suggeriti su questo forum e sono arrivata ad utilizzare Combo.Fix. Anche dopo l'utilizzo di ComboFix continuano a generarsi spyware durante la navigazione con Internet explorer. Potreste leggere il log di Combofix e suggerirmi che cos'altro devo eliminare? Grazie.


ComboFix 12-08-14.02 - user 21/08/2012 17:06:30.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.3294.2348 [GMT 2:00]
Eseguito da: c:\users\user\Desktop\ComboFix.exe
AV: Panda Antivirus Pro 2012 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Antivirus Pro 2012 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
- MODALITÀ CON FUNZIONALITÀ RIDOTTE -
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\user\AppData\Local\Temp\{527D14FB-2365-437E-9B76-68E92BAD70CA}\fpb.tmp
.
.
((((((((((((((((((((((((( Files Creati Da 2012-07-21 al 2012-08-21 )))))))))))))))))))))))))))))))))))
.
.
2012-08-21 15:08 . 2012-08-21 15:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-21 13:16 . 2012-08-21 13:16 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1AB31298-7E9B-4EEC-9D44-E6A40DC41FF3}\offreg.dll
2012-08-21 13:10 . 2012-08-01 22:51 7023536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1AB31298-7E9B-4EEC-9D44-E6A40DC41FF3}\mpengine.dll
2012-08-19 18:36 . 2012-06-29 00:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-19 18:36 . 2012-06-29 01:00 140920 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-08-19 18:36 . 2012-06-29 00:06 194560 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2012-08-19 18:36 . 2012-06-29 00:06 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-08-19 18:36 . 2012-06-29 00:04 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-19 18:35 . 2012-06-29 00:16 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-19 18:35 . 2012-06-29 01:00 748664 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2012-08-19 18:35 . 2012-06-29 00:10 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-08-19 18:35 . 2012-06-29 00:10 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-08-19 18:35 . 2012-06-29 00:08 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-19 16:35 . 2012-08-19 16:35 -------- d-----w- c:\programdata\Malwarebytes
2012-08-19 15:47 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-19 15:47 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-19 15:47 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-14 19:07 . 2012-08-14 19:07 -------- d-----w- c:\programdata\Panda Software
2012-08-14 14:50 . 2012-08-14 15:01 -------- d-----w- c:\programdata\Tarma Installer
2012-08-14 14:50 . 2012-08-14 14:50 -------- d-----w- c:\programdata\Iminent
2012-08-14 14:49 . 2012-08-14 14:50 -------- d-----w- c:\program files\Iminent
2012-08-14 14:47 . 2012-08-14 14:47 -------- d-----w- c:\program files\Trend Micro
2012-08-14 13:57 . 2012-08-14 13:57 -------- d-----w- c:\programdata\Norton
2012-08-02 14:25 . 2012-08-02 14:25 1826624 ----a-w- c:\windows\system32\auto_reactivate.exe
2012-08-02 14:25 . 2012-08-02 14:25 -------- d-----r- C:\bootwiz
2012-08-02 12:44 . 2012-08-02 12:44 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-08-01 17:52 . 2008-03-17 09:57 103680 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2012-08-01 17:52 . 2008-03-17 09:05 101632 ----a-r- c:\windows\system32\drivers\ewusbmdm.sys
2012-08-01 17:52 . 2008-03-16 12:47 872192 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-08-01 17:52 . 2008-01-22 13:10 100864 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-08-01 17:52 . 2007-08-09 02:06 23424 ----a-r- c:\windows\system32\drivers\ewdcsc.sys
2012-08-01 17:52 . 2012-08-01 17:53 -------- d-----w- c:\program files\MD-@ HSUPA
2012-08-01 17:47 . 2012-08-01 17:47 -------- d-----w- c:\programdata\eMule
2012-07-31 17:06 . 2012-07-31 17:06 -------- d-----w- c:\program files\MSXML 4.0
2012-07-31 16:52 . 2012-07-31 16:52 159168 ----a-w- c:\windows\system32\drivers\afcdp.sys
2012-07-31 16:52 . 2012-07-31 16:52 911552 ----a-w- c:\windows\system32\drivers\tdrpm255.sys
2012-07-31 16:52 . 2012-07-31 16:52 570016 ----a-w- c:\windows\system32\drivers\timntr.sys
2012-07-31 16:52 . 2012-07-31 16:52 157248 ----a-w- c:\windows\system32\drivers\snapman.sys
2012-07-31 16:52 . 2012-07-31 16:52 -------- d-----w- c:\program files\Common Files\Acronis
2012-07-31 16:52 . 2012-07-31 16:52 -------- d-----w- c:\program files\Acronis
2012-07-31 16:43 . 2012-07-31 16:43 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2012-07-31 16:43 . 2012-07-31 16:44 -------- d-----w- c:\program files\DivX
2012-07-31 16:43 . 2012-07-31 16:43 -------- d-----w- c:\windows\tessdata
2012-07-31 16:43 . 2012-07-31 16:43 -------- d-----w- c:\program files\Softi Software
2012-07-31 16:41 . 2012-07-31 16:41 -------- d-----w- c:\program files\VideoLAN
2012-07-31 16:20 . 2012-07-31 16:20 -------- d-----w- C:\MiCla
2012-07-31 10:37 . 2012-07-31 10:37 -------- d-----w- c:\program files\Nuvoton Technology Corporation
2012-07-31 10:26 . 2012-07-31 10:31 -------- d-----w- c:\windows\Driver Cache
2012-07-31 10:26 . 2012-07-31 10:26 -------- d-----w- c:\program files\AVerMedia
2012-07-31 10:25 . 2009-06-09 11:28 64000 ------w- c:\windows\system32\agrsmdel.exe
2012-07-31 10:25 . 2012-07-31 10:25 -------- d-----w- c:\program files\LSI SoftModem
2012-07-31 10:24 . 2012-07-31 10:24 -------- d-----w- c:\windows\Options
2012-07-31 10:17 . 2012-07-31 10:17 -------- d-----w- c:\programdata\ATI
2012-07-31 10:15 . 2012-07-31 10:15 -------- d-----w- c:\program files\DIFX
2012-07-31 10:15 . 2012-07-31 10:15 -------- dc----w- c:\windows\system32\DRVSTORE
2012-07-31 10:15 . 2009-06-05 01:53 27320 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2012-07-31 10:15 . 2012-07-31 10:15 -------- d-----w- c:\program files\AMD
2012-07-31 10:10 . 2012-07-31 10:13 -------- d-----w- c:\program files\ATI Technologies
2012-07-31 10:10 . 2012-07-31 10:10 -------- d-----w- c:\program files\ATI
2012-07-31 10:00 . 2009-08-10 09:06 171520 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2012-07-31 09:57 . 2009-07-24 16:08 1658880 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE
2012-07-31 09:57 . 2009-07-24 13:44 8362 ----a-w- c:\windows\Suyin.reg
2012-07-31 09:57 . 2008-12-30 11:42 626688 ----a-w- c:\windows\Image.dll
2012-07-31 09:57 . 2008-07-29 17:29 200704 ----a-w- c:\windows\PLFSetI.exe
2012-07-31 09:57 . 2008-06-25 12:22 20480 ----a-w- c:\windows\USB_VIDEO_REG.exe
2012-07-31 09:47 . 2012-07-31 09:49 -------- d--h--w- c:\program files\Temp
2012-07-31 09:47 . 2009-06-24 08:43 831488 ----a-w- c:\windows\RtlExUpd.dll
2012-07-31 09:30 . 2012-07-31 09:30 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-07-31 09:29 . 2012-07-31 09:29 -------- d-----w- c:\windows\PCHEALTH
2012-07-31 09:29 . 2012-07-31 09:29 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-07-31 09:29 . 2012-07-31 09:29 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-07-31 09:27 . 2012-07-31 09:27 -------- d-----w- C:\IDE
2012-07-31 09:27 . 2012-07-31 09:27 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2012-07-31 09:26 . 2012-07-31 09:26 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-07-31 09:25 . 2012-08-19 18:39 -------- d-----w- c:\programdata\Microsoft Help
2012-07-31 09:25 . 2012-07-31 09:25 -------- d-----r- C:\MSOCache
2012-07-31 09:24 . 2012-07-31 09:41 -------- d-----w- c:\programdata\CyberLink
2012-07-31 09:20 . 2012-07-31 09:21 -------- d-----w- c:\program files\CyberLink
2012-07-31 07:45 . 2012-07-31 07:51 -------- d-----w- c:\programdata\Nero
2012-07-31 07:44 . 2012-07-31 07:45 -------- d-----w- c:\program files\Common Files\Nero
2012-07-31 07:44 . 2012-07-31 07:51 -------- d-----w- c:\program files\Nero
2012-07-31 07:36 . 2012-07-31 09:12 -------- d-----w- c:\program files\Microsoft.NET
2012-07-31 07:35 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2012-07-31 07:34 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2012-07-31 07:33 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-07-31 07:33 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-07-31 07:32 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin7.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin6.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin5.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin4.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin3.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin2.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin.dll
2012-07-31 07:12 . 2012-07-31 07:12 -------- d-----w- c:\program files\QuickTime
2012-07-31 07:12 . 2012-07-31 07:12 -------- d-----w- c:\programdata\Apple Computer
2012-07-31 07:11 . 2012-07-31 07:11 -------- d-----w- c:\program files\Protector Suite
2012-07-31 07:11 . 2012-07-31 07:11 -------- d-----w- c:\program files\Common Files\Apple
2012-07-31 07:11 . 2012-07-31 07:11 -------- d-----w- c:\program files\Apple Software Update
2012-07-31 07:11 . 2012-07-31 07:11 -------- d-----w- c:\programdata\Apple
2012-07-31 07:10 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-07-31 07:09 . 2012-07-31 07:10 -------- d-----w- c:\program files\Common Files\Adobe
2012-07-31 07:09 . 2009-07-21 12:18 1161760 ----a-w- c:\windows\system32\drivers\AGRSM.sys
2012-07-31 07:09 . 2009-06-09 11:28 64000 ----a-w- c:\windows\agrsmdel.exe
2012-07-31 07:09 . 2009-03-27 16:12 13824 ------w- c:\windows\system32\agrscoin.dll
2012-07-31 07:09 . 2009-08-23 05:01 103952 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2012-07-31 07:09 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2012-07-31 07:09 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-07-31 07:08 . 2012-08-19 18:39 -------- d-sh--w- c:\windows\Installer
2012-07-31 01:03 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-07-31 01:03 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-07-31 01:03 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-30 18:16 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-07-30 18:14 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2012-07-30 18:13 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2012-07-30 18:05 . 2012-07-30 17:13 -------- d-----w- c:\windows\Panther
2012-07-30 18:01 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-07-30 17:51 . 2012-05-31 10:25 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-30 17:29 . 2012-08-19 16:06 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-30 17:29 . 2012-08-19 16:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-30 17:29 . 2012-07-30 17:29 -------- d-----w- c:\windows\system32\Macromed
2012-07-30 17:25 . 2010-11-20 02:30 40704 ----a-w- c:\windows\system32\drivers\vmstorfl.sys
2012-07-30 17:20 . 2012-07-30 17:20 -------- d-----w- c:\windows\system32\EventProviders
2012-07-30 17:19 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-07-30 17:19 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-30 18:04 . 2012-07-30 18:04 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-07-30 18:04 . 2012-07-30 18:04 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-07-30 18:04 . 2012-07-30 18:04 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-07-30 18:04 . 2012-07-30 18:04 152064 ----a-w- c:\windows\system32\wextract.exe
2012-07-30 17:46 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-07-18 17:47 . 2012-08-19 15:48 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-06-29 00:09 . 2012-08-19 18:35 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-02 22:19 . 2012-07-30 17:14 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-07-30 17:14 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-07-30 17:14 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-07-30 17:14 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-07-30 17:14 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-07-30 17:14 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-07-30 17:14 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-07-30 17:14 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-07-30 17:14 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 04:40 . 2012-07-30 18:15 225280 ----a-w- c:\windows\system32\schannel.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mobile Partner"="c:\program files\MD-@ HSUPA\MD-@ HSUPA.exe" [2012-08-01 110592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"APVXDWIN"="c:\program files\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE" [2011-04-13 1000768]
"SCANINICIO"="c:\program files\Panda Security\Panda Antivirus Pro 2012\Inicio.exe" [2011-02-02 70464]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-02-18 77824]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2007-11-14 91432]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-23 7625248]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-10-06 5076088]
"Servizio Acronis Scheduler2"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-10-06 357688]
"Iminent"="c:\program files\Iminent\Iminent.exe" [2012-07-12 1073784]
"IminentMessenger"="c:\program files\Iminent\Iminent.Messengers.exe" [2012-07-12 884856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2010-03-24 10:55 55552 ----a-w- c:\windows\System32\avldr.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0auto_reactivate \\?\Volume{d81323cc-da68-11e1-84fb-806e6f6e6963}\bootwiz\asrm.bin
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 PavSRK.sys;PavSRK.sys;c:\windows\system32\PavSRK.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [x]
S0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [x]
S0 tdrpman255;Acronis Try&Decide and Restore Points filter (build 255);c:\windows\system32\DRIVERS\tdrpm255.sys [x]
S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [x]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm8660.sys [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 PavProc;Panda Process Protection Driver;c:\windows\system32\DRIVERS\PavProc.sys [x]
S2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [x]
S3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-08-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-30 16:06]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1272699340-3794242445-4243704677-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-30 17:29]
.
2012-08-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1272699340-3794242445-4243704677-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-30 17:29]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.facebook.com/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files\Panda Security\Panda Antivirus Pro 2012\TPSrv.exe
c:\program files\PANDA SECURITY\PANDA ANTIVIRUS PRO 2012\WebProxy.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe
c:\program files\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe
c:\program files\Common Files\Panda Security\PavShld\pavprsrv.exe
c:\program files\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe
c:\program files\Panda Security\Panda Antivirus Pro 2012\AVENGINE.EXE
c:\program files\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\conhost.exe
c:\users\user\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Ora fine scansione: 2012-08-21 17:14:51 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-08-21 15:14
ComboFix2.txt 2012-08-14 16:34
.
Pre-Run: 112.635.944.960 byte disponibili
Post-Run: 112.494.862.336 byte disponibili
.
- - End Of File - - EADD3E832237F66E393AFA7D3CF64C13

[FrancescoFDAC]

Scarica AdwCleaner: http://general-changelog-team.fr/fr/outils/3-adwcleaner
● termina tutti i programmi aperti
● clicca sul pulsante Search
● attendi pazientemente il termine della scansione; chiudi il file di testo che compare
● clicca sul pulsante Delete e conferma cliccando OK
● prosegui cliccando OK per altre due volte: il sistema si riavvia automaticamente
● allega il log nel prossimo post

Scarica Malwarebytes' Anti-Malware - Free Edition: http://www.malwarebytes.org
● doppio click su mbam-setup.exe per avviare il setup
● in fase di installazione, lascia la spunta alle voci b]Aggiorna Malwarebytes' Anti-Malware[/b] e Avvia Malwarebytes' Anti-Malware

Una volta eseguiti i passaggi indicati sopra:
● collega tutte le periferiche esterne che possiedi ( Chiavette USB, HDD Esterni, Lettori MP3... )
● verrà mostrata la schermata principale del tool: al messaggio che appare, clicca sul pulsante No
● clicca sul pulsante Scansione completa, e conferma cliccando il pulsante Scansione
● verrà richiesto quali drive scansionare; selezionali tutti, e clicca nuovamente su Scansione
● attendi pazientemente il termine della scansione
● una volta terminata, clicca sul pulsante OK e Mostra Risultati per visionare il Report
● verrà rilasciato automaticamente un file di testo: salvalo sul Desktop ed allegalo
● assicurati che tutte le voci siano selezionate, e clicca sul pulsante Rimuovi selezionati, in basso a sinistra
● il log può essere visionati cliccando sul tab Log dall'interfaccia principale del programma

Nota - riguardo al programma:
● se MalwareBytes incontrasse delle difficoltà nel rimuovere alcuni file, verranno mostrate delle finestre aggiuntive: clicca sul pulsante OK, e lascia procedere il programma alla disinfezione. Se MalwareBytes chiedesse di riavviare il sistema, fallo immediatamente

[delia12]

Grazie per la risposta. Ho eseguito tutte le istruzioni e i log risultanti sono questi:

AdwCleaner

# AdwCleaner v1.801 - Logfile created 08/23/2012 at 14:53:59
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : user - USER-PC
# Boot Mode : Normal
# Running from : C:\Users\user\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\Tarma Installer

***** [Registry] *****

Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.83

*************************

AdwCleaner[R1].txt - [5377 octets] - [23/08/2012 14:53:35]
AdwCleaner[S1].txt - [5424 octets] - [23/08/2012 14:53:59]

########## EOF - C:\AdwCleaner[S1].txt - [5552 octets] ##########

Malwarebytes

Malwarebytes Anti-Malware (Prova) 1.62.0.1300
http://www.malwarebytes.org

Versione database: v2012.08.23.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
user :: USER-PC [amministratore]

Protezione: Disattivata

23/08/2012 15:07:48
mbam-log-2012-08-23 (15-07-48).txt

Tipo di scansione: Scansione completa (C:\|D:\|E:\|F:\|G:\|H:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 290572
Tempo impiegato: 1 ore, 40 minuti, 36 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)

[FrancescoFDAC]

Sempre il solito problema?

Quale/i sono il file incriminati?

Francesco

[delia12]

Si, Panda 2012 ha di nuovo trovato il virus Trj/killAV.NH in:

1. c:\windows\installer\51045.msp[unk_0021][customizationfile.a1008a90.730b.4dbb.816e.e896972623f0]
2. c:\windows\installer\51045.msp[unk_0021][customizationfile.7e.4bf910.8174.4a44.8f14.4a70a03d8fed]

[FrancescoFDAC]

Script personalizzato di ComboFix

Avviso: non eseguire ComboFix di tua iniziativa; questo tool non è un giocattolo e non è adatto ad un uso quotidiano.

Apri il Block Note: Start> Tutti i programmi> Accessori> Blocco note
● all'interno del nuovo documento di testo, copia ed incolla le seguenti righe:


File::
c:\windows\installer\51045.msp

Folder::
c:\programdata\Iminent
c:\program files\Iminent


● chiama questo file CFScript.txt, e posizionalo sul Desktop, affianco a ComboFix - se ComboFix non fosse sul Desktop provvedi a spostarlo li-

Molto importante! Disabilita temporaneamente il tuo antivirus e firewall prima di seguire la procedura indicata. Potrebbero infatti interferire con ComboFix o rimuovere alcuni dei suoi file incorporati che possono portare a risultati imprevedibili.
Facendo riferimento all'immagine presente qui sotto, trascina con il puntatore del mouse CFScript.txt sull'icona di ComboFix
ComboFix ora eseguirà una scansione del tuo sistema. Una volta terminata, potrebbe riavviare automaticamente il sistema: in caso contrario, procedi tu manualmente.
A questo punto, il programma produrrà un Report. Copia ed incolla il log nel tuo prossimo post.



Nota - riguardo alla procedura:
● non toccare assolutamente il mouse e la tastiera durante la scansione: potrebbe interrompersi
N.B :
● se viene visualizzato l'errore: Operazione non valida tentata su una chiave di registro che è stato contrassegnato per l'eliminazione, dovrai semplicemente riavviare il sistema e ripetere lo Script

[delia12]

Ciao,
ho eseguito lo script personalizzato di combofix e, poi, ho fatto di nuovo l'analisi con il mio antivirus che rileva ancora il virus sempre negli stessi files.
Incollo il log di combofix:

ComboFix 12-08-25.04 - user 25/08/2012 14:45:05.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.3294.2291 [GMT 2:00]
Eseguito da: c:\users\user\Desktop\ComboFix.exe
Opzioni usate :: c:\users\user\Desktop\CFScript.txt
AV: Panda Antivirus Pro 2012 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Antivirus Pro 2012 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\installer\51045.msp"
.
.
((((((((((((((((((((((((( Files Creati Da 2012-07-25 al 2012-08-25 )))))))))))))))))))))))))))))))))))
.
.
2012-08-25 12:52 . 2012-08-25 12:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-24 16:32 . 2012-08-01 22:51 7023536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A4F46980-C3D0-4E41-927C-0CF688C75AF9}\mpengine.dll
2012-08-19 18:36 . 2012-06-29 00:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-19 18:36 . 2012-06-29 01:00 140920 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-08-19 18:36 . 2012-06-29 00:06 194560 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2012-08-19 18:36 . 2012-06-29 00:06 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-08-19 18:36 . 2012-06-29 00:04 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-19 18:35 . 2012-06-29 00:16 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-19 18:35 . 2012-06-29 00:09 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-19 18:35 . 2012-06-29 01:00 748664 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2012-08-19 18:35 . 2012-06-29 00:10 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-08-19 18:35 . 2012-06-29 00:10 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-08-19 18:35 . 2012-06-29 00:08 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-19 16:35 . 2012-08-19 16:35 -------- d-----w- c:\programdata\Malwarebytes
2012-08-19 15:48 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-19 15:48 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-19 15:47 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-19 15:47 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-19 15:47 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-19 15:47 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-19 15:47 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-14 19:07 . 2012-08-14 19:07 -------- d-----w- c:\programdata\Panda Software
2012-08-14 13:57 . 2012-08-14 13:57 -------- d-----w- c:\programdata\Norton
2012-08-02 14:25 . 2012-08-02 14:25 1826624 ----a-w- c:\windows\system32\auto_reactivate.exe
2012-08-02 14:25 . 2012-08-02 14:25 -------- d-----r- C:\bootwiz
2012-08-02 12:44 . 2012-08-02 12:44 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-08-01 17:52 . 2008-03-17 09:57 103680 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2012-08-01 17:52 . 2008-03-17 09:05 101632 ----a-r- c:\windows\system32\drivers\ewusbmdm.sys
2012-08-01 17:52 . 2008-03-16 12:47 872192 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-08-01 17:52 . 2008-01-22 13:10 100864 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-08-01 17:52 . 2007-08-09 02:06 23424 ----a-r- c:\windows\system32\drivers\ewdcsc.sys
2012-08-01 17:52 . 2012-08-01 17:53 -------- d-----w- c:\program files\MD-@ HSUPA
2012-08-01 17:47 . 2012-08-01 17:47 -------- d-----w- c:\programdata\eMule
2012-07-31 17:06 . 2012-07-31 17:06 -------- d-----w- c:\program files\MSXML 4.0
2012-07-31 16:52 . 2012-07-31 16:52 159168 ----a-w- c:\windows\system32\drivers\afcdp.sys
2012-07-31 16:52 . 2012-07-31 16:52 911552 ----a-w- c:\windows\system32\drivers\tdrpm255.sys
2012-07-31 16:52 . 2012-07-31 16:52 570016 ----a-w- c:\windows\system32\drivers\timntr.sys
2012-07-31 16:52 . 2012-07-31 16:52 157248 ----a-w- c:\windows\system32\drivers\snapman.sys
2012-07-31 16:52 . 2012-07-31 16:52 -------- d-----w- c:\program files\Common Files\Acronis
2012-07-31 16:52 . 2012-07-31 16:52 -------- d-----w- c:\program files\Acronis
2012-07-31 16:43 . 2012-07-31 16:43 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2012-07-31 16:43 . 2012-07-31 16:44 -------- d-----w- c:\program files\DivX
2012-07-31 16:43 . 2012-07-31 16:43 -------- d-----w- c:\windows\tessdata
2012-07-31 16:43 . 2012-07-31 16:43 -------- d-----w- c:\program files\Softi Software
2012-07-31 16:41 . 2012-07-31 16:41 -------- d-----w- c:\program files\VideoLAN
2012-07-31 16:20 . 2012-07-31 16:20 -------- d-----w- C:\MiCla
2012-07-31 10:37 . 2012-07-31 10:37 -------- d-----w- c:\program files\Nuvoton Technology Corporation
2012-07-31 10:26 . 2012-07-31 10:31 -------- d-----w- c:\windows\Driver Cache
2012-07-31 10:26 . 2012-07-31 10:26 -------- d-----w- c:\program files\AVerMedia
2012-07-31 10:25 . 2009-06-09 11:28 64000 ------w- c:\windows\system32\agrsmdel.exe
2012-07-31 10:25 . 2012-07-31 10:25 -------- d-----w- c:\program files\LSI SoftModem
2012-07-31 10:24 . 2012-07-31 10:24 -------- d-----w- c:\windows\Options
2012-07-31 10:17 . 2012-07-31 10:17 -------- d-----w- c:\programdata\ATI
2012-07-31 10:15 . 2012-07-31 10:15 -------- d-----w- c:\program files\DIFX
2012-07-31 10:15 . 2012-07-31 10:15 -------- dc----w- c:\windows\system32\DRVSTORE
2012-07-31 10:15 . 2009-06-05 01:53 27320 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2012-07-31 10:15 . 2012-07-31 10:15 -------- d-----w- c:\program files\AMD
2012-07-31 10:10 . 2012-07-31 10:13 -------- d-----w- c:\program files\ATI Technologies
2012-07-31 10:10 . 2012-07-31 10:10 -------- d-----w- c:\program files\ATI
2012-07-31 10:03 . 2012-07-31 10:03 -------- d-----w- c:\windows\system32\sda
2012-07-31 10:00 . 2009-08-10 09:06 171520 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2012-07-31 10:00 . 2009-06-22 09:51 270336 ----a-w- c:\windows\system32\RtsUStor.dll
2012-07-31 10:00 . 2009-02-02 16:27 7360512 ----a-w- c:\windows\system32\RTSUSTORicon.dll
2012-07-31 09:57 . 2009-07-24 16:08 1658880 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE
2012-07-31 09:57 . 2009-07-24 13:44 8362 ----a-w- c:\windows\Suyin.reg
2012-07-31 09:57 . 2008-12-30 11:42 626688 ----a-w- c:\windows\Image.dll
2012-07-31 09:57 . 2008-07-29 17:29 200704 ----a-w- c:\windows\PLFSetI.exe
2012-07-31 09:57 . 2008-06-25 12:22 20480 ----a-w- c:\windows\USB_VIDEO_REG.exe
2012-07-31 09:47 . 2012-07-31 09:49 -------- d--h--w- c:\program files\Temp
2012-07-31 09:47 . 2009-06-24 08:43 831488 ----a-w- c:\windows\RtlExUpd.dll
2012-07-31 09:30 . 2012-07-31 09:30 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-07-31 09:29 . 2012-07-31 09:29 -------- d-----w- c:\windows\PCHEALTH
2012-07-31 09:29 . 2012-07-31 09:29 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-07-31 09:29 . 2012-07-31 09:29 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-07-31 09:27 . 2012-07-31 09:27 -------- d-----w- C:\IDE
2012-07-31 09:27 . 2012-07-31 09:27 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2012-07-31 09:26 . 2012-07-31 09:26 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-07-31 09:25 . 2012-08-19 18:39 -------- d-----w- c:\programdata\Microsoft Help
2012-07-31 09:25 . 2012-07-31 09:25 -------- d-----r- C:\MSOCache
2012-07-31 09:24 . 2012-07-31 09:41 -------- d-----w- c:\programdata\CyberLink
2012-07-31 09:20 . 2012-07-31 09:21 -------- d-----w- c:\program files\CyberLink
2012-07-31 07:45 . 2012-07-31 07:51 -------- d-----w- c:\programdata\Nero
2012-07-31 07:44 . 2012-07-31 07:45 -------- d-----w- c:\program files\Common Files\Nero
2012-07-31 07:44 . 2012-07-31 07:51 -------- d-----w- c:\program files\Nero
2012-07-31 07:36 . 2012-07-31 09:12 -------- d-----w- c:\program files\Microsoft.NET
2012-07-31 07:35 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2012-07-31 07:34 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2012-07-31 07:33 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-07-31 07:33 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-07-31 07:32 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin7.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin6.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin5.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin4.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin3.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin2.dll
2012-07-31 07:12 . 2012-07-31 07:12 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin.dll
2012-07-31 07:12 . 2012-07-31 07:12 -------- d-----w- c:\program files\QuickTime
2012-07-31 07:12 . 2012-07-31 07:12 -------- d-----w- c:\programdata\Apple Computer
2012-07-31 07:11 . 2012-07-31 07:11 -------- d-----w- c:\program files\Protector Suite
2012-07-31 07:11 . 2012-07-31 07:11 -------- d-----w- c:\program files\Common Files\Apple
2012-07-31 07:11 . 2012-07-31 07:11 -------- d-----w- c:\program files\Apple Software Update
2012-07-31 07:11 . 2012-07-31 07:11 -------- d-----w- c:\programdata\Apple
2012-07-31 07:10 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-07-31 07:09 . 2012-07-31 07:10 -------- d-----w- c:\program files\Common Files\Adobe
2012-07-31 07:09 . 2009-07-21 12:18 1161760 ----a-w- c:\windows\system32\drivers\AGRSM.sys
2012-07-31 07:09 . 2009-06-09 11:28 64000 ----a-w- c:\windows\agrsmdel.exe
2012-07-31 07:09 . 2009-03-27 16:12 13824 ------w- c:\windows\system32\agrscoin.dll
2012-07-31 07:09 . 2009-08-23 05:01 103952 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2012-07-31 07:09 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2012-07-31 07:09 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-07-31 07:08 . 2012-08-23 12:40 -------- d-sh--w- c:\windows\Installer
2012-07-31 01:30 . 2012-07-31 01:30 -------- d-----w- c:\windows\system32\Wat
2012-07-31 01:03 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-07-31 01:03 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-07-31 01:03 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-07-31 01:03 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-07-31 01:03 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-30 18:16 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-07-30 18:14 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2012-07-30 18:13 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2012-07-30 18:05 . 2012-07-30 17:13 -------- d-----w- c:\windows\Panther
2012-07-30 18:01 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-07-30 17:51 . 2012-05-31 10:25 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-30 17:51 . 2012-07-30 17:51 -------- d-----w- c:\windows\system32\SPReview
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-30 17:46 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mobile Partner"="c:\program files\MD-@ HSUPA\MD-@ HSUPA.exe" [2012-08-01 110592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"APVXDWIN"="c:\program files\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE" [2011-04-13 1000768]
"SCANINICIO"="c:\program files\Panda Security\Panda Antivirus Pro 2012\Inicio.exe" [2011-02-02 70464]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-02-18 77824]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2007-11-14 91432]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-23 7625248]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-10-06 5076088]
"Servizio Acronis Scheduler2"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-10-06 357688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2010-03-24 10:55 55552 ----a-w- c:\windows\System32\avldr.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0auto_reactivate \\?\Volume{d81323cc-da68-11e1-84fb-806e6f6e6963}\bootwiz\asrm.bin
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 PavSRK.sys;PavSRK.sys;c:\windows\system32\PavSRK.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [x]
S0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [x]
S0 tdrpman255;Acronis Try&Decide and Restore Points filter (build 255);c:\windows\system32\DRIVERS\tdrpm255.sys [x]
S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [x]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm8660.sys [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 PavProc;Panda Process Protection Driver;c:\windows\system32\DRIVERS\PavProc.sys [x]
S2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [x]
S3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-08-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-30 16:06]
.
2012-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1272699340-3794242445-4243704677-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-30 17:29]
.
2012-08-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1272699340-3794242445-4243704677-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-30 17:29]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.facebook.com/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2012-08-25 14:55:45
ComboFix-quarantined-files.txt 2012-08-25 12:55
ComboFix2.txt 2012-08-14 16:34
.
Pre-Run: 109.070.581.760 byte disponibili
Post-Run: 109.051.043.840 byte disponibili
.
- - End Of File - - 545DA4918C2ADA43784C50CAEAF149BC

[FrancescoFDAC]

Scarica Everything Search Engine: http://www.voidtools.com
● in fase di installazione togli la spunta a Run at startup, nel tab Select components to install
● il programma si avvierà automaticamente, una volta finita l'installazione

A questo punto digita [b]51045.msp/b] e posta qui cosa trova.

[delia12]

Trova solo un 51045.msp nel percorso C:\Windows\Installer.

[FrancescoFDAC]

Scarica Kaspersky TDSS Killer: http://support.kaspersky.com/downloads/ ... killer.exe
● posiziona il file scaricato sul Desktop
● clicca due volte sul file TDSSKiller.exe per avviare l'applicazione
● successivamente premi il pulsante Start scan

Nota - riguardo al programma:
● non cliccare sul pulsante Stop scan per nessun motivo, la scansione si interromperebbe

Giunti a questo punto, inizia la scansione del sistema alla ricerca di software malevolo:
● se viene trovato un file infetto, l'azione di default sarà Cure: clicca quindi su Continua
● se viene trovato un file sospetto, l'azione di default sarà Skip: clicca quindi su Continua
● se non viene rilevato nulla, chiudi semplicemente il programma al termine della scansione

Una volta terminata la scansione, si presenterà una di queste due opzioni:
● non è necessario il riavvio del sistema: allega il Report situato nel Disco Locale C:\, di nome TDSSKiller.[Version]_[Date]_[Time]_log.txt
● è necessario riavviare il sistema: clicca su Riavvia ora, infine allega il risultato della scansione (si trova nello stesso percorso menzionato poco fa')

[delia12]

Devo dividere il report in diversi post, se c'è un modo per allegare spiegamelo, perchè io non vedo nessun pulsante per inserire allegati. Grazie. Eccolo:

19:02:24.0854 5472 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
19:02:25.0274 5472 ============================================================
19:02:25.0275 5472 Current date / time: 2012/08/25 19:02:25.0274
19:02:25.0275 5472 SystemInfo:
19:02:25.0275 5472
19:02:25.0275 5472 OS Version: 6.1.7601 ServicePack: 1.0
19:02:25.0275 5472 Product type: Workstation
19:02:25.0276 5472 ComputerName: USER-PC
19:02:25.0288 5472 UserName: user
19:02:25.0288 5472 Windows directory: C:\Windows
19:02:25.0288 5472 System windows directory: C:\Windows
19:02:25.0292 5472 Processor architecture: Intel x86
19:02:25.0292 5472 Number of processors: 2
19:02:25.0292 5472 Page size: 0x1000
19:02:25.0292 5472 Boot type: Normal boot
19:02:25.0292 5472 ============================================================
19:02:27.0040 5472 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:02:27.0044 5472 Drive \Device\Harddisk1\DR1 - Size: 0x787FFE00 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:02:27.0056 5472 ============================================================
19:02:27.0057 5472 \Device\Harddisk0\DR0:
19:02:27.0062 5472 MBR partitions:
19:02:27.0062 5472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:02:27.0062 5472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x10E43000
19:02:27.0062 5472 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10E75800, BlocksNum 0xC34F140
19:02:27.0062 5472 \Device\Harddisk1\DR1:
19:02:27.0063 5472 MBR partitions:
19:02:27.0063 5472 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3C3FC0
19:02:27.0063 5472 ============================================================
19:02:27.0102 5472 C: <-> \Device\Harddisk0\DR0\Partition2
19:02:27.0139 5472 E: <-> \Device\Harddisk0\DR0\Partition3
19:02:27.0140 5472 ============================================================
19:02:27.0140 5472 Initialize success
19:02:27.0140 5472 ============================================================
19:03:07.0165 4556 ============================================================
19:03:07.0165 4556 Scan started
19:03:07.0165 4556 Mode: Manual;
19:03:07.0165 4556 ============================================================
19:03:07.0899 4556 ================ Scan system memory ========================
19:03:07.0899 4556 System memory - ok
19:03:07.0899 4556 ================ Scan services =============================
19:03:08.0101 4556 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:03:08.0101 4556 1394ohci - ok
19:03:08.0164 4556 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:03:08.0195 4556 ACPI - ok
19:03:08.0226 4556 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:03:08.0226 4556 AcpiPmi - ok
19:03:08.0351 4556 [ 2D01228703A7BB1EDBC965818AB32B76 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
19:03:08.0382 4556 AcrSch2Svc - ok
19:03:08.0429 4556 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:03:08.0445 4556 AdobeFlashPlayerUpdateSvc - ok
19:03:08.0507 4556 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:03:08.0538 4556 adp94xx - ok
19:03:08.0569 4556 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:03:08.0585 4556 adpahci - ok
19:03:08.0601 4556 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:03:08.0601 4556 adpu320 - ok
19:03:08.0647 4556 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:03:08.0647 4556 AeLookupSvc - ok
19:03:08.0663 4556 [ F1A693939BB6CD0067C318461FF252B5 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
19:03:08.0679 4556 afcdp - ok
19:03:08.0788 4556 [ 1D139AD435CE21F252DF0688C9FC8C3C ] afcdpsrv C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
19:03:08.0835 4556 afcdpsrv - ok
19:03:08.0881 4556 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
19:03:08.0881 4556 AFD - ok
19:03:08.0928 4556 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
19:03:08.0944 4556 AgereModemAudio - ok
19:03:08.0991 4556 [ 07758C2196A62F207F77556311E7459A ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
19:03:09.0022 4556 AgereSoftModem - ok
19:03:09.0053 4556 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
19:03:09.0053 4556 agp440 - ok
19:03:09.0084 4556 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:03:09.0084 4556 aic78xx - ok
19:03:09.0131 4556 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:03:09.0147 4556 ALG - ok
19:03:09.0162 4556 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
19:03:09.0178 4556 aliide - ok
19:03:09.0225 4556 [ 09EDD12A8768304C0B797862A218114D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:03:09.0225 4556 AMD External Events Utility - ok
19:03:09.0256 4556 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:03:09.0256 4556 amdagp - ok
19:03:09.0287 4556 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
19:03:09.0287 4556 amdide - ok
19:03:09.0318 4556 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:03:09.0318 4556 AmdK8 - ok
19:03:09.0334 4556 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:03:09.0349 4556 AmdPPM - ok
19:03:09.0365 4556 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:03:09.0365 4556 amdsata - ok
19:03:09.0381 4556 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:03:09.0396 4556 amdsbs - ok
19:03:09.0396 4556 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:03:09.0396 4556 amdxata - ok
19:03:09.0443 4556 [ 36B58A8BAFE100DE90C87A3C0E56A3F2 ] AmFSM C:\Windows\system32\DRIVERS\amm8660.sys
19:03:09.0474 4556 AmFSM - ok
19:03:09.0521 4556 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
19:03:09.0521 4556 AppID - ok
19:03:09.0568 4556 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:03:09.0646 4556 AppIDSvc - ok
19:03:09.0677 4556 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
19:03:09.0693 4556 Appinfo - ok
19:03:09.0724 4556 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
19:03:09.0802 4556 AppMgmt - ok
19:03:09.0849 4556 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:03:09.0864 4556 arc - ok
19:03:09.0880 4556 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:03:09.0880 4556 arcsas - ok
19:03:09.0911 4556 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:03:09.0927 4556 AsyncMac - ok
19:03:09.0958 4556 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
19:03:09.0973 4556 atapi - ok
19:03:10.0083 4556 [ B01751CC563AECAC09BBE36AAA21FBEF ] athr C:\Windows\system32\DRIVERS\athr.sys
19:03:10.0114 4556 athr - ok
19:03:10.0192 4556 [ BF10613B3E16C1B4D7DE59DB564314CD ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
19:03:10.0207 4556 AtiHdmiService - ok
19:03:10.0441 4556 [ 65E22AA757601FB497EF495B202FB1A9 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:03:10.0613 4556 atikmdag - ok
19:03:10.0644 4556 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:03:10.0660 4556 AtiPcie - ok
19:03:10.0722 4556 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:03:10.0738 4556 AudioEndpointBuilder - ok
19:03:10.0769 4556 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:03:10.0769 4556 Audiosrv - ok
19:03:10.0816 4556 AvFlt - ok
19:03:10.0878 4556 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:03:10.0878 4556 AxInstSV - ok
19:03:10.0925 4556 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:03:10.0941 4556 b06bdrv - ok
19:03:10.0987 4556 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:03:10.0987 4556 b57nd60x - ok
19:03:11.0034 4556 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:03:11.0065 4556 BDESVC - ok
19:03:11.0097 4556 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:03:11.0097 4556 Beep - ok
19:03:11.0143 4556 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
19:03:11.0143 4556 BFE - ok
19:03:11.0206 4556 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
19:03:11.0237 4556 BITS - ok
19:03:11.0268 4556 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:03:11.0268 4556 blbdrive - ok
19:03:11.0299 4556 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:03:11.0299 4556 bowser - ok
19:03:11.0331 4556 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:03:11.0331 4556 BrFiltLo - ok
19:03:11.0346 4556 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:03:11.0346 4556 BrFiltUp - ok
19:03:11.0362 4556 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:03:11.0362 4556 BridgeMP - ok
19:03:11.0393 4556 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
19:03:11.0393 4556 Browser - ok
19:03:11.0409 4556 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:03:11.0424 4556 Brserid - ok
19:03:11.0424 4556 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:03:11.0424 4556 BrSerWdm - ok
19:03:11.0440 4556 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:03:11.0440 4556 BrUsbMdm - ok
19:03:11.0455 4556 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:03:11.0455 4556 BrUsbSer - ok
19:03:11.0471 4556 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:03:11.0471 4556 BTHMODEM - ok
19:03:11.0502 4556 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:03:11.0518 4556 bthserv - ok
19:03:11.0627 4556 catchme - ok
19:03:11.0674 4556 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:03:11.0674 4556 cdfs - ok
19:03:11.0736 4556 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:03:11.0736 4556 cdrom - ok
19:03:11.0783 4556 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
19:03:11.0783 4556 CertPropSvc - ok
19:03:11.0830 4556 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:03:11.0830 4556 circlass - ok
19:03:11.0877 4556 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:03:11.0892 4556 CLFS - ok
19:03:11.0970 4556 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:03:11.0970 4556 clr_optimization_v2.0.50727_32 - ok
19:03:12.0064 4556 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:03:13.0203 4556 clr_optimization_v4.0.30319_32 - ok
19:03:13.0265 4556 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:03:13.0265 4556 CmBatt - ok
19:03:13.0296 4556 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:03:13.0296 4556 cmdide - ok
19:03:13.0343 4556 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
19:03:13.0343 4556 CNG - ok
19:03:13.0374 4556 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:03:13.0374 4556 Compbatt - ok
19:03:13.0405 4556 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:03:13.0405 4556 CompositeBus - ok
19:03:13.0421 4556 COMSysApp - ok
19:03:13.0437 4556 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:03:13.0437 4556 crcdisk - ok
19:03:13.0483 4556 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:03:13.0483 4556 CryptSvc - ok
19:03:13.0515 4556 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
19:03:13.0530 4556 CSC - ok
19:03:13.0561 4556 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
19:03:13.0561 4556 CscService - ok
19:03:13.0593 4556 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
19:03:13.0608 4556 DcomLaunch - ok
19:03:13.0655 4556 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:03:13.0686 4556 defragsvc - ok
19:03:13.0733 4556 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:03:13.0733 4556 DfsC - ok
19:03:13.0764 4556 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:03:13.0780 4556 Dhcp - ok
19:03:13.0827 4556 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:03:13.0827 4556 discache - ok
19:03:13.0842 4556 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:03:13.0858 4556 Disk - ok
19:03:13.0905 4556 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:03:13.0920 4556 Dnscache - ok
19:03:13.0936 4556 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
19:03:13.0967 4556 dot3svc - ok
19:03:14.0014 4556 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
19:03:14.0014 4556 DPS - ok
19:03:14.0045 4556 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:03:14.0045 4556 drmkaud - ok
19:03:14.0107 4556 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:03:14.0217 4556 DXGKrnl - ok
19:03:14.0263 4556 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:03:14.0263 4556 EapHost - ok
19:03:14.0404 4556 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:03:14.0529 4556 ebdrv - ok
19:03:14.0560 4556 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
19:03:14.0575 4556 EFS - ok
19:03:14.0638 4556 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:03:14.0653 4556 ehRecvr - ok
19:03:14.0685 4556 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
19:03:14.0685 4556 ehSched - ok
19:03:14.0747 4556 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:03:14.0778 4556 elxstor - ok
19:03:14.0809 4556 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:03:14.0809 4556 ErrDev - ok
19:03:14.0872 4556 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:03:14.0872 4556 EventSystem - ok
19:03:14.0887 4556 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:03:14.0887 4556 exfat - ok
19:03:14.0919 4556 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:03:14.0919 4556 fastfat - ok
19:03:14.0950 4556 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
19:03:14.0965 4556 Fax - ok
19:03:14.0981 4556 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:03:14.0981 4556 fdc - ok
19:03:14.0997 4556 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:03:15.0012 4556 fdPHost - ok
19:03:15.0043 4556 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:03:15.0059 4556 FDResPub - ok
19:03:15.0090 4556 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:03:15.0106 4556 FileInfo - ok
19:03:15.0121 4556 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:03:15.0121 4556 Filetrace - ok
19:03:15.0137 4556 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:03:15.0153 4556 flpydisk - ok
19:03:15.0168 4556 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:03:15.0168 4556 FltMgr - ok
19:03:15.0215 4556 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
19:03:15.0231 4556 FontCache - ok
19:03:15.0309 4556 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:03:15.0309 4556 FontCache3.0.0.0 - ok
19:03:15.0340 4556 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:03:15.0355 4556 FsDepends - ok
19:03:15.0387 4556 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:03:15.0387 4556 Fs_Rec - ok
19:03:15.0465 4556 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:03:15.0465 4556 fvevol - ok
19:03:15.0511 4556 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:03:15.0527 4556 gagp30kx - ok
19:03:15.0574 4556 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
19:03:15.0574 4556 gpsvc - ok
19:03:15.0605 4556 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:03:15.0605 4556 hcw85cir - ok
19:03:15.0652 4556 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:03:15.0667 4556 HdAudAddService - ok
19:03:15.0699 4556 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:03:15.0699 4556 HDAudBus - ok
19:03:15.0714 4556 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:03:15.0714 4556 HidBatt - ok
19:03:15.0730 4556 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:03:15.0730 4556 HidBth - ok
19:03:15.0761 4556 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:03:15.0761 4556 HidIr - ok
19:03:15.0792 4556 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
19:03:15.0808 4556 hidserv - ok
19:03:15.0855 4556 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:03:15.0855 4556 HidUsb - ok
19:03:15.0901 4556 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:03:15.0901 4556 hkmsvc - ok
19:03:15.0964 4556 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:03:15.0979 4556 HomeGroupListener - ok
19:03:16.0026 4556 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:03:16.0026 4556 HomeGroupProvider - ok
19:03:16.0073 4556 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:03:16.0089 4556 HpSAMD - ok
19:03:16.0151 4556 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:03:16.0182 4556 HTTP - ok
19:03:16.0229 4556 [ 19E6885A061011D8DABE8F64498423FA ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:03:16.0245 4556 hwdatacard - ok
19:03:16.0276 4556 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:03:16.0276 4556 hwpolicy - ok
19:03:16.0338 4556 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:03:16.0338 4556 i8042prt - ok
19:03:16.0385 4556 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:03:16.0385 4556 iaStorV - ok
19:03:16.0479 4556 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:03:16.0479 4556 idsvc - ok
19:03:16.0525 4556 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:03:16.0525 4556 iirsp - ok
19:03:16.0572 4556 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
19:03:16.0588 4556 IKEEXT - ok
19:03:16.0744 4556 [ DA7DCB6565E68E3F95F043C4B01B8960 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:03:16.0947 4556 IntcAzAudAddService - ok
19:03:16.0993 4556 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
19:03:16.0993 4556 intelide - ok
19:03:17.0025 4556 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:03:17.0040 4556 intelppm - ok
19:03:17.0071 4556 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:03:17.0087 4556 IPBusEnum - ok
19:03:17.0118 4556 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:03:17.0118 4556 IpFilterDriver - ok
19:03:17.0165 4556 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:03:17.0165 4556 iphlpsvc - ok
19:03:17.0196 4556 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:03:17.0196 4556 IPMIDRV - ok
19:03:17.0227 4556 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:03:17.0227 4556 IPNAT - ok
19:03:17.0259 4556 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:03:17.0259 4556 IRENUM - ok
19:03:17.0274 4556 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:03:17.0274 4556 isapnp - ok
19:03:17.0290 4556 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:03:17.0305 4556 iScsiPrt - ok
19:03:17.0337 4556 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:03:17.0337 4556 kbdclass - ok
19:03:17.0383 4556 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:03:17.0383 4556 kbdhid - ok
19:03:17.0399 4556 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
19:03:17.0399 4556 KeyIso - ok
19:03:17.0430 4556 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:03:17.0430 4556 KSecDD - ok
19:03:17.0446 4556 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:03:17.0446 4556 KSecPkg - ok
19:03:17.0493 4556 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:03:17.0539 4556 KtmRm - ok
19:03:17.0586 4556 [ F7CDABA15C7E853F0A11AF6D77FCA990 ] L1E C:\Windows\system32\DRIVERS\L1E62x86.sys
19:03:17.0586 4556 L1E - ok
19:03:17.0633 4556 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
19:03:17.0649 4556 LanmanServer - ok
19:03:17.0680 4556 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:03:17.0695 4556 LanmanWorkstation - ok
19:03:17.0758 4556 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:03:17.0758 4556 lltdio - ok
19:03:17.0789 4556 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:03:17.0851 4556 lltdsvc - ok
19:03:17.0883 4556 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:03:17.0883 4556 lmhosts - ok
19:03:17.0929 4556 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:03:17.0929 4556 LSI_FC - ok
19:03:17.0961 4556 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:03:17.0961 4556 LSI_SAS - ok
19:03:17.0961 4556 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:03:17.0976 4556 LSI_SAS2 - ok
19:03:17.0976 4556 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:03:17.0976 4556 LSI_SCSI - ok
19:03:18.0007 4556 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:03:18.0007 4556 luafv - ok
19:03:18.0023 4556 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:03:18.0054 4556 Mcx2Svc - ok
19:03:18.0070 4556 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:03:18.0070 4556 megasas - ok
19:03:18.0085 4556 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:03:18.0101 4556 MegaSR - ok
19:03:18.0179 4556 Microsoft SharePoint Workspace Audit Service - ok
19:03:18.0226 4556 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:03:18.0241 4556 MMCSS - ok
19:03:18.0273 4556 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:03:18.0273 4556 Modem - ok
19:03:18.0304 4556 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:03:18.0304 4556 monitor - ok
19:03:18.0335 4556 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:03:18.0351 4556 mouclass - ok
19:03:18.0382 4556 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:03:18.0382 4556 mouhid - ok
19:03:18.0413 4556 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:03:18.0413 4556 mountmgr - ok
19:03:18.0444 4556 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
19:03:18.0444 4556 mpio - ok
19:03:18.0460 4556 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:03:18.0460 4556 mpsdrv - ok
19:03:18.0522 4556 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:03:18.0538 4556 MpsSvc - ok
19:03:18.0569 4556 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:03:18.0569 4556 MRxDAV - ok
19:03:18.0616 4556 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:03:18.0616 4556 mrxsmb - ok
19:03:18.0647 4556 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:03:18.0647 4556 mrxsmb10 - ok
19:03:18.0663 4556 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:03:18.0663 4556 mrxsmb20 - ok
19:03:18.0694 4556 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
19:03:18.0709 4556 msahci - ok
19:03:18.0741 4556 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:03:18.0741 4556 msdsm - ok
19:03:18.0756 4556 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:03:18.0772 4556 MSDTC - ok
19:03:18.0819 4556 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:03:18.0819 4556 Msfs - ok
19:03:18.0850 4556 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:03:18.0850 4556 mshidkmdf - ok
19:03:18.0897 4556 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:03:18.0897 4556 msisadrv - ok
19:03:18.0943 4556 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:03:18.0975 4556 MSiSCSI - ok
19:03:18.0990 4556 msiserver - ok
19:03:19.0037 4556 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:03:19.0053 4556 MSKSSRV - ok
19:03:19.0068 4556 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:03:19.0068 4556 MSPCLOCK - ok
19:03:19.0084 4556 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:03:19.0084 4556 MSPQM - ok
19:03:19.0099 4556 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:03:19.0099 4556 MsRPC - ok
19:03:19.0131 4556 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:03:19.0131 4556 mssmbios - ok
19:03:19.0146 4556 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:03:19.0146 4556 MSTEE - ok
19:03:19.0162 4556 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:03:19.0177 4556 MTConfig - ok
19:03:19.0177 4556 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:03:19.0177 4556 Mup - ok
19:03:19.0224 4556 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
19:03:19.0255 4556 napagent - ok
19:03:19.0302 4556 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:03:19.0318 4556 NativeWifiP - ok
19:03:19.0380 4556 [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
19:03:19.0380 4556 NAUpdate - ok
19:03:19.0443 4556 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:03:19.0458 4556 NDIS - ok
19:03:19.0489 4556 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:03:19.0489 4556 NdisCap - ok
19:03:19.0521 4556 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:03:19.0521 4556 NdisTapi - ok
19:03:19.0567 4556 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:03:19.0567 4556 Ndisuio - ok
19:03:19.0599 4556 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:03:19.0614 4556 NdisWan - ok
19:03:19.0645 4556 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:03:19.0645 4556 NDProxy - ok
19:03:19.0692 4556 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:03:19.0692 4556 NetBIOS - ok
19:03:19.0723 4556 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:03:19.0739 4556 NetBT - ok
19:03:19.0755 4556 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
19:03:19.0755 4556 Netlogon - ok
19:03:19.0801 4556 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:03:19.0801 4556 Netman - ok
19:03:19.0817 4556 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:03:19.0833 4556 netprofm - ok
19:03:19.0864 4556 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:03:19.0864 4556 NetTcpPortSharing - ok
19:03:19.0895 4556 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:03:19.0895 4556 nfrd960 - ok
19:03:19.0926 4556 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:03:19.0957 4556 NlaSvc - ok
19:03:19.0973 4556 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:03:19.0973 4556 Npfs - ok
19:03:20.0035 4556 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:03:20.0035 4556 nsi - ok
19:03:20.0067 4556 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:03:20.0067 4556 nsiproxy - ok
19:03:20.0129 4556 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:03:20.0145 4556 Ntfs - ok
19:03:20.0191 4556 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:03:20.0191 4556 Null - ok
19:03:20.0238 4556 [ 7F5D69A031BE0E7BDFB8126E1A212417 ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
19:03:20.0269 4556 nuvotoncir - ok
19:03:20.0301 4556 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:03:20.0316 4556 nvraid - ok
19:03:20.0347 4556 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:03:20.0347 4556 nvstor - ok
19:03:20.0379 4556 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:03:20.0379 4556 nv_agp - ok
19:03:20.0425 4556 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:03:20.0425 4556 ohci1394 - ok
19:03:20.0472 4556 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:03:20.0488 4556 ose - ok
19:03:20.0722 4556 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:03:20.0753 4556 osppsvc - ok
19:03:20.0800 4556 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:03:20.0815 4556 p2pimsvc - ok
19:03:20.0831 4556 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:03:20.0862 4556 p2psvc - ok
19:03:20.0956 4556 [ 78B7642B0C51F24F0835C0226540D58B ] Panda Software Controller C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe
19:03:20.0956 4556 Panda Software Controller - ok
19:03:21.0003 4556 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:03:21.0003 4556 Parport - ok
19:03:21.0034 4556 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:03:21.0034 4556 partmgr - ok
19:03:21.0049 4556 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:03:21.0065 4556 Parvdm - ok
19:03:21.0112 4556 [ 55D654258A9C509B671310C314BD30B4 ] pavboot C:\Windows\system32\drivers\pavboot.sys
19:03:21.0112 4556 pavboot - ok
19:03:21.0127 4556 [ AE848C1613C8738BB83ADAB4F0845E84 ] PAVFNSVR C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe
19:03:21.0159 4556 PAVFNSVR - ok
19:03:21.0190 4556 [ A110035FDC4B8F8F0CD5E71D031274E1 ] PavProc C:\Windows\system32\DRIVERS\PavProc.sys
19:03:21.0205 4556 PavProc - ok
19:03:21.0237 4556 [ 2AE3F6B23448443BBEF5DE207159213B ] PavPrSrv C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
19:03:21.0237 4556 PavPrSrv - ok
19:03:21.0252 4556 PavSRK.sys - ok
19:03:21.0283 4556 [ 97005413310966001FB6F4A5C503149C ] PAVSRV C:\Program Files\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe
19:03:21.0673 4556 PAVSRV - ok
19:03:21.0751 4556 PavTPK.sys - ok
19:03:21.0798 4556 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:03:21.0814 4556 PcaSvc - ok
19:03:21.0845 4556 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
19:03:21.0845 4556 pci - ok
19:03:21.0876 4556 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
19:03:21.0876 4556 pciide - ok
19:03:21.0907 4556 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:03:21.0907 4556 pcmcia - ok
19:03:21.0923 4556 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:03:21.0923 4556 pcw - ok
19:03:21.0954 4556 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:03:22.0048 4556 PEAUTH - ok
19:03:22.0126 4556 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:03:22.0173 4556 PeerDistSvc - ok
19:03:22.0282 4556 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
19:03:22.0391 4556 pla - ok
19:03:22.0438 4556 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:03:22.0453 4556 PlugPlay - ok
19:03:22.0485 4556 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:03:22.0500 4556 PNRPAutoReg - ok
19:03:22.0531 4556 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:03:22.0547 4556 PNRPsvc - ok
19:03:22.0594 4556 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:03:22.0609 4556 PolicyAgent - ok
19:03:22.0656 4556 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
19:03:22.0672 4556 Power - ok
19:03:22.0703 4556 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:03:22.0719 4556 PptpMiniport - ok
19:03:22.0734 4556 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:03:22.0734 4556 Processor - ok
19:03:22.0781 4556 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
19:03:22.0781 4556 ProfSvc - ok
19:03:22.0812 4556 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:03:22.0812 4556 ProtectedStorage - ok
19:03:22.0828 4556 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:03:22.0828 4556 Psched - ok
19:03:22.0875 4556 [ 196C450F2779D0B462C444DA4906EA7F ] PSIMSVC C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe
19:03:23.0265 4556 PSIMSVC - ok
19:03:23.0343 4556 [ 341457B79B3FC31A80C346C767045879 ] PskSvcRetail C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe
19:03:23.0389 4556 PskSvcRetail - ok
19:03:23.0483 4556 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:03:23.0499 4556 ql2300 - ok
19:03:23.0530 4556 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:03:23.0530 4556 ql40xx - ok
19:03:23.0561 4556 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:03:23.0639 4556 QWAVE - ok
19:03:23.0655 4556 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:03:23.0655 4556 QWAVEdrv - ok
19:03:23.0686 4556 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:03:23.0686 4556 RasAcd - ok
19:03:23.0717 4556 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:03:23.0733 4556 RasAgileVpn - ok
19:03:23.0748 4556 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:03:23.0764 4556 RasAuto - ok
19:03:23.0795 4556 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:03:23.0811 4556 Rasl2tp - ok
19:03:23.0873 4556 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
19:03:23.0873 4556 RasMan - ok
19:03:23.0904 4556 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:03:23.0935 4556 RasPppoe - ok
19:03:23.0967 4556 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:03:23.0982 4556 RasSstp - ok
19:03:24.0013 4556 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:03:24.0029 4556 rdbss - ok
19:03:24.0045 4556 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:03:24.0060 4556 rdpbus - ok
19:03:24.0076 4556 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:03:24.0076 4556 RDPCDD - ok
19:03:24.0123 4556 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:03:24.0123 4556 RDPDR - ok
19:03:24.0169 4556 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:03:24.0169 4556 RDPENCDD - ok
19:03:24.0201 4556 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:03:24.0201 4556 RDPREFMP - ok
19:03:24.0232 4556 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:03:24.0232 4556 RDPWD - ok
19:03:24.0263 4556 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:03:24.0263 4556 rdyboost - ok
19:03:24.0294 4556 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:03:24.0310 4556 RemoteAccess - ok
19:03:24.0341 4556 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:03:24.0403 4556 RemoteRegistry - ok
19:03:24.0497 4556 [ 06A49B7BDC36CFBF97DD90804F833369 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
19:03:24.0544 4556 RichVideo - ok
19:03:24.0591 4556 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:03:24.0591 4556 RpcEptMapper - ok
19:03:24.0622 4556 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:03:24.0622 4556 RpcLocator - ok
19:03:24.0669 4556 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll

[delia12]

19:03:24.0669 4556 RpcSs - ok
19:03:24.0715 4556 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:03:24.0715 4556 rspndr - ok
19:03:24.0762 4556 [ 31D45ECA63884FF5F7AECC50F7D1BAE0 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
19:03:24.0762 4556 RSUSBSTOR - ok
19:03:24.0793 4556 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:03:24.0793 4556 s3cap - ok
19:03:24.0825 4556 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
19:03:24.0825 4556 SamSs - ok
19:03:24.0856 4556 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:03:24.0856 4556 sbp2port - ok
19:03:24.0903 4556 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:03:24.0934 4556 SCardSvr - ok
19:03:24.0965 4556 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:03:24.0965 4556 scfilter - ok
19:03:24.0996 4556 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
19:03:25.0012 4556 Schedule - ok
19:03:25.0043 4556 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:03:25.0043 4556 SCPolicySvc - ok
19:03:25.0074 4556 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:03:25.0074 4556 SDRSVC - ok
19:03:25.0121 4556 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:03:25.0121 4556 secdrv - ok
19:03:25.0168 4556 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:03:25.0183 4556 seclogon - ok
19:03:25.0215 4556 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
19:03:25.0230 4556 SENS - ok
19:03:25.0261 4556 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:03:25.0308 4556 SensrSvc - ok
19:03:25.0339 4556 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:03:25.0339 4556 Serenum - ok
19:03:25.0371 4556 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:03:25.0371 4556 Serial - ok
19:03:25.0386 4556 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:03:25.0386 4556 sermouse - ok
19:03:25.0449 4556 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
19:03:25.0449 4556 SessionEnv - ok
19:03:25.0495 4556 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:03:25.0495 4556 sffdisk - ok
19:03:25.0511 4556 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:03:25.0511 4556 sffp_mmc - ok
19:03:25.0527 4556 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:03:25.0527 4556 sffp_sd - ok
19:03:25.0558 4556 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:03:25.0558 4556 sfloppy - ok
19:03:25.0605 4556 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:03:25.0698 4556 SharedAccess - ok
19:03:25.0745 4556 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:03:25.0745 4556 ShellHWDetection - ok
19:03:25.0776 4556 [ 32D6F7632234F0354C79E915CA4613D4 ] ShldDrv C:\Windows\system32\DRIVERS\ShlDrv51.sys
19:03:25.0792 4556 ShldDrv - ok
19:03:25.0839 4556 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:03:25.0839 4556 sisagp - ok
19:03:25.0885 4556 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:03:25.0885 4556 SiSRaid2 - ok
19:03:25.0901 4556 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:03:25.0901 4556 SiSRaid4 - ok
19:03:25.0948 4556 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:03:25.0948 4556 Smb - ok
19:03:26.0010 4556 [ FFD9B64DB2CD7B74B766C3A8452A5816 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
19:03:26.0026 4556 snapman - ok
19:03:26.0057 4556 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:03:26.0057 4556 SNMPTRAP - ok
19:03:26.0088 4556 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:03:26.0088 4556 spldr - ok
19:03:26.0135 4556 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
19:03:26.0151 4556 Spooler - ok
19:03:26.0275 4556 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
19:03:26.0307 4556 sppsvc - ok
19:03:26.0338 4556 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:03:26.0353 4556 sppuinotify - ok
19:03:26.0400 4556 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:03:26.0463 4556 srv - ok
19:03:26.0494 4556 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:03:26.0556 4556 srv2 - ok
19:03:26.0587 4556 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:03:26.0587 4556 srvnet - ok
19:03:26.0634 4556 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:03:26.0634 4556 SSDPSRV - ok
19:03:26.0650 4556 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:03:26.0665 4556 SstpSvc - ok
19:03:26.0697 4556 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:03:26.0697 4556 stexstor - ok
19:03:26.0728 4556 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
19:03:26.0759 4556 StiSvc - ok
19:03:26.0790 4556 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:03:26.0790 4556 storflt - ok
19:03:26.0837 4556 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
19:03:26.0853 4556 StorSvc - ok
19:03:26.0884 4556 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:03:26.0884 4556 storvsc - ok
19:03:26.0931 4556 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
19:03:26.0946 4556 swenum - ok
19:03:26.0993 4556 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:03:27.0009 4556 swprv - ok
19:03:27.0071 4556 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
19:03:27.0071 4556 SysMain - ok
19:03:27.0118 4556 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:03:27.0165 4556 TabletInputService - ok
19:03:27.0196 4556 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
19:03:27.0211 4556 TapiSrv - ok
19:03:27.0243 4556 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:03:27.0243 4556 TBS - ok
19:03:27.0305 4556 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:03:27.0336 4556 Tcpip - ok
19:03:27.0383 4556 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:03:27.0399 4556 TCPIP6 - ok
19:03:27.0414 4556 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:03:27.0430 4556 tcpipreg - ok
19:03:27.0477 4556 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:03:27.0477 4556 TDPIPE - ok
19:03:27.0586 4556 [ DC1BA6E904491A46124CB90C401E8A31 ] tdrpman255 C:\Windows\system32\DRIVERS\tdrpm255.sys
19:03:27.0601 4556 tdrpman255 - ok
19:03:27.0617 4556 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:03:27.0617 4556 TDTCP - ok
19:03:27.0648 4556 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:03:27.0664 4556 tdx - ok
19:03:27.0679 4556 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:03:27.0695 4556 TermDD - ok
19:03:27.0726 4556 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
19:03:27.0742 4556 TermService - ok
19:03:27.0773 4556 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:03:27.0773 4556 Themes - ok
19:03:27.0789 4556 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:03:27.0804 4556 THREADORDER - ok
19:03:27.0851 4556 [ C820BFC70FEB25EC877C49E81CD477C1 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
19:03:27.0851 4556 timounter - ok
19:03:27.0882 4556 [ EACBB8E02114329DDDECE593AEDC61FE ] TPSrv C:\Program Files\Panda Security\Panda Antivirus Pro 2012\TPSrv.exe
19:03:27.0882 4556 TPSrv - ok
19:03:27.0960 4556 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:03:27.0960 4556 TrkWks - ok
19:03:28.0038 4556 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:03:28.0038 4556 TrustedInstaller - ok
19:03:28.0101 4556 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:03:28.0101 4556 tssecsrv - ok
19:03:28.0132 4556 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:03:28.0132 4556 TsUsbFlt - ok
19:03:28.0179 4556 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:03:28.0179 4556 tunnel - ok
19:03:28.0225 4556 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:03:28.0225 4556 uagp35 - ok
19:03:28.0241 4556 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:03:28.0241 4556 udfs - ok
19:03:28.0288 4556 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:03:28.0288 4556 UI0Detect - ok
19:03:28.0319 4556 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:03:28.0335 4556 uliagpkx - ok
19:03:28.0366 4556 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
19:03:28.0381 4556 umbus - ok
19:03:28.0444 4556 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:03:28.0444 4556 UmPass - ok
19:03:28.0506 4556 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
19:03:28.0506 4556 UmRdpService - ok
19:03:28.0569 4556 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:03:28.0569 4556 upnphost - ok
19:03:28.0615 4556 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:03:28.0631 4556 usbccgp - ok
19:03:28.0678 4556 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:03:28.0678 4556 usbcir - ok
19:03:28.0709 4556 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:03:28.0709 4556 usbehci - ok
19:03:28.0756 4556 [ 19999CA8E83F16D271AFC467B84718D7 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
19:03:28.0756 4556 usbfilter - ok
19:03:28.0818 4556 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:03:28.0865 4556 usbhub - ok
19:03:28.0912 4556 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:03:28.0927 4556 usbohci - ok
19:03:28.0943 4556 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:03:28.0959 4556 usbprint - ok
19:03:28.0974 4556 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
19:03:28.0974 4556 USBSTOR - ok
19:03:28.0990 4556 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:03:29.0005 4556 usbuhci - ok
19:03:29.0037 4556 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:03:29.0068 4556 usbvideo - ok
19:03:29.0099 4556 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:03:29.0115 4556 UxSms - ok
19:03:29.0130 4556 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
19:03:29.0146 4556 VaultSvc - ok
19:03:29.0161 4556 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:03:29.0177 4556 vdrvroot - ok
19:03:29.0208 4556 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
19:03:29.0208 4556 vds - ok
19:03:29.0239 4556 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:03:29.0239 4556 vga - ok
19:03:29.0271 4556 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:03:29.0271 4556 VgaSave - ok
19:03:29.0302 4556 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:03:29.0302 4556 vhdmp - ok
19:03:29.0333 4556 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:03:29.0333 4556 viaagp - ok
19:03:29.0349 4556 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:03:29.0349 4556 ViaC7 - ok
19:03:29.0364 4556 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
19:03:29.0364 4556 viaide - ok
19:03:29.0395 4556 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:03:29.0411 4556 vmbus - ok
19:03:29.0427 4556 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:03:29.0427 4556 VMBusHID - ok
19:03:29.0458 4556 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:03:29.0458 4556 volmgr - ok
19:03:29.0489 4556 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:03:29.0489 4556 volmgrx - ok
19:03:29.0520 4556 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:03:29.0520 4556 volsnap - ok
19:03:29.0551 4556 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:03:29.0551 4556 vsmraid - ok
19:03:29.0629 4556 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
19:03:29.0645 4556 VSS - ok
19:03:29.0676 4556 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:03:29.0676 4556 vwifibus - ok
19:03:29.0707 4556 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:03:29.0723 4556 vwififlt - ok
19:03:29.0754 4556 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:03:29.0754 4556 W32Time - ok
19:03:29.0785 4556 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:03:29.0785 4556 WacomPen - ok
19:03:29.0832 4556 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:03:29.0848 4556 WANARP - ok
19:03:29.0879 4556 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:03:29.0879 4556 Wanarpv6 - ok
19:03:29.0973 4556 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:03:29.0988 4556 WatAdminSvc - ok
19:03:30.0082 4556 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
19:03:30.0129 4556 wbengine - ok
19:03:30.0160 4556 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:03:30.0222 4556 WbioSrvc - ok
19:03:30.0253 4556 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:03:30.0269 4556 wcncsvc - ok
19:03:30.0269 4556 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:03:30.0285 4556 WcsPlugInService - ok
19:03:30.0316 4556 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:03:30.0316 4556 Wd - ok
19:03:30.0347 4556 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:03:30.0347 4556 Wdf01000 - ok
19:03:30.0363 4556 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:03:30.0378 4556 WdiServiceHost - ok
19:03:30.0394 4556 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:03:30.0394 4556 WdiSystemHost - ok
19:03:30.0441 4556 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
19:03:30.0519 4556 WebClient - ok
19:03:30.0550 4556 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:03:30.0581 4556 Wecsvc - ok
19:03:30.0597 4556 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:03:30.0597 4556 wercplsupport - ok
19:03:30.0612 4556 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:03:30.0612 4556 WerSvc - ok
19:03:30.0643 4556 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:03:30.0659 4556 WfpLwf - ok
19:03:30.0690 4556 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:03:30.0690 4556 WIMMount - ok
19:03:30.0721 4556 [ 3FA87D56769838AAC82FAFC3E78FC732 ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
19:03:30.0721 4556 winbondcir - ok
19:03:30.0784 4556 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:03:30.0799 4556 WinDefend - ok
19:03:30.0815 4556 WinHttpAutoProxySvc - ok
19:03:30.0877 4556 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:03:30.0877 4556 Winmgmt - ok
19:03:30.0924 4556 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
19:03:30.0940 4556 WinRM - ok
19:03:31.0018 4556 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
19:03:31.0018 4556 WinUsb - ok
19:03:31.0080 4556 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:03:31.0111 4556 Wlansvc - ok
19:03:31.0158 4556 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:03:31.0158 4556 WmiAcpi - ok
19:03:31.0221 4556 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:03:31.0221 4556 wmiApSrv - ok
19:03:31.0330 4556 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:03:31.0361 4556 WMPNetworkSvc - ok
19:03:31.0408 4556 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:03:31.0423 4556 WPCSvc - ok
19:03:31.0455 4556 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:03:31.0486 4556 WPDBusEnum - ok
19:03:31.0517 4556 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:03:31.0533 4556 ws2ifsl - ok
19:03:31.0579 4556 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
19:03:31.0579 4556 wscsvc - ok
19:03:31.0595 4556 WSearch - ok
19:03:31.0720 4556 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:03:31.0767 4556 wuauserv - ok
19:03:31.0798 4556 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:03:31.0813 4556 WudfPf - ok
19:03:31.0876 4556 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:03:31.0876 4556 WUDFRd - ok
19:03:31.0907 4556 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:03:31.0923 4556 wudfsvc - ok
19:03:31.0954 4556 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:03:32.0047 4556 WwanSvc - ok
19:03:32.0141 4556 [ 5867CE254625645345C833510D24F124 ] {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} C:\Program Files\CyberLink\PowerDVD8\000.fcl
19:03:32.0141 4556 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
19:03:32.0157 4556 ================ Scan global ===============================
19:03:32.0203 4556 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:03:32.0250 4556 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
19:03:32.0281 4556 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
19:03:32.0328 4556 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:03:32.0359 4556 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:03:32.0359 4556 [Global] - ok
19:03:32.0359 4556 ================ Scan MBR ==================================
19:03:32.0375 4556 [ D1AD4C53EADD115593E05FA56D6B9DEA ] \Device\Harddisk0\DR0
19:03:32.0640 4556 \Device\Harddisk0\DR0 - ok
19:03:32.0656 4556 [ 025E00E0DDE2C3A3DD29CF783ED477BE ] \Device\Harddisk1\DR1
19:03:33.0264 4556 \Device\Harddisk1\DR1 - ok
19:03:33.0264 4556 ================ Scan VBR ==================================
19:03:33.0280 4556 [ DB3AC392284F8BD034E0AF8CF645973A ] \Device\Harddisk0\DR0\Partition1
19:03:33.0280 4556 \Device\Harddisk0\DR0\Partition1 - ok
19:03:33.0327 4556 [ 16AA993984CB217E1CD5E67E8610D659 ] \Device\Harddisk0\DR0\Partition2
19:03:33.0342 4556 \Device\Harddisk0\DR0\Partition2 - ok
19:03:33.0373 4556 [ 9DA7CC4C0263DB1245DA2B8D5A80F690 ] \Device\Harddisk0\DR0\Partition3
19:03:33.0373 4556 \Device\Harddisk0\DR0\Partition3 - ok
19:03:33.0389 4556 [ C83D096B46FA26A032FF7F63E079A8AC ] \Device\Harddisk1\DR1\Partition1
19:03:33.0389 4556 \Device\Harddisk1\DR1\Partition1 - ok
19:03:33.0405 4556 ============================================================
19:03:33.0405 4556 Scan finished
19:03:33.0405 4556 ============================================================
19:03:33.0436 1588 Detected object count: 0
19:03:33.0436 1588 Actual detected object count: 0
19:04:01.0812 1332 ============================================================
19:04:01.0812 1332 Scan started
19:04:01.0812 1332 Mode: Manual;
19:04:01.0812 1332 ============================================================
19:04:02.0312 1332 ================ Scan system memory ========================
19:04:02.0312 1332 System memory - ok
19:04:02.0312 1332 ================ Scan services =============================
19:04:02.0483 1332 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:04:02.0499 1332 1394ohci - ok
19:04:02.0561 1332 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:04:02.0561 1332 ACPI - ok
19:04:02.0592 1332 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:04:02.0608 1332 AcpiPmi - ok
19:04:02.0717 1332 [ 2D01228703A7BB1EDBC965818AB32B76 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
19:04:02.0733 1332 AcrSch2Svc - ok
19:04:02.0811 1332 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:04:02.0826 1332 AdobeFlashPlayerUpdateSvc - ok
19:04:02.0873 1332 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:04:02.0889 1332 adp94xx - ok
19:04:02.0904 1332 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:04:02.0904 1332 adpahci - ok
19:04:02.0920 1332 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:04:02.0920 1332 adpu320 - ok
19:04:02.0951 1332 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:04:02.0951 1332 AeLookupSvc - ok
19:04:02.0982 1332 [ F1A693939BB6CD0067C318461FF252B5 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
19:04:02.0982 1332 afcdp - ok
19:04:03.0092 1332 [ 1D139AD435CE21F252DF0688C9FC8C3C ] afcdpsrv C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
19:04:03.0123 1332 afcdpsrv - ok
19:04:03.0170 1332 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
19:04:03.0185 1332 AFD - ok
19:04:03.0216 1332 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
19:04:03.0216 1332 AgereModemAudio - ok
19:04:03.0294 1332 [ 07758C2196A62F207F77556311E7459A ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
19:04:03.0326 1332 AgereSoftModem - ok
19:04:03.0357 1332 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
19:04:03.0357 1332 agp440 - ok
19:04:03.0388 1332 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:04:03.0388 1332 aic78xx - ok
19:04:03.0435 1332 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:04:03.0435 1332 ALG - ok
19:04:03.0466 1332 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
19:04:03.0466 1332 aliide - ok
19:04:03.0513 1332 [ 09EDD12A8768304C0B797862A218114D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:04:03.0528 1332 AMD External Events Utility - ok
19:04:03.0560 1332 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:04:03.0560 1332 amdagp - ok
19:04:03.0591 1332 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
19:04:03.0591 1332 amdide - ok
19:04:03.0638 1332 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:04:03.0638 1332 AmdK8 - ok
19:04:03.0653 1332 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:04:03.0653 1332 AmdPPM - ok
19:04:03.0684 1332 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:04:03.0700 1332 amdsata - ok
19:04:03.0716 1332 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:04:03.0716 1332 amdsbs - ok
19:04:03.0731 1332 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:04:03.0731 1332 amdxata - ok
19:04:03.0762 1332 [ 36B58A8BAFE100DE90C87A3C0E56A3F2 ] AmFSM C:\Windows\system32\DRIVERS\amm8660.sys
19:04:03.0762 1332 AmFSM - ok
19:04:03.0794 1332 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
19:04:03.0794 1332 AppID - ok
19:04:03.0840 1332 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:04:03.0840 1332 AppIDSvc - ok
19:04:03.0872 1332 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
19:04:03.0872 1332 Appinfo - ok
19:04:03.0918 1332 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
19:04:03.0934 1332 AppMgmt - ok
19:04:03.0981 1332 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:04:03.0981 1332 arc - ok
19:04:03.0996 1332 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:04:04.0012 1332 arcsas - ok
19:04:04.0028 1332 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:04:04.0028 1332 AsyncMac - ok
19:04:04.0074 1332 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
19:04:04.0074 1332 atapi - ok
19:04:04.0137 1332 [ B01751CC563AECAC09BBE36AAA21FBEF ] athr C:\Windows\system32\DRIVERS\athr.sys
19:04:04.0152 1332 athr - ok
19:04:04.0215 1332 [ BF10613B3E16C1B4D7DE59DB564314CD ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
19:04:04.0230 1332 AtiHdmiService - ok
19:04:04.0418 1332 [ 65E22AA757601FB497EF495B202FB1A9 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:04:04.0464 1332 atikmdag - ok
19:04:04.0511 1332 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:04:04.0511 1332 AtiPcie - ok
19:04:04.0574 1332 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:04:04.0589 1332 AudioEndpointBuilder - ok
19:04:04.0620 1332 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:04:04.0636 1332 Audiosrv - ok
19:04:04.0636 1332 AvFlt - ok
19:04:04.0683 1332 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:04:04.0683 1332 AxInstSV - ok
19:04:04.0745 1332 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:04:04.0745 1332 b06bdrv - ok
19:04:04.0761 1332 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:04:04.0761 1332 b57nd60x - ok
19:04:04.0792 1332 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:04:04.0792 1332 BDESVC - ok
19:04:04.0808 1332 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:04:04.0808 1332 Beep - ok
19:04:04.0854 1332 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
19:04:04.0870 1332 BFE - ok
19:04:04.0932 1332 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
19:04:04.0964 1332 BITS - ok
19:04:04.0995 1332 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:04:04.0995 1332 blbdrive - ok
19:04:05.0026 1332 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:04:05.0042 1332 bowser - ok
19:04:05.0057 1332 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:04:05.0057 1332 BrFiltLo - ok
19:04:05.0073 1332 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:04:05.0073 1332 BrFiltUp - ok
19:04:05.0104 1332 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:04:05.0104 1332 BridgeMP - ok
19:04:05.0135 1332 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
19:04:05.0135 1332 Browser - ok
19:04:05.0151 1332 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:04:05.0151 1332 Brserid - ok
19:04:05.0166 1332 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:04:05.0166 1332 BrSerWdm - ok
19:04:05.0182 1332 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:04:05.0182 1332 BrUsbMdm - ok
19:04:05.0182 1332 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:04:05.0182 1332 BrUsbSer - ok
19:04:05.0198 1332 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:04:05.0198 1332 BTHMODEM - ok
19:04:05.0229 1332 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:04:05.0229 1332 bthserv - ok
19:04:05.0322 1332 catchme - ok
19:04:05.0338 1332 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:04:05.0354 1332 cdfs - ok
19:04:05.0400 1332 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:04:05.0400 1332 cdrom - ok
19:04:05.0447 1332 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
19:04:05.0463 1332 CertPropSvc - ok
19:04:05.0494 1332 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:04:05.0494 1332 circlass - ok
19:04:05.0541 1332 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:04:05.0541 1332 CLFS - ok
19:04:05.0619 1332 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:04:05.0619 1332 clr_optimization_v2.0.50727_32 - ok
19:04:05.0697 1332 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:04:05.0697 1332 clr_optimization_v4.0.30319_32 - ok
19:04:05.0728 1332 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:04:05.0744 1332 CmBatt - ok
19:04:05.0775 1332 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:04:05.0775 1332 cmdide - ok
19:04:05.0806 1332 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
19:04:05.0806 1332 CNG - ok
19:04:05.0822 1332 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:04:05.0822 1332 Compbatt - ok
19:04:05.0868 1332 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:04:05.0868 1332 CompositeBus - ok
19:04:05.0868 1332 COMSysApp - ok
19:04:05.0884 1332 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:04:05.0884 1332 crcdisk - ok
19:04:05.0931 1332 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:04:05.0931 1332 CryptSvc - ok
19:04:05.0962 1332 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
19:04:05.0962 1332 CSC - ok
19:04:05.0978 1332 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
19:04:05.0993 1332 CscService - ok
19:04:06.0024 1332 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
19:04:06.0040 1332 DcomLaunch - ok
19:04:06.0102 1332 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:04:06.0102 1332 defragsvc - ok
19:04:06.0196 1332 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:04:06.0196 1332 DfsC - ok
19:04:06.0274 1332 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:04:06.0290 1332 Dhcp - ok
19:04:06.0336 1332 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:04:06.0336 1332 discache - ok
19:04:06.0352 1332 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:04:06.0352 1332 Disk - ok
19:04:06.0383 1332 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:04:06.0383 1332 Dnscache - ok
19:04:06.0399 1332 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
19:04:06.0414 1332 dot3svc - ok
19:04:06.0446 1332 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
19:04:06.0446 1332 DPS - ok
19:04:06.0492 1332 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:04:06.0492 1332 drmkaud - ok
19:04:06.0555 1332 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:04:06.0570 1332 DXGKrnl - ok
19:04:06.0617 1332 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:04:06.0633 1332 EapHost - ok
19:04:06.0758 1332 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:04:06.0789 1332 ebdrv - ok
19:04:06.0836 1332 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
19:04:06.0851 1332 EFS - ok
19:04:06.0929 1332 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:04:06.0945 1332 ehRecvr - ok
19:04:06.0992 1332 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
19:04:06.0992 1332 ehSched - ok
19:04:07.0054 1332 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:04:07.0070 1332 elxstor - ok
19:04:07.0101 1332 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:04:07.0101 1332 ErrDev - ok
19:04:07.0148 1332 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:04:07.0163 1332 EventSystem - ok
19:04:07.0194 1332 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:04:07.0194 1332 exfat - ok
19:04:07.0241 1332 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:04:07.0241 1332 fastfat - ok
19:04:07.0288 1332 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
19:04:07.0319 1332 Fax - ok
19:04:07.0350 1332 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:04:07.0350 1332 fdc - ok
19:04:07.0382 1332 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:04:07.0382 1332 fdPHost - ok
19:04:07.0397 1332 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:04:07.0397 1332 FDResPub - ok
19:04:07.0428 1332 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:04:07.0428 1332 FileInfo - ok
19:04:07.0428 1332 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:04:07.0428 1332 Filetrace - ok
19:04:07.0444 1332 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:04:07.0460 1332 flpydisk - ok
19:04:07.0460 1332 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:04:07.0460 1332 FltMgr - ok
19:04:07.0522 1332 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
19:04:07.0553 1332 FontCache - ok
19:04:07.0616 1332 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:04:07.0631 1332 FontCache3.0.0.0 - ok
19:04:07.0662 1332 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:04:07.0662 1332 FsDepends - ok
19:04:07.0709 1332 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:04:07.0709 1332 Fs_Rec - ok
19:04:07.0740 1332 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:04:07.0756 1332 fvevol - ok
19:04:07.0787 1332 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:04:07.0787 1332 gagp30kx - ok
19:04:07.0834 1332 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
19:04:07.0834 1332 gpsvc - ok
19:04:07.0865 1332 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:04:07.0865 1332 hcw85cir - ok
19:04:07.0912 1332 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:04:07.0928 1332 HdAudAddService - ok
19:04:07.0974 1332 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:04:07.0990 1332 HDAudBus - ok
19:04:08.0006 1332 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:04:08.0006 1332 HidBatt - ok
19:04:08.0021 1332 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:04:08.0021 1332 HidBth - ok
19:04:08.0037 1332 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:04:08.0052 1332 HidIr - ok
19:04:08.0068 1332 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
19:04:08.0068 1332 hidserv - ok
19:04:08.0115 1332 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:04:08.0115 1332 HidUsb - ok
19:04:08.0162 1332 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:04:08.0162 1332 hkmsvc - ok
19:04:08.0193 1332 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:04:08.0208 1332 HomeGroupListener - ok
19:04:08.0240 1332 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:04:08.0240 1332 HomeGroupProvider - ok
19:04:08.0255 1332 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:04:08.0255 1332 HpSAMD - ok
19:04:08.0302 1332 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:04:08.0333 1332 HTTP - ok
19:04:08.0380 1332 [ 19E6885A061011D8DABE8F64498423FA ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:04:08.0380 1332 hwdatacard - ok
19:04:08.0396 1332 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:04:08.0396 1332 hwpolicy - ok
19:04:08.0442 1332 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:04:08.0442 1332 i8042prt - ok
19:04:08.0474 1332 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:04:08.0489 1332 iaStorV - ok
19:04:08.0567 1332 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:04:08.0598 1332 idsvc - ok
19:04:08.0630 1332 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:04:08.0630 1332 iirsp - ok
19:04:08.0661 1332 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
19:04:08.0676 1332 IKEEXT - ok
19:04:08.0801 1332 [ DA7DCB6565E68E3F95F043C4B01B8960 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:04:08.0817 1332 IntcAzAudAddService - ok
19:04:08.0864 1332 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
19:04:08.0864 1332 intelide - ok
19:04:08.0895 1332 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:04:08.0895 1332 intelppm - ok
19:04:08.0926 1332 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:04:08.0942 1332 IPBusEnum - ok
19:04:08.0957 1332 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:04:08.0957 1332 IpFilterDriver - ok
19:04:08.0988 1332 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:04:09.0004 1332 iphlpsvc - ok
19:04:09.0020 1332 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:04:09.0020 1332 IPMIDRV - ok
19:04:09.0051 1332 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:04:09.0051 1332 IPNAT - ok
19:04:09.0066 1332 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:04:09.0066 1332 IRENUM - ok
19:04:09.0082 1332 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:04:09.0082 1332 isapnp - ok
19:04:09.0098 1332 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:04:09.0113 1332 iScsiPrt - ok
19:04:09.0129 1332 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:04:09.0129 1332 kbdclass - ok
19:04:09.0144 1332 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:04:09.0160 1332 kbdhid - ok
19:04:09.0176 1332 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
19:04:09.0176 1332 KeyIso - ok
19:04:09.0207 1332 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:04:09.0207 1332 KSecDD - ok

[delia12]

19:04:09.0222 1332 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:04:09.0222 1332 KSecPkg - ok
19:04:09.0254 1332 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:04:09.0269 1332 KtmRm - ok
19:04:09.0300 1332 [ F7CDABA15C7E853F0A11AF6D77FCA990 ] L1E C:\Windows\system32\DRIVERS\L1E62x86.sys
19:04:09.0300 1332 L1E - ok
19:04:09.0347 1332 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
19:04:09.0347 1332 LanmanServer - ok
19:04:09.0394 1332 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:04:09.0394 1332 LanmanWorkstation - ok
19:04:09.0441 1332 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:04:09.0441 1332 lltdio - ok
19:04:09.0472 1332 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:04:09.0488 1332 lltdsvc - ok
19:04:09.0503 1332 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:04:09.0503 1332 lmhosts - ok
19:04:09.0519 1332 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:04:09.0519 1332 LSI_FC - ok
19:04:09.0534 1332 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:04:09.0534 1332 LSI_SAS - ok
19:04:09.0550 1332 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:04:09.0550 1332 LSI_SAS2 - ok
19:04:09.0566 1332 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:04:09.0566 1332 LSI_SCSI - ok
19:04:09.0581 1332 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:04:09.0581 1332 luafv - ok
19:04:09.0612 1332 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:04:09.0612 1332 Mcx2Svc - ok
19:04:09.0612 1332 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:04:09.0612 1332 megasas - ok
19:04:09.0628 1332 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:04:09.0628 1332 MegaSR - ok
19:04:09.0706 1332 Microsoft SharePoint Workspace Audit Service - ok
19:04:09.0753 1332 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:04:09.0753 1332 MMCSS - ok
19:04:09.0784 1332 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:04:09.0784 1332 Modem - ok
19:04:09.0800 1332 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:04:09.0800 1332 monitor - ok
19:04:09.0831 1332 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:04:09.0831 1332 mouclass - ok
19:04:09.0862 1332 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:04:09.0862 1332 mouhid - ok
19:04:09.0893 1332 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:04:09.0893 1332 mountmgr - ok
19:04:09.0909 1332 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
19:04:09.0924 1332 mpio - ok
19:04:09.0940 1332 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:04:09.0940 1332 mpsdrv - ok
19:04:09.0987 1332 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:04:09.0987 1332 MpsSvc - ok
19:04:10.0034 1332 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:04:10.0034 1332 MRxDAV - ok
19:04:10.0080 1332 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:04:10.0080 1332 mrxsmb - ok
19:04:10.0112 1332 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:04:10.0112 1332 mrxsmb10 - ok
19:04:10.0127 1332 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:04:10.0127 1332 mrxsmb20 - ok
19:04:10.0158 1332 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
19:04:10.0158 1332 msahci - ok
19:04:10.0190 1332 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:04:10.0190 1332 msdsm - ok
19:04:10.0221 1332 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:04:10.0236 1332 MSDTC - ok
19:04:10.0283 1332 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:04:10.0283 1332 Msfs - ok
19:04:10.0314 1332 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:04:10.0314 1332 mshidkmdf - ok
19:04:10.0346 1332 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:04:10.0361 1332 msisadrv - ok
19:04:10.0408 1332 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:04:10.0408 1332 MSiSCSI - ok
19:04:10.0424 1332 msiserver - ok
19:04:10.0470 1332 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:04:10.0470 1332 MSKSSRV - ok
19:04:10.0470 1332 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:04:10.0470 1332 MSPCLOCK - ok
19:04:10.0486 1332 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:04:10.0486 1332 MSPQM - ok
19:04:10.0502 1332 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:04:10.0502 1332 MsRPC - ok
19:04:10.0533 1332 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:04:10.0533 1332 mssmbios - ok
19:04:10.0548 1332 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:04:10.0548 1332 MSTEE - ok
19:04:10.0564 1332 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:04:10.0564 1332 MTConfig - ok
19:04:10.0580 1332 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:04:10.0580 1332 Mup - ok
19:04:10.0626 1332 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
19:04:10.0626 1332 napagent - ok
19:04:10.0658 1332 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:04:10.0658 1332 NativeWifiP - ok
19:04:10.0751 1332 [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
19:04:10.0767 1332 NAUpdate - ok
19:04:10.0829 1332 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:04:10.0845 1332 NDIS - ok
19:04:10.0892 1332 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:04:10.0892 1332 NdisCap - ok
19:04:10.0923 1332 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:04:10.0923 1332 NdisTapi - ok
19:04:10.0970 1332 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:04:10.0970 1332 Ndisuio - ok
19:04:11.0016 1332 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:04:11.0016 1332 NdisWan - ok
19:04:11.0048 1332 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:04:11.0048 1332 NDProxy - ok
19:04:11.0094 1332 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:04:11.0094 1332 NetBIOS - ok
19:04:11.0157 1332 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:04:11.0157 1332 NetBT - ok
19:04:11.0172 1332 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
19:04:11.0188 1332 Netlogon - ok
19:04:11.0250 1332 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:04:11.0282 1332 Netman - ok
19:04:11.0344 1332 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:04:11.0375 1332 netprofm - ok
19:04:11.0406 1332 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:04:11.0406 1332 NetTcpPortSharing - ok
19:04:11.0438 1332 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:04:11.0438 1332 nfrd960 - ok
19:04:11.0484 1332 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:04:11.0500 1332 NlaSvc - ok
19:04:11.0516 1332 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:04:11.0516 1332 Npfs - ok
19:04:11.0562 1332 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:04:11.0562 1332 nsi - ok
19:04:11.0578 1332 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:04:11.0578 1332 nsiproxy - ok
19:04:11.0656 1332 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:04:11.0687 1332 Ntfs - ok
19:04:11.0734 1332 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:04:11.0734 1332 Null - ok
19:04:11.0765 1332 [ 7F5D69A031BE0E7BDFB8126E1A212417 ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
19:04:11.0765 1332 nuvotoncir - ok
19:04:11.0796 1332 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:04:11.0796 1332 nvraid - ok
19:04:11.0828 1332 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:04:11.0828 1332 nvstor - ok
19:04:11.0874 1332 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:04:11.0874 1332 nv_agp - ok
19:04:11.0906 1332 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:04:11.0906 1332 ohci1394 - ok
19:04:11.0952 1332 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:04:11.0968 1332 ose - ok
19:04:12.0186 1332 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:04:12.0233 1332 osppsvc - ok
19:04:12.0296 1332 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:04:12.0296 1332 p2pimsvc - ok
19:04:12.0327 1332 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:04:12.0327 1332 p2psvc - ok
19:04:12.0420 1332 [ 78B7642B0C51F24F0835C0226540D58B ] Panda Software Controller C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe
19:04:12.0436 1332 Panda Software Controller - ok
19:04:12.0483 1332 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:04:12.0483 1332 Parport - ok
19:04:12.0514 1332 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:04:12.0514 1332 partmgr - ok
19:04:12.0530 1332 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:04:12.0530 1332 Parvdm - ok
19:04:12.0576 1332 [ 55D654258A9C509B671310C314BD30B4 ] pavboot C:\Windows\system32\drivers\pavboot.sys
19:04:12.0576 1332 pavboot - ok
19:04:12.0592 1332 [ AE848C1613C8738BB83ADAB4F0845E84 ] PAVFNSVR C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe
19:04:12.0592 1332 PAVFNSVR - ok
19:04:12.0608 1332 [ A110035FDC4B8F8F0CD5E71D031274E1 ] PavProc C:\Windows\system32\DRIVERS\PavProc.sys
19:04:12.0608 1332 PavProc - ok
19:04:12.0623 1332 [ 2AE3F6B23448443BBEF5DE207159213B ] PavPrSrv C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
19:04:12.0639 1332 PavPrSrv - ok
19:04:12.0639 1332 PavSRK.sys - ok
19:04:12.0670 1332 [ 97005413310966001FB6F4A5C503149C ] PAVSRV C:\Program Files\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe
19:04:12.0670 1332 PAVSRV - ok
19:04:12.0670 1332 PavTPK.sys - ok
19:04:12.0717 1332 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:04:12.0717 1332 PcaSvc - ok
19:04:12.0732 1332 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
19:04:12.0732 1332 pci - ok
19:04:12.0764 1332 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
19:04:12.0764 1332 pciide - ok
19:04:12.0795 1332 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:04:12.0795 1332 pcmcia - ok
19:04:12.0810 1332 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:04:12.0810 1332 pcw - ok
19:04:12.0842 1332 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:04:12.0842 1332 PEAUTH - ok
19:04:12.0904 1332 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:04:12.0920 1332 PeerDistSvc - ok
19:04:13.0044 1332 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
19:04:13.0076 1332 pla - ok
19:04:13.0107 1332 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:04:13.0122 1332 PlugPlay - ok
19:04:13.0154 1332 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:04:13.0154 1332 PNRPAutoReg - ok
19:04:13.0185 1332 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:04:13.0185 1332 PNRPsvc - ok
19:04:13.0216 1332 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:04:13.0232 1332 PolicyAgent - ok
19:04:13.0263 1332 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
19:04:13.0263 1332 Power - ok
19:04:13.0294 1332 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:04:13.0294 1332 PptpMiniport - ok
19:04:13.0325 1332 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:04:13.0325 1332 Processor - ok
19:04:13.0372 1332 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
19:04:13.0388 1332 ProfSvc - ok
19:04:13.0419 1332 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:04:13.0419 1332 ProtectedStorage - ok
19:04:13.0450 1332 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:04:13.0450 1332 Psched - ok
19:04:13.0497 1332 [ 196C450F2779D0B462C444DA4906EA7F ] PSIMSVC C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe
19:04:13.0497 1332 PSIMSVC - ok
19:04:13.0528 1332 [ 341457B79B3FC31A80C346C767045879 ] PskSvcRetail C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe
19:04:13.0528 1332 PskSvcRetail - ok
19:04:13.0606 1332 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:04:13.0653 1332 ql2300 - ok
19:04:13.0684 1332 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:04:13.0684 1332 ql40xx - ok
19:04:13.0731 1332 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:04:13.0746 1332 QWAVE - ok
19:04:13.0762 1332 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:04:13.0762 1332 QWAVEdrv - ok
19:04:13.0809 1332 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:04:13.0809 1332 RasAcd - ok
19:04:13.0824 1332 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:04:13.0840 1332 RasAgileVpn - ok
19:04:13.0871 1332 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:04:13.0887 1332 RasAuto - ok
19:04:13.0918 1332 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:04:13.0918 1332 Rasl2tp - ok
19:04:13.0965 1332 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
19:04:13.0996 1332 RasMan - ok
19:04:14.0027 1332 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:04:14.0027 1332 RasPppoe - ok
19:04:14.0058 1332 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:04:14.0058 1332 RasSstp - ok
19:04:14.0105 1332 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:04:14.0105 1332 rdbss - ok
19:04:14.0121 1332 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:04:14.0121 1332 rdpbus - ok
19:04:14.0152 1332 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:04:14.0152 1332 RDPCDD - ok
19:04:14.0183 1332 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:04:14.0183 1332 RDPDR - ok
19:04:14.0199 1332 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:04:14.0199 1332 RDPENCDD - ok
19:04:14.0214 1332 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:04:14.0214 1332 RDPREFMP - ok
19:04:14.0261 1332 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:04:14.0277 1332 RDPWD - ok
19:04:14.0324 1332 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:04:14.0324 1332 rdyboost - ok
19:04:14.0355 1332 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:04:14.0370 1332 RemoteAccess - ok
19:04:14.0402 1332 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:04:14.0402 1332 RemoteRegistry - ok
19:04:14.0511 1332 [ 06A49B7BDC36CFBF97DD90804F833369 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
19:04:14.0526 1332 RichVideo - ok
19:04:14.0558 1332 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:04:14.0558 1332 RpcEptMapper - ok
19:04:14.0604 1332 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:04:14.0604 1332 RpcLocator - ok
19:04:14.0636 1332 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
19:04:14.0636 1332 RpcSs - ok
19:04:14.0667 1332 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:04:14.0667 1332 rspndr - ok
19:04:14.0714 1332 [ 31D45ECA63884FF5F7AECC50F7D1BAE0 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
19:04:14.0714 1332 RSUSBSTOR - ok
19:04:14.0760 1332 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:04:14.0776 1332 s3cap - ok
19:04:14.0792 1332 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
19:04:14.0792 1332 SamSs - ok
19:04:14.0823 1332 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:04:14.0823 1332 sbp2port - ok
19:04:14.0838 1332 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:04:14.0854 1332 SCardSvr - ok
19:04:14.0885 1332 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:04:14.0885 1332 scfilter - ok
19:04:14.0916 1332 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
19:04:14.0916 1332 Schedule - ok
19:04:14.0948 1332 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:04:14.0948 1332 SCPolicySvc - ok
19:04:14.0979 1332 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:04:14.0979 1332 SDRSVC - ok
19:04:15.0026 1332 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:04:15.0026 1332 secdrv - ok
19:04:15.0057 1332 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:04:15.0057 1332 seclogon - ok
19:04:15.0072 1332 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
19:04:15.0072 1332 SENS - ok
19:04:15.0104 1332 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:04:15.0104 1332 SensrSvc - ok
19:04:15.0119 1332 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:04:15.0119 1332 Serenum - ok
19:04:15.0135 1332 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:04:15.0135 1332 Serial - ok
19:04:15.0166 1332 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:04:15.0166 1332 sermouse - ok
19:04:15.0197 1332 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
19:04:15.0213 1332 SessionEnv - ok
19:04:15.0228 1332 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:04:15.0244 1332 sffdisk - ok
19:04:15.0244 1332 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:04:15.0244 1332 sffp_mmc - ok
19:04:15.0260 1332 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:04:15.0260 1332 sffp_sd - ok
19:04:15.0275 1332 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:04:15.0291 1332 sfloppy - ok
19:04:15.0322 1332 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:04:15.0322 1332 SharedAccess - ok
19:04:15.0353 1332 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:04:15.0369 1332 ShellHWDetection - ok
19:04:15.0384 1332 [ 32D6F7632234F0354C79E915CA4613D4 ] ShldDrv C:\Windows\system32\DRIVERS\ShlDrv51.sys
19:04:15.0384 1332 ShldDrv - ok
19:04:15.0416 1332 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:04:15.0416 1332 sisagp - ok
19:04:15.0447 1332 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:04:15.0447 1332 SiSRaid2 - ok
19:04:15.0462 1332 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:04:15.0462 1332 SiSRaid4 - ok
19:04:15.0494 1332 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:04:15.0494 1332 Smb - ok
19:04:15.0540 1332 [ FFD9B64DB2CD7B74B766C3A8452A5816 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
19:04:15.0540 1332 snapman - ok
19:04:15.0572 1332 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:04:15.0572 1332 SNMPTRAP - ok
19:04:15.0603 1332 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:04:15.0603 1332 spldr - ok
19:04:15.0665 1332 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
19:04:15.0665 1332 Spooler - ok
19:04:15.0806 1332 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
19:04:15.0837 1332 sppsvc - ok
19:04:15.0868 1332 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:04:15.0868 1332 sppuinotify - ok
19:04:15.0915 1332 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:04:15.0930 1332 srv - ok
19:04:15.0962 1332 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:04:15.0962 1332 srv2 - ok
19:04:15.0993 1332 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:04:15.0993 1332 srvnet - ok
19:04:16.0040 1332 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:04:16.0040 1332 SSDPSRV - ok
19:04:16.0055 1332 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:04:16.0071 1332 SstpSvc - ok
19:04:16.0102 1332 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:04:16.0102 1332 stexstor - ok
19:04:16.0133 1332 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
19:04:16.0133 1332 StiSvc - ok
19:04:16.0149 1332 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:04:16.0149 1332 storflt - ok
19:04:16.0180 1332 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
19:04:16.0180 1332 StorSvc - ok
19:04:16.0211 1332 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:04:16.0211 1332 storvsc - ok
19:04:16.0242 1332 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
19:04:16.0242 1332 swenum - ok
19:04:16.0274 1332 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:04:16.0274 1332 swprv - ok
19:04:16.0320 1332 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
19:04:16.0336 1332 SysMain - ok
19:04:16.0367 1332 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:04:16.0367 1332 TabletInputService - ok
19:04:16.0445 1332 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
19:04:16.0476 1332 TapiSrv - ok
19:04:16.0570 1332 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:04:16.0601 1332 TBS - ok
19:04:16.0664 1332 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:04:16.0664 1332 Tcpip - ok
19:04:16.0742 1332 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:04:16.0742 1332 TCPIP6 - ok
19:04:16.0788 1332 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:04:16.0788 1332 tcpipreg - ok
19:04:16.0820 1332 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:04:16.0820 1332 TDPIPE - ok
19:04:16.0882 1332 [ DC1BA6E904491A46124CB90C401E8A31 ] tdrpman255 C:\Windows\system32\DRIVERS\tdrpm255.sys
19:04:16.0913 1332 tdrpman255 - ok
19:04:16.0929 1332 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:04:16.0944 1332 TDTCP - ok
19:04:16.0960 1332 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:04:16.0976 1332 tdx - ok
19:04:16.0991 1332 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:04:16.0991 1332 TermDD - ok
19:04:17.0038 1332 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
19:04:17.0054 1332 TermService - ok
19:04:17.0100 1332 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:04:17.0100 1332 Themes - ok
19:04:17.0132 1332 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:04:17.0132 1332 THREADORDER - ok
19:04:17.0194 1332 [ C820BFC70FEB25EC877C49E81CD477C1 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
19:04:17.0194 1332 timounter - ok
19:04:17.0225 1332 [ EACBB8E02114329DDDECE593AEDC61FE ] TPSrv C:\Program Files\Panda Security\Panda Antivirus Pro 2012\TPSrv.exe
19:04:17.0225 1332 TPSrv - ok
19:04:17.0272 1332 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:04:17.0288 1332 TrkWks - ok
19:04:17.0366 1332 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:04:17.0366 1332 TrustedInstaller - ok
19:04:17.0428 1332 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:04:17.0428 1332 tssecsrv - ok
19:04:17.0444 1332 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:04:17.0444 1332 TsUsbFlt - ok
19:04:17.0490 1332 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:04:17.0490 1332 tunnel - ok
19:04:17.0522 1332 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:04:17.0522 1332 uagp35 - ok
19:04:17.0553 1332 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:04:17.0553 1332 udfs - ok
19:04:17.0568 1332 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:04:17.0584 1332 UI0Detect - ok
19:04:17.0600 1332 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:04:17.0600 1332 uliagpkx - ok
19:04:17.0631 1332 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
19:04:17.0631 1332 umbus - ok
19:04:17.0646 1332 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:04:17.0646 1332 UmPass - ok
19:04:17.0678 1332 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
19:04:17.0678 1332 UmRdpService - ok
19:04:17.0724 1332 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:04:17.0724 1332 upnphost - ok
19:04:17.0771 1332 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:04:17.0771 1332 usbccgp - ok
19:04:17.0802 1332 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:04:17.0818 1332 usbcir - ok
19:04:17.0849 1332 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:04:17.0849 1332 usbehci - ok
19:04:17.0912 1332 [ 19999CA8E83F16D271AFC467B84718D7 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
19:04:17.0912 1332 usbfilter - ok
19:04:17.0943 1332 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:04:17.0958 1332 usbhub - ok
19:04:17.0990 1332 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:04:17.0990 1332 usbohci - ok
19:04:18.0021 1332 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:04:18.0021 1332 usbprint - ok
19:04:18.0052 1332 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
19:04:18.0052 1332 USBSTOR - ok
19:04:18.0068 1332 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:04:18.0068 1332 usbuhci - ok
19:04:18.0099 1332 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:04:18.0099 1332 usbvideo - ok
19:04:18.0130 1332 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:04:18.0130 1332 UxSms - ok
19:04:18.0146 1332 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
19:04:18.0146 1332 VaultSvc - ok
19:04:18.0177 1332 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:04:18.0177 1332 vdrvroot - ok
19:04:18.0208 1332 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
19:04:18.0208 1332 vds - ok
19:04:18.0255 1332 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:04:18.0255 1332 vga - ok
19:04:18.0286 1332 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:04:18.0286 1332 VgaSave - ok
19:04:18.0317 1332 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:04:18.0317 1332 vhdmp - ok
19:04:18.0348 1332 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:04:18.0348 1332 viaagp - ok
19:04:18.0364 1332 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:04:18.0364 1332 ViaC7 - ok
19:04:18.0380 1332 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
19:04:18.0380 1332 viaide - ok
19:04:18.0411 1332 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:04:18.0411 1332 vmbus - ok
19:04:18.0426 1332 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:04:18.0426 1332 VMBusHID - ok
19:04:18.0442 1332 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:04:18.0458 1332 volmgr - ok
19:04:18.0473 1332 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:04:18.0473 1332 volmgrx - ok
19:04:18.0489 1332 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:04:18.0504 1332 volsnap - ok
19:04:18.0520 1332 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:04:18.0520 1332 vsmraid - ok
19:04:18.0582 1332 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
19:04:18.0582 1332 VSS - ok
19:04:18.0629 1332 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:04:18.0629 1332 vwifibus - ok
19:04:18.0645 1332 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:04:18.0645 1332 vwififlt - ok
19:04:18.0676 1332 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:04:18.0676 1332 W32Time - ok
19:04:18.0707 1332 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:04:18.0707 1332 WacomPen - ok
19:04:18.0738 1332 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:04:18.0738 1332 WANARP - ok
19:04:18.0754 1332 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:04:18.0754 1332 Wanarpv6 - ok
19:04:18.0832 1332 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:04:18.0848 1332 WatAdminSvc - ok
19:04:18.0910 1332 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
19:04:18.0941 1332 wbengine - ok
19:04:18.0972 1332 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:04:18.0988 1332 WbioSrvc - ok
19:04:19.0035 1332 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:04:19.0035 1332 wcncsvc - ok
19:04:19.0050 1332 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:04:19.0066 1332 WcsPlugInService - ok
19:04:19.0097 1332 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:04:19.0097 1332 Wd - ok
19:04:19.0128 1332 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:04:19.0128 1332 Wdf01000 - ok
19:04:19.0144 1332 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:04:19.0160 1332 WdiServiceHost - ok
19:04:19.0175 1332 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:04:19.0175 1332 WdiSystemHost - ok
19:04:19.0222 1332 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
19:04:19.0238 1332 WebClient - ok
19:04:19.0284 1332 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:04:19.0300 1332 Wecsvc - ok
19:04:19.0316 1332 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:04:19.0316 1332 wercplsupport - ok
19:04:19.0331 1332 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:04:19.0331 1332 WerSvc - ok
19:04:19.0347 1332 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:04:19.0347 1332 WfpLwf - ok
19:04:19.0378 1332 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:04:19.0394 1332 WIMMount - ok
19:04:19.0425 1332 [ 3FA87D56769838AAC82FAFC3E78FC732 ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
19:04:19.0425 1332 winbondcir - ok
19:04:19.0503 1332 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:04:19.0518 1332 WinDefend - ok
19:04:19.0550 1332 WinHttpAutoProxySvc - ok
19:04:19.0612 1332 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:04:19.0628 1332 Winmgmt - ok
19:04:19.0690 1332 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
19:04:19.0706 1332 WinRM - ok
19:04:19.0768 1332 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
19:04:19.0784 1332 WinUsb - ok
19:04:19.0830 1332 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:04:19.0846 1332 Wlansvc - ok
19:04:19.0877 1332 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:04:19.0877 1332 WmiAcpi - ok
19:04:19.0924 1332 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:04:19.0924 1332 wmiApSrv - ok
19:04:20.0033 1332 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:04:20.0064 1332 WMPNetworkSvc - ok
19:04:20.0096 1332 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:04:20.0096 1332 WPCSvc - ok
19:04:20.0111 1332 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:04:20.0127 1332 WPDBusEnum - ok
19:04:20.0158 1332 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:04:20.0158 1332 ws2ifsl - ok
19:04:20.0174 1332 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
19:04:20.0189 1332 wscsvc - ok
19:04:20.0189 1332 WSearch - ok
19:04:20.0314 1332 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:04:20.0330 1332 wuauserv - ok
19:04:20.0392 1332 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:04:20.0392 1332 WudfPf - ok
19:04:20.0423 1332 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:04:20.0439 1332 WUDFRd - ok
19:04:20.0454 1332 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:04:20.0454 1332 wudfsvc - ok
19:04:20.0486 1332 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:04:20.0501 1332 WwanSvc - ok
19:04:20.0564 1332 [ 5867CE254625645345C833510D24F124 ] {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} C:\Program Files\CyberLink\PowerDVD8\000.fcl
19:04:20.0579 1332 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
19:04:20.0579 1332 ================ Scan global ===============================
19:04:20.0610 1332 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:04:20.0642 1332 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
19:04:20.0673 1332 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
19:04:20.0704 1332 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:04:20.0735 1332 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:04:20.0735 1332 [Global] - ok
19:04:20.0735 1332 ================ Scan MBR ==================================
19:04:20.0751 1332 [ D1AD4C53EADD115593E05FA56D6B9DEA ] \Device\Harddisk0\DR0
19:04:21.0016 1332 \Device\Harddisk0\DR0 - ok
19:04:21.0032 1332 [ 025E00E0DDE2C3A3DD29CF783ED477BE ] \Device\Harddisk1\DR1
19:04:21.0702 1332 \Device\Harddisk1\DR1 - ok
19:04:21.0702 1332 ================ Scan VBR ==================================
19:04:21.0734 1332 [ DB3AC392284F8BD034E0AF8CF645973A ] \Device\Harddisk0\DR0\Partition1
19:04:21.0734 1332 \Device\Harddisk0\DR0\Partition1 - ok
19:04:21.0765 1332 [ 16AA993984CB217E1CD5E67E8610D659 ] \Device\Harddisk0\DR0\Partition2
19:04:21.0765 1332 \Device\Harddisk0\DR0\Partition2 - ok
19:04:21.0796 1332 [ 9DA7CC4C0263DB1245DA2B8D5A80F690 ] \Device\Harddisk0\DR0\Partition3
19:04:21.0796 1332 \Device\Harddisk0\DR0\Partition3 - ok
19:04:21.0812 1332 [ C83D096B46FA26A032FF7F63E079A8AC ] \Device\Harddisk1\DR1\Partition1
19:04:21.0812 1332 \Device\Harddisk1\DR1\Partition1 - ok
19:04:21.0812 1332 ============================================================
19:04:21.0812 1332 Scan finished
19:04:21.0812 1332 ============================================================
19:04:21.0843 5652 Detected object count: 0
19:04:21.0843 5652 Actual detected object count: 0
19:04:45.0758 3772 Deinitialize success

[FrancescoFDAC]

Scarica ed installa HitmanPro: http://www.surfright.nl/en/downloads
● scegli la versione adatta al tuo Sistema Operativo (32Bit o 64Bit)
● una volta lanciato, nella finestra principale clicca su Impostazioni
● clicca su Licenza ed attiva la licenza
● clicca su scansione di default (consigliato)
● al termine della scansione ti verrà mostrato un riepilogo: nella finestra di riepilogo, in basso a sinistra, avrai modo di salvare il Report generato che dovrai allegare

[Luke57]

@delia12
Ciao, per piacere inserisci i tuoi post chilometrici qui:
http://wikisend.com/

Grazie

[delia12]

Anche Hitman non ha trovato niente. Ma il mio antivirus mi segnala sempre il virus. Ecco il report.

Codice: Seleziona tutto

HitmanPro 3.6.1.164
www.hitmanpro.com

   Computer name . . . . : USER-PC
   Windows . . . . . . . : 6.1.1.7601.X86/2
   User name . . . . . . : user-PC\user
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2012-08-26 15:46:44
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 5m 1s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 38

   Objects scanned . . . : 893.689
   Files scanned . . . . : 15.928
   Remnants scanned  . . : 266.337 files / 611.424 keys

Cookies _____________________________________________________________________

   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adinterax.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertstream.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adviva.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:facileit.solution.weborama.fr
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:fr.sitestat.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:pg2.solution.weborama.fr
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:vodafoneit.solution.weborama.fr
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:weboramaitdata.solution.weborama.fr
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:yieldmanager.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\0QBRV9WY.txt
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\37ZNEGCR.txt
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\3ECQNU12.txt
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\5MOXECL6.txt
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\B24NE0Z8.txt
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\C2WX3MI2.txt
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\DE5TTBCT.txt
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\F52O0BIO.txt
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\JRM30C6T.txt
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\NH97YWTZ.txt
   C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\YZ2Q1QMR.txt




[delia12]

Ciao,
volevo avvertire del fatto che ho portato il mio pc presso un centro di assistenza. Ringrazio tanto Francesco per l'attenzione che mi ha riservato.