Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unsure if I have a Infection or not. ( Win32:Dropper-gen )

Started by Silly_Me , Apr 25 2012 04:10 AM

  • Please log in to reply
6 replies to this topic

#1 Silly_Me

Silly_Me

    New Member

  • Members
  • Pip
  • 4 posts

Posted 25 April 2012 - 04:10 AM

Hey BleepingComputer community, just looking for a bit of guidence and advice, I hope I don't come a burden here with my questions :).

so a brief description why I believe my Laptop is infected, I downloaded a file and it installed perfectly, nothing within question ( I ran MBAM and Trend Micro Internet Security on it before I Installed, this came up clean) so after installing and using the file, I went back to where I got it and got a few if not everyone claimed that the file I had downloaded had some sort of virus/malware or just generally seemed very fishy. So I ran my AV and MBAM both showed I had nothing to worry about, still uncertain I uploaded the file to VirusTool.com and the results are below (I took out the AV's which nothing came up for)

My computer seems generally fine, browsing, starting up, just general laptop stuff, it seems to be running just like it was before installation of the file.

-------

Virus Total (scan of the file in question)

File name: setup.exe
Detection ratio: 7 / 42
Analysis date: 2012-04-25 08:59:09 UTC ( 0 minutes ago )


More details

Antivirus Result Update

AntiVir - TR/Dropper.Gen - 20120424
Avast - Win32:Dropper-gen [Drp] - 20120425
F-Secure - Gen:Variant.Barys.882 - 20120424
GData - Win32:Dropper-gen - 20120424
McAfee - Artemis!B994FA6808DE - 20120424
McAfee-GW-Edition - Artemis!B994FA6808DE - 20120424
nProtect - Trojan/W32.Agent.564736.AK - 20120424

 

  • BC Ads
  • BleepingComputer.com

#2 boopme

boopme

    To Insanity and Beyond

  • Global Moderator
  • PipPipPipPipPipPip
  • 54,783 posts
  • Gender:Male
  • Location:NJ USA

Posted 25 April 2012 - 11:15 AM

It's definately infected.. One shopuld scan the downloaded file before opening it to determine if its safe. Once opened the malware is released.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 Silly_Me

Silly_Me

    New Member

  • Members
  • Pip
  • 4 posts

Posted 25 April 2012 - 04:47 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Scott (administrator) on 25-04-2012 at 21:45:43
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 1030 = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Scott-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : BC-77-37-96-9F-3E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : BC-77-37-96-9F-3E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1030
Physical Address. . . . . . . . . : BC-77-37-96-9F-3D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fdb5:a90c:d3e7:1b8b%15(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 25 April 2012 21:35:36
Lease Expires . . . . . . . . . . : 26 April 2012 21:35:35
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 381450039
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-81-D2-AF-18-03-73-58-46-8F
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 18-03-73-58-46-8F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : BC-77-37-96-9F-41
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7EEB1027-CB99-48C8-A668-BF8818CB70F9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:80c:2b3e:2acf:9b15(Preferred)
Link-local IPv6 Address . . . . . : fe80::80c:2b3e:2acf:9b15%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F5B4A6CF-0AE8-4F7A-8EF1-647333C5E68D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3B7554E7-9A4B-4DA6-86E5-7B777DFCE066}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{EB392A21-DF47-4AB4-8EF8-1C5EC9983B4A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 173.194.34.64
173.194.34.65
173.194.34.71
173.194.34.67
173.194.34.73
173.194.34.68
173.194.34.69
173.194.34.72
173.194.34.78
173.194.34.66
173.194.34.70


Pinging google.com [173.194.34.70] with 32 bytes of data:
Reply from 173.194.34.70: bytes=32 time=93ms TTL=51
Reply from 173.194.34.70: bytes=32 time=525ms TTL=52

Ping statistics for 173.194.34.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 525ms, Average = 309ms
Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=299ms TTL=50
Reply from 72.30.38.140: bytes=32 time=322ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 299ms, Maximum = 322ms, Average = 310ms
Server: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...bc 77 37 96 9f 3e ......Microsoft Virtual WiFi Miniport Adapter #2
16...bc 77 37 96 9f 3e ......Microsoft Virtual WiFi Miniport Adapter
15...bc 77 37 96 9f 3d ......Intel® Centrino® Wireless-N 1030
13...18 03 73 58 46 8f ......Realtek PCIe FE Family Controller
11...bc 77 37 96 9f 41 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.9 25
10.0.0.0 255.255.255.0 On-link 10.0.0.9 281
10.0.0.9 255.255.255.255 On-link 10.0.0.9 281
10.0.0.255 255.255.255.255 On-link 10.0.0.9 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.9 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.9 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:5ef5:79fb:80c:2b3e:2acf:9b15/128
On-link
15 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::80c:2b3e:2acf:9b15/128
On-link
15 281 fe80::fdb5:a90c:d3e7:1b8b/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/25/2012 09:35:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 09:47:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2012 11:48:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2012 01:50:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 10:02:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 00:05:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 09:42:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 01:00:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2012 05:31:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2012 01:13:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/25/2012 09:36:27 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/25/2012 09:35:57 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/25/2012 00:28:43 PM) (Source: DCOM) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (04/25/2012 09:48:33 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/25/2012 09:48:03 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/24/2012 11:49:34 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/24/2012 11:49:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/24/2012 04:41:02 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (04/24/2012 04:41:02 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (04/24/2012 01:51:09 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.


Microsoft Office Sessions:
=========================
Error: (04/25/2012 09:35:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 09:47:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2012 11:48:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2012 01:50:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 10:02:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 00:05:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 09:42:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 01:00:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2012 05:31:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2012 01:13:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.233)
Adobe Reader X (10.1.2) MUI (Version: 10.1.2)
Advanced Audio FX Engine (Version: 1.12.05)
µTorrent (Version: 3.1.0)
Cheat Engine 6.1
Command & Conquer Generals (Version: 0.50.0000)
Command and ConquerTM Generals Zero Hour (Version: 1.00.0000)
Counter-Strike: Source
Counter-Strike: Source Beta
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Pro (Version: 4.41.0315.0262)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.3.31.0)
Dell PhotoStage (Version: 1.5.0.19)
Dell Product Registration (Version: 1.0.3)
Dell Stage (Version: 1.4.173.0)
Dell Touchpad (Version: 7.1209.101.204)
Dell VideoStage (Version: 1.1.0.1011)
Dell Webcam Central (Version: 2.00.35)
DirectX 9 Runtime (Version: 1.00.0000)
EZ Macros
Fraps (remove only)
Free YouTube Download version 3.1.24.412 (Version: 3.1.24.412)
GameRanger
Google Talk (remove only)
HyperCam 3 (Version: 3.1.1104.5)
IDT Audio (Version: 1.0.6324.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.0.0.0454)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.27.0)
iSkysoft iMedia Converter(Build 3.0.3.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Age of Empires Gold
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.0.61118.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 12.0 (x86 en-GB) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PhotoShowExpress (Version: 2.0.063)
Quickset64 (Version: 10.09.20)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek Ethernet Controller Driver (Version: 7.31.1025.2010)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Steam (Version: 1.0.0.0)
The Walking Dead © 3 version 1 (Version: 1)
Titanium Internet Security (Version: 5.2)
Trend Micro Titanium (Version: 5.00)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.10 (64-bit) (Version: 4.10.0)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 6051.18 MB
Available physical RAM: 4307.6 MB
Total Pagefile: 12100.54 MB
Available Pagefile: 10182.86 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.07 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:475.06 GB) NTFS

========================= Users: ========================================

User accounts for \\SCOTT-PC

Administrator Guest Scott


**** End of log ****

**No reboot**

21:49:57.0829 1208 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
21:49:58.0507 1208 ============================================================
21:49:58.0507 1208 Current date / time: 2012/04/25 21:49:58.0507
21:49:58.0507 1208 SystemInfo:
21:49:58.0507 1208
21:49:58.0508 1208 OS Version: 6.1.7601 ServicePack: 1.0
21:49:58.0508 1208 Product type: Workstation
21:49:58.0508 1208 ComputerName: SCOTT-PC
21:49:58.0508 1208 UserName: Scott
21:49:58.0508 1208 Windows directory: C:\windows
21:49:58.0508 1208 System windows directory: C:\windows
21:49:58.0508 1208 Running under WOW64
21:49:58.0508 1208 Processor architecture: Intel x64
21:49:58.0509 1208 Number of processors: 8
21:49:58.0509 1208 Page size: 0x1000
21:49:58.0509 1208 Boot type: Normal boot
21:49:58.0509 1208 ============================================================
21:49:58.0982 1208 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:49:58.0995 1208 ============================================================
21:49:58.0995 1208 \Device\Harddisk0\DR0:
21:49:58.0996 1208 MBR partitions:
21:49:58.0996 1208 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
21:49:58.0996 1208 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
21:49:58.0996 1208 ============================================================
21:49:59.0044 1208 C: <-> \Device\Harddisk0\DR0\Partition1
21:49:59.0044 1208 ============================================================
21:49:59.0044 1208 Initialize success
21:49:59.0044 1208 ============================================================
21:50:04.0739 2088 ============================================================
21:50:04.0739 2088 Scan started
21:50:04.0739 2088 Mode: Manual;
21:50:04.0739 2088 ============================================================
21:50:05.0204 2088 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
21:50:05.0244 2088 1394ohci - ok
21:50:05.0322 2088 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
21:50:05.0331 2088 ACPI - ok
21:50:05.0338 2088 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
21:50:05.0341 2088 AcpiPmi - ok
21:50:05.0476 2088 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:50:05.0479 2088 AdobeARMservice - ok
21:50:05.0707 2088 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:50:05.0713 2088 AdobeFlashPlayerUpdateSvc - ok
21:50:05.0853 2088 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
21:50:05.0886 2088 adp94xx - ok
21:50:05.0936 2088 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
21:50:05.0945 2088 adpahci - ok
21:50:05.0984 2088 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
21:50:05.0997 2088 adpu320 - ok
21:50:06.0037 2088 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
21:50:06.0039 2088 AeLookupSvc - ok
21:50:06.0136 2088 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
21:50:06.0139 2088 AESTFilters - ok
21:50:06.0247 2088 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
21:50:06.0273 2088 AFD - ok
21:50:06.0314 2088 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
21:50:06.0318 2088 agp440 - ok
21:50:06.0358 2088 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
21:50:06.0362 2088 ALG - ok
21:50:06.0390 2088 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
21:50:06.0394 2088 aliide - ok
21:50:06.0406 2088 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
21:50:06.0409 2088 amdide - ok
21:50:06.0430 2088 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
21:50:06.0432 2088 AmdK8 - ok
21:50:06.0439 2088 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
21:50:06.0441 2088 AmdPPM - ok
21:50:06.0496 2088 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
21:50:06.0518 2088 amdsata - ok
21:50:06.0558 2088 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
21:50:06.0565 2088 amdsbs - ok
21:50:06.0583 2088 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
21:50:06.0586 2088 amdxata - ok
21:50:06.0696 2088 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
21:50:06.0702 2088 Amsp - ok
21:50:06.0772 2088 ApfiltrService (24ed0eb2b2558970176ecee680f8f806) C:\windows\system32\DRIVERS\Apfiltr.sys
21:50:06.0779 2088 ApfiltrService - ok
21:50:06.0813 2088 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
21:50:06.0817 2088 AppID - ok
21:50:06.0845 2088 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
21:50:06.0848 2088 AppIDSvc - ok
21:50:06.0874 2088 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
21:50:06.0878 2088 Appinfo - ok
21:50:06.0913 2088 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
21:50:06.0917 2088 arc - ok
21:50:06.0933 2088 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
21:50:06.0938 2088 arcsas - ok
21:50:07.0047 2088 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:50:07.0051 2088 aspnet_state - ok
21:50:07.0071 2088 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
21:50:07.0074 2088 AsyncMac - ok
21:50:07.0094 2088 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
21:50:07.0097 2088 atapi - ok
21:50:07.0209 2088 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
21:50:07.0236 2088 AudioEndpointBuilder - ok
21:50:07.0251 2088 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
21:50:07.0258 2088 AudioSrv - ok
21:50:07.0294 2088 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
21:50:07.0305 2088 AxInstSV - ok
21:50:07.0384 2088 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
21:50:07.0401 2088 b06bdrv - ok
21:50:07.0449 2088 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
21:50:07.0467 2088 b57nd60a - ok
21:50:07.0504 2088 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
21:50:07.0528 2088 BDESVC - ok
21:50:07.0543 2088 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
21:50:07.0546 2088 Beep - ok
21:50:07.0662 2088 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
21:50:07.0684 2088 BFE - ok
21:50:07.0809 2088 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\system32\qmgr.dll
21:50:07.0839 2088 BITS - ok
21:50:07.0911 2088 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
21:50:07.0915 2088 blbdrive - ok
21:50:08.0146 2088 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:50:08.0160 2088 Bluetooth Device Monitor - ok
21:50:08.0287 2088 Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:50:08.0307 2088 Bluetooth Media Service - ok
21:50:08.0424 2088 Bluetooth OBEX Service (a2ebf384ed105fed7d05c5465500ef2e) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:50:08.0440 2088 Bluetooth OBEX Service - ok
21:50:08.0642 2088 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
21:50:08.0665 2088 bowser - ok
21:50:08.0703 2088 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
21:50:08.0706 2088 BrFiltLo - ok
21:50:08.0714 2088 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
21:50:08.0717 2088 BrFiltUp - ok
21:50:08.0755 2088 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
21:50:08.0759 2088 BridgeMP - ok
21:50:08.0800 2088 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
21:50:08.0809 2088 Browser - ok
21:50:08.0845 2088 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
21:50:08.0853 2088 Brserid - ok
21:50:08.0864 2088 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
21:50:08.0868 2088 BrSerWdm - ok
21:50:08.0874 2088 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
21:50:08.0877 2088 BrUsbMdm - ok
21:50:08.0884 2088 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
21:50:08.0887 2088 BrUsbSer - ok
21:50:08.0931 2088 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
21:50:08.0934 2088 BthEnum - ok
21:50:08.0963 2088 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
21:50:08.0968 2088 BTHMODEM - ok
21:50:08.0997 2088 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
21:50:09.0001 2088 BthPan - ok
21:50:09.0091 2088 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
21:50:09.0104 2088 BTHPORT - ok
21:50:09.0136 2088 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
21:50:09.0138 2088 bthserv - ok
21:50:09.0158 2088 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
21:50:09.0161 2088 BTHUSB - ok
21:50:09.0190 2088 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\windows\system32\DRIVERS\btmaux.sys
21:50:09.0193 2088 btmaux - ok
21:50:09.0249 2088 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\windows\system32\DRIVERS\btmhsf.sys
21:50:09.0267 2088 btmhsf - ok
21:50:09.0298 2088 catchme - ok
21:50:09.0351 2088 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
21:50:09.0356 2088 cdfs - ok
21:50:09.0418 2088 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
21:50:09.0436 2088 cdrom - ok
21:50:09.0493 2088 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
21:50:09.0498 2088 CertPropSvc - ok
21:50:09.0521 2088 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
21:50:09.0524 2088 circlass - ok
21:50:09.0591 2088 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
21:50:09.0600 2088 CLFS - ok
21:50:09.0683 2088 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:50:09.0687 2088 clr_optimization_v2.0.50727_32 - ok
21:50:09.0743 2088 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:50:09.0756 2088 clr_optimization_v2.0.50727_64 - ok
21:50:09.0808 2088 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:50:09.0810 2088 clr_optimization_v4.0.30319_32 - ok
21:50:09.0839 2088 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:50:09.0842 2088 clr_optimization_v4.0.30319_64 - ok
21:50:09.0900 2088 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
21:50:09.0901 2088 CmBatt - ok
21:50:09.0920 2088 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
21:50:09.0921 2088 cmdide - ok
21:50:10.0021 2088 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
21:50:10.0032 2088 CNG - ok
21:50:10.0077 2088 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
21:50:10.0080 2088 Compbatt - ok
21:50:10.0115 2088 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
21:50:10.0118 2088 CompositeBus - ok
21:50:10.0138 2088 COMSysApp - ok
21:50:10.0177 2088 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
21:50:10.0180 2088 crcdisk - ok
21:50:10.0248 2088 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
21:50:10.0272 2088 CryptSvc - ok
21:50:10.0340 2088 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\windows\system32\DRIVERS\CtClsFlt.sys
21:50:10.0355 2088 CtClsFlt - ok
21:50:10.0444 2088 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
21:50:10.0458 2088 DcomLaunch - ok
21:50:10.0516 2088 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
21:50:10.0531 2088 defragsvc - ok
21:50:10.0573 2088 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
21:50:10.0585 2088 DfsC - ok
21:50:10.0648 2088 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
21:50:10.0662 2088 Dhcp - ok
21:50:10.0695 2088 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
21:50:10.0698 2088 discache - ok
21:50:10.0736 2088 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
21:50:10.0740 2088 Disk - ok
21:50:10.0797 2088 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
21:50:10.0812 2088 Dnscache - ok
21:50:10.0860 2088 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
21:50:10.0879 2088 dot3svc - ok
21:50:10.0912 2088 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
21:50:10.0929 2088 DPS - ok
21:50:10.0958 2088 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
21:50:10.0962 2088 drmkaud - ok
21:50:11.0028 2088 dtsoftbus01 (821bf177a24172f5f0ee9b322f58516c) C:\windows\system32\DRIVERS\dtsoftbus01.sys
21:50:11.0034 2088 dtsoftbus01 - ok
21:50:11.0150 2088 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
21:50:11.0165 2088 DXGKrnl - ok
21:50:11.0219 2088 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
21:50:11.0239 2088 EapHost - ok
21:50:11.0611 2088 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
21:50:11.0683 2088 ebdrv - ok
21:50:11.0865 2088 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
21:50:11.0869 2088 EFS - ok
21:50:11.0995 2088 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
21:50:12.0012 2088 ehRecvr - ok
21:50:12.0042 2088 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
21:50:12.0084 2088 ehSched - ok
21:50:12.0202 2088 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
21:50:12.0218 2088 elxstor - ok
21:50:12.0231 2088 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
21:50:12.0234 2088 ErrDev - ok
21:50:12.0330 2088 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
21:50:12.0340 2088 EventSystem - ok
21:50:12.0622 2088 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:50:12.0632 2088 EvtEng - ok
21:50:12.0821 2088 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
21:50:12.0834 2088 exfat - ok
21:50:12.0877 2088 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
21:50:12.0890 2088 fastfat - ok
21:50:13.0013 2088 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
21:50:13.0033 2088 Fax - ok
21:50:13.0041 2088 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
21:50:13.0045 2088 fdc - ok
21:50:13.0075 2088 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
21:50:13.0079 2088 fdPHost - ok
21:50:13.0100 2088 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
21:50:13.0104 2088 FDResPub - ok
21:50:13.0137 2088 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
21:50:13.0140 2088 FileInfo - ok
21:50:13.0160 2088 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
21:50:13.0164 2088 Filetrace - ok
21:50:13.0172 2088 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
21:50:13.0175 2088 flpydisk - ok
21:50:13.0232 2088 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
21:50:13.0239 2088 FltMgr - ok
21:50:13.0382 2088 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
21:50:13.0416 2088 FontCache - ok
21:50:13.0525 2088 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:50:13.0529 2088 FontCache3.0.0.0 - ok
21:50:13.0597 2088 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
21:50:13.0601 2088 FsDepends - ok
21:50:13.0642 2088 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
21:50:13.0644 2088 Fs_Rec - ok
21:50:13.0702 2088 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
21:50:13.0708 2088 fvevol - ok
21:50:13.0742 2088 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
21:50:13.0746 2088 gagp30kx - ok
21:50:13.0868 2088 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
21:50:13.0885 2088 gpsvc - ok
21:50:13.0907 2088 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
21:50:13.0909 2088 hcw85cir - ok
21:50:13.0986 2088 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
21:50:14.0006 2088 HdAudAddService - ok
21:50:14.0036 2088 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
21:50:14.0040 2088 HDAudBus - ok
21:50:14.0051 2088 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
21:50:14.0054 2088 HidBatt - ok
21:50:14.0070 2088 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
21:50:14.0075 2088 HidBth - ok
21:50:14.0093 2088 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
21:50:14.0097 2088 HidIr - ok
21:50:14.0120 2088 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
21:50:14.0124 2088 hidserv - ok
21:50:14.0173 2088 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
21:50:14.0176 2088 HidUsb - ok
21:50:14.0219 2088 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
21:50:14.0245 2088 hkmsvc - ok
21:50:14.0309 2088 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
21:50:14.0319 2088 HomeGroupListener - ok
21:50:14.0354 2088 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
21:50:14.0369 2088 HomeGroupProvider - ok
21:50:14.0401 2088 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
21:50:14.0406 2088 HpSAMD - ok
21:50:14.0527 2088 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
21:50:14.0547 2088 HTTP - ok
21:50:14.0566 2088 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
21:50:14.0567 2088 hwpolicy - ok
21:50:14.0613 2088 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
21:50:14.0635 2088 i8042prt - ok
21:50:14.0720 2088 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys
21:50:14.0728 2088 iaStor - ok
21:50:14.0813 2088 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:50:14.0816 2088 IAStorDataMgrSvc - ok
21:50:14.0912 2088 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
21:50:14.0926 2088 iaStorV - ok
21:50:14.0970 2088 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\windows\system32\DRIVERS\iBtFltCoex.sys
21:50:14.0974 2088 iBtFltCoex - ok
21:50:15.0142 2088 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:50:15.0167 2088 idsvc - ok
21:50:16.0102 2088 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\windows\system32\DRIVERS\igdkmd64.sys
21:50:16.0333 2088 igfx - ok
21:50:16.0502 2088 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
21:50:16.0506 2088 iirsp - ok
21:50:16.0628 2088 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
21:50:16.0654 2088 IKEEXT - ok
21:50:16.0735 2088 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
21:50:16.0748 2088 IntcDAud - ok
21:50:16.0765 2088 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
21:50:16.0768 2088 intelide - ok
21:50:16.0800 2088 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
21:50:16.0802 2088 intelppm - ok
21:50:16.0841 2088 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
21:50:16.0864 2088 IPBusEnum - ok
21:50:16.0891 2088 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
21:50:16.0895 2088 IpFilterDriver - ok
21:50:16.0974 2088 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
21:50:16.0995 2088 iphlpsvc - ok
21:50:17.0009 2088 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
21:50:17.0013 2088 IPMIDRV - ok
21:50:17.0050 2088 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
21:50:17.0071 2088 IPNAT - ok
21:50:17.0099 2088 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
21:50:17.0103 2088 IRENUM - ok
21:50:17.0112 2088 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
21:50:17.0115 2088 isapnp - ok
21:50:17.0161 2088 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
21:50:17.0178 2088 iScsiPrt - ok
21:50:17.0204 2088 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
21:50:17.0207 2088 kbdclass - ok
21:50:17.0216 2088 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
21:50:17.0219 2088 kbdhid - ok
21:50:17.0265 2088 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
21:50:17.0269 2088 KeyIso - ok
21:50:17.0293 2088 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
21:50:17.0295 2088 KSecDD - ok
21:50:17.0327 2088 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
21:50:17.0332 2088 KSecPkg - ok
21:50:17.0354 2088 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
21:50:17.0357 2088 ksthunk - ok
21:50:17.0428 2088 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
21:50:17.0446 2088 KtmRm - ok
21:50:17.0522 2088 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
21:50:17.0543 2088 LanmanServer - ok
21:50:17.0583 2088 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
21:50:17.0593 2088 LanmanWorkstation - ok
21:50:17.0635 2088 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
21:50:17.0639 2088 lltdio - ok
21:50:17.0700 2088 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
21:50:17.0714 2088 lltdsvc - ok
21:50:17.0749 2088 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
21:50:17.0754 2088 lmhosts - ok
21:50:17.0903 2088 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:50:17.0909 2088 LMS - ok
21:50:17.0974 2088 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
21:50:17.0995 2088 LSI_FC - ok
21:50:18.0025 2088 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
21:50:18.0047 2088 LSI_SAS - ok
21:50:18.0062 2088 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
21:50:18.0066 2088 LSI_SAS2 - ok
21:50:18.0085 2088 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
21:50:18.0090 2088 LSI_SCSI - ok
21:50:18.0140 2088 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
21:50:18.0161 2088 luafv - ok
21:50:18.0249 2088 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\windows\system32\DRIVERS\mcdbus.sys
21:50:18.0276 2088 mcdbus - ok
21:50:18.0317 2088 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
21:50:18.0342 2088 Mcx2Svc - ok
21:50:18.0350 2088 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
21:50:18.0354 2088 megasas - ok
21:50:18.0411 2088 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
21:50:18.0430 2088 MegaSR - ok
21:50:18.0468 2088 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys
21:50:18.0471 2088 MEIx64 - ok
21:50:18.0506 2088 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
21:50:18.0511 2088 MMCSS - ok
21:50:18.0523 2088 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
21:50:18.0527 2088 Modem - ok
21:50:18.0542 2088 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
21:50:18.0543 2088 monitor - ok
21:50:18.0572 2088 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
21:50:18.0575 2088 mouclass - ok
21:50:18.0605 2088 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
21:50:18.0608 2088 mouhid - ok
21:50:18.0639 2088 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
21:50:18.0643 2088 mountmgr - ok
21:50:18.0761 2088 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:50:18.0796 2088 MozillaMaintenance - ok
21:50:18.0832 2088 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
21:50:18.0835 2088 mpio - ok
21:50:18.0862 2088 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
21:50:18.0866 2088 mpsdrv - ok
21:50:18.0985 2088 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
21:50:19.0012 2088 MpsSvc - ok
21:50:19.0032 2088 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
21:50:19.0037 2088 MRxDAV - ok
21:50:19.0095 2088 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
21:50:19.0111 2088 mrxsmb - ok
21:50:19.0165 2088 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
21:50:19.0180 2088 mrxsmb10 - ok
21:50:19.0215 2088 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
21:50:19.0234 2088 mrxsmb20 - ok
21:50:19.0252 2088 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
21:50:19.0255 2088 msahci - ok
21:50:19.0277 2088 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
21:50:19.0282 2088 msdsm - ok
21:50:19.0312 2088 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
21:50:19.0331 2088 MSDTC - ok
21:50:19.0355 2088 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
21:50:19.0358 2088 Msfs - ok
21:50:19.0389 2088 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
21:50:19.0393 2088 mshidkmdf - ok
21:50:19.0409 2088 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
21:50:19.0411 2088 msisadrv - ok
21:50:19.0472 2088 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
21:50:19.0490 2088 MSiSCSI - ok
21:50:19.0495 2088 msiserver - ok
21:50:19.0530 2088 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
21:50:19.0533 2088 MSKSSRV - ok
21:50:19.0555 2088 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
21:50:19.0558 2088 MSPCLOCK - ok
21:50:19.0565 2088 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
21:50:19.0568 2088 MSPQM - ok
21:50:19.0624 2088 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
21:50:19.0633 2088 MsRPC - ok
21:50:19.0659 2088 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
21:50:19.0660 2088 mssmbios - ok
21:50:19.0676 2088 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
21:50:19.0678 2088 MSTEE - ok
21:50:19.0703 2088 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
21:50:19.0706 2088 MTConfig - ok
21:50:19.0730 2088 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
21:50:19.0733 2088 Mup - ok
21:50:19.0880 2088 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:50:19.0900 2088 MyWiFiDHCPDNS - ok
21:50:19.0987 2088 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
21:50:20.0000 2088 napagent - ok
21:50:20.0069 2088 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
21:50:20.0090 2088 NativeWifiP - ok
21:50:20.0220 2088 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
21:50:20.0240 2088 NDIS - ok
21:50:20.0261 2088 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
21:50:20.0262 2088 NdisCap - ok
21:50:20.0291 2088 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
21:50:20.0295 2088 NdisTapi - ok
21:50:20.0330 2088 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
21:50:20.0334 2088 Ndisuio - ok
21:50:20.0370 2088 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
21:50:20.0387 2088 NdisWan - ok
21:50:20.0423 2088 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
21:50:20.0426 2088 NDProxy - ok
21:50:20.0451 2088 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
21:50:20.0455 2088 NetBIOS - ok
21:50:20.0493 2088 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
21:50:20.0503 2088 NetBT - ok
21:50:20.0554 2088 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
21:50:20.0558 2088 Netlogon - ok
21:50:20.0632 2088 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
21:50:20.0652 2088 Netman - ok
21:50:20.0766 2088 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:20.0786 2088 NetMsmqActivator - ok
21:50:20.0793 2088 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:20.0797 2088 NetPipeActivator - ok
21:50:20.0871 2088 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
21:50:20.0890 2088 netprofm - ok
21:50:20.0897 2088 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:20.0901 2088 NetTcpActivator - ok
21:50:20.0908 2088 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:20.0911 2088 NetTcpPortSharing - ok
21:50:21.0644 2088 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\windows\system32\DRIVERS\NETwNs64.sys
21:50:21.0804 2088 NETwNs64 - ok
21:50:21.0966 2088 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
21:50:21.0970 2088 nfrd960 - ok
21:50:22.0059 2088 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
21:50:22.0080 2088 NlaSvc - ok
21:50:22.0101 2088 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
21:50:22.0104 2088 Npfs - ok
21:50:22.0121 2088 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
21:50:22.0126 2088 nsi - ok
21:50:22.0136 2088 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
21:50:22.0138 2088 nsiproxy - ok
21:50:22.0351 2088 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
21:50:22.0404 2088 Ntfs - ok
21:50:22.0577 2088 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
21:50:22.0580 2088 Null - ok
21:50:22.0625 2088 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\windows\system32\DRIVERS\nusb3hub.sys
21:50:22.0629 2088 nusb3hub - ok
21:50:22.0672 2088 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\windows\system32\DRIVERS\nusb3xhc.sys
21:50:22.0686 2088 nusb3xhc - ok
21:50:22.0739 2088 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
21:50:22.0757 2088 nvraid - ok
21:50:22.0793 2088 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
21:50:22.0800 2088 nvstor - ok
21:50:22.0844 2088 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
21:50:22.0864 2088 nv_agp - ok
21:50:22.0880 2088 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
21:50:22.0884 2088 ohci1394 - ok
21:50:22.0950 2088 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
21:50:22.0960 2088 p2pimsvc - ok
21:50:23.0026 2088 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
21:50:23.0039 2088 p2psvc - ok
21:50:23.0054 2088 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
21:50:23.0059 2088 Parport - ok
21:50:23.0079 2088 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
21:50:23.0083 2088 partmgr - ok
21:50:23.0120 2088 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
21:50:23.0134 2088 PcaSvc - ok
21:50:23.0178 2088 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
21:50:23.0184 2088 pci - ok
21:50:23.0201 2088 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
21:50:23.0205 2088 pciide - ok
21:50:23.0233 2088 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
21:50:23.0240 2088 pcmcia - ok
21:50:23.0259 2088 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
21:50:23.0262 2088 pcw - ok
21:50:23.0352 2088 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
21:50:23.0379 2088 PEAUTH - ok
21:50:23.0508 2088 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
21:50:23.0514 2088 PerfHost - ok
21:50:23.0838 2088 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
21:50:23.0871 2088 pla - ok
21:50:24.0079 2088 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
21:50:24.0091 2088 PlugPlay - ok
21:50:24.0114 2088 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
21:50:24.0120 2088 PNRPAutoReg - ok
21:50:24.0171 2088 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
21:50:24.0180 2088 PNRPsvc - ok
21:50:24.0258 2088 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
21:50:24.0282 2088 PolicyAgent - ok
21:50:24.0351 2088 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
21:50:24.0368 2088 Power - ok
21:50:24.0456 2088 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
21:50:24.0479 2088 PptpMiniport - ok
21:50:24.0505 2088 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
21:50:24.0510 2088 Processor - ok
21:50:24.0569 2088 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
21:50:24.0577 2088 ProfSvc - ok
21:50:24.0620 2088 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
21:50:24.0624 2088 ProtectedStorage - ok
21:50:24.0657 2088 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
21:50:24.0666 2088 Psched - ok
21:50:24.0710 2088 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys
21:50:24.0713 2088 PxHlpa64 - ok
21:50:24.0920 2088 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
21:50:24.0968 2088 ql2300 - ok
21:50:25.0140 2088 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
21:50:25.0157 2088 ql40xx - ok
21:50:25.0216 2088 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
21:50:25.0236 2088 QWAVE - ok
21:50:25.0256 2088 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
21:50:25.0260 2088 QWAVEdrv - ok
21:50:25.0267 2088 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
21:50:25.0278 2088 RasAcd - ok
21:50:25.0321 2088 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
21:50:25.0324 2088 RasAgileVpn - ok
21:50:25.0373 2088 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
21:50:25.0395 2088 RasAuto - ok
21:50:25.0440 2088 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
21:50:25.0459 2088 Rasl2tp - ok
21:50:25.0520 2088 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
21:50:25.0542 2088 RasMan - ok
21:50:25.0565 2088 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
21:50:25.0589 2088 RasPppoe - ok
21:50:25.0622 2088 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
21:50:25.0626 2088 RasSstp - ok
21:50:25.0681 2088 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
21:50:25.0695 2088 rdbss - ok
21:50:25.0719 2088 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
21:50:25.0721 2088 rdpbus - ok
21:50:25.0732 2088 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
21:50:25.0734 2088 RDPCDD - ok
21:50:25.0749 2088 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
21:50:25.0752 2088 RDPENCDD - ok
21:50:25.0770 2088 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
21:50:25.0772 2088 RDPREFMP - ok
21:50:25.0826 2088 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
21:50:25.0837 2088 RDPWD - ok
21:50:25.0893 2088 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
21:50:25.0899 2088 rdyboost - ok
21:50:26.0074 2088 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:50:26.0088 2088 RegSrvc - ok
21:50:26.0132 2088 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
21:50:26.0155 2088 RemoteAccess - ok
21:50:26.0196 2088 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
21:50:26.0213 2088 RemoteRegistry - ok
21:50:26.0310 2088 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
21:50:26.0329 2088 RFCOMM - ok
21:50:26.0559 2088 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
21:50:26.0592 2088 RoxMediaDB12OEM - ok
21:50:26.0635 2088 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
21:50:26.0640 2088 RoxWatch12 - ok
21:50:26.0805 2088 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
21:50:26.0831 2088 RpcEptMapper - ok
21:50:26.0864 2088 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
21:50:26.0869 2088 RpcLocator - ok
21:50:26.0941 2088 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
21:50:26.0952 2088 RpcSs - ok
21:50:27.0025 2088 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
21:50:27.0029 2088 rspndr - ok
21:50:27.0114 2088 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys
21:50:27.0138 2088 RSUSBSTOR - ok
21:50:27.0202 2088 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\windows\system32\DRIVERS\Rt64win7.sys
21:50:27.0209 2088 RTL8167 - ok
21:50:27.0253 2088 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
21:50:27.0257 2088 SamSs - ok
21:50:27.0288 2088 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
21:50:27.0311 2088 sbp2port - ok
21:50:27.0362 2088 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
21:50:27.0376 2088 SCardSvr - ok
21:50:27.0393 2088 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
21:50:27.0397 2088 scfilter - ok
21:50:27.0532 2088 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
21:50:27.0553 2088 Schedule - ok
21:50:27.0581 2088 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
21:50:27.0584 2088 SCPolicySvc - ok
21:50:27.0625 2088 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
21:50:27.0641 2088 SDRSVC - ok
21:50:27.0708 2088 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
21:50:27.0711 2088 secdrv - ok
21:50:27.0727 2088 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
21:50:27.0733 2088 seclogon - ok
21:50:27.0767 2088 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\system32\sens.dll
21:50:27.0773 2088 SENS - ok
21:50:27.0792 2088 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
21:50:27.0798 2088 SensrSvc - ok
21:50:27.0817 2088 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
21:50:27.0820 2088 Serenum - ok
21:50:27.0843 2088 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
21:50:27.0848 2088 Serial - ok
21:50:27.0869 2088 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
21:50:27.0873 2088 sermouse - ok
21:50:27.0919 2088 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
21:50:27.0940 2088 SessionEnv - ok
21:50:27.0948 2088 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
21:50:27.0951 2088 sffdisk - ok
21:50:27.0959 2088 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
21:50:27.0963 2088 sffp_mmc - ok
21:50:27.0970 2088 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
21:50:27.0973 2088 sffp_sd - ok
21:50:27.0981 2088 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
21:50:27.0984 2088 sfloppy - ok
21:50:28.0256 2088 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
21:50:28.0265 2088 SftService - ok
21:50:28.0460 2088 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
21:50:28.0481 2088 SharedAccess - ok
21:50:28.0557 2088 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
21:50:28.0578 2088 ShellHWDetection - ok
21:50:28.0647 2088 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
21:50:28.0651 2088 SiSRaid2 - ok
21:50:28.0678 2088 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
21:50:28.0683 2088 SiSRaid4 - ok
21:50:28.0707 2088 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
21:50:28.0712 2088 Smb - ok
21:50:28.0747 2088 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
21:50:28.0752 2088 SNMPTRAP - ok
21:50:28.0772 2088 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
21:50:28.0774 2088 spldr - ok
21:50:28.0858 2088 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
21:50:28.0870 2088 Spooler - ok
21:50:29.0306 2088 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
21:50:29.0325 2088 sppsvc - ok
21:50:29.0490 2088 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
21:50:29.0497 2088 sppuinotify - ok
21:50:29.0604 2088 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
21:50:29.0625 2088 srv - ok
21:50:29.0693 2088 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
21:50:29.0707 2088 srv2 - ok
21:50:29.0760 2088 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
21:50:29.0777 2088 srvnet - ok
21:50:29.0826 2088 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
21:50:29.0840 2088 SSDPSRV - ok
21:50:29.0864 2088 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
21:50:29.0890 2088 SstpSvc - ok
21:50:30.0005 2088 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe
21:50:30.0011 2088 STacSV - ok
21:50:30.0097 2088 Steam Client Service - ok
21:50:30.0136 2088 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
21:50:30.0140 2088 stexstor - ok
21:50:30.0252 2088 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\windows\system32\DRIVERS\stwrt64.sys
21:50:30.0271 2088 STHDA - ok
21:50:30.0372 2088 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
21:50:30.0391 2088 stisvc - ok
21:50:30.0456 2088 stllssvr (7731f46ec0d687a931cba063e8f90ef0) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
21:50:30.0480 2088 stllssvr - ok
21:50:30.0538 2088 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
21:50:30.0540 2088 swenum - ok
21:50:30.0634 2088 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
21:50:30.0661 2088 swprv - ok
21:50:30.0866 2088 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
21:50:30.0924 2088 SysMain - ok
21:50:31.0080 2088 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
21:50:31.0104 2088 TabletInputService - ok
21:50:31.0156 2088 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
21:50:31.0169 2088 TapiSrv - ok
21:50:31.0199 2088 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
21:50:31.0206 2088 TBS - ok
21:50:31.0481 2088 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
21:50:31.0530 2088 Tcpip - ok
21:50:31.0896 2088 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
21:50:31.0920 2088 TCPIP6 - ok
21:50:32.0054 2088 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
21:50:32.0057 2088 tcpipreg - ok
21:50:32.0082 2088 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
21:50:32.0085 2088 TDPIPE - ok
21:50:32.0120 2088 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
21:50:32.0124 2088 TDTCP - ok
21:50:32.0174 2088 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
21:50:32.0193 2088 tdx - ok
21:50:32.0211 2088 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
21:50:32.0214 2088 TermDD - ok
21:50:32.0324 2088 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
21:50:32.0372 2088 TermService - ok
21:50:32.0416 2088 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
21:50:32.0422 2088 Themes - ok
21:50:32.0461 2088 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
21:50:32.0465 2088 THREADORDER - ok
21:50:32.0527 2088 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\windows\system32\DRIVERS\tmactmon.sys
21:50:32.0531 2088 tmactmon - ok
21:50:32.0582 2088 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\windows\system32\DRIVERS\tmcomm.sys
21:50:32.0586 2088 tmcomm - ok
21:50:32.0623 2088 tmeevw (1161f882b3cfa8076870a09924e0adc2) C:\windows\system32\DRIVERS\tmeevw.sys
21:50:32.0626 2088 tmeevw - ok
21:50:32.0646 2088 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\windows\system32\DRIVERS\tmevtmgr.sys
21:50:32.0649 2088 tmevtmgr - ok
21:50:32.0698 2088 tmnciesc (f0ae672ee91e7f1ef24644621b57ca7f) C:\windows\system32\DRIVERS\tmnciesc.sys
21:50:32.0703 2088 tmnciesc - ok
21:50:32.0748 2088 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\windows\system32\DRIVERS\tmtdi.sys
21:50:32.0752 2088 tmtdi - ok
21:50:32.0797 2088 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
21:50:32.0818 2088 TrkWks - ok
21:50:32.0896 2088 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
21:50:32.0900 2088 TrustedInstaller - ok
21:50:32.0947 2088 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
21:50:32.0950 2088 tssecsrv - ok
21:50:32.0993 2088 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
21:50:32.0997 2088 TsUsbFlt - ok
21:50:33.0006 2088 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
21:50:33.0010 2088 TsUsbGD - ok
21:50:33.0057 2088 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
21:50:33.0062 2088 tunnel - ok
21:50:33.0109 2088 TurboB (fd24f98d2898be093fe926604be7db99) C:\windows\system32\DRIVERS\TurboB.sys
21:50:33.0126 2088 TurboB - ok
21:50:33.0207 2088 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
21:50:33.0245 2088 TurboBoost - ok
21:50:33.0275 2088 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
21:50:33.0279 2088 uagp35 - ok
21:50:33.0341 2088 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
21:50:33.0352 2088 udfs - ok
21:50:33.0393 2088 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
21:50:33.0399 2088 UI0Detect - ok
21:50:33.0441 2088 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
21:50:33.0445 2088 uliagpkx - ok
21:50:33.0475 2088 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
21:50:33.0478 2088 umbus - ok
21:50:33.0495 2088 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
21:50:33.0498 2088 UmPass - ok
21:50:33.0897 2088 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:50:33.0910 2088 UNS - ok
21:50:34.0090 2088 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
21:50:34.0110 2088 upnphost - ok
21:50:34.0166 2088 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\windows\system32\DRIVERS\usbccgp.sys
21:50:34.0188 2088 usbccgp - ok
21:50:34.0239 2088 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
21:50:34.0262 2088 usbcir - ok
21:50:34.0312 2088 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
21:50:34.0316 2088 usbehci - ok
21:50:34.0402 2088 usbhub (8b892002d7b79312821169a14317ab86) C:\windows\system32\DRIVERS\usbhub.sys
21:50:34.0423 2088 usbhub - ok
21:50:34.0459 2088 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
21:50:34.0463 2088 usbohci - ok
21:50:34.0484 2088 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys
21:50:34.0488 2088 usbprint - ok
21:50:34.0522 2088 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
21:50:34.0545 2088 USBSTOR - ok
21:50:34.0577 2088 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
21:50:34.0581 2088 usbuhci - ok
21:50:34.0641 2088 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
21:50:34.0655 2088 usbvideo - ok
21:50:34.0689 2088 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
21:50:34.0694 2088 UxSms - ok
21:50:34.0742 2088 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
21:50:34.0746 2088 VaultSvc - ok
21:50:34.0773 2088 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
21:50:34.0775 2088 vdrvroot - ok
21:50:34.0855 2088 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
21:50:34.0879 2088 vds - ok
21:50:34.0905 2088 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
21:50:34.0909 2088 vga - ok
21:50:34.0930 2088 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
21:50:34.0933 2088 VgaSave - ok
21:50:34.0962 2088 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
21:50:34.0968 2088 vhdmp - ok
21:50:34.0976 2088 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
21:50:34.0979 2088 viaide - ok
21:50:35.0018 2088 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
21:50:35.0022 2088 volmgr - ok
21:50:35.0080 2088 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
21:50:35.0089 2088 volmgrx - ok
21:50:35.0136 2088 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
21:50:35.0144 2088 volsnap - ok
21:50:35.0181 2088 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
21:50:35.0197 2088 vsmraid - ok
21:50:35.0423 2088 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
21:50:35.0454 2088 VSS - ok
21:50:35.0605 2088 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
21:50:35.0609 2088 vwifibus - ok
21:50:35.0631 2088 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
21:50:35.0635 2088 vwififlt - ok
21:50:35.0659 2088 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
21:50:35.0661 2088 vwifimp - ok
21:50:35.0742 2088 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
21:50:35.0759 2088 W32Time - ok
21:50:35.0786 2088 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
21:50:35.0790 2088 WacomPen - ok
21:50:35.0838 2088 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
21:50:35.0842 2088 WANARP - ok
21:50:35.0848 2088 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
21:50:35.0852 2088 Wanarpv6 - ok
21:50:36.0079 2088 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
21:50:36.0112 2088 WatAdminSvc - ok
21:50:36.0323 2088 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
21:50:36.0372 2088 wbengine - ok
21:50:36.0537 2088 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
21:50:36.0549 2088 WbioSrvc - ok
21:50:36.0614 2088 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
21:50:36.0634 2088 wcncsvc - ok
21:50:36.0660 2088 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
21:50:36.0666 2088 WcsPlugInService - ok
21:50:36.0717 2088 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
21:50:36.0720 2088 Wd - ok
21:50:36.0811 2088 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
21:50:36.0825 2088 Wdf01000 - ok
21:50:36.0852 2088 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
21:50:36.0875 2088 WdiServiceHost - ok
21:50:36.0881 2088 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
21:50:36.0887 2088 WdiSystemHost - ok
21:50:36.0936 2088 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\windows\system32\DRIVERS\WDKMD.sys
21:50:36.0955 2088 wdkmd - ok
21:50:37.0007 2088 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
21:50:37.0026 2088 WebClient - ok
21:50:37.0068 2088 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
21:50:37.0090 2088 Wecsvc - ok
21:50:37.0117 2088 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
21:50:37.0123 2088 wercplsupport - ok
21:50:37.0165 2088 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
21:50:37.0171 2088 WerSvc - ok
21:50:37.0219 2088 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
21:50:37.0222 2088 WfpLwf - ok
21:50:37.0289 2088 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
21:50:37.0317 2088 WimFltr - ok
21:50:37.0355 2088 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
21:50:37.0358 2088 WIMMount - ok
21:50:37.0400 2088 WinDefend - ok
21:50:37.0415 2088 WinHttpAutoProxySvc - ok
21:50:37.0500 2088 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
21:50:37.0520 2088 Winmgmt - ok
21:50:37.0777 2088 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
21:50:37.0823 2088 WinRM - ok
21:50:38.0099 2088 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
21:50:38.0120 2088 Wlansvc - ok
21:50:38.0456 2088 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:50:38.0467 2088 wlidsvc - ok
21:50:38.0618 2088 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
21:50:38.0621 2088 WmiAcpi - ok
21:50:38.0702 2088 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
21:50:38.0716 2088 wmiApSrv - ok
21:50:38.0776 2088 WMPNetworkSvc - ok
21:50:38.0810 2088 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
21:50:38.0815 2088 WPCSvc - ok
21:50:38.0853 2088 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
21:50:38.0874 2088 WPDBusEnum - ok
21:50:38.0910 2088 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
21:50:38.0913 2088 ws2ifsl - ok
21:50:38.0944 2088 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
21:50:38.0950 2088 wscsvc - ok
21:50:38.0957 2088 WSearch - ok
21:50:39.0236 2088 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
21:50:39.0298 2088 wuauserv - ok
21:50:39.0481 2088 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
21:50:39.0502 2088 WudfPf - ok
21:50:39.0548 2088 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
21:50:39.0564 2088 WUDFRd - ok
21:50:39.0611 2088 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
21:50:39.0636 2088 wudfsvc - ok
21:50:39.0686 2088 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
21:50:39.0707 2088 WwanSvc - ok
21:50:39.0758 2088 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:50:39.0822 2088 \Device\Harddisk0\DR0 - ok
21:50:39.0828 2088 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0
21:50:39.0831 2088 \Device\Harddisk0\DR0\Partition0 - ok
21:50:39.0851 2088 Boot (0x1200) (ee42f7c86619002ace38c61235d702b7) \Device\Harddisk0\DR0\Partition1
21:50:39.0854 2088 \Device\Harddisk0\DR0\Partition1 - ok
21:50:39.0855 2088 ============================================================
21:50:39.0855 2088 Scan finished
21:50:39.0855 2088 ============================================================
21:50:39.0873 7360 Detected object count: 0
21:50:39.0873 7360 Actual detected object count: 0

#4 Silly_Me

Silly_Me

    New Member

  • Members
  • Pip
  • 4 posts

Posted 25 April 2012 - 05:47 PM

** ESET SCAN **

C:\Program Files (x86)\Cheat Engine 6.1\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB application cleaned by deleting - quarantined
C:\Program Files (x86)\DAEMON Tools Pro\Patch.exe a variant of Win32/HackTool.Patcher.U application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Scott\AppData\Local\TempDIR\BetterInstaller.exe.vir a variant of Win32/Somoto.A application cleaned by deleting - quarantined
C:\Users\Scott\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\4df630d-72cada89 Java/Exploit.Agent.NBD trojan deleted - quarantined
C:\Users\Scott\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\746ae456-59a808a3 Java/Exploit.Agent.NAZ trojan deleted - quarantined
C:\Users\Scott\Downloads\CheatEngine61.exe a variant of Win32/HackTool.CheatEngine.AB application deleted - quarantined
C:\Users\Scott\Downloads\DAEMONToolsPro500316-0317.exe Win32/OpenCandy application deleted - quarantined
C:\Users\Scott\Downloads\Dungeon Defenders 7_16c.iso multiple threats deleted - quarantined
C:\Users\Scott\Downloads\FreeYouTubeDownload.exe Win32/OpenCandy application deleted - quarantined

#5 boopme

boopme

    To Insanity and Beyond

  • Global Moderator
  • PipPipPipPipPipPip
  • 54,783 posts
  • Gender:Male
  • Location:NJ USA

Posted 25 April 2012 - 08:19 PM

Hello looks like you are infecting yourself from torrent downloads. They carry a very high probability of infection...

Looks clean now.

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u3-windows-i586.exe (or jre-7u3-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#6 Silly_Me

Silly_Me

    New Member

  • Members
  • Pip
  • 4 posts

Posted 26 April 2012 - 06:21 AM

OK, thank you very much boopme, was any of the infections dangerous? Do I need to change passwords or anything? Banking details etc.

It most likely is the torrent downloads, wont even deny it. I'll be more careful and considerate now. Thanks again, I really appreicate the help.

#7 boopme

boopme

    To Insanity and Beyond

  • Global Moderator
  • PipPipPipPipPipPip
  • 54,783 posts
  • Gender:Male
  • Location:NJ USA

Posted 26 April 2012 - 11:03 AM

Hello, I would advise you to avoid Torrent downloads,anything free on there is free at a price (malware).

This one is info sebitive and I would change passwords,,
But you did have an infecyion,a worm,Gen:Variant.Barys Worm: is a worm that spreads via removable drives and attempts to steal sensitive information from an affected computer.
If there wsas a removable drive put in here it either carried that in or will carry it to the next machine. It needs to be cleaned.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·