Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hacked email


  • Please log in to reply
5 replies to this topic

#1 thomas2345

thomas2345

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 13 June 2012 - 08:50 PM

Spam is being sent to the contacts in my Outlook contacts list from my email address. If I launch Outlook, minutes or hours later, I'll get returned mail from contacts that are outdated and active contacts have emailed back to let me know I've been hacked. My machine is running Windows 7 (32 bit) and Office 2007 Small Business (which includes the full version of Outlook.

You folks have been a great and much-appreciated help when my son's machine has picked up malware and I'm hoping you can help with this problem as well.

Best,

Tom Rossi

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:30 AM

Posted 13 June 2012 - 09:22 PM

Hello Tom.. ost likely you have Spoofed/Forged Email amd you need to change your email password and ket it die off.

But we will check for a malware cause too...



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 thomas2345

thomas2345
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 14 June 2012 - 07:14 PM

Hi,
Thanks for the quick reply. It definitely isn't a spoof or forgery. It's taking contacts from my Outlook contacts and sending from my account whenever Outlook is running. I actually was running a FULL Malwarebytes scan as I was writing the original post and it found a registry key item, which I removed. The toolbox and Malwarebytes logs follow:

MiniToolBox by Farbar Version: 09-06-2012
Ran by Tom (administrator) on 13-06-2012 at 21:03:10
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tom-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : oc.cox.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : oc.cox.net
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-1B-B9-A7-1B-E4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3094:2d44:e3d3:a453%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, June 13, 2012 6:38:30 AM
Lease Expires . . . . . . . . . . : Wednesday, June 20, 2012 6:38:30 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234888121
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-92-60-34-00-1B-B9-A7-1B-E4
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.oc.cox.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : oc.cox.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:343b:e04:b944:48cc(Preferred)
Link-local IPv6 Address . . . . . : fe80::343b:e04:b944:48cc%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: ar690w
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4000:801::1006
74.125.227.39
74.125.227.40
74.125.227.41
74.125.227.46
74.125.227.32
74.125.227.33
74.125.227.34
74.125.227.35
74.125.227.36
74.125.227.37
74.125.227.38


Pinging google.com [74.125.227.72] with 32 bytes of data:
Reply from 74.125.227.72: bytes=32 time=1740ms TTL=53
Reply from 74.125.227.72: bytes=32 time=45ms TTL=53

Ping statistics for 74.125.227.72:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 45ms, Maximum = 1740ms, Average = 892ms
Server: ar690w
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=205ms TTL=55
Reply from 72.30.38.140: bytes=32 time=23ms TTL=55

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 205ms, Average = 114ms
Server: ar690w
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 1b b9 a7 1b e4 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 276
192.168.1.102 255.255.255.255 On-link 192.168.1.102 276
192.168.1.255 255.255.255.255 On-link 192.168.1.102 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:5ef5:79fd:343b:e04:b944:48cc/128
On-link
10 276 fe80::/64 On-link
11 306 fe80::/64 On-link
10 276 fe80::3094:2d44:e3d3:a453/128
On-link
11 306 fe80::343b:e04:b944:48cc/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 M:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 M:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 M:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 M:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 M:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 M:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 M:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 M:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 M:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/13/2012 08:01:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/13/2012 08:00:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/12/2012 11:40:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/12/2012 11:40:22 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/11/2012 10:58:53 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7a4a7
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc0000005
Fault offset: 0x0003224d
Faulting process id: 0x12fc
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3

Error: (06/11/2012 01:37:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/11/2012 01:36:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/08/2012 00:35:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/08/2012 00:34:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/06/2012 11:01:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (06/13/2012 06:38:18 AM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (06/13/2012 06:38:18 AM) (Source: Service Control Manager) (User: )
Description: The Acronis Scheduler2 Service service failed to start due to the following error:
%%2

Error: (06/12/2012 08:15:37 AM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (06/12/2012 08:15:37 AM) (Source: Service Control Manager) (User: )
Description: The Acronis Scheduler2 Service service failed to start due to the following error:
%%2

Error: (06/11/2012 10:59:04 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (06/11/2012 08:36:14 AM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (06/11/2012 08:36:14 AM) (Source: Service Control Manager) (User: )
Description: The Acronis Scheduler2 Service service failed to start due to the following error:
%%2

Error: (06/10/2012 03:12:12 PM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (06/10/2012 03:12:12 PM) (Source: Service Control Manager) (User: )
Description: The Acronis Scheduler2 Service service failed to start due to the following error:
%%2

Error: (06/09/2012 03:08:19 PM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (03/08/2012 08:40:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 25 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/21/2011 04:31:58 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 50340 seconds with 120 seconds of active time. This session ended with a crash.

Error: (12/01/2011 06:02:01 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/13/2011 11:51:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 117931 seconds with 3480 seconds of active time. This session ended with a crash.

Error: (10/26/2011 01:14:14 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 61276 seconds with 2340 seconds of active time. This session ended with a crash.

Error: (10/14/2011 00:12:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7737 seconds with 3060 seconds of active time. This session ended with a crash.

Error: (04/08/2011 02:13:27 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 126111 seconds with 4020 seconds of active time. This session ended with a crash.

Error: (03/23/2011 10:58:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3117 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/13/2010 11:26:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 26850 seconds with 180 seconds of active time. This session ended with a crash.

Error: (05/13/2010 01:28:58 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 66153 seconds with 7260 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (Version: 9.0.0)
Adobe AIR (Version: 1.1.0.5790)
Adobe Flash Player 10 Plugin (Version: 10.0.2.54)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
Apple Application Support (Version: 2.1.5)
AVerMedia A188 PCIe TV Tuner 1.3.0.74 (Version: 1.3.0.74)
Boxee
BoxeeIntegration (Version: 1.0.0.0)
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
CCleaner (Version: 2.32)
CDDRV_Installer (Version: 4.60)
Combined Community Codec Pack 2010-10-10 (Version: 2010.10.10.0)
Cox Secure Online Backup for Windows (Version: 4.6.3619)
D3DX10 (Version: 15.4.2368.0902)
Disney Toontown Online (Version: )
EPSON Printer Software
EPSON Scan
erLT (Version: 1.20.0137)
Google Chrome (Version: 19.0.1084.56)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.99)
GoToMeeting 5.0.0.799 (Version: 5.0.0.799)
GrabIt 1.7.2 Beta 6 (build 1008)
HP Deskjet 3000 J310 series Basic Device Software (Version: 22.0.334.0)
Hulu Desktop (Version: 0.9.14)
HuluDesktopIntegration (Version: 1.0.0.0)
Internet TV for Windows Media Center (Version: 4.2.2.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
KhalInstallWrapper (Version: 2.00.0000)
LegalSounds Music Downloader 1.8
Lizardtech DjVu Control
Logitech Gaming Software 5.08 (Version: 5.08.146)
Logitech SetPoint (Version: 4.80)
Lyrics Plugin for Windows Media Player (Version: 0.4)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee SecurityCenter (Version: 11.0.678)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Conferencing Add-in for Microsoft Office Outlook (Version: 8.0.6362.187)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.149)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox (3.6) (Version: 3.6 (en-US))
MSVCRT (Version: 15.4.2862.0708)
Music Manager
Need for Speed™ SHIFT (Version: 1.0.0.0)
Netflix in Windows Media Center (Version: 3.3.101.0)
NVIDIA 3D Vision Controller Driver (Version: 275.33)
NVIDIA 3D Vision Controller Driver 275.33 (Version: 275.33)
NVIDIA 3D Vision Driver 275.33 (Version: 275.33)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.80.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.7533)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
OneTouch 4.0 (Version: 4.5.9.1125)
Open PLS in Windows Media Player 2.3.0 (Version: 2.3)
PlayReady PC Runtime x86 (Version: 1.3.0)
Portal
PowerISO
PVSonyDll (Version: 1.00.0001)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.65.17.80)
Realtek High Definition Audio Driver (Version: 6.0.1.5859)
Sid Meier's Civilization V
Skype™ 4.1 (Version: 4.1.179)
Steam (Version: 1.0.0.0)
System Requirements Lab
Tag&Rename 3.5.7 (Version: 3.5.7)
thinkorswim from TD AMERITRADE
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Veetle TV (Version: 0.9.19)
VZAccess Manager (Version: 7.2.11.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
WinRAR archiver
WModem Driver Installer
Xerox DocuMate 262 Driver (Version: 4.6.10034)
Xerox DocuMate 262i Driver (Version: 4.5.9.1009)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 3327.24 MB
Available physical RAM: 1575.66 MB
Total Pagefile: 6650.71 MB
Available Pagefile: 4474.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.11 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149.05 GB) (Free:78.23 GB) NTFS
8 Drive m: (Win 7 1TB Partition) (Fixed) (Total:931.5 GB) (Free:765.86 GB) NTFS

========================= Users: ========================================

User accounts for \\TOM-PC

Administrator Guest Tom
Tom2 UpdatusUser


**** End of log ****

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.14.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Tom :: TOM-PC [administrator]

Protection: Disabled

6/13/2012 6:36:23 PM
mbam-log-2012-06-13 (18-36-23).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 540529
Time elapsed: 3 hour(s), 36 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Run (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:30 AM

Posted 14 June 2012 - 09:14 PM

You should still change the password,

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


And run

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



I also noticed Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u5-windows-i586.exe (or jre-7u5-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 thomas2345

thomas2345
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 17 June 2012 - 05:13 PM

TDSSKiller found nothing. Log follows:

TDSSKiller.exe found

15:05:54.0751 4344 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
15:05:55.0351 4344 ============================================================
15:05:55.0351 4344 Current date / time: 2012/06/17 15:05:55.0351
15:05:55.0351 4344 SystemInfo:
15:05:55.0351 4344
15:05:55.0351 4344 OS Version: 6.1.7601 ServicePack: 1.0
15:05:55.0351 4344 Product type: Workstation
15:05:55.0351 4344 ComputerName: TOM-PC
15:05:55.0351 4344 UserName: Tom
15:05:55.0351 4344 Windows directory: M:\Windows
15:05:55.0351 4344 System windows directory: M:\Windows
15:05:55.0351 4344 Processor architecture: Intel x86
15:05:55.0351 4344 Number of processors: 2
15:05:55.0351 4344 Page size: 0x1000
15:05:55.0351 4344 Boot type: Normal boot
15:05:55.0351 4344 ============================================================
15:05:56.0421 4344 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:05:56.0431 4344 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:05:56.0551 4344 ============================================================
15:05:56.0551 4344 \Device\Harddisk0\DR0:
15:05:56.0551 4344 MBR partitions:
15:05:56.0551 4344 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A193C1
15:05:56.0551 4344 \Device\Harddisk1\DR1:
15:05:56.0551 4344 MBR partitions:
15:05:56.0551 4344 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x747020B0
15:05:56.0551 4344 ============================================================
15:05:56.0581 4344 C: <-> \Device\Harddisk0\DR0\Partition0
15:05:56.0591 4344 M: <-> \Device\Harddisk1\DR1\Partition0
15:05:56.0591 4344 ============================================================
15:05:56.0591 4344 Initialize success
15:05:56.0591 4344 ============================================================
15:06:04.0211 5372 ============================================================
15:06:04.0211 5372 Scan started
15:06:04.0211 5372 Mode: Manual; TDLFS;
15:06:04.0211 5372 ============================================================
15:06:05.0381 5372 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) M:\Windows\system32\drivers\1394ohci.sys
15:06:05.0381 5372 1394ohci - ok
15:06:05.0412 5372 ACPI (cea80c80bed809aa0da6febc04733349) M:\Windows\system32\drivers\ACPI.sys
15:06:05.0412 5372 ACPI - ok
15:06:05.0428 5372 AcpiPmi (1efbc664abff416d1d07db115dcb264f) M:\Windows\system32\drivers\acpipmi.sys
15:06:05.0428 5372 AcpiPmi - ok
15:06:05.0475 5372 AcrSch2Svc - ok
15:06:05.0521 5372 adfs - ok
15:06:05.0553 5372 adp94xx (21e785ebd7dc90a06391141aac7892fb) M:\Windows\system32\DRIVERS\adp94xx.sys
15:06:05.0553 5372 adp94xx - ok
15:06:05.0584 5372 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) M:\Windows\system32\DRIVERS\adpahci.sys
15:06:05.0584 5372 adpahci - ok
15:06:05.0615 5372 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) M:\Windows\system32\DRIVERS\adpu320.sys
15:06:05.0615 5372 adpu320 - ok
15:06:05.0646 5372 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) M:\Windows\System32\aelupsvc.dll
15:06:05.0646 5372 AeLookupSvc - ok
15:06:05.0677 5372 AFD (9ebbba55060f786f0fcaa3893bfa2806) M:\Windows\system32\drivers\afd.sys
15:06:05.0787 5372 AFD - ok
15:06:05.0833 5372 AgereModemAudio (6416f9b6b220f0a890525c38235afad7) M:\Program Files\LSI SoftModem\agrsmsvc.exe
15:06:05.0833 5372 AgereModemAudio - ok
15:06:05.0865 5372 AgereSoftModem (7560f465f1ce69c53bf17559ee195548) M:\Windows\system32\DRIVERS\AGRSM.sys
15:06:05.0880 5372 AgereSoftModem - ok
15:06:05.0896 5372 agp440 (507812c3054c21cef746b6ee3d04dd6e) M:\Windows\system32\drivers\agp440.sys
15:06:05.0896 5372 agp440 - ok
15:06:05.0911 5372 aic78xx (8b30250d573a8f6b4bd23195160d8707) M:\Windows\system32\DRIVERS\djsvs.sys
15:06:05.0911 5372 aic78xx - ok
15:06:05.0927 5372 ALG (18a54e132947cd98fea9accc57f98f13) M:\Windows\System32\alg.exe
15:06:05.0927 5372 ALG - ok
15:06:05.0958 5372 aliide (0d40bcf52ea90fc7df2aeab6503dea44) M:\Windows\system32\drivers\aliide.sys
15:06:05.0958 5372 aliide - ok
15:06:05.0974 5372 amdagp (3c6600a0696e90a463771c7422e23ab5) M:\Windows\system32\drivers\amdagp.sys
15:06:05.0974 5372 amdagp - ok
15:06:05.0989 5372 amdide (cd5914170297126b6266860198d1d4f0) M:\Windows\system32\drivers\amdide.sys
15:06:05.0989 5372 amdide - ok
15:06:06.0005 5372 AmdK8 (00dda200d71bac534bf56a9db5dfd666) M:\Windows\system32\DRIVERS\amdk8.sys
15:06:06.0005 5372 AmdK8 - ok
15:06:06.0005 5372 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) M:\Windows\system32\DRIVERS\amdppm.sys
15:06:06.0021 5372 AmdPPM - ok
15:06:06.0036 5372 amdsata (d320bf87125326f996d4904fe24300fc) M:\Windows\system32\drivers\amdsata.sys
15:06:06.0036 5372 amdsata - ok
15:06:06.0052 5372 amdsbs (ea43af0c423ff267355f74e7a53bdaba) M:\Windows\system32\DRIVERS\amdsbs.sys
15:06:06.0052 5372 amdsbs - ok
15:06:06.0067 5372 amdxata (46387fb17b086d16dea267d5be23a2f2) M:\Windows\system32\drivers\amdxata.sys
15:06:06.0083 5372 amdxata - ok
15:06:06.0099 5372 AppID (aea177f783e20150ace5383ee368da19) M:\Windows\system32\drivers\appid.sys
15:06:06.0099 5372 AppID - ok
15:06:06.0130 5372 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) M:\Windows\System32\appidsvc.dll
15:06:06.0130 5372 AppIDSvc - ok
15:06:06.0161 5372 Appinfo (fb1959012294d6ad43e5304df65e3c26) M:\Windows\System32\appinfo.dll
15:06:06.0161 5372 Appinfo - ok
15:06:06.0177 5372 AppMgmt (a45d184df6a8803da13a0b329517a64a) M:\Windows\System32\appmgmts.dll
15:06:06.0177 5372 AppMgmt - ok
15:06:06.0192 5372 arc (2932004f49677bd84dbc72edb754ffb3) M:\Windows\system32\DRIVERS\arc.sys
15:06:06.0192 5372 arc - ok
15:06:06.0208 5372 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) M:\Windows\system32\DRIVERS\arcsas.sys
15:06:06.0208 5372 arcsas - ok
15:06:06.0223 5372 AsyncMac (add2ade1c2b285ab8378d2daaf991481) M:\Windows\system32\DRIVERS\asyncmac.sys
15:06:06.0223 5372 AsyncMac - ok
15:06:06.0239 5372 atapi (338c86357871c167a96ab976519bf59e) M:\Windows\system32\drivers\atapi.sys
15:06:06.0239 5372 atapi - ok
15:06:06.0286 5372 ATIAVPCI (452cfcd5e87b8f18493461bb8a56a56b) M:\Windows\system32\DRIVERS\atinavrr.sys
15:06:06.0286 5372 ATIAVPCI - ok
15:06:06.0317 5372 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) M:\Windows\System32\Audiosrv.dll
15:06:06.0333 5372 AudioEndpointBuilder - ok
15:06:06.0333 5372 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) M:\Windows\System32\Audiosrv.dll
15:06:06.0333 5372 Audiosrv - ok
15:06:06.0395 5372 AVerBDA6x (17a49715a0e06c4c174ae19ac129f62e) M:\Windows\system32\DRIVERS\AVerBDA716x.sys
15:06:06.0411 5372 AVerBDA6x - ok
15:06:06.0426 5372 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) M:\Windows\System32\AxInstSV.dll
15:06:06.0426 5372 AxInstSV - ok
15:06:06.0473 5372 b06bdrv (1a231abec60fd316ec54c66715543cec) M:\Windows\system32\DRIVERS\bxvbdx.sys
15:06:06.0473 5372 b06bdrv - ok
15:06:06.0489 5372 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) M:\Windows\system32\DRIVERS\b57nd60x.sys
15:06:06.0504 5372 b57nd60x - ok
15:06:06.0520 5372 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) M:\Windows\System32\bdesvc.dll
15:06:06.0520 5372 BDESVC - ok
15:06:06.0535 5372 Beep (505506526a9d467307b3c393dedaf858) M:\Windows\system32\drivers\Beep.sys
15:06:06.0535 5372 Beep - ok
15:06:06.0582 5372 BFE (1e2bac209d184bb851e1a187d8a29136) M:\Windows\System32\bfe.dll
15:06:06.0582 5372 BFE - ok
15:06:06.0613 5372 BITS (e585445d5021971fae10393f0f1c3961) M:\Windows\system32\qmgr.dll
15:06:06.0629 5372 BITS - ok
15:06:06.0645 5372 blbdrive (2287078ed48fcfc477b05b20cf38f36f) M:\Windows\system32\DRIVERS\blbdrive.sys
15:06:06.0645 5372 blbdrive - ok
15:06:06.0660 5372 bowser (8f2da3028d5fcbd1a060a3de64cd6506) M:\Windows\system32\DRIVERS\bowser.sys
15:06:06.0660 5372 bowser - ok
15:06:06.0676 5372 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) M:\Windows\system32\DRIVERS\BrFiltLo.sys
15:06:06.0676 5372 BrFiltLo - ok
15:06:06.0676 5372 BrFiltUp (56801ad62213a41f6497f96dee83755a) M:\Windows\system32\DRIVERS\BrFiltUp.sys
15:06:06.0676 5372 BrFiltUp - ok
15:06:06.0910 5372 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) M:\Windows\system32\DRIVERS\bridge.sys
15:06:06.0910 5372 BridgeMP - ok
15:06:06.0941 5372 Browser (6e11f33d14d020f58d5e02e4d67dfa19) M:\Windows\System32\browser.dll
15:06:06.0941 5372 Browser - ok
15:06:06.0957 5372 Brserid (845b8ce732e67f3b4133164868c666ea) M:\Windows\System32\Drivers\Brserid.sys
15:06:06.0972 5372 Brserid - ok
15:06:06.0972 5372 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) M:\Windows\System32\Drivers\BrSerWdm.sys
15:06:06.0972 5372 BrSerWdm - ok
15:06:06.0988 5372 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) M:\Windows\System32\Drivers\BrUsbMdm.sys
15:06:07.0003 5372 BrUsbMdm - ok
15:06:07.0003 5372 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) M:\Windows\System32\Drivers\BrUsbSer.sys
15:06:07.0003 5372 BrUsbSer - ok
15:06:07.0019 5372 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) M:\Windows\system32\DRIVERS\bthmodem.sys
15:06:07.0019 5372 BTHMODEM - ok
15:06:07.0035 5372 bthserv (1df19c96eef6c29d1c3e1a8678e07190) M:\Windows\system32\bthserv.dll
15:06:07.0035 5372 bthserv - ok
15:06:07.0081 5372 catchme - ok
15:06:07.0097 5372 cdfs (77ea11b065e0a8ab902d78145ca51e10) M:\Windows\system32\DRIVERS\cdfs.sys
15:06:07.0097 5372 cdfs - ok
15:06:07.0144 5372 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) M:\Windows\system32\DRIVERS\cdrom.sys
15:06:07.0144 5372 cdrom - ok
15:06:07.0144 5372 CertPropSvc (319c6b309773d063541d01df8ac6f55f) M:\Windows\System32\certprop.dll
15:06:07.0144 5372 CertPropSvc - ok
15:06:07.0191 5372 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) M:\Windows\system32\drivers\cfwids.sys
15:06:07.0191 5372 cfwids - ok
15:06:07.0206 5372 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) M:\Windows\system32\DRIVERS\circlass.sys
15:06:07.0206 5372 circlass - ok
15:06:07.0222 5372 CLFS (635181e0e9bbf16871bf5380d71db02d) M:\Windows\system32\CLFS.sys
15:06:07.0237 5372 CLFS - ok
15:06:07.0269 5372 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) M:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:06:07.0269 5372 clr_optimization_v2.0.50727_32 - ok
15:06:07.0269 5372 CmBatt (dea805815e587dad1dd2c502220b5616) M:\Windows\system32\DRIVERS\CmBatt.sys
15:06:07.0269 5372 CmBatt - ok
15:06:07.0284 5372 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) M:\Windows\system32\drivers\cmdide.sys
15:06:07.0284 5372 cmdide - ok
15:06:07.0315 5372 CNG (6427525d76f61d0c519b008d3680e8e7) M:\Windows\system32\Drivers\cng.sys
15:06:07.0315 5372 CNG - ok
15:06:07.0331 5372 Compbatt (a6023d3823c37043986713f118a89bee) M:\Windows\system32\DRIVERS\compbatt.sys
15:06:07.0331 5372 Compbatt - ok
15:06:07.0362 5372 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) M:\Windows\system32\drivers\CompositeBus.sys
15:06:07.0362 5372 CompositeBus - ok
15:06:07.0362 5372 COMSysApp - ok
15:06:07.0378 5372 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) M:\Windows\system32\DRIVERS\crcdisk.sys
15:06:07.0378 5372 crcdisk - ok
15:06:07.0409 5372 CryptSvc (a585bebf7d054bd9618eda0922d5484a) M:\Windows\system32\cryptsvc.dll
15:06:07.0409 5372 CryptSvc - ok
15:06:07.0440 5372 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) M:\Windows\system32\drivers\csc.sys
15:06:07.0440 5372 CSC - ok
15:06:07.0471 5372 CscService (15f93b37f6801943360d9eb42485d5d3) M:\Windows\System32\cscsvc.dll
15:06:07.0487 5372 CscService - ok
15:06:07.0518 5372 DcomLaunch (7660f01d3b38aca1747e397d21d790af) M:\Windows\system32\rpcss.dll
15:06:07.0518 5372 DcomLaunch - ok
15:06:07.0549 5372 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) M:\Windows\System32\defragsvc.dll
15:06:07.0549 5372 defragsvc - ok
15:06:07.0581 5372 DfsC (f024449c97ec1e464aaffda18593db88) M:\Windows\system32\Drivers\dfsc.sys
15:06:07.0581 5372 DfsC - ok
15:06:07.0627 5372 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) M:\Windows\system32\dhcpcore.dll
15:06:07.0627 5372 Dhcp - ok
15:06:07.0659 5372 discache (1a050b0274bfb3890703d490f330c0da) M:\Windows\system32\drivers\discache.sys
15:06:07.0659 5372 discache - ok
15:06:07.0690 5372 Disk (565003f326f99802e68ca78f2a68e9ff) M:\Windows\system32\DRIVERS\disk.sys
15:06:07.0690 5372 Disk - ok
15:06:07.0705 5372 Dnscache (33ef4861f19a0736b11314aad9ae28d0) M:\Windows\System32\dnsrslvr.dll
15:06:07.0752 5372 Dnscache - ok
15:06:07.0783 5372 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) M:\Windows\System32\dot3svc.dll
15:06:07.0783 5372 dot3svc - ok
15:06:07.0815 5372 DPS (8ec04ca86f1d68da9e11952eb85973d6) M:\Windows\system32\dps.dll
15:06:07.0815 5372 DPS - ok
15:06:07.0830 5372 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) M:\Windows\system32\drivers\drmkaud.sys
15:06:07.0846 5372 drmkaud - ok
15:06:07.0877 5372 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) M:\Windows\System32\drivers\dxgkrnl.sys
15:06:07.0939 5372 DXGKrnl - ok
15:06:07.0939 5372 EapHost (8600142fa91c1b96367d3300ad0f3f3a) M:\Windows\System32\eapsvc.dll
15:06:07.0939 5372 EapHost - ok
15:06:08.0033 5372 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) M:\Windows\system32\DRIVERS\evbdx.sys
15:06:08.0064 5372 ebdrv - ok
15:06:08.0127 5372 EFS (81951f51e318aecc2d68559e47485cc4) M:\Windows\System32\lsass.exe
15:06:08.0127 5372 EFS - ok
15:06:08.0189 5372 ehRecvr (a8c362018efc87beb013ee28f29c0863) M:\Windows\ehome\ehRecvr.exe
15:06:08.0189 5372 ehRecvr - ok
15:06:08.0205 5372 ehSched (d389bff34f80caede417bf9d1507996a) M:\Windows\ehome\ehsched.exe
15:06:08.0205 5372 ehSched - ok
15:06:08.0251 5372 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) M:\Windows\system32\DRIVERS\elxstor.sys
15:06:08.0267 5372 elxstor - ok
15:06:08.0283 5372 ErrDev (8fc3208352dd3912c94367a206ab3f11) M:\Windows\system32\drivers\errdev.sys
15:06:08.0283 5372 ErrDev - ok
15:06:08.0314 5372 EventSystem (f6916efc29d9953d5d0df06882ae8e16) M:\Windows\system32\es.dll
15:06:08.0329 5372 EventSystem - ok
15:06:08.0329 5372 exfat (2dc9108d74081149cc8b651d3a26207f) M:\Windows\system32\drivers\exfat.sys
15:06:08.0345 5372 exfat - ok
15:06:08.0345 5372 fastfat (7e0ab74553476622fb6ae36f73d97d35) M:\Windows\system32\drivers\fastfat.sys
15:06:08.0345 5372 fastfat - ok
15:06:08.0392 5372 Fax (967ea5b213e9984cbe270205df37755b) M:\Windows\system32\fxssvc.exe
15:06:08.0392 5372 Fax - ok
15:06:08.0407 5372 fdc (e817a017f82df2a1f8cfdbda29388b29) M:\Windows\system32\DRIVERS\fdc.sys
15:06:08.0407 5372 fdc - ok
15:06:08.0423 5372 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) M:\Windows\system32\fdPHost.dll
15:06:08.0423 5372 fdPHost - ok
15:06:08.0439 5372 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) M:\Windows\system32\fdrespub.dll
15:06:08.0439 5372 FDResPub - ok
15:06:08.0439 5372 FileInfo (6cf00369c97f3cf563be99be983d13d8) M:\Windows\system32\drivers\fileinfo.sys
15:06:08.0439 5372 FileInfo - ok
15:06:08.0517 5372 FilesystemWatcher (f9aa751f149d4c646893547b7ba2572f) M:\Program Files\Cox\Secure Online Backup for Windows\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe
15:06:08.0517 5372 FilesystemWatcher - ok
15:06:08.0532 5372 Filetrace (42c51dc94c91da21cb9196eb64c45db9) M:\Windows\system32\drivers\filetrace.sys
15:06:08.0532 5372 Filetrace - ok
15:06:08.0579 5372 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) M:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:06:08.0579 5372 FLEXnet Licensing Service - ok
15:06:08.0595 5372 flpydisk (87907aa70cb3c56600f1c2fb8841579b) M:\Windows\system32\DRIVERS\flpydisk.sys
15:06:08.0595 5372 flpydisk - ok
15:06:08.0610 5372 FltMgr (7520ec808e0c35e0ee6f841294316653) M:\Windows\system32\drivers\fltmgr.sys
15:06:08.0610 5372 FltMgr - ok
15:06:08.0657 5372 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) M:\Windows\system32\FntCache.dll
15:06:08.0673 5372 FontCache - ok
15:06:08.0719 5372 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) M:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:06:08.0719 5372 FontCache3.0.0.0 - ok
15:06:08.0735 5372 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) M:\Windows\system32\drivers\FsDepends.sys
15:06:08.0735 5372 FsDepends - ok
15:06:08.0751 5372 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) M:\Windows\system32\drivers\Fs_Rec.sys
15:06:08.0751 5372 Fs_Rec - ok
15:06:08.0782 5372 fvevol (8a73e79089b282100b9393b644cb853b) M:\Windows\system32\DRIVERS\fvevol.sys
15:06:08.0782 5372 fvevol - ok
15:06:08.0797 5372 gagp30kx (65ee0c7a58b65e74ae05637418153938) M:\Windows\system32\DRIVERS\gagp30kx.sys
15:06:08.0797 5372 gagp30kx - ok
15:06:08.0844 5372 gpsvc (e897eaf5ed6ba41e081060c9b447a673) M:\Windows\System32\gpsvc.dll
15:06:08.0844 5372 gpsvc - ok
15:06:08.0922 5372 gupdate (8f0de4fef8201e306f9938b0905ac96a) M:\Program Files\Google\Update\GoogleUpdate.exe
15:06:08.0922 5372 gupdate - ok
15:06:08.0953 5372 gupdatem (8f0de4fef8201e306f9938b0905ac96a) M:\Program Files\Google\Update\GoogleUpdate.exe
15:06:08.0953 5372 gupdatem - ok
15:06:08.0969 5372 gusvc (cc839e8d766cc31a7710c9f38cf3e375) M:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:06:08.0969 5372 gusvc - ok
15:06:08.0985 5372 hcw85cir (c44e3c2bab6837db337ddee7544736db) M:\Windows\system32\drivers\hcw85cir.sys
15:06:08.0985 5372 hcw85cir - ok
15:06:09.0016 5372 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) M:\Windows\system32\drivers\HdAudio.sys
15:06:09.0016 5372 HdAudAddService - ok
15:06:09.0047 5372 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) M:\Windows\system32\drivers\HDAudBus.sys
15:06:09.0047 5372 HDAudBus - ok
15:06:09.0063 5372 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) M:\Windows\system32\DRIVERS\HidBatt.sys
15:06:09.0063 5372 HidBatt - ok
15:06:09.0063 5372 HidBth (89448f40e6df260c206a193a4683ba78) M:\Windows\system32\DRIVERS\hidbth.sys
15:06:09.0078 5372 HidBth - ok
15:06:09.0094 5372 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) M:\Windows\system32\DRIVERS\hidir.sys
15:06:09.0094 5372 HidIr - ok
15:06:09.0109 5372 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) M:\Windows\System32\hidserv.dll
15:06:09.0109 5372 hidserv - ok
15:06:09.0125 5372 HidUsb (10c19f8290891af023eaec0832e1eb4d) M:\Windows\system32\DRIVERS\hidusb.sys
15:06:09.0125 5372 HidUsb - ok
15:06:09.0156 5372 hkmsvc (196b4e3f4cccc24af836ce58facbb699) M:\Windows\system32\kmsvc.dll
15:06:09.0156 5372 hkmsvc - ok
15:06:09.0172 5372 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) M:\Windows\system32\ListSvc.dll
15:06:09.0172 5372 HomeGroupListener - ok
15:06:09.0203 5372 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) M:\Windows\system32\provsvc.dll
15:06:09.0203 5372 HomeGroupProvider - ok
15:06:09.0234 5372 HpSAMD (295fdc419039090eb8b49ffdbb374549) M:\Windows\system32\drivers\HpSAMD.sys
15:06:09.0234 5372 HpSAMD - ok
15:06:09.0265 5372 HTTP (871917b07a141bff43d76d8844d48106) M:\Windows\system32\drivers\HTTP.sys
15:06:09.0281 5372 HTTP - ok
15:06:09.0297 5372 hwpolicy (0c4e035c7f105f1299258c90886c64c5) M:\Windows\system32\drivers\hwpolicy.sys
15:06:09.0297 5372 hwpolicy - ok
15:06:09.0312 5372 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) M:\Windows\system32\drivers\i8042prt.sys
15:06:09.0312 5372 i8042prt - ok
15:06:09.0343 5372 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) M:\Windows\system32\drivers\iaStorV.sys
15:06:09.0359 5372 iaStorV - ok
15:06:09.0421 5372 idsvc (c521d7eb6497bb1af6afa89e322fb43c) M:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:06:09.0421 5372 idsvc - ok
15:06:09.0484 5372 iirsp (4173ff5708f3236cf25195fecd742915) M:\Windows\system32\DRIVERS\iirsp.sys
15:06:09.0484 5372 iirsp - ok
15:06:09.0515 5372 IKEEXT (f95622f161474511b8d80d6b093aa610) M:\Windows\System32\ikeext.dll
15:06:09.0531 5372 IKEEXT - ok
15:06:09.0640 5372 IntcAzAudAddService (8b27c21412ae4404eb0acfe1d98579ec) M:\Windows\system32\drivers\RTKVHDA.sys
15:06:09.0656 5372 IntcAzAudAddService - ok
15:06:09.0718 5372 intelide (a0f12f2c9ba6c72f3987ce780e77c130) M:\Windows\system32\drivers\intelide.sys
15:06:09.0718 5372 intelide - ok
15:06:09.0749 5372 intelppm (3b514d27bfc4accb4037bc6685f766e0) M:\Windows\system32\DRIVERS\intelppm.sys
15:06:09.0749 5372 intelppm - ok
15:06:09.0765 5372 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) M:\Windows\system32\ipbusenum.dll
15:06:09.0765 5372 IPBusEnum - ok
15:06:09.0780 5372 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) M:\Windows\system32\DRIVERS\ipfltdrv.sys
15:06:09.0780 5372 IpFilterDriver - ok
15:06:09.0827 5372 iphlpsvc (4d65a07b795d6674312f879d09aa7663) M:\Windows\System32\iphlpsvc.dll
15:06:09.0827 5372 iphlpsvc - ok
15:06:09.0843 5372 IPMIDRV (4bd7134618c1d2a27466a099062547bf) M:\Windows\system32\drivers\IPMIDrv.sys
15:06:09.0843 5372 IPMIDRV - ok
15:06:09.0858 5372 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) M:\Windows\system32\drivers\ipnat.sys
15:06:09.0858 5372 IPNAT - ok
15:06:09.0874 5372 IRENUM (42996cff20a3084a56017b7902307e9f) M:\Windows\system32\drivers\irenum.sys
15:06:09.0874 5372 IRENUM - ok
15:06:09.0874 5372 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) M:\Windows\system32\drivers\isapnp.sys
15:06:09.0890 5372 isapnp - ok
15:06:09.0905 5372 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) M:\Windows\system32\drivers\msiscsi.sys
15:06:09.0905 5372 iScsiPrt - ok
15:06:09.0921 5372 kbdclass (adef52ca1aeae82b50df86b56413107e) M:\Windows\system32\DRIVERS\kbdclass.sys
15:06:09.0921 5372 kbdclass - ok
15:06:09.0936 5372 kbdhid (9e3ced91863e6ee98c24794d05e27a71) M:\Windows\system32\DRIVERS\kbdhid.sys
15:06:10.0030 5372 kbdhid - ok
15:06:10.0046 5372 KeyIso (81951f51e318aecc2d68559e47485cc4) M:\Windows\system32\lsass.exe
15:06:10.0046 5372 KeyIso - ok
15:06:10.0046 5372 KSecDD (f4647bb23db9038a7536cf6b68f4207f) M:\Windows\system32\Drivers\ksecdd.sys
15:06:10.0046 5372 KSecDD - ok
15:06:10.0061 5372 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) M:\Windows\system32\Drivers\ksecpkg.sys
15:06:10.0061 5372 KSecPkg - ok
15:06:10.0077 5372 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) M:\Windows\system32\msdtckrm.dll
15:06:10.0092 5372 KtmRm - ok
15:06:10.0124 5372 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) M:\Windows\System32\srvsvc.dll
15:06:10.0124 5372 LanmanServer - ok
15:06:10.0139 5372 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) M:\Windows\System32\wkssvc.dll
15:06:10.0139 5372 LanmanWorkstation - ok
15:06:10.0202 5372 LBTServ (3af6b73a3ad1fc37c5933441f66ceb91) M:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
15:06:10.0202 5372 LBTServ - ok
15:06:10.0233 5372 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) M:\Windows\system32\DRIVERS\LHidFilt.Sys
15:06:10.0233 5372 LHidFilt - ok
15:06:10.0248 5372 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) M:\Windows\system32\DRIVERS\lltdio.sys
15:06:10.0248 5372 lltdio - ok
15:06:10.0280 5372 lltdsvc (5700673e13a2117fa3b9020c852c01e2) M:\Windows\System32\lltdsvc.dll
15:06:10.0280 5372 lltdsvc - ok
15:06:10.0295 5372 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) M:\Windows\System32\lmhsvc.dll
15:06:10.0295 5372 lmhosts - ok
15:06:10.0326 5372 LMouFilt (ab33792a87285344f43b5ce23421bab0) M:\Windows\system32\DRIVERS\LMouFilt.Sys
15:06:10.0326 5372 LMouFilt - ok
15:06:10.0358 5372 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) M:\Windows\system32\DRIVERS\lsi_fc.sys
15:06:10.0358 5372 LSI_FC - ok
15:06:10.0358 5372 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) M:\Windows\system32\DRIVERS\lsi_sas.sys
15:06:10.0373 5372 LSI_SAS - ok
15:06:10.0373 5372 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) M:\Windows\system32\DRIVERS\lsi_sas2.sys
15:06:10.0373 5372 LSI_SAS2 - ok
15:06:10.0389 5372 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) M:\Windows\system32\DRIVERS\lsi_scsi.sys
15:06:10.0389 5372 LSI_SCSI - ok
15:06:10.0404 5372 luafv (6703e366cc18d3b6e534f5cf7df39cee) M:\Windows\system32\drivers\luafv.sys
15:06:10.0404 5372 luafv - ok
15:06:10.0420 5372 LUsbFilt (77030525cd86a93f1af34fa9b96d33ce) M:\Windows\system32\Drivers\LUsbFilt.Sys
15:06:10.0420 5372 LUsbFilt - ok
15:06:10.0451 5372 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) M:\Windows\system32\drivers\mbam.sys
15:06:10.0451 5372 MBAMProtector - ok
15:06:10.0498 5372 MBAMService (ba400ed640bca1eae5c727ae17c10207) M:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:06:10.0514 5372 MBAMService - ok
15:06:10.0560 5372 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) M:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:06:10.0560 5372 McAfee SiteAdvisor Service - ok
15:06:10.0560 5372 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) M:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:06:10.0576 5372 McMPFSvc - ok
15:06:10.0592 5372 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) M:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:06:10.0592 5372 mcmscsvc - ok
15:06:10.0607 5372 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) M:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:06:10.0607 5372 McNaiAnn - ok
15:06:10.0623 5372 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) M:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:06:10.0623 5372 McNASvc - ok
15:06:10.0688 5372 McODS (135aa9e9e7047b7dc1f753205d421a26) M:\Program Files\McAfee\VirusScan\mcods.exe
15:06:10.0688 5372 McODS - ok
15:06:10.0688 5372 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) M:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:06:10.0698 5372 McProxy - ok
15:06:10.0718 5372 McShield (593fa4c378818ece76ba64a11ad56cf2) M:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:06:10.0718 5372 McShield - ok
15:06:10.0768 5372 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) M:\Windows\system32\Mcx2Svc.dll
15:06:10.0778 5372 Mcx2Svc - ok
15:06:10.0798 5372 megasas (0fff5b045293002ab38eb1fd1fc2fb74) M:\Windows\system32\DRIVERS\megasas.sys
15:06:10.0808 5372 megasas - ok
15:06:10.0828 5372 MegaSR (dcbab2920c75f390caf1d29f675d03d6) M:\Windows\system32\DRIVERS\MegaSR.sys
15:06:10.0838 5372 MegaSR - ok
15:06:10.0868 5372 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) M:\Windows\system32\drivers\mfeapfk.sys
15:06:10.0868 5372 mfeapfk - ok
15:06:10.0888 5372 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) M:\Windows\system32\drivers\mfeavfk.sys
15:06:10.0888 5372 mfeavfk - ok
15:06:10.0908 5372 mfeavfk01 - ok
15:06:10.0918 5372 mfebopk (0435c43f4c2be01b84868ad2a906397b) M:\Windows\system32\drivers\mfebopk.sys
15:06:10.0918 5372 mfebopk - ok
15:06:10.0948 5372 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) M:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:06:11.0008 5372 mfefire - ok
15:06:11.0028 5372 mfefirek (4ea6ff90015424517843e931448e00f1) M:\Windows\system32\drivers\mfefirek.sys
15:06:11.0028 5372 mfefirek - ok
15:06:11.0058 5372 mfehidk (d1e998748ba24a731106611d535c6bbf) M:\Windows\system32\drivers\mfehidk.sys
15:06:11.0068 5372 mfehidk - ok
15:06:11.0078 5372 mfenlfk (ac04a618aef3de0fce91c766f9e069da) M:\Windows\system32\DRIVERS\mfenlfk.sys
15:06:11.0078 5372 mfenlfk - ok
15:06:11.0098 5372 mferkdet (f454a13377f0a006d20a8c14a753c432) M:\Windows\system32\drivers\mferkdet.sys
15:06:11.0108 5372 mferkdet - ok
15:06:11.0128 5372 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) M:\Windows\system32\drivers\mferkdk.sys
15:06:11.0128 5372 mferkdk - ok
15:06:11.0148 5372 mfesmfk (096b52ea918aa909ba5903d79e129005) M:\Windows\system32\drivers\mfesmfk.sys
15:06:11.0148 5372 mfesmfk - ok
15:06:11.0178 5372 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) M:\Windows\system32\mfevtps.exe
15:06:11.0178 5372 mfevtp - ok
15:06:11.0198 5372 mfewfpk (f284337aedb7483df8a5fa840647e2b0) M:\Windows\system32\drivers\mfewfpk.sys
15:06:11.0198 5372 mfewfpk - ok
15:06:11.0208 5372 MMCSS (146b6f43a673379a3c670e86d89be5ea) M:\Windows\system32\mmcss.dll
15:06:11.0218 5372 MMCSS - ok
15:06:11.0228 5372 Modem (f001861e5700ee84e2d4e52c712f4964) M:\Windows\system32\drivers\modem.sys
15:06:11.0228 5372 Modem - ok
15:06:11.0258 5372 monitor (79d10964de86b292320e9dfe02282a23) M:\Windows\system32\DRIVERS\monitor.sys
15:06:11.0258 5372 monitor - ok
15:06:11.0298 5372 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) M:\Windows\system32\DRIVERS\mouclass.sys
15:06:11.0298 5372 mouclass - ok
15:06:11.0318 5372 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) M:\Windows\system32\DRIVERS\mouhid.sys
15:06:11.0318 5372 mouhid - ok
15:06:11.0338 5372 mountmgr (fc8771f45ecccfd89684e38842539b9b) M:\Windows\system32\drivers\mountmgr.sys
15:06:11.0338 5372 mountmgr - ok
15:06:11.0368 5372 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) M:\Windows\system32\drivers\mpio.sys
15:06:11.0368 5372 mpio - ok
15:06:11.0378 5372 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) M:\Windows\system32\drivers\mpsdrv.sys
15:06:11.0378 5372 mpsdrv - ok
15:06:11.0418 5372 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) M:\Windows\system32\mpssvc.dll
15:06:11.0418 5372 MpsSvc - ok
15:06:11.0448 5372 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) M:\Windows\system32\drivers\mrxdav.sys
15:06:11.0448 5372 MRxDAV - ok
15:06:11.0468 5372 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) M:\Windows\system32\DRIVERS\mrxsmb.sys
15:06:11.0478 5372 mrxsmb - ok
15:06:11.0498 5372 mrxsmb10 (6d17a4791aca19328c685d256349fefc) M:\Windows\system32\DRIVERS\mrxsmb10.sys
15:06:11.0498 5372 mrxsmb10 - ok
15:06:11.0518 5372 mrxsmb20 (b81f204d146000be76651a50670a5e9e) M:\Windows\system32\DRIVERS\mrxsmb20.sys
15:06:11.0518 5372 mrxsmb20 - ok
15:06:11.0528 5372 msahci (012c5f4e9349e711e11e0f19a8589f0a) M:\Windows\system32\drivers\msahci.sys
15:06:11.0528 5372 msahci - ok
15:06:11.0548 5372 msdsm (55055f8ad8be27a64c831322a780a228) M:\Windows\system32\drivers\msdsm.sys
15:06:11.0548 5372 msdsm - ok
15:06:11.0568 5372 MSDTC (e1bce74a3bd9902b72599c0192a07e27) M:\Windows\System32\msdtc.exe
15:06:11.0578 5372 MSDTC - ok
15:06:11.0598 5372 Msfs (daefb28e3af5a76abcc2c3078c07327f) M:\Windows\system32\drivers\Msfs.sys
15:06:11.0598 5372 Msfs - ok
15:06:11.0608 5372 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) M:\Windows\System32\drivers\mshidkmdf.sys
15:06:11.0608 5372 mshidkmdf - ok
15:06:11.0628 5372 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) M:\Windows\system32\drivers\msisadrv.sys
15:06:11.0628 5372 msisadrv - ok
15:06:11.0658 5372 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) M:\Windows\system32\iscsiexe.dll
15:06:11.0658 5372 MSiSCSI - ok
15:06:11.0658 5372 msiserver - ok
15:06:11.0678 5372 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) M:\Windows\system32\drivers\MSKSSRV.sys
15:06:11.0678 5372 MSKSSRV - ok
15:06:11.0698 5372 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) M:\Windows\system32\drivers\MSPCLOCK.sys
15:06:11.0698 5372 MSPCLOCK - ok
15:06:11.0708 5372 MSPQM (f456e973590d663b1073e9c463b40932) M:\Windows\system32\drivers\MSPQM.sys
15:06:11.0708 5372 MSPQM - ok
15:06:11.0718 5372 MsRPC (0e008fc4819d238c51d7c93e7b41e560) M:\Windows\system32\drivers\MsRPC.sys
15:06:11.0718 5372 MsRPC - ok
15:06:11.0748 5372 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) M:\Windows\system32\drivers\mssmbios.sys
15:06:11.0748 5372 mssmbios - ok
15:06:11.0758 5372 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) M:\Windows\system32\drivers\MSTEE.sys
15:06:11.0758 5372 MSTEE - ok
15:06:11.0768 5372 MTConfig (33599130f44e1f34631cea241de8ac84) M:\Windows\system32\DRIVERS\MTConfig.sys
15:06:11.0768 5372 MTConfig - ok
15:06:11.0778 5372 Mup (159fad02f64e6381758c990f753bcc80) M:\Windows\system32\Drivers\mup.sys
15:06:11.0778 5372 Mup - ok
15:06:11.0808 5372 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) M:\Windows\system32\qagentRT.dll
15:06:11.0818 5372 napagent - ok
15:06:11.0848 5372 NativeWifiP (26384429fcd85d83746f63e798ab1480) M:\Windows\system32\DRIVERS\nwifi.sys
15:06:11.0848 5372 NativeWifiP - ok
15:06:11.0878 5372 NDIS (e7c54812a2aaf43316eb6930c1ffa108) M:\Windows\system32\drivers\ndis.sys
15:06:11.0888 5372 NDIS - ok
15:06:11.0898 5372 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) M:\Windows\system32\DRIVERS\ndiscap.sys
15:06:11.0898 5372 NdisCap - ok
15:06:11.0928 5372 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) M:\Windows\system32\DRIVERS\ndistapi.sys
15:06:11.0928 5372 NdisTapi - ok
15:06:11.0958 5372 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) M:\Windows\system32\DRIVERS\ndisuio.sys
15:06:11.0958 5372 Ndisuio - ok
15:06:11.0978 5372 NdisWan (38fbe267e7e6983311179230facb1017) M:\Windows\system32\DRIVERS\ndiswan.sys
15:06:11.0988 5372 NdisWan - ok
15:06:12.0008 5372 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) M:\Windows\system32\drivers\NDProxy.sys
15:06:12.0008 5372 NDProxy - ok
15:06:12.0028 5372 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) M:\Windows\system32\DRIVERS\netbios.sys
15:06:12.0028 5372 NetBIOS - ok
15:06:12.0038 5372 NetBT (280122ddcf04b378edd1ad54d71c1e54) M:\Windows\system32\DRIVERS\netbt.sys
15:06:12.0038 5372 NetBT - ok
15:06:12.0068 5372 Netlogon (81951f51e318aecc2d68559e47485cc4) M:\Windows\system32\lsass.exe
15:06:12.0068 5372 Netlogon - ok
15:06:12.0108 5372 Netman (7cccfca7510684768da22092d1fa4db2) M:\Windows\System32\netman.dll
15:06:12.0108 5372 Netman - ok
15:06:12.0128 5372 netprofm (8c338238c16777a802d6a9211eb2ba50) M:\Windows\System32\netprofm.dll
15:06:12.0138 5372 netprofm - ok
15:06:12.0178 5372 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) M:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:06:12.0178 5372 NetTcpPortSharing - ok
15:06:12.0208 5372 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) M:\Windows\system32\DRIVERS\nfrd960.sys
15:06:12.0208 5372 nfrd960 - ok
15:06:12.0228 5372 NlaSvc (912084381d30d8b89ec4e293053f4710) M:\Windows\System32\nlasvc.dll
15:06:12.0238 5372 NlaSvc - ok
15:06:12.0248 5372 Npfs (1db262a9f8c087e8153d89bef3d2235f) M:\Windows\system32\drivers\Npfs.sys
15:06:12.0248 5372 Npfs - ok
15:06:12.0258 5372 nsi (ba387e955e890c8a88306d9b8d06bf17) M:\Windows\system32\nsisvc.dll
15:06:12.0258 5372 nsi - ok
15:06:12.0268 5372 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) M:\Windows\system32\drivers\nsiproxy.sys
15:06:12.0268 5372 nsiproxy - ok
15:06:12.0308 5372 Ntfs (81189c3d7763838e55c397759d49007a) M:\Windows\system32\drivers\Ntfs.sys
15:06:12.0328 5372 Ntfs - ok
15:06:12.0378 5372 Null (f9756a98d69098dca8945d62858a812c) M:\Windows\system32\drivers\Null.sys
15:06:12.0388 5372 Null - ok
15:06:12.0668 5372 nvlddmkm (847b1755f7757f825305a1ffe6dac3e9) M:\Windows\system32\DRIVERS\nvlddmkm.sys
15:06:12.0731 5372 nvlddmkm - ok
15:06:12.0778 5372 nvraid (b3e25ee28883877076e0e1ff877d02e0) M:\Windows\system32\drivers\nvraid.sys
15:06:12.0778 5372 nvraid - ok
15:06:12.0793 5372 nvstor (4380e59a170d88c4f1022eff6719a8a4) M:\Windows\system32\drivers\nvstor.sys
15:06:12.0793 5372 nvstor - ok
15:06:12.0840 5372 nvsvc (7c732aff202dcd06c3d262966d71604c) M:\Windows\system32\nvvsvc.exe
15:06:12.0856 5372 nvsvc - ok
15:06:12.0949 5372 nvUpdatusService (262d2fbf211a88dcb84249df0f6ef6e7) M:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:06:12.0965 5372 nvUpdatusService - ok
15:06:13.0027 5372 nv_agp (5a0983915f02bae73267cc2a041f717d) M:\Windows\system32\drivers\nv_agp.sys
15:06:13.0027 5372 nv_agp - ok
15:06:13.0090 5372 odserv (785f487a64950f3cb8e9f16253ba3b7b) M:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:06:13.0105 5372 odserv - ok
15:06:13.0121 5372 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) M:\Windows\system32\drivers\ohci1394.sys
15:06:13.0121 5372 ohci1394 - ok
15:06:13.0152 5372 OneTouch 4.0 Monitor (242ac4eaa7e18097dcefc80227ce38c0) M:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
15:06:13.0152 5372 OneTouch 4.0 Monitor - ok
15:06:13.0199 5372 OnlineBackupSchedulerService (9922cd051dd426c7ac2ccb757d747bdf) M:\Program Files\Cox\Secure Online Backup for Windows\Scheduler\OnlineBackup.SchedulerService.exe
15:06:13.0199 5372 OnlineBackupSchedulerService - ok
15:06:13.0214 5372 ose (5a432a042dae460abe7199b758e8606c) M:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:06:13.0214 5372 ose - ok
15:06:13.0246 5372 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) M:\Windows\system32\pnrpsvc.dll
15:06:13.0246 5372 p2pimsvc - ok
15:06:13.0277 5372 p2psvc (59c3ddd501e39e006dac31bf55150d91) M:\Windows\system32\p2psvc.dll
15:06:13.0277 5372 p2psvc - ok
15:06:13.0308 5372 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) M:\Windows\system32\DRIVERS\parport.sys
15:06:13.0308 5372 Parport - ok
15:06:13.0324 5372 partmgr (3f34a1b4c5f6475f320c275e63afce9b) M:\Windows\system32\drivers\partmgr.sys
15:06:13.0324 5372 partmgr - ok
15:06:13.0339 5372 Parvdm (eb0a59f29c19b86479d36b35983daadc) M:\Windows\system32\DRIVERS\parvdm.sys
15:06:13.0339 5372 Parvdm - ok
15:06:13.0355 5372 PcaSvc (358ab7956d3160000726574083dfc8a6) M:\Windows\System32\pcasvc.dll
15:06:13.0355 5372 PcaSvc - ok
15:06:13.0386 5372 pci (673e55c3498eb970088e812ea820aa8f) M:\Windows\system32\drivers\pci.sys
15:06:13.0386 5372 pci - ok
15:06:13.0386 5372 pciide (afe86f419014db4e5593f69ffe26ce0a) M:\Windows\system32\drivers\pciide.sys
15:06:13.0402 5372 pciide - ok
15:06:13.0402 5372 pcmcia (f396431b31693e71e8a80687ef523506) M:\Windows\system32\DRIVERS\pcmcia.sys
15:06:13.0417 5372 pcmcia - ok
15:06:13.0448 5372 pcouffin (5b6c11de7e839c05248ced8825470fef) M:\Windows\system32\Drivers\pcouffin.sys
15:06:13.0448 5372 pcouffin - ok
15:06:13.0448 5372 pcw (250f6b43d2b613172035c6747aeeb19f) M:\Windows\system32\drivers\pcw.sys
15:06:13.0448 5372 pcw - ok
15:06:13.0495 5372 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) M:\Windows\system32\drivers\peauth.sys
15:06:13.0495 5372 PEAUTH - ok
15:06:13.0542 5372 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) M:\Windows\system32\peerdistsvc.dll
15:06:13.0558 5372 PeerDistSvc - ok
15:06:13.0620 5372 pla (414bba67a3ded1d28437eb66aeb8a720) M:\Windows\system32\pla.dll
15:06:13.0636 5372 pla - ok
15:06:13.0714 5372 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) M:\Windows\system32\umpnpmgr.dll
15:06:13.0729 5372 PlugPlay - ok
15:06:13.0745 5372 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) M:\Windows\system32\pnrpauto.dll
15:06:13.0745 5372 PNRPAutoReg - ok
15:06:13.0760 5372 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) M:\Windows\system32\pnrpsvc.dll
15:06:13.0760 5372 PNRPsvc - ok
15:06:13.0776 5372 PolicyAgent (53946b69ba0836bd95b03759530c81ec) M:\Windows\System32\ipsecsvc.dll
15:06:13.0807 5372 PolicyAgent - ok
15:06:13.0838 5372 Power (f87d30e72e03d579a5199ccb3831d6ea) M:\Windows\system32\umpo.dll
15:06:13.0854 5372 Power - ok
15:06:13.0870 5372 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) M:\Windows\system32\DRIVERS\raspptp.sys
15:06:13.0885 5372 PptpMiniport - ok
15:06:13.0885 5372 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) M:\Windows\system32\DRIVERS\processr.sys
15:06:13.0885 5372 Processor - ok
15:06:13.0916 5372 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) M:\Windows\system32\profsvc.dll
15:06:13.0916 5372 ProfSvc - ok
15:06:13.0932 5372 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) M:\Windows\system32\lsass.exe
15:06:13.0932 5372 ProtectedStorage - ok
15:06:13.0963 5372 Psched (6270ccae2a86de6d146529fe55b3246a) M:\Windows\system32\DRIVERS\pacer.sys
15:06:13.0963 5372 Psched - ok
15:06:14.0010 5372 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) M:\Windows\system32\DRIVERS\ql2300.sys
15:06:14.0010 5372 ql2300 - ok
15:06:14.0041 5372 ql40xx (b4dd51dd25182244b86737dc51af2270) M:\Windows\system32\DRIVERS\ql40xx.sys
15:06:14.0041 5372 ql40xx - ok
15:06:14.0057 5372 QWAVE (31ac809e7707eb580b2bdb760390765a) M:\Windows\system32\qwave.dll
15:06:14.0057 5372 QWAVE - ok
15:06:14.0072 5372 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) M:\Windows\system32\drivers\qwavedrv.sys
15:06:14.0072 5372 QWAVEdrv - ok
15:06:14.0072 5372 RasAcd (30a81b53c766d0133bb86d234e5556ab) M:\Windows\system32\DRIVERS\rasacd.sys
15:06:14.0072 5372 RasAcd - ok
15:06:14.0088 5372 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) M:\Windows\system32\DRIVERS\AgileVpn.sys
15:06:14.0088 5372 RasAgileVpn - ok
15:06:14.0104 5372 RasAuto (a60f1839849c0c00739787fd5ec03f13) M:\Windows\System32\rasauto.dll
15:06:14.0104 5372 RasAuto - ok
15:06:14.0119 5372 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) M:\Windows\system32\DRIVERS\rasl2tp.sys
15:06:14.0135 5372 Rasl2tp - ok
15:06:14.0166 5372 RasMan (cb9e04dc05eacf5b9a36ca276d475006) M:\Windows\System32\rasmans.dll
15:06:14.0166 5372 RasMan - ok
15:06:14.0182 5372 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) M:\Windows\system32\DRIVERS\raspppoe.sys
15:06:14.0182 5372 RasPppoe - ok
15:06:14.0197 5372 RasSstp (44101f495a83ea6401d886e7fd70096b) M:\Windows\system32\DRIVERS\rassstp.sys
15:06:14.0197 5372 RasSstp - ok
15:06:14.0213 5372 rdbss (d528bc58a489409ba40334ebf96a311b) M:\Windows\system32\DRIVERS\rdbss.sys
15:06:14.0213 5372 rdbss - ok
15:06:14.0228 5372 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) M:\Windows\system32\DRIVERS\rdpbus.sys
15:06:14.0228 5372 rdpbus - ok
15:06:14.0244 5372 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) M:\Windows\system32\DRIVERS\RDPCDD.sys
15:06:14.0244 5372 RDPCDD - ok
15:06:14.0244 5372 RDPDR (b973fcfc50dc1434e1970a146f7e3885) M:\Windows\system32\drivers\rdpdr.sys
15:06:14.0244 5372 RDPDR - ok
15:06:14.0275 5372 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) M:\Windows\system32\drivers\rdpencdd.sys
15:06:14.0275 5372 RDPENCDD - ok
15:06:14.0275 5372 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) M:\Windows\system32\drivers\rdprefmp.sys
15:06:14.0275 5372 RDPREFMP - ok
15:06:14.0306 5372 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) M:\Windows\system32\drivers\rdpvideominiport.sys
15:06:14.0306 5372 RdpVideoMiniport - ok
15:06:14.0338 5372 RDPWD (f031683e6d1fea157abb2ff260b51e61) M:\Windows\system32\drivers\RDPWD.sys
15:06:14.0338 5372 RDPWD - ok
15:06:14.0369 5372 rdyboost (518395321dc96fe2c9f0e96ac743b656) M:\Windows\system32\drivers\rdyboost.sys
15:06:14.0369 5372 rdyboost - ok
15:06:14.0384 5372 RemoteAccess (7b5e1419717fac363a31cc302895217a) M:\Windows\System32\mprdim.dll
15:06:14.0384 5372 RemoteAccess - ok
15:06:14.0400 5372 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) M:\Windows\system32\regsvc.dll
15:06:14.0400 5372 RemoteRegistry - ok
15:06:14.0416 5372 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) M:\Windows\System32\RpcEpMap.dll
15:06:14.0416 5372 RpcEptMapper - ok
15:06:14.0431 5372 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) M:\Windows\system32\locator.exe
15:06:14.0431 5372 RpcLocator - ok
15:06:14.0462 5372 RpcSs (7660f01d3b38aca1747e397d21d790af) M:\Windows\system32\rpcss.dll
15:06:14.0462 5372 RpcSs - ok
15:06:14.0478 5372 rspndr (032b0d36ad92b582d869879f5af5b928) M:\Windows\system32\DRIVERS\rspndr.sys
15:06:14.0478 5372 rspndr - ok
15:06:14.0509 5372 RTL8167 (94a48c15d32d69867f03894a4e70a87a) M:\Windows\system32\DRIVERS\Rt86win7.sys
15:06:14.0525 5372 RTL8167 - ok
15:06:14.0540 5372 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) M:\Windows\system32\drivers\vms3cap.sys
15:06:14.0540 5372 s3cap - ok
15:06:14.0556 5372 SamSs (81951f51e318aecc2d68559e47485cc4) M:\Windows\system32\lsass.exe
15:06:14.0556 5372 SamSs - ok
15:06:14.0587 5372 sbp2port (05d860da1040f111503ac416ccef2bca) M:\Windows\system32\drivers\sbp2port.sys
15:06:14.0587 5372 sbp2port - ok
15:06:14.0603 5372 SCardSvr (8fc518ffe9519c2631d37515a68009c4) M:\Windows\System32\SCardSvr.dll
15:06:14.0603 5372 SCardSvr - ok
15:06:14.0634 5372 SCDEmu (a73ae2510014103a44a5a58845219dcb) M:\Windows\system32\drivers\SCDEmu.sys
15:06:14.0634 5372 SCDEmu - ok
15:06:14.0650 5372 scfilter (0693b5ec673e34dc147e195779a4dcf6) M:\Windows\system32\DRIVERS\scfilter.sys
15:06:14.0665 5372 scfilter - ok
15:06:14.0696 5372 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) M:\Windows\system32\schedsvc.dll
15:06:14.0712 5372 Schedule - ok
15:06:14.0743 5372 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) M:\Windows\System32\certprop.dll
15:06:14.0743 5372 SCPolicySvc - ok
15:06:14.0759 5372 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) M:\Windows\System32\SDRSVC.dll
15:06:14.0759 5372 SDRSVC - ok
15:06:14.0790 5372 secdrv (90a3935d05b494a5a39d37e71f09a677) M:\Windows\system32\drivers\secdrv.sys
15:06:14.0790 5372 secdrv - ok
15:06:14.0806 5372 seclogon (a59b3a4442c52060cc7a85293aa3546f) M:\Windows\system32\seclogon.dll
15:06:14.0806 5372 seclogon - ok
15:06:14.0821 5372 SENS (dcb7fcdcc97f87360f75d77425b81737) M:\Windows\system32\sens.dll
15:06:14.0821 5372 SENS - ok
15:06:14.0837 5372 SensrSvc (50087fe1ee447009c9cc2997b90de53f) M:\Windows\system32\sensrsvc.dll
15:06:14.0837 5372 SensrSvc - ok
15:06:14.0852 5372 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) M:\Windows\system32\DRIVERS\serenum.sys
15:06:14.0852 5372 Serenum - ok
15:06:14.0868 5372 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) M:\Windows\system32\DRIVERS\serial.sys
15:06:14.0868 5372 Serial - ok
15:06:14.0884 5372 sermouse (79bffb520327ff916a582dfea17aa813) M:\Windows\system32\DRIVERS\sermouse.sys
15:06:14.0884 5372 sermouse - ok
15:06:14.0930 5372 SessionEnv (4ae380f39a0032eab7dd953030b26d28) M:\Windows\system32\sessenv.dll
15:06:14.0930 5372 SessionEnv - ok
15:06:14.0946 5372 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) M:\Windows\system32\drivers\sffdisk.sys
15:06:14.0946 5372 sffdisk - ok
15:06:14.0962 5372 sffp_mmc (932a68ee27833cfd57c1639d375f2731) M:\Windows\system32\drivers\sffp_mmc.sys
15:06:14.0962 5372 sffp_mmc - ok
15:06:14.0977 5372 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) M:\Windows\system32\drivers\sffp_sd.sys
15:06:14.0977 5372 sffp_sd - ok
15:06:14.0977 5372 sfloppy (db96666cc8312ebc45032f30b007a547) M:\Windows\system32\DRIVERS\sfloppy.sys
15:06:14.0977 5372 sfloppy - ok
15:06:15.0008 5372 SharedAccess (d1a079a0de2ea524513b6930c24527a2) M:\Windows\System32\ipnathlp.dll
15:06:15.0008 5372 SharedAccess - ok
15:06:15.0040 5372 ShellHWDetection (414da952a35bf5d50192e28263b40577) M:\Windows\System32\shsvcs.dll
15:06:15.0040 5372 ShellHWDetection - ok
15:06:15.0055 5372 sisagp (2565cac0dc9fe0371bdce60832582b2e) M:\Windows\system32\drivers\sisagp.sys
15:06:15.0055 5372 sisagp - ok
15:06:15.0086 5372 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) M:\Windows\system32\DRIVERS\SiSRaid2.sys
15:06:15.0086 5372 SiSRaid2 - ok
15:06:15.0102 5372 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) M:\Windows\system32\DRIVERS\sisraid4.sys
15:06:15.0102 5372 SiSRaid4 - ok
15:06:15.0133 5372 Smb (3e21c083b8a01cb70ba1f09303010fce) M:\Windows\system32\DRIVERS\smb.sys
15:06:15.0133 5372 Smb - ok
15:06:15.0164 5372 SMSIVZAM5 (1e715247efffdda938c085913045d599) M:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
15:06:15.0164 5372 SMSIVZAM5 - ok
15:06:15.0196 5372 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) M:\Windows\System32\snmptrap.exe
15:06:15.0196 5372 SNMPTRAP - ok
15:06:15.0211 5372 spldr (95cf1ae7527fb70f7816563cbc09d942) M:\Windows\system32\drivers\spldr.sys
15:06:15.0211 5372 spldr - ok
15:06:15.0242 5372 Spooler (866a43013535dc8587c258e43579c764) M:\Windows\System32\spoolsv.exe
15:06:15.0242 5372 Spooler - ok
15:06:15.0352 5372 sppsvc (cf87a1de791347e75b98885214ced2b8) M:\Windows\system32\sppsvc.exe
15:06:15.0383 5372 sppsvc - ok
15:06:15.0430 5372 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) M:\Windows\system32\sppuinotify.dll
15:06:15.0430 5372 sppuinotify - ok
15:06:15.0476 5372 srv (e4c2764065d66ea1d2d3ebc28fe99c46) M:\Windows\system32\DRIVERS\srv.sys
15:06:15.0476 5372 srv - ok
15:06:15.0508 5372 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) M:\Windows\system32\DRIVERS\srv2.sys
15:06:15.0508 5372 srv2 - ok
15:06:15.0508 5372 srvnet (be6bd660caa6f291ae06a718a4fa8abc) M:\Windows\system32\DRIVERS\srvnet.sys
15:06:15.0523 5372 srvnet - ok
15:06:15.0523 5372 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) M:\Windows\System32\ssdpsrv.dll
15:06:15.0539 5372 SSDPSRV - ok
15:06:15.0539 5372 SstpSvc (d318f23be45d5e3a107469eb64815b50) M:\Windows\system32\sstpsvc.dll
15:06:15.0554 5372 SstpSvc - ok
15:06:15.0601 5372 Steam Client Service - ok
15:06:15.0664 5372 Stereo Service (6086b60f2e36d06a063cb07ed0524332) M:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:06:15.0664 5372 Stereo Service - ok
15:06:15.0679 5372 stexstor (db32d325c192b801df274bfd12a7e72b) M:\Windows\system32\DRIVERS\stexstor.sys
15:06:15.0695 5372 stexstor - ok
15:06:15.0726 5372 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) M:\Windows\System32\wiaservc.dll
15:06:15.0726 5372 StiSvc - ok
15:06:15.0757 5372 storflt (472af0311073dceceaa8fa18ba2bdf89) M:\Windows\system32\drivers\vmstorfl.sys
15:06:15.0757 5372 storflt - ok
15:06:15.0773 5372 storvsc (dcaffd62259e0bdb433dd67b5bb37619) M:\Windows\system32\drivers\storvsc.sys
15:06:15.0773 5372 storvsc - ok
15:06:15.0788 5372 swenum (e58c78a848add9610a4db6d214af5224) M:\Windows\system32\drivers\swenum.sys
15:06:15.0788 5372 swenum - ok
15:06:15.0804 5372 swprv (a28bd92df340e57b024ba433165d34d7) M:\Windows\System32\swprv.dll
15:06:15.0820 5372 swprv - ok
15:06:15.0820 5372 Synth3dVsc - ok
15:06:15.0866 5372 SysMain (36650d618ca34c9d357dfd3d89b2c56f) M:\Windows\system32\sysmain.dll
15:06:15.0882 5372 SysMain - ok
15:06:15.0898 5372 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) M:\Windows\System32\TabSvc.dll
15:06:15.0898 5372 TabletInputService - ok
15:06:15.0929 5372 TapiSrv (613bf4820361543956909043a265c6ac) M:\Windows\System32\tapisrv.dll
15:06:15.0929 5372 TapiSrv - ok
15:06:15.0944 5372 TBS (b799d9fdb26111737f58288d8dc172d9) M:\Windows\System32\tbssvc.dll
15:06:15.0944 5372 TBS - ok
15:06:16.0022 5372 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) M:\Windows\system32\drivers\tcpip.sys
15:06:16.0038 5372 Tcpip - ok
15:06:16.0116 5372 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) M:\Windows\system32\DRIVERS\tcpip.sys
15:06:16.0116 5372 TCPIP6 - ok
15:06:16.0147 5372 tcpipreg (cca24162e055c3714ce5a88b100c64ed) M:\Windows\system32\drivers\tcpipreg.sys
15:06:16.0147 5372 tcpipreg - ok
15:06:16.0178 5372 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) M:\Windows\system32\drivers\tdpipe.sys
15:06:16.0178 5372 TDPIPE - ok
15:06:16.0194 5372 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) M:\Windows\system32\drivers\tdtcp.sys
15:06:16.0194 5372 TDTCP - ok
15:06:16.0210 5372 tdx (b459575348c20e8121d6039da063c704) M:\Windows\system32\DRIVERS\tdx.sys
15:06:16.0210 5372 tdx - ok
15:06:16.0225 5372 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) M:\Windows\system32\drivers\termdd.sys
15:06:16.0225 5372 TermDD - ok
15:06:16.0256 5372 TermService (382c804c92811be57829d8e550a900e2) M:\Windows\System32\termsrv.dll
15:06:16.0272 5372 TermService - ok
15:06:16.0272 5372 Themes (42fb6afd6b79d9fe07381609172e7ca4) M:\Windows\system32\themeservice.dll
15:06:16.0288 5372 Themes - ok
15:06:16.0303 5372 THREADORDER (146b6f43a673379a3c670e86d89be5ea) M:\Windows\system32\mmcss.dll
15:06:16.0303 5372 THREADORDER - ok
15:06:16.0319 5372 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) M:\Windows\System32\trkwks.dll
15:06:16.0319 5372 TrkWks - ok
15:06:16.0334 5372 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) M:\Windows\servicing\TrustedInstaller.exe
15:06:16.0334 5372 TrustedInstaller - ok
15:06:16.0350 5372 tssecsrv (254bb140eee3c59d6114c1a86b636877) M:\Windows\system32\DRIVERS\tssecsrv.sys
15:06:16.0350 5372 tssecsrv - ok
15:06:16.0366 5372 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) M:\Windows\system32\drivers\tsusbflt.sys
15:06:16.0366 5372 TsUsbFlt - ok
15:06:16.0366 5372 tsusbhub - ok
15:06:16.0397 5372 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) M:\Windows\system32\DRIVERS\tunnel.sys
15:06:16.0397 5372 tunnel - ok
15:06:16.0412 5372 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) M:\Windows\system32\DRIVERS\uagp35.sys
15:06:16.0412 5372 uagp35 - ok
15:06:16.0444 5372 udfs (ee43346c7e4b5e63e54f927babbb32ff) M:\Windows\system32\DRIVERS\udfs.sys
15:06:16.0444 5372 udfs - ok
15:06:16.0459 5372 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) M:\Windows\system32\UI0Detect.exe
15:06:16.0459 5372 UI0Detect - ok
15:06:16.0475 5372 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) M:\Windows\system32\drivers\uliagpkx.sys
15:06:16.0475 5372 uliagpkx - ok
15:06:16.0506 5372 umbus (d295bed4b898f0fd999fcfa9b32b071b) M:\Windows\system32\drivers\umbus.sys
15:06:16.0506 5372 umbus - ok
15:06:16.0506 5372 UmPass (7550ad0c6998ba1cb4843e920ee0feac) M:\Windows\system32\DRIVERS\umpass.sys
15:06:16.0506 5372 UmPass - ok
15:06:16.0537 5372 UmRdpService (409994a8eaceee4e328749c0353527a0) M:\Windows\System32\umrdp.dll
15:06:16.0537 5372 UmRdpService - ok
15:06:16.0568 5372 upnphost (833fbb672460efce8011d262175fad33) M:\Windows\System32\upnphost.dll
15:06:16.0568 5372 upnphost - ok
15:06:16.0584 5372 USB28xxBGA - ok
15:06:16.0584 5372 USB28xxOEM - ok
15:06:16.0631 5372 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) M:\Windows\system32\DRIVERS\usbccgp.sys
15:06:16.0631 5372 usbccgp - ok
15:06:16.0662 5372 usbcir (04ec7cec62ec3b6d9354eee93327fc82) M:\Windows\system32\drivers\usbcir.sys
15:06:16.0662 5372 usbcir - ok
15:06:16.0678 5372 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) M:\Windows\system32\DRIVERS\usbehci.sys
15:06:16.0678 5372 usbehci - ok
15:06:16.0709 5372 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) M:\Windows\system32\DRIVERS\usbhub.sys
15:06:16.0709 5372 usbhub - ok
15:06:16.0724 5372 usbohci (a6fb7957ea7afb1165991e54ce934b74) M:\Windows\system32\DRIVERS\usbohci.sys
15:06:16.0724 5372 usbohci - ok
15:06:16.0787 5372 USBPNPA (41b758cff0a3c10a69e088f440677399) M:\Windows\system32\drivers\CM108.sys
15:06:16.0802 5372 USBPNPA - ok
15:06:16.0865 5372 usbprint (797d862fe0875e75c7cc4c1ad7b30252) M:\Windows\system32\DRIVERS\usbprint.sys
15:06:16.0865 5372 usbprint - ok
15:06:16.0896 5372 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) M:\Windows\system32\DRIVERS\usbscan.sys
15:06:16.0896 5372 usbscan - ok
15:06:16.0927 5372 USBSTOR (f991ab9cc6b908db552166768176896a) M:\Windows\system32\DRIVERS\USBSTOR.SYS
15:06:16.0927 5372 USBSTOR - ok
15:06:16.0974 5372 usbuhci (68df884cf41cdada664beb01daf67e3d) M:\Windows\system32\DRIVERS\usbuhci.sys
15:06:16.0974 5372 usbuhci - ok
15:06:17.0068 5372 UxSms (081e6e1c91aec36758902a9f727cd23c) M:\Windows\System32\uxsms.dll
15:06:17.0114 5372 UxSms - ok
15:06:17.0177 5372 VaultSvc (81951f51e318aecc2d68559e47485cc4) M:\Windows\system32\lsass.exe
15:06:17.0177 5372 VaultSvc - ok
15:06:17.0208 5372 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) M:\Windows\system32\drivers\vdrvroot.sys
15:06:17.0208 5372 vdrvroot - ok
15:06:17.0239 5372 vds (c3cd30495687c2a2f66a65ca6fd89be9) M:\Windows\System32\vds.exe
15:06:17.0302 5372 vds - ok
15:06:17.0317 5372 vga (17c408214ea61696cec9c66e388b14f3) M:\Windows\system32\DRIVERS\vgapnp.sys
15:06:17.0317 5372 vga - ok
15:06:17.0333 5372 VgaSave (8e38096ad5c8570a6f1570a61e251561) M:\Windows\System32\drivers\vga.sys
15:06:17.0333 5372 VgaSave - ok
15:06:17.0333 5372 VGPU - ok
15:06:17.0348 5372 vhdmp (5461686cca2fda57b024547733ab42e3) M:\Windows\system32\drivers\vhdmp.sys
15:06:17.0364 5372 vhdmp - ok
15:06:17.0380 5372 viaagp (c829317a37b4bea8f39735d4b076e923) M:\Windows\system32\drivers\viaagp.sys
15:06:17.0380 5372 viaagp - ok
15:06:17.0395 5372 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) M:\Windows\system32\DRIVERS\viac7.sys
15:06:17.0395 5372 ViaC7 - ok
15:06:17.0411 5372 viaide (e43574f6a56a0ee11809b48c09e4fd3c) M:\Windows\system32\drivers\viaide.sys
15:06:17.0411 5372 viaide - ok
15:06:17.0426 5372 vmbus (c2f2911156fdc7817c52829c86da494e) M:\Windows\system32\drivers\vmbus.sys
15:06:17.0426 5372 vmbus - ok
15:06:17.0442 5372 VMBusHID (d4d77455211e204f370d08f4963063ce) M:\Windows\system32\drivers\VMBusHID.sys
15:06:17.0442 5372 VMBusHID - ok
15:06:17.0458 5372 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) M:\Windows\system32\drivers\volmgr.sys
15:06:17.0458 5372 volmgr - ok
15:06:17.0489 5372 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) M:\Windows\system32\drivers\volmgrx.sys
15:06:17.0489 5372 volmgrx - ok
15:06:17.0504 5372 volsnap (f497f67932c6fa693d7de2780631cfe7) M:\Windows\system32\drivers\volsnap.sys
15:06:17.0504 5372 volsnap - ok
15:06:17.0504 5372 vpnva - ok
15:06:17.0536 5372 vsmraid (9dfa0cc2f8855a04816729651175b631) M:\Windows\system32\DRIVERS\vsmraid.sys
15:06:17.0536 5372 vsmraid - ok
15:06:17.0582 5372 VSS (209a3b1901b83aeb8527ed211cce9e4c) M:\Windows\system32\vssvc.exe
15:06:17.0582 5372 VSS - ok
15:06:17.0598 5372 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) M:\Windows\System32\drivers\vwifibus.sys
15:06:17.0598 5372 vwifibus - ok
15:06:17.0629 5372 W32Time (55187fd710e27d5095d10a472c8baf1c) M:\Windows\system32\w32time.dll
15:06:17.0629 5372 W32Time - ok
15:06:17.0645 5372 WacomPen (de3721e89c653aa281428c8a69745d90) M:\Windows\system32\DRIVERS\wacompen.sys
15:06:17.0645 5372 WacomPen - ok
15:06:17.0676 5372 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) M:\Windows\system32\DRIVERS\wanarp.sys
15:06:17.0676 5372 WANARP - ok
15:06:17.0676 5372 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) M:\Windows\system32\DRIVERS\wanarp.sys
15:06:17.0676 5372 Wanarpv6 - ok
15:06:17.0726 5372 wbengine (691e3285e53dca558e1a84667f13e15a) M:\Windows\system32\wbengine.exe
15:06:17.0746 5372 wbengine - ok
15:06:17.0756 5372 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) M:\Windows\System32\wbiosrvc.dll
15:06:17.0756 5372 WbioSrvc - ok
15:06:17.0786 5372 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) M:\Windows\System32\wcncsvc.dll
15:06:17.0786 5372 wcncsvc - ok
15:06:17.0796 5372 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) M:\Windows\System32\WcsPlugInService.dll
15:06:17.0806 5372 WcsPlugInService - ok
15:06:17.0826 5372 Wd (1112a9badacb47b7c0bb0392e3158dff) M:\Windows\system32\DRIVERS\wd.sys
15:06:17.0826 5372 Wd - ok
15:06:17.0856 5372 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) M:\Windows\system32\drivers\Wdf01000.sys
15:06:17.0856 5372 Wdf01000 - ok
15:06:17.0876 5372 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) M:\Windows\system32\wdi.dll
15:06:17.0876 5372 WdiServiceHost - ok
15:06:17.0886 5372 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) M:\Windows\system32\wdi.dll
15:06:17.0886 5372 WdiSystemHost - ok
15:06:17.0906 5372 WebClient (a9d880f97530d5b8fee278923349929d) M:\Windows\System32\webclnt.dll
15:06:17.0916 5372 WebClient - ok
15:06:17.0926 5372 Wecsvc (760f0afe937a77cff27153206534f275) M:\Windows\system32\wecsvc.dll
15:06:17.0936 5372 Wecsvc - ok
15:06:17.0946 5372 wercplsupport (ac804569bb2364fb6017370258a4091b) M:\Windows\System32\wercplsupport.dll
15:06:17.0946 5372 wercplsupport - ok
15:06:17.0966 5372 WerSvc (08e420d873e4fd85241ee2421b02c4a4) M:\Windows\System32\WerSvc.dll
15:06:17.0976 5372 WerSvc - ok
15:06:17.0996 5372 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) M:\Windows\system32\DRIVERS\wfplwf.sys
15:06:17.0996 5372 WfpLwf - ok
15:06:18.0006 5372 WIMMount (5cf95b35e59e2a38023836fff31be64c) M:\Windows\system32\drivers\wimmount.sys
15:06:18.0006 5372 WIMMount - ok
15:06:18.0076 5372 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) M:\Program Files\Windows Defender\mpsvc.dll
15:06:18.0076 5372 WinDefend - ok
15:06:18.0086 5372 WinHttpAutoProxySvc - ok
15:06:18.0126 5372 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) M:\Windows\system32\wbem\WMIsvc.dll
15:06:18.0126 5372 Winmgmt - ok
15:06:18.0166 5372 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) M:\Windows\system32\WsmSvc.dll
15:06:18.0186 5372 WinRM - ok
15:06:18.0226 5372 Wlansvc (16935c98ff639d185086a3529b1f2067) M:\Windows\System32\wlansvc.dll
15:06:18.0236 5372 Wlansvc - ok
15:06:18.0286 5372 wlcrasvc (6067acef367e79914af628fa1e9b5330) M:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:06:18.0286 5372 wlcrasvc - ok
15:06:18.0406 5372 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) M:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:06:18.0416 5372 wlidsvc - ok
15:06:18.0486 5372 WmBEnum (84a90f13eebf4380345ef9474d30f10e) M:\Windows\system32\drivers\WmBEnum.sys
15:06:18.0486 5372 WmBEnum - ok
15:06:18.0506 5372 WmFilter (eb0034ac02a44dc784a3174d2b81e764) M:\Windows\system32\drivers\WmFilter.sys
15:06:18.0506 5372 WmFilter - ok
15:06:18.0526 5372 WmHidLo (31d2906d59f127654964be334b615720) M:\Windows\system32\drivers\WmHidLo.sys
15:06:18.0526 5372 WmHidLo - ok
15:06:18.0546 5372 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) M:\Windows\system32\drivers\wmiacpi.sys
15:06:18.0556 5372 WmiAcpi - ok
15:06:18.0596 5372 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) M:\Windows\system32\wbem\WmiApSrv.exe
15:06:18.0596 5372 wmiApSrv - ok
15:06:18.0696 5372 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) M:\Program Files\Windows Media Player\wmpnetwk.exe
15:06:18.0706 5372 WMPNetworkSvc - ok
15:06:18.0746 5372 WmVirHid (72c4f5a748c74d8d4016ccfa7367210f) M:\Windows\system32\drivers\WmVirHid.sys
15:06:18.0746 5372 WmVirHid - ok
15:06:18.0766 5372 WmXlCore (eacdcced934a185e61ce0684f71c2dec) M:\Windows\system32\drivers\WmXlCore.sys
15:06:18.0766 5372 WmXlCore - ok
15:06:18.0796 5372 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) M:\Windows\System32\wpcsvc.dll
15:06:18.0796 5372 WPCSvc - ok
15:06:18.0816 5372 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) M:\Windows\system32\wpdbusenum.dll
15:06:18.0816 5372 WPDBusEnum - ok
15:06:18.0826 5372 ws2ifsl (6db3276587b853bf886b69528fdb048c) M:\Windows\system32\drivers\ws2ifsl.sys
15:06:18.0826 5372 ws2ifsl - ok
15:06:18.0836 5372 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) M:\Windows\system32\wscsvc.dll
15:06:18.0846 5372 wscsvc - ok
15:06:18.0846 5372 WSearch - ok
15:06:18.0926 5372 wuauserv (3026418a50c5b4761befa632cedb7406) M:\Windows\system32\wuaueng.dll
15:06:18.0946 5372 wuauserv - ok
15:06:19.0006 5372 WudfPf (e714a1c0354636837e20ccbf00888ee7) M:\Windows\system32\drivers\WudfPf.sys
15:06:19.0016 5372 WudfPf - ok
15:06:19.0026 5372 WUDFRd (1023ee888c9b47178c5293ed5336ab69) M:\Windows\system32\DRIVERS\WUDFRd.sys
15:06:19.0036 5372 WUDFRd - ok
15:06:19.0056 5372 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) M:\Windows\System32\WUDFSvc.dll
15:06:19.0066 5372 wudfsvc - ok
15:06:19.0076 5372 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) M:\Windows\System32\wwansvc.dll
15:06:19.0086 5372 WwanSvc - ok
15:06:19.0116 5372 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:06:19.0296 5372 \Device\Harddisk0\DR0 - ok
15:06:19.0296 5372 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
15:06:19.0376 5372 \Device\Harddisk1\DR1 - ok
15:06:19.0376 5372 Boot (0x1200) (9148ca726acafee802037d5ff30cfe08) \Device\Harddisk0\DR0\Partition0
15:06:19.0376 5372 \Device\Harddisk0\DR0\Partition0 - ok
15:06:19.0376 5372 Boot (0x1200) (26db88c8481680b8b6127d4a91b90d8c) \Device\Harddisk1\DR1\Partition0
15:06:19.0376 5372 \Device\Harddisk1\DR1\Partition0 - ok
15:06:19.0386 5372 ============================================================
15:06:19.0386 5372 Scan finished
15:06:19.0386 5372 ============================================================
15:06:19.0396 5708 Detected object count: 0
15:06:19.0396 5708 Actual detected object count: 0


The aswMBR.exe also found nothing. Log follows:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-17 14:20:03
-----------------------------
14:20:03.025 OS Version: Windows 6.1.7601 Service Pack 1
14:20:03.025 Number of processors: 2 586 0xF0B
14:20:03.025 ComputerName: TOM-PC UserName: Tom
14:20:04.039 Initialize success
14:21:18.364 AVAST engine defs: 12061700
14:22:19.154 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
14:22:19.170 Disk 0 Vendor: ST3160023AS 3.43 Size: 152627MB BusType: 3
14:22:19.170 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
14:22:19.170 Disk 1 Vendor: Hitachi_HDE721010SLA330 ST6OA3AA Size: 953869MB BusType: 3
14:22:19.185 Disk 0 MBR read successfully
14:22:19.185 Disk 0 MBR scan
14:22:19.201 Disk 0 Windows 7 default MBR code
14:22:19.201 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152626 MB offset 63
14:22:19.217 Disk 0 scanning sectors +312579072
14:22:19.263 Disk 0 scanning M:\Windows\system32\drivers
14:22:28.358 Service scanning
14:22:44.161 Modules scanning
14:22:50.354 Disk 0 trace - called modules:
14:22:50.385 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
14:22:50.385 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a3c970]
14:22:50.401 3 CLASSPNP.SYS[8d2a759e] -> nt!IofCallDriver -> [0x86556918]
14:22:50.401 5 ACPI.sys[8ca403d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x86948030]
14:22:51.587 AVAST engine scan M:\Windows
14:22:54.005 AVAST engine scan M:\Windows\system32
14:26:07.447 AVAST engine scan M:\Windows\system32\drivers
14:26:37.649 AVAST engine scan M:\Users\Tom
14:39:03.767 AVAST engine scan M:\ProgramData
14:41:19.934 Scan finished successfully
14:41:40.073 Disk 0 MBR has been saved successfully to "M:\Users\Tom\Desktop\MBR.dat"
14:41:40.089 The log file has been saved successfully to "M:\Users\Tom\Desktop\aswMBR.txt"

I deleted my current Java version and installed the latest.

Thanks,

Tom

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:30 AM

Posted 17 June 2012 - 08:08 PM

Ok, these are clean. If something is still taking info then we need a deeper look to find what is protecting it.

Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users