Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious iexplorer.exe*32 and random audio


  • Please log in to reply
13 replies to this topic

#1 rabbitsongs

rabbitsongs

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:here-and-there
  • Local time:08:56 PM

Posted 21 June 2012 - 09:38 PM

Hi! In the last couple of days I've started getting random spouts of audio from my speakers that seem to be connected to an iexplorer.exe*32 process that restarts upon termination. I never use Internet Explorer, so this is distressing. The audio, which ranges from an audience clapping to random electric guitar riffs, is infrequent (maybe once every few hours) and varied in its length from a second to around 10 or 15 seconds. Although the audio is a new symptom I have been suspicious for a few weeks--my computer is pretty noisy when it's "doing things" and the hard drive (?) has been loud as if accessing information when the computer is not in use. A few days ago I had an issue where Windows Firewall was deleted from the machine, but resolved that through the use of google, Microsoft Security Essentials, Malicious Removal Tool, Malware Bytes (my current protection), TDSSKiller and new registry files from Microsoft's website. Repeated scans with Malware Bytes, Prevx and Microsoft Security Essentials have indicated that my system is clean, although Malware Bytes occasionally blocks an outgoing Trojan.Agent svchost.exe process, of which there are 16 running.

I have not noticed much system slow down, but I don't want to ignore this problem and have it become potentially worse. I am running Windows 7 64-bit and am at a loss at what to do at this point. Any suggestions would be welcome!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:56 PM

Posted 21 June 2012 - 09:39 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 rabbitsongs

rabbitsongs
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:here-and-there
  • Local time:08:56 PM

Posted 22 June 2012 - 10:53 AM

Thanks for the response! Eset scanner took a bit longer than I thought it would so I let it run over night. Here are the three logs.

22:41:10.0100 2420 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
22:41:10.0371 2420 ============================================================
22:41:10.0371 2420 Current date / time: 2012/06/21 22:41:10.0371
22:41:10.0371 2420 SystemInfo:
22:41:10.0371 2420
22:41:10.0371 2420 OS Version: 6.1.7600 ServicePack: 0.0
22:41:10.0371 2420 Product type: Workstation
22:41:10.0371 2420 ComputerName: MRCOMPUTER-PC
22:41:10.0371 2420 UserName: MrComputer
22:41:10.0371 2420 Windows directory: C:\Windows
22:41:10.0371 2420 System windows directory: C:\Windows
22:41:10.0371 2420 Running under WOW64
22:41:10.0371 2420 Processor architecture: Intel x64
22:41:10.0371 2420 Number of processors: 8
22:41:10.0371 2420 Page size: 0x1000
22:41:10.0371 2420 Boot type: Normal boot
22:41:10.0371 2420 ============================================================
22:41:11.0367 2420 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:41:11.0370 2420 ============================================================
22:41:11.0370 2420 \Device\Harddisk0\DR0:
22:41:11.0370 2420 MBR partitions:
22:41:11.0370 2420 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
22:41:11.0370 2420 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x729A65B0
22:41:11.0370 2420 ============================================================
22:41:11.0400 2420 C: <-> \Device\Harddisk0\DR0\Partition1
22:41:11.0400 2420 ============================================================
22:41:11.0400 2420 Initialize success
22:41:11.0400 2420 ============================================================
22:41:30.0322 4292 ============================================================
22:41:30.0322 4292 Scan started
22:41:30.0322 4292 Mode: Manual; TDLFS;
22:41:30.0322 4292 ============================================================
22:41:31.0189 4292 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
22:41:31.0191 4292 1394ohci - ok
22:41:31.0226 4292 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
22:41:31.0228 4292 ACPI - ok
22:41:31.0237 4292 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
22:41:31.0237 4292 AcpiPmi - ok
22:41:31.0352 4292 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:41:31.0353 4292 AdobeARMservice - ok
22:41:31.0376 4292 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:41:31.0380 4292 adp94xx - ok
22:41:31.0410 4292 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:41:31.0413 4292 adpahci - ok
22:41:31.0422 4292 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:41:31.0424 4292 adpu320 - ok
22:41:31.0450 4292 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:41:31.0451 4292 AeLookupSvc - ok
22:41:31.0497 4292 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
22:41:31.0498 4292 AERTFilters - ok
22:41:31.0551 4292 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
22:41:31.0556 4292 AFD - ok
22:41:31.0566 4292 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
22:41:31.0567 4292 agp440 - ok
22:41:31.0628 4292 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:41:31.0629 4292 ALG - ok
22:41:31.0631 4292 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
22:41:31.0631 4292 aliide - ok
22:41:31.0688 4292 Amazon Download Agent (ff6f0f6a2d72065ae4300426fa414693) C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
22:41:31.0691 4292 Amazon Download Agent - ok
22:41:31.0723 4292 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
22:41:31.0725 4292 AMD External Events Utility - ok
22:41:31.0727 4292 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
22:41:31.0728 4292 amdide - ok
22:41:31.0732 4292 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:41:31.0733 4292 AmdK8 - ok
22:41:32.0133 4292 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
22:41:32.0326 4292 amdkmdag - ok
22:41:32.0407 4292 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
22:41:32.0410 4292 amdkmdap - ok
22:41:32.0414 4292 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:41:32.0415 4292 AmdPPM - ok
22:41:32.0445 4292 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
22:41:32.0446 4292 amdsata - ok
22:41:32.0467 4292 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:41:32.0469 4292 amdsbs - ok
22:41:32.0478 4292 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
22:41:32.0478 4292 amdxata - ok
22:41:32.0507 4292 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
22:41:32.0508 4292 androidusb - ok
22:41:32.0608 4292 AppHostSvc (03fbb7c5ea4ef153f10282614b9771cb) C:\Windows\system32\inetsrv\apphostsvc.dll
22:41:32.0608 4292 AppHostSvc - ok
22:41:32.0626 4292 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
22:41:32.0627 4292 AppID - ok
22:41:32.0659 4292 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:41:32.0660 4292 AppIDSvc - ok
22:41:32.0669 4292 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
22:41:32.0669 4292 Appinfo - ok
22:41:32.0775 4292 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:41:32.0776 4292 Apple Mobile Device - ok
22:41:32.0794 4292 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:41:32.0795 4292 arc - ok
22:41:32.0800 4292 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:41:32.0802 4292 arcsas - ok
22:41:32.0910 4292 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:41:32.0913 4292 aspnet_state - ok
22:41:32.0925 4292 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:41:32.0926 4292 AsyncMac - ok
22:41:32.0935 4292 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
22:41:32.0935 4292 atapi - ok
22:41:32.0975 4292 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
22:41:32.0976 4292 atksgt - ok
22:41:33.0000 4292 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:41:33.0006 4292 AudioEndpointBuilder - ok
22:41:33.0010 4292 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:41:33.0012 4292 AudioSrv - ok
22:41:33.0021 4292 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
22:41:33.0022 4292 AxInstSV - ok
22:41:33.0044 4292 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:41:33.0048 4292 b06bdrv - ok
22:41:33.0071 4292 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:41:33.0074 4292 b57nd60a - ok
22:41:33.0104 4292 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
22:41:33.0104 4292 BCM42RLY - ok
22:41:33.0186 4292 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:41:33.0225 4292 BCM43XX - ok
22:41:33.0312 4292 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:41:33.0313 4292 BDESVC - ok
22:41:33.0328 4292 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:41:33.0329 4292 Beep - ok
22:41:33.0350 4292 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
22:41:33.0356 4292 BFE - ok
22:41:33.0357 4292 bffmgtto - ok
22:41:33.0400 4292 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
22:41:33.0408 4292 BITS - ok
22:41:33.0417 4292 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:41:33.0418 4292 blbdrive - ok
22:41:33.0495 4292 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:41:33.0499 4292 Bonjour Service - ok
22:41:33.0528 4292 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
22:41:33.0529 4292 bowser - ok
22:41:33.0531 4292 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:41:33.0532 4292 BrFiltLo - ok
22:41:33.0534 4292 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:41:33.0534 4292 BrFiltUp - ok
22:41:33.0545 4292 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
22:41:33.0546 4292 BridgeMP - ok
22:41:33.0553 4292 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
22:41:33.0555 4292 Browser - ok
22:41:33.0579 4292 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:41:33.0587 4292 Brserid - ok
22:41:33.0590 4292 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:41:33.0591 4292 BrSerWdm - ok
22:41:33.0592 4292 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:41:33.0593 4292 BrUsbMdm - ok
22:41:33.0595 4292 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:41:33.0595 4292 BrUsbSer - ok
22:41:33.0599 4292 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:41:33.0599 4292 BTHMODEM - ok
22:41:33.0605 4292 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:41:33.0606 4292 bthserv - ok
22:41:33.0698 4292 catchme - ok
22:41:33.0714 4292 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:41:33.0714 4292 cdfs - ok
22:41:33.0734 4292 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
22:41:33.0735 4292 cdrom - ok
22:41:33.0748 4292 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:41:33.0748 4292 CertPropSvc - ok
22:41:33.0760 4292 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:41:33.0761 4292 circlass - ok
22:41:33.0778 4292 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:41:33.0781 4292 CLFS - ok
22:41:33.0835 4292 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:41:33.0835 4292 clr_optimization_v2.0.50727_32 - ok
22:41:33.0867 4292 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:41:33.0868 4292 clr_optimization_v2.0.50727_64 - ok
22:41:33.0957 4292 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:41:34.0020 4292 clr_optimization_v4.0.30319_32 - ok
22:41:34.0043 4292 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:41:34.0065 4292 clr_optimization_v4.0.30319_64 - ok
22:41:34.0082 4292 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:41:34.0082 4292 CmBatt - ok
22:41:34.0085 4292 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
22:41:34.0085 4292 cmdide - ok
22:41:34.0120 4292 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
22:41:34.0124 4292 CNG - ok
22:41:34.0138 4292 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:41:34.0139 4292 Compbatt - ok
22:41:34.0156 4292 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
22:41:34.0157 4292 CompositeBus - ok
22:41:34.0159 4292 COMSysApp - ok
22:41:34.0162 4292 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:41:34.0162 4292 crcdisk - ok
22:41:34.0205 4292 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
22:41:34.0208 4292 CryptSvc - ok
22:41:34.0399 4292 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe
22:41:34.0400 4292 DAUpdaterSvc - ok
22:41:34.0441 4292 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:41:34.0444 4292 DcomLaunch - ok
22:41:34.0488 4292 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:41:34.0489 4292 defragsvc - ok
22:41:34.0521 4292 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
22:41:34.0521 4292 DfsC - ok
22:41:34.0551 4292 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
22:41:34.0553 4292 Dhcp - ok
22:41:34.0564 4292 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:41:34.0564 4292 discache - ok
22:41:34.0574 4292 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:41:34.0574 4292 Disk - ok
22:41:34.0612 4292 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
22:41:34.0613 4292 Dnscache - ok
22:41:34.0688 4292 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
22:41:34.0688 4292 DockLoginService - ok
22:41:34.0716 4292 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
22:41:34.0718 4292 dot3svc - ok
22:41:34.0774 4292 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
22:41:34.0775 4292 DPS - ok
22:41:34.0813 4292 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:41:34.0814 4292 drmkaud - ok
22:41:34.0868 4292 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
22:41:34.0876 4292 DXGKrnl - ok
22:41:34.0891 4292 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:41:34.0892 4292 EapHost - ok
22:41:34.0974 4292 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:41:35.0018 4292 ebdrv - ok
22:41:35.0132 4292 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
22:41:35.0133 4292 EFS - ok
22:41:35.0195 4292 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
22:41:35.0198 4292 ehRecvr - ok
22:41:35.0229 4292 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:41:35.0230 4292 ehSched - ok
22:41:35.0256 4292 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:41:35.0260 4292 elxstor - ok
22:41:35.0263 4292 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
22:41:35.0263 4292 ErrDev - ok
22:41:35.0283 4292 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:41:35.0285 4292 EventSystem - ok
22:41:35.0294 4292 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:41:35.0295 4292 exfat - ok
22:41:35.0308 4292 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:41:35.0309 4292 fastfat - ok
22:41:35.0343 4292 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
22:41:35.0346 4292 Fax - ok
22:41:35.0349 4292 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:41:35.0349 4292 fdc - ok
22:41:35.0353 4292 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:41:35.0354 4292 fdPHost - ok
22:41:35.0366 4292 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:41:35.0366 4292 FDResPub - ok
22:41:35.0374 4292 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:41:35.0374 4292 FileInfo - ok
22:41:35.0377 4292 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:41:35.0377 4292 Filetrace - ok
22:41:35.0391 4292 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:41:35.0392 4292 flpydisk - ok
22:41:35.0411 4292 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
22:41:35.0413 4292 FltMgr - ok
22:41:35.0492 4292 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
22:41:35.0497 4292 FontCache - ok
22:41:35.0602 4292 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:41:35.0603 4292 FontCache3.0.0.0 - ok
22:41:35.0613 4292 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:41:35.0613 4292 FsDepends - ok
22:41:35.0640 4292 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
22:41:35.0641 4292 Fs_Rec - ok
22:41:35.0674 4292 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:41:35.0675 4292 fvevol - ok
22:41:35.0686 4292 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:41:35.0686 4292 gagp30kx - ok
22:41:35.0729 4292 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:41:35.0729 4292 GEARAspiWDM - ok
22:41:35.0751 4292 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
22:41:35.0758 4292 gpsvc - ok
22:41:35.0795 4292 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:41:35.0796 4292 hcw85cir - ok
22:41:35.0851 4292 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
22:41:35.0852 4292 HdAudAddService - ok
22:41:35.0879 4292 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:41:35.0880 4292 HDAudBus - ok
22:41:35.0883 4292 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:41:35.0883 4292 HidBatt - ok
22:41:35.0901 4292 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:41:35.0902 4292 HidBth - ok
22:41:35.0905 4292 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:41:35.0905 4292 HidIr - ok
22:41:35.0914 4292 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
22:41:35.0915 4292 hidserv - ok
22:41:35.0938 4292 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
22:41:35.0938 4292 HidUsb - ok
22:41:36.0008 4292 HiPatchService (5a457c3d00c1c701230a12aa1580114d) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
22:41:36.0009 4292 HiPatchService - ok
22:41:36.0035 4292 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
22:41:36.0036 4292 hkmsvc - ok
22:41:36.0047 4292 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
22:41:36.0049 4292 HomeGroupListener - ok
22:41:36.0085 4292 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
22:41:36.0087 4292 HomeGroupProvider - ok
22:41:36.0092 4292 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
22:41:36.0092 4292 HpSAMD - ok
22:41:36.0182 4292 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
22:41:36.0189 4292 HTTP - ok
22:41:36.0204 4292 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
22:41:36.0204 4292 hwpolicy - ok
22:41:36.0214 4292 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:41:36.0214 4292 i8042prt - ok
22:41:36.0255 4292 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
22:41:36.0256 4292 iaStor - ok
22:41:36.0290 4292 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
22:41:36.0292 4292 iaStorV - ok
22:41:36.0420 4292 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:41:36.0424 4292 idsvc - ok
22:41:36.0438 4292 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:41:36.0438 4292 iirsp - ok
22:41:36.0485 4292 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
22:41:36.0493 4292 IKEEXT - ok
22:41:36.0629 4292 IntcAzAudAddService (c03463214d23b46b991f582821c8df69) C:\Windows\system32\drivers\RTKVHD64.sys
22:41:36.0672 4292 IntcAzAudAddService - ok
22:41:36.0771 4292 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
22:41:36.0772 4292 intelide - ok
22:41:36.0782 4292 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:41:36.0783 4292 intelppm - ok
22:41:36.0785 4292 iomxzdts - ok
22:41:36.0799 4292 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:41:36.0800 4292 IPBusEnum - ok
22:41:36.0805 4292 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:41:36.0806 4292 IpFilterDriver - ok
22:41:36.0843 4292 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
22:41:36.0848 4292 iphlpsvc - ok
22:41:36.0865 4292 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:41:36.0866 4292 IPMIDRV - ok
22:41:36.0870 4292 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:41:36.0871 4292 IPNAT - ok
22:41:36.0962 4292 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
22:41:36.0966 4292 iPod Service - ok
22:41:36.0980 4292 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:41:36.0980 4292 IRENUM - ok
22:41:36.0982 4292 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
22:41:36.0983 4292 isapnp - ok
22:41:37.0003 4292 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
22:41:37.0004 4292 iScsiPrt - ok
22:41:37.0053 4292 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys
22:41:37.0056 4292 k57nd60a - ok
22:41:37.0068 4292 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:41:37.0069 4292 kbdclass - ok
22:41:37.0092 4292 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
22:41:37.0092 4292 kbdhid - ok
22:41:37.0121 4292 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:41:37.0122 4292 KeyIso - ok
22:41:37.0217 4292 Kodak AiO Network Discovery Service (3d1e2d4a75bb4230b0cee140b5585dcd) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
22:41:37.0219 4292 Kodak AiO Network Discovery Service - ok
22:41:37.0229 4292 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
22:41:37.0229 4292 KSecDD - ok
22:41:37.0243 4292 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
22:41:37.0243 4292 KSecPkg - ok
22:41:37.0246 4292 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:41:37.0246 4292 ksthunk - ok
22:41:37.0297 4292 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:41:37.0299 4292 KtmRm - ok
22:41:37.0349 4292 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
22:41:37.0351 4292 LanmanServer - ok
22:41:37.0383 4292 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
22:41:37.0384 4292 LanmanWorkstation - ok
22:41:37.0435 4292 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
22:41:37.0435 4292 LBTServ - ok
22:41:37.0466 4292 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:41:37.0467 4292 LHidFilt - ok
22:41:37.0470 4292 lhpecaid - ok
22:41:37.0506 4292 lirsgt (83ba097acaad0b00505634a62d90f93a) C:\Windows\system32\DRIVERS\lirsgt.sys
22:41:37.0507 4292 lirsgt - ok
22:41:37.0520 4292 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:41:37.0521 4292 lltdio - ok
22:41:37.0558 4292 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:41:37.0560 4292 lltdsvc - ok
22:41:37.0573 4292 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:41:37.0574 4292 lmhosts - ok
22:41:37.0587 4292 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:41:37.0588 4292 LMouFilt - ok
22:41:37.0599 4292 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:41:37.0599 4292 LSI_FC - ok
22:41:37.0604 4292 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:41:37.0604 4292 LSI_SAS - ok
22:41:37.0608 4292 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:41:37.0608 4292 LSI_SAS2 - ok
22:41:37.0613 4292 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:41:37.0613 4292 LSI_SCSI - ok
22:41:37.0623 4292 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:41:37.0623 4292 luafv - ok
22:41:37.0661 4292 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
22:41:37.0662 4292 MBAMProtector - ok
22:41:37.0732 4292 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:41:37.0737 4292 MBAMService - ok
22:41:37.0771 4292 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
22:41:37.0772 4292 Mcx2Svc - ok
22:41:37.0776 4292 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:41:37.0776 4292 megasas - ok
22:41:37.0794 4292 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:41:37.0796 4292 MegaSR - ok
22:41:37.0811 4292 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:41:37.0812 4292 MMCSS - ok
22:41:37.0815 4292 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:41:37.0815 4292 Modem - ok
22:41:37.0825 4292 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:41:37.0826 4292 monitor - ok
22:41:37.0832 4292 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:41:37.0833 4292 mouclass - ok
22:41:37.0840 4292 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:41:37.0840 4292 mouhid - ok
22:41:37.0851 4292 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
22:41:37.0851 4292 mountmgr - ok
22:41:37.0916 4292 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:41:37.0917 4292 MozillaMaintenance - ok
22:41:37.0925 4292 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
22:41:37.0926 4292 mpio - ok
22:41:37.0940 4292 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:41:37.0940 4292 mpsdrv - ok
22:41:37.0965 4292 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
22:41:37.0969 4292 MpsSvc - ok
22:41:37.0979 4292 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
22:41:37.0980 4292 MRxDAV - ok
22:41:38.0005 4292 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:41:38.0006 4292 mrxsmb - ok
22:41:38.0042 4292 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:41:38.0044 4292 mrxsmb10 - ok
22:41:38.0053 4292 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:41:38.0053 4292 mrxsmb20 - ok
22:41:38.0068 4292 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
22:41:38.0069 4292 msahci - ok
22:41:38.0073 4292 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
22:41:38.0074 4292 msdsm - ok
22:41:38.0085 4292 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:41:38.0087 4292 MSDTC - ok
22:41:38.0105 4292 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:41:38.0105 4292 Msfs - ok
22:41:38.0110 4292 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:41:38.0110 4292 mshidkmdf - ok
22:41:38.0121 4292 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
22:41:38.0121 4292 msisadrv - ok
22:41:38.0131 4292 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:41:38.0132 4292 MSiSCSI - ok
22:41:38.0134 4292 msiserver - ok
22:41:38.0149 4292 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:41:38.0149 4292 MSKSSRV - ok
22:41:38.0156 4292 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:41:38.0157 4292 MSPCLOCK - ok
22:41:38.0160 4292 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:41:38.0160 4292 MSPQM - ok
22:41:38.0185 4292 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
22:41:38.0186 4292 MsRPC - ok
22:41:38.0196 4292 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
22:41:38.0196 4292 mssmbios - ok
22:41:38.0259 4292 MSSQL$BWDATOOLSET - ok
22:41:38.0328 4292 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
22:41:38.0329 4292 MSSQLServerADHelper - ok
22:41:38.0340 4292 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:41:38.0340 4292 MSTEE - ok
22:41:38.0342 4292 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:41:38.0343 4292 MTConfig - ok
22:41:38.0365 4292 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:41:38.0365 4292 Mup - ok
22:41:38.0408 4292 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
22:41:38.0410 4292 napagent - ok
22:41:38.0436 4292 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:41:38.0437 4292 NativeWifiP - ok
22:41:38.0469 4292 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
22:41:38.0473 4292 NDIS - ok
22:41:38.0502 4292 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:41:38.0502 4292 NdisCap - ok
22:41:38.0517 4292 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:41:38.0517 4292 NdisTapi - ok
22:41:38.0527 4292 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
22:41:38.0528 4292 Ndisuio - ok
22:41:38.0542 4292 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:41:38.0543 4292 NdisWan - ok
22:41:38.0548 4292 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
22:41:38.0548 4292 NDProxy - ok
22:41:38.0556 4292 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:41:38.0556 4292 NetBIOS - ok
22:41:38.0571 4292 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
22:41:38.0572 4292 NetBT - ok
22:41:38.0603 4292 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:41:38.0604 4292 Netlogon - ok
22:41:38.0617 4292 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:41:38.0619 4292 Netman - ok
22:41:38.0739 4292 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:41:38.0770 4292 NetMsmqActivator - ok
22:41:38.0772 4292 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:41:38.0773 4292 NetPipeActivator - ok
22:41:38.0804 4292 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:41:38.0806 4292 netprofm - ok
22:41:38.0808 4292 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:41:38.0809 4292 NetTcpActivator - ok
22:41:38.0811 4292 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:41:38.0812 4292 NetTcpPortSharing - ok
22:41:38.0853 4292 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:41:38.0853 4292 nfrd960 - ok
22:41:38.0871 4292 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
22:41:38.0873 4292 NlaSvc - ok
22:41:38.0885 4292 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:41:38.0885 4292 Npfs - ok
22:41:38.0892 4292 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:41:38.0893 4292 nsi - ok
22:41:38.0904 4292 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:41:38.0905 4292 nsiproxy - ok
22:41:38.0974 4292 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
22:41:38.0997 4292 Ntfs - ok
22:41:39.0090 4292 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:41:39.0091 4292 Null - ok
22:41:39.0095 4292 nvlddmkm - ok
22:41:39.0132 4292 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
22:41:39.0133 4292 nvraid - ok
22:41:39.0149 4292 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
22:41:39.0150 4292 nvstor - ok
22:41:39.0166 4292 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
22:41:39.0167 4292 nv_agp - ok
22:41:39.0171 4292 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
22:41:39.0171 4292 ohci1394 - ok
22:41:39.0186 4292 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:41:39.0190 4292 p2pimsvc - ok
22:41:39.0206 4292 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:41:39.0208 4292 p2psvc - ok
22:41:39.0224 4292 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:41:39.0225 4292 Parport - ok
22:41:39.0253 4292 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
22:41:39.0253 4292 partmgr - ok
22:41:39.0261 4292 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:41:39.0262 4292 PcaSvc - ok
22:41:39.0273 4292 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
22:41:39.0274 4292 pci - ok
22:41:39.0281 4292 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
22:41:39.0281 4292 pciide - ok
22:41:39.0292 4292 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:41:39.0293 4292 pcmcia - ok
22:41:39.0298 4292 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:41:39.0298 4292 pcw - ok
22:41:39.0322 4292 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:41:39.0328 4292 PEAUTH - ok
22:41:39.0403 4292 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:41:39.0404 4292 PerfHost - ok
22:41:39.0479 4292 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
22:41:39.0507 4292 pla - ok
22:41:39.0559 4292 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
22:41:39.0561 4292 PlugPlay - ok
22:41:39.0575 4292 PnkBstrA - ok
22:41:39.0581 4292 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:41:39.0582 4292 PNRPAutoReg - ok
22:41:39.0594 4292 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:41:39.0596 4292 PNRPsvc - ok
22:41:39.0638 4292 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
22:41:39.0640 4292 PolicyAgent - ok
22:41:39.0674 4292 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:41:39.0676 4292 Power - ok
22:41:39.0725 4292 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
22:41:39.0726 4292 PptpMiniport - ok
22:41:39.0730 4292 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:41:39.0730 4292 Processor - ok
22:41:39.0762 4292 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
22:41:39.0765 4292 ProfSvc - ok
22:41:39.0819 4292 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:41:39.0819 4292 ProtectedStorage - ok
22:41:39.0839 4292 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
22:41:39.0840 4292 Psched - ok
22:41:39.0893 4292 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
22:41:39.0893 4292 PxHlpa64 - ok
22:41:39.0935 4292 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:41:39.0962 4292 ql2300 - ok
22:41:40.0051 4292 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:41:40.0052 4292 ql40xx - ok
22:41:40.0062 4292 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:41:40.0064 4292 QWAVE - ok
22:41:40.0069 4292 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:41:40.0069 4292 QWAVEdrv - ok
22:41:40.0072 4292 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:41:40.0072 4292 RasAcd - ok
22:41:40.0110 4292 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:41:40.0110 4292 RasAgileVpn - ok
22:41:40.0120 4292 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:41:40.0122 4292 RasAuto - ok
22:41:40.0137 4292 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:41:40.0137 4292 Rasl2tp - ok
22:41:40.0150 4292 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
22:41:40.0152 4292 RasMan - ok
22:41:40.0166 4292 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:41:40.0167 4292 RasPppoe - ok
22:41:40.0184 4292 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:41:40.0184 4292 RasSstp - ok
22:41:40.0198 4292 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
22:41:40.0199 4292 rdbss - ok
22:41:40.0213 4292 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:41:40.0213 4292 rdpbus - ok
22:41:40.0226 4292 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:41:40.0226 4292 RDPCDD - ok
22:41:40.0242 4292 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:41:40.0242 4292 RDPENCDD - ok
22:41:40.0249 4292 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:41:40.0249 4292 RDPREFMP - ok
22:41:40.0278 4292 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
22:41:40.0279 4292 RDPWD - ok
22:41:40.0293 4292 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
22:41:40.0294 4292 rdyboost - ok
22:41:40.0310 4292 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:41:40.0311 4292 RemoteAccess - ok
22:41:40.0323 4292 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:41:40.0324 4292 RemoteRegistry - ok
22:41:40.0489 4292 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
22:41:40.0494 4292 RoxMediaDB10 - ok
22:41:40.0500 4292 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:41:40.0501 4292 RpcEptMapper - ok
22:41:40.0543 4292 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:41:40.0544 4292 RpcLocator - ok
22:41:40.0560 4292 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:41:40.0563 4292 RpcSs - ok
22:41:40.0596 4292 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:41:40.0596 4292 rspndr - ok
22:41:40.0598 4292 RxFilter - ok
22:41:40.0634 4292 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:41:40.0635 4292 SamSs - ok
22:41:40.0648 4292 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
22:41:40.0649 4292 sbp2port - ok
22:41:40.0662 4292 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:41:40.0664 4292 SCardSvr - ok
22:41:40.0676 4292 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
22:41:40.0676 4292 scfilter - ok
22:41:40.0729 4292 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
22:41:40.0750 4292 Schedule - ok
22:41:40.0782 4292 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:41:40.0782 4292 SCPolicySvc - ok
22:41:40.0798 4292 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
22:41:40.0799 4292 SDRSVC - ok
22:41:40.0817 4292 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:41:40.0817 4292 secdrv - ok
22:41:40.0820 4292 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
22:41:40.0821 4292 seclogon - ok
22:41:40.0832 4292 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
22:41:40.0833 4292 SENS - ok
22:41:40.0845 4292 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:41:40.0847 4292 SensrSvc - ok
22:41:40.0860 4292 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:41:40.0861 4292 Serenum - ok
22:41:40.0864 4292 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:41:40.0865 4292 Serial - ok
22:41:40.0867 4292 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:41:40.0867 4292 sermouse - ok
22:41:40.0883 4292 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
22:41:40.0884 4292 SessionEnv - ok
22:41:40.0915 4292 SessionLauncher - ok
22:41:40.0918 4292 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
22:41:40.0918 4292 sffdisk - ok
22:41:40.0921 4292 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:41:40.0921 4292 sffp_mmc - ok
22:41:40.0923 4292 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
22:41:40.0924 4292 sffp_sd - ok
22:41:40.0931 4292 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:41:40.0932 4292 sfloppy - ok
22:41:41.0003 4292 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:41:41.0004 4292 SharedAccess - ok
22:41:41.0019 4292 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
22:41:41.0022 4292 ShellHWDetection - ok
22:41:41.0025 4292 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:41:41.0026 4292 SiSRaid2 - ok
22:41:41.0030 4292 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:41:41.0031 4292 SiSRaid4 - ok
22:41:41.0036 4292 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:41:41.0037 4292 Smb - ok
22:41:41.0073 4292 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:41:41.0074 4292 SNMPTRAP - ok
22:41:41.0077 4292 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:41:41.0077 4292 spldr - ok
22:41:41.0113 4292 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
22:41:41.0116 4292 Spooler - ok
22:41:41.0205 4292 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
22:41:41.0220 4292 sppsvc - ok
22:41:41.0319 4292 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:41:41.0321 4292 sppuinotify - ok
22:41:41.0384 4292 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
22:41:41.0385 4292 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
22:41:41.0385 4292 sptd ( LockedFile.Multi.Generic ) - warning
22:41:41.0385 4292 sptd - detected LockedFile.Multi.Generic (1)
22:41:41.0477 4292 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:41:41.0479 4292 SQLBrowser - ok
22:41:41.0521 4292 SQLWriter (3c432a96363097870995e2a3c8b66abd) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:41:41.0522 4292 SQLWriter - ok
22:41:41.0565 4292 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
22:41:41.0570 4292 srv - ok
22:41:41.0586 4292 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
22:41:41.0588 4292 srv2 - ok
22:41:41.0617 4292 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
22:41:41.0618 4292 srvnet - ok
22:41:41.0664 4292 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
22:41:41.0665 4292 ssadbus - ok
22:41:41.0680 4292 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:41:41.0681 4292 ssadmdfl - ok
22:41:41.0699 4292 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
22:41:41.0700 4292 ssadmdm - ok
22:41:41.0726 4292 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys
22:41:41.0727 4292 ssadserd - ok
22:41:41.0774 4292 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:41:41.0776 4292 SSDPSRV - ok
22:41:41.0789 4292 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:41:41.0791 4292 SstpSvc - ok
22:41:41.0824 4292 Steam Client Service - ok
22:41:41.0850 4292 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:41:41.0851 4292 stexstor - ok
22:41:41.0878 4292 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
22:41:41.0879 4292 StillCam - ok
22:41:41.0917 4292 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
22:41:41.0921 4292 stisvc - ok
22:41:41.0968 4292 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
22:41:41.0968 4292 stllssvr - ok
22:41:41.0978 4292 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
22:41:41.0978 4292 swenum - ok
22:41:42.0002 4292 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:41:42.0007 4292 swprv - ok
22:41:42.0055 4292 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
22:41:42.0084 4292 SysMain - ok
22:41:42.0188 4292 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
22:41:42.0190 4292 TabletInputService - ok
22:41:42.0206 4292 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
22:41:42.0209 4292 TapiSrv - ok
22:41:42.0216 4292 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:41:42.0218 4292 TBS - ok
22:41:42.0263 4292 tclondrv (bb7c91d0e97aa8126212838d32dcc83c) C:\Windows\system32\DRIVERS\tclondrv.sys
22:41:42.0263 4292 tclondrv - ok
22:41:42.0338 4292 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
22:41:42.0367 4292 Tcpip - ok
22:41:42.0454 4292 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
22:41:42.0462 4292 TCPIP6 - ok
22:41:42.0517 4292 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
22:41:42.0517 4292 tcpipreg - ok
22:41:42.0528 4292 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:41:42.0528 4292 TDPIPE - ok
22:41:42.0561 4292 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
22:41:42.0562 4292 TDTCP - ok
22:41:42.0573 4292 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
22:41:42.0574 4292 tdx - ok
22:41:42.0581 4292 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
22:41:42.0582 4292 TermDD - ok
22:41:42.0616 4292 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
22:41:42.0620 4292 TermService - ok
22:41:42.0630 4292 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:41:42.0631 4292 Themes - ok
22:41:42.0664 4292 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:41:42.0665 4292 THREADORDER - ok
22:41:42.0678 4292 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:41:42.0680 4292 TrkWks - ok
22:41:42.0733 4292 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
22:41:42.0734 4292 TrustedInstaller - ok
22:41:42.0740 4292 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:41:42.0741 4292 tssecsrv - ok
22:41:42.0755 4292 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
22:41:42.0756 4292 tunnel - ok
22:41:42.0777 4292 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:41:42.0778 4292 uagp35 - ok
22:41:42.0829 4292 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
22:41:42.0831 4292 udfs - ok
22:41:42.0845 4292 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:41:42.0846 4292 UI0Detect - ok
22:41:42.0858 4292 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
22:41:42.0858 4292 uliagpkx - ok
22:41:42.0870 4292 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
22:41:42.0870 4292 umbus - ok
22:41:42.0883 4292 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:41:42.0884 4292 UmPass - ok
22:41:42.0904 4292 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:41:42.0906 4292 upnphost - ok
22:41:42.0945 4292 USBAAPL64 (9e58997a211c8c9ac9e6cffa53614a73) C:\Windows\system32\Drivers\usbaapl64.sys
22:41:42.0946 4292 USBAAPL64 - ok
22:41:42.0972 4292 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
22:41:42.0973 4292 usbccgp - ok
22:41:42.0990 4292 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
22:41:42.0991 4292 usbcir - ok
22:41:43.0000 4292 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
22:41:43.0001 4292 usbehci - ok
22:41:43.0014 4292 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
22:41:43.0016 4292 usbhub - ok
22:41:43.0027 4292 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
22:41:43.0027 4292 usbohci - ok
22:41:43.0037 4292 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:41:43.0037 4292 usbprint - ok
22:41:43.0071 4292 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:41:43.0072 4292 usbscan - ok
22:41:43.0107 4292 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:41:43.0107 4292 USBSTOR - ok
22:41:43.0116 4292 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
22:41:43.0117 4292 usbuhci - ok
22:41:43.0130 4292 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:41:43.0131 4292 UxSms - ok
22:41:43.0165 4292 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:41:43.0166 4292 VaultSvc - ok
22:41:43.0185 4292 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
22:41:43.0186 4292 vdrvroot - ok
22:41:43.0206 4292 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
22:41:43.0209 4292 vds - ok
22:41:43.0223 4292 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:41:43.0223 4292 vga - ok
22:41:43.0236 4292 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:41:43.0236 4292 VgaSave - ok
22:41:43.0248 4292 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
22:41:43.0249 4292 vhdmp - ok
22:41:43.0252 4292 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
22:41:43.0252 4292 viaide - ok
22:41:43.0262 4292 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
22:41:43.0263 4292 volmgr - ok
22:41:43.0282 4292 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
22:41:43.0283 4292 volmgrx - ok
22:41:43.0301 4292 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
22:41:43.0302 4292 volsnap - ok
22:41:43.0320 4292 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:41:43.0321 4292 vsmraid - ok
22:41:43.0367 4292 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
22:41:43.0394 4292 VSS - ok
22:41:43.0485 4292 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:41:43.0485 4292 vwifibus - ok
22:41:43.0496 4292 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:41:43.0496 4292 vwififlt - ok
22:41:43.0517 4292 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
22:41:43.0517 4292 vwifimp - ok
22:41:43.0531 4292 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:41:43.0534 4292 W32Time - ok
22:41:43.0605 4292 W3SVC (06d2b9bc146bb0f45f45ff7a296d50c4) C:\Windows\system32\inetsrv\iisw3adm.dll
22:41:43.0607 4292 W3SVC - ok
22:41:43.0611 4292 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:41:43.0611 4292 WacomPen - ok
22:41:43.0629 4292 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:41:43.0629 4292 WANARP - ok
22:41:43.0631 4292 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:41:43.0632 4292 Wanarpv6 - ok
22:41:43.0652 4292 WAS (06d2b9bc146bb0f45f45ff7a296d50c4) C:\Windows\system32\inetsrv\iisw3adm.dll
22:41:43.0653 4292 WAS - ok
22:41:43.0741 4292 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:41:43.0746 4292 WatAdminSvc - ok
22:41:43.0791 4292 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
22:41:43.0798 4292 wbengine - ok
22:41:43.0837 4292 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:41:43.0839 4292 WbioSrvc - ok
22:41:43.0877 4292 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
22:41:43.0879 4292 wcncsvc - ok
22:41:43.0891 4292 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:41:43.0892 4292 WcsPlugInService - ok
22:41:43.0898 4292 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:41:43.0898 4292 Wd - ok
22:41:43.0917 4292 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:41:43.0923 4292 Wdf01000 - ok
22:41:43.0932 4292 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:41:43.0933 4292 WdiServiceHost - ok
22:41:43.0935 4292 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:41:43.0936 4292 WdiSystemHost - ok
22:41:43.0967 4292 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
22:41:43.0969 4292 WebClient - ok
22:41:43.0980 4292 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:41:43.0982 4292 Wecsvc - ok
22:41:43.0989 4292 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:41:43.0991 4292 wercplsupport - ok
22:41:44.0010 4292 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:41:44.0012 4292 WerSvc - ok
22:41:44.0029 4292 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:41:44.0030 4292 WfpLwf - ok
22:41:44.0032 4292 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:41:44.0033 4292 WIMMount - ok
22:41:44.0059 4292 WinDefend - ok
22:41:44.0067 4292 WinHttpAutoProxySvc - ok
22:41:44.0114 4292 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:41:44.0115 4292 Winmgmt - ok
22:41:44.0186 4292 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
22:41:44.0215 4292 WinRM - ok
22:41:44.0322 4292 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:41:44.0330 4292 Wlansvc - ok
22:41:44.0446 4292 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:41:44.0481 4292 wlidsvc - ok
22:41:44.0532 4292 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
22:41:44.0532 4292 wltrysvc - ok
22:41:44.0628 4292 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:41:44.0629 4292 WmiAcpi - ok
22:41:44.0646 4292 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:41:44.0648 4292 wmiApSrv - ok
22:41:44.0651 4292 WMPNetworkSvc - ok
22:41:44.0665 4292 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:41:44.0666 4292 WPCSvc - ok
22:41:44.0674 4292 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
22:41:44.0676 4292 WPDBusEnum - ok
22:41:44.0690 4292 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:41:44.0690 4292 ws2ifsl - ok
22:41:44.0741 4292 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
22:41:44.0743 4292 wscsvc - ok
22:41:44.0777 4292 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
22:41:44.0777 4292 WSDPrintDevice - ok
22:41:44.0779 4292 WSearch - ok
22:41:44.0859 4292 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:41:44.0894 4292 wuauserv - ok
22:41:44.0940 4292 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
22:41:44.0941 4292 WudfPf - ok
22:41:44.0952 4292 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:41:44.0953 4292 WUDFRd - ok
22:41:44.0979 4292 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
22:41:44.0981 4292 wudfsvc - ok
22:41:45.0002 4292 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:41:45.0004 4292 WwanSvc - ok
22:41:45.0025 4292 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
22:41:45.0198 4292 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:41:45.0198 4292 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:41:45.0200 4292 Boot (0x1200) (a5c682221bb3be9ca89446427c662f59) \Device\Harddisk0\DR0\Partition0
22:41:45.0202 4292 \Device\Harddisk0\DR0\Partition0 - ok
22:41:45.0228 4292 Boot (0x1200) (78d9b7da3fb3aea9283e388faf2c2666) \Device\Harddisk0\DR0\Partition1
22:41:45.0230 4292 \Device\Harddisk0\DR0\Partition1 - ok
22:41:45.0230 4292 ============================================================
22:41:45.0230 4292 Scan finished
22:41:45.0230 4292 ============================================================
22:41:45.0237 2992 Detected object count: 2
22:41:45.0237 2992 Actual detected object count: 2
22:41:55.0632 2992 sptd ( LockedFile.Multi.Generic ) - skipped by user
22:41:55.0632 2992 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
22:41:55.0632 2992 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:41:55.0632 2992 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
22:49:37.0020 3352 ============================================================
22:49:37.0020 3352 Scan started
22:49:37.0020 3352 Mode: Manual; TDLFS;
22:49:37.0020 3352 ============================================================
22:49:38.0149 3352 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
22:49:38.0150 3352 1394ohci - ok
22:49:38.0181 3352 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
22:49:38.0183 3352 ACPI - ok
22:49:38.0205 3352 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
22:49:38.0205 3352 AcpiPmi - ok
22:49:38.0348 3352 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:49:38.0349 3352 AdobeARMservice - ok
22:49:38.0395 3352 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:49:38.0398 3352 adp94xx - ok
22:49:38.0474 3352 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:49:38.0475 3352 adpahci - ok
22:49:38.0521 3352 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:49:38.0522 3352 adpu320 - ok
22:49:38.0554 3352 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:49:38.0555 3352 AeLookupSvc - ok
22:49:38.0648 3352 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
22:49:38.0649 3352 AERTFilters - ok
22:49:38.0752 3352 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
22:49:38.0754 3352 AFD - ok
22:49:38.0788 3352 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
22:49:38.0789 3352 agp440 - ok
22:49:38.0847 3352 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:49:38.0847 3352 ALG - ok
22:49:38.0862 3352 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
22:49:38.0862 3352 aliide - ok
22:49:38.0964 3352 Amazon Download Agent (ff6f0f6a2d72065ae4300426fa414693) C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
22:49:38.0966 3352 Amazon Download Agent - ok
22:49:39.0002 3352 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
22:49:39.0004 3352 AMD External Events Utility - ok
22:49:39.0007 3352 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
22:49:39.0007 3352 amdide - ok
22:49:39.0011 3352 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:49:39.0012 3352 AmdK8 - ok
22:49:39.0612 3352 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
22:49:39.0658 3352 amdkmdag - ok
22:49:39.0811 3352 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
22:49:39.0812 3352 amdkmdap - ok
22:49:39.0816 3352 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:49:39.0817 3352 AmdPPM - ok
22:49:39.0841 3352 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
22:49:39.0842 3352 amdsata - ok
22:49:39.0862 3352 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:49:39.0863 3352 amdsbs - ok
22:49:39.0882 3352 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
22:49:39.0883 3352 amdxata - ok
22:49:39.0918 3352 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
22:49:39.0918 3352 androidusb - ok
22:49:39.0978 3352 AppHostSvc (03fbb7c5ea4ef153f10282614b9771cb) C:\Windows\system32\inetsrv\apphostsvc.dll
22:49:39.0979 3352 AppHostSvc - ok
22:49:39.0992 3352 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
22:49:39.0993 3352 AppID - ok
22:49:40.0022 3352 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:49:40.0023 3352 AppIDSvc - ok
22:49:40.0042 3352 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
22:49:40.0042 3352 Appinfo - ok
22:49:40.0121 3352 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:49:40.0122 3352 Apple Mobile Device - ok
22:49:40.0144 3352 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:49:40.0144 3352 arc - ok
22:49:40.0149 3352 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:49:40.0150 3352 arcsas - ok
22:49:40.0273 3352 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:49:40.0274 3352 aspnet_state - ok
22:49:40.0280 3352 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:49:40.0280 3352 AsyncMac - ok
22:49:40.0304 3352 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
22:49:40.0305 3352 atapi - ok
22:49:40.0345 3352 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
22:49:40.0347 3352 atksgt - ok
22:49:40.0369 3352 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:49:40.0372 3352 AudioEndpointBuilder - ok
22:49:40.0377 3352 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:49:40.0379 3352 AudioSrv - ok
22:49:40.0400 3352 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
22:49:40.0400 3352 AxInstSV - ok
22:49:40.0456 3352 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:49:40.0458 3352 b06bdrv - ok
22:49:40.0484 3352 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:49:40.0485 3352 b57nd60a - ok
22:49:40.0500 3352 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
22:49:40.0500 3352 BCM42RLY - ok
22:49:40.0710 3352 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:49:40.0721 3352 BCM43XX - ok
22:49:40.0833 3352 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:49:40.0833 3352 BDESVC - ok
22:49:40.0866 3352 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:49:40.0866 3352 Beep - ok
22:49:40.0915 3352 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
22:49:40.0918 3352 BFE - ok
22:49:40.0919 3352 bffmgtto - ok
22:49:41.0047 3352 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
22:49:41.0052 3352 BITS - ok
22:49:41.0071 3352 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:49:41.0071 3352 blbdrive - ok
22:49:41.0161 3352 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:49:41.0163 3352 Bonjour Service - ok
22:49:41.0206 3352 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
22:49:41.0206 3352 bowser - ok
22:49:41.0216 3352 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:49:41.0216 3352 BrFiltLo - ok
22:49:41.0218 3352 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:49:41.0218 3352 BrFiltUp - ok
22:49:41.0249 3352 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
22:49:41.0250 3352 BridgeMP - ok
22:49:41.0281 3352 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
22:49:41.0281 3352 Browser - ok
22:49:41.0318 3352 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:49:41.0319 3352 Brserid - ok
22:49:41.0322 3352 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:49:41.0322 3352 BrSerWdm - ok
22:49:41.0324 3352 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:49:41.0325 3352 BrUsbMdm - ok
22:49:41.0327 3352 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:49:41.0327 3352 BrUsbSer - ok
22:49:41.0331 3352 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:49:41.0332 3352 BTHMODEM - ok
22:49:41.0338 3352 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:49:41.0338 3352 bthserv - ok
22:49:41.0467 3352 catchme - ok
22:49:41.0483 3352 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:49:41.0483 3352 cdfs - ok
22:49:41.0494 3352 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
22:49:41.0495 3352 cdrom - ok
22:49:41.0509 3352 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:49:41.0509 3352 CertPropSvc - ok
22:49:41.0531 3352 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:49:41.0531 3352 circlass - ok
22:49:41.0547 3352 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:49:41.0549 3352 CLFS - ok
22:49:41.0621 3352 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:49:41.0621 3352 clr_optimization_v2.0.50727_32 - ok
22:49:41.0661 3352 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:49:41.0662 3352 clr_optimization_v2.0.50727_64 - ok
22:49:41.0743 3352 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:49:41.0744 3352 clr_optimization_v4.0.30319_32 - ok
22:49:41.0796 3352 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:49:41.0797 3352 clr_optimization_v4.0.30319_64 - ok
22:49:41.0799 3352 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:49:41.0800 3352 CmBatt - ok
22:49:41.0802 3352 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
22:49:41.0803 3352 cmdide - ok
22:49:41.0839 3352 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
22:49:41.0841 3352 CNG - ok
22:49:41.0866 3352 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:49:41.0867 3352 Compbatt - ok
22:49:41.0876 3352 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
22:49:41.0876 3352 CompositeBus - ok
22:49:41.0878 3352 COMSysApp - ok
22:49:41.0881 3352 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:49:41.0882 3352 crcdisk - ok
22:49:41.0925 3352 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
22:49:41.0926 3352 CryptSvc - ok
22:49:42.0152 3352 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe
22:49:42.0153 3352 DAUpdaterSvc - ok
22:49:42.0220 3352 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:49:42.0223 3352 DcomLaunch - ok
22:49:42.0257 3352 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:49:42.0258 3352 defragsvc - ok
22:49:42.0308 3352 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
22:49:42.0308 3352 DfsC - ok
22:49:42.0320 3352 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
22:49:42.0322 3352 Dhcp - ok
22:49:42.0346 3352 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:49:42.0346 3352 discache - ok
22:49:42.0360 3352 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:49:42.0360 3352 Disk - ok
22:49:42.0399 3352 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
22:49:42.0400 3352 Dnscache - ok
22:49:42.0466 3352 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
22:49:42.0466 3352 DockLoginService - ok
22:49:42.0495 3352 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
22:49:42.0497 3352 dot3svc - ok
22:49:42.0545 3352 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
22:49:42.0546 3352 DPS - ok
22:49:42.0582 3352 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:49:42.0583 3352 drmkaud - ok
22:49:42.0767 3352 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
22:49:42.0771 3352 DXGKrnl - ok
22:49:42.0785 3352 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:49:42.0786 3352 EapHost - ok
22:49:43.0014 3352 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:49:43.0027 3352 ebdrv - ok
22:49:43.0170 3352 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
22:49:43.0171 3352 EFS - ok
22:49:43.0303 3352 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
22:49:43.0306 3352 ehRecvr - ok
22:49:43.0340 3352 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:49:43.0341 3352 ehSched - ok
22:49:43.0383 3352 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:49:43.0385 3352 elxstor - ok
22:49:43.0388 3352 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
22:49:43.0388 3352 ErrDev - ok
22:49:43.0487 3352 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:49:43.0489 3352 EventSystem - ok
22:49:43.0499 3352 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:49:43.0500 3352 exfat - ok
22:49:43.0519 3352 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:49:43.0521 3352 fastfat - ok
22:49:43.0615 3352 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
22:49:43.0618 3352 Fax - ok
22:49:43.0627 3352 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:49:43.0628 3352 fdc - ok
22:49:43.0650 3352 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:49:43.0651 3352 fdPHost - ok
22:49:43.0669 3352 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:49:43.0670 3352 FDResPub - ok
22:49:43.0701 3352 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:49:43.0701 3352 FileInfo - ok
22:49:43.0705 3352 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:49:43.0705 3352 Filetrace - ok
22:49:43.0708 3352 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:49:43.0708 3352 flpydisk - ok
22:49:43.0724 3352 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
22:49:43.0725 3352 FltMgr - ok
22:49:43.0823 3352 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
22:49:43.0828 3352 FontCache - ok
22:49:43.0914 3352 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:49:43.0914 3352 FontCache3.0.0.0 - ok
22:49:43.0933 3352 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:49:43.0933 3352 FsDepends - ok
22:49:43.0960 3352 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
22:49:43.0961 3352 Fs_Rec - ok
22:49:43.0994 3352 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:49:43.0995 3352 fvevol - ok
22:49:44.0022 3352 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:49:44.0022 3352 gagp30kx - ok
22:49:44.0063 3352 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:49:44.0063 3352 GEARAspiWDM - ok
22:49:44.0146 3352 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
22:49:44.0149 3352 gpsvc - ok
22:49:44.0165 3352 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:49:44.0165 3352 hcw85cir - ok
22:49:44.0206 3352 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
22:49:44.0207 3352 HdAudAddService - ok
22:49:44.0241 3352 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:49:44.0242 3352 HDAudBus - ok
22:49:44.0259 3352 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:49:44.0259 3352 HidBatt - ok
22:49:44.0271 3352 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:49:44.0271 3352 HidBth - ok
22:49:44.0274 3352 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:49:44.0275 3352 HidIr - ok
22:49:44.0288 3352 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
22:49:44.0289 3352 hidserv - ok
22:49:44.0299 3352 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
22:49:44.0299 3352 HidUsb - ok
22:49:44.0377 3352 HiPatchService (5a457c3d00c1c701230a12aa1580114d) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
22:49:44.0377 3352 HiPatchService - ok
22:49:44.0388 3352 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
22:49:44.0389 3352 hkmsvc - ok
22:49:44.0412 3352 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
22:49:44.0413 3352 HomeGroupListener - ok
22:49:44.0455 3352 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
22:49:44.0456 3352 HomeGroupProvider - ok
22:49:44.0461 3352 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
22:49:44.0462 3352 HpSAMD - ok
22:49:44.0486 3352 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
22:49:44.0489 3352 HTTP - ok
22:49:44.0499 3352 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
22:49:44.0499 3352 hwpolicy - ok
22:49:44.0508 3352 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:49:44.0509 3352 i8042prt - ok
22:49:44.0549 3352 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
22:49:44.0551 3352 iaStor - ok
22:49:44.0584 3352 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
22:49:44.0586 3352 iaStorV - ok
22:49:44.0705 3352 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:49:44.0709 3352 idsvc - ok
22:49:44.0724 3352 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:49:44.0725 3352 iirsp - ok
22:49:44.0756 3352 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
22:49:44.0760 3352 IKEEXT - ok
22:49:44.0986 3352 IntcAzAudAddService (c03463214d23b46b991f582821c8df69) C:\Windows\system32\drivers\RTKVHD64.sys
22:49:44.0996 3352 IntcAzAudAddService - ok
22:49:45.0108 3352 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
22:49:45.0108 3352 intelide - ok
22:49:45.0133 3352 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:49:45.0133 3352 intelppm - ok
22:49:45.0135 3352 iomxzdts - ok
22:49:45.0151 3352 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:49:45.0152 3352 IPBusEnum - ok
22:49:45.0158 3352 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:49:45.0159 3352 IpFilterDriver - ok
22:49:45.0178 3352 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
22:49:45.0181 3352 iphlpsvc - ok
22:49:45.0195 3352 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:49:45.0196 3352 IPMIDRV - ok
22:49:45.0214 3352 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:49:45.0215 3352 IPNAT - ok
22:49:45.0298 3352 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
22:49:45.0302 3352 iPod Service - ok
22:49:45.0325 3352 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:49:45.0325 3352 IRENUM - ok
22:49:45.0339 3352 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
22:49:45.0339 3352 isapnp - ok
22:49:45.0362 3352 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
22:49:45.0363 3352 iScsiPrt - ok
22:49:45.0414 3352 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys
22:49:45.0415 3352 k57nd60a - ok
22:49:45.0446 3352 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:49:45.0446 3352 kbdclass - ok
22:49:45.0458 3352 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
22:49:45.0459 3352 kbdhid - ok
22:49:45.0499 3352 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:49:45.0500 3352 KeyIso - ok
22:49:45.0636 3352 Kodak AiO Network Discovery Service (3d1e2d4a75bb4230b0cee140b5585dcd) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
22:49:45.0637 3352 Kodak AiO Network Discovery Service - ok
22:49:45.0673 3352 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
22:49:45.0674 3352 KSecDD - ok
22:49:45.0687 3352 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
22:49:45.0688 3352 KSecPkg - ok
22:49:45.0691 3352 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:49:45.0691 3352 ksthunk - ok
22:49:45.0741 3352 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:49:45.0744 3352 KtmRm - ok
22:49:45.0793 3352 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
22:49:45.0795 3352 LanmanServer - ok
22:49:45.0810 3352 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
22:49:45.0812 3352 LanmanWorkstation - ok
22:49:45.0896 3352 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
22:49:45.0897 3352 LBTServ - ok
22:49:45.0919 3352 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:49:45.0919 3352 LHidFilt - ok
22:49:45.0922 3352 lhpecaid - ok
22:49:45.0958 3352 lirsgt (83ba097acaad0b00505634a62d90f93a) C:\Windows\system32\DRIVERS\lirsgt.sys
22:49:45.0959 3352 lirsgt - ok
22:49:45.0989 3352 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:49:45.0990 3352 lltdio - ok
22:49:46.0042 3352 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:49:46.0044 3352 lltdsvc - ok
22:49:46.0059 3352 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:49:46.0060 3352 lmhosts - ok
22:49:46.0073 3352 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:49:46.0073 3352 LMouFilt - ok
22:49:46.0104 3352 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:49:46.0105 3352 LSI_FC - ok
22:49:46.0118 3352 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:49:46.0119 3352 LSI_SAS - ok
22:49:46.0123 3352 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:49:46.0124 3352 LSI_SAS2 - ok
22:49:46.0156 3352 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:49:46.0156 3352 LSI_SCSI - ok
22:49:46.0176 3352 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:49:46.0177 3352 luafv - ok
22:49:46.0212 3352 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
22:49:46.0212 3352 MBAMProtector - ok
22:49:46.0311 3352 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:49:46.0314 3352 MBAMService - ok
22:49:46.0357 3352 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
22:49:46.0359 3352 Mcx2Svc - ok
22:49:46.0365 3352 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:49:46.0365 3352 megasas - ok
22:49:46.0399 3352 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:49:46.0400 3352 MegaSR - ok
22:49:46.0413 3352 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:49:46.0415 3352 MMCSS - ok
22:49:46.0418 3352 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:49:46.0419 3352 Modem - ok
22:49:46.0428 3352 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:49:46.0428 3352 monitor - ok
22:49:46.0435 3352 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:49:46.0435 3352 mouclass - ok
22:49:46.0451 3352 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:49:46.0452 3352 mouhid - ok
22:49:46.0517 3352 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
22:49:46.0518 3352 mountmgr - ok
22:49:46.0594 3352 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:49:46.0594 3352 MozillaMaintenance - ok
22:49:46.0605 3352 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
22:49:46.0605 3352 mpio - ok
22:49:46.0617 3352 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:49:46.0618 3352 mpsdrv - ok
22:49:46.0642 3352 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
22:49:46.0646 3352 MpsSvc - ok
22:49:46.0663 3352 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
22:49:46.0664 3352 MRxDAV - ok
22:49:46.0699 3352 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:49:46.0700 3352 mrxsmb - ok
22:49:46.0777 3352 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:49:46.0778 3352 mrxsmb10 - ok
22:49:46.0789 3352 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:49:46.0789 3352 mrxsmb20 - ok
22:49:46.0804 3352 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
22:49:46.0805 3352 msahci - ok
22:49:46.0810 3352 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
22:49:46.0810 3352 msdsm - ok
22:49:46.0821 3352 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:49:46.0822 3352 MSDTC - ok
22:49:46.0858 3352 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:49:46.0859 3352 Msfs - ok
22:49:46.0883 3352 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:49:46.0884 3352 mshidkmdf - ok
22:49:46.0907 3352 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
22:49:46.0907 3352 msisadrv - ok
22:49:46.0925 3352 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:49:46.0926 3352 MSiSCSI - ok
22:49:46.0928 3352 msiserver - ok
22:49:46.0931 3352 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:49:46.0931 3352 MSKSSRV - ok
22:49:46.0934 3352 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:49:46.0934 3352 MSPCLOCK - ok
22:49:46.0937 3352 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:49:46.0937 3352 MSPQM - ok
22:49:46.0976 3352 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
22:49:46.0978 3352 MsRPC - ok
22:49:46.0989 3352 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
22:49:46.0989 3352 mssmbios - ok
22:49:47.0062 3352 MSSQL$BWDATOOLSET - ok
22:49:47.0091 3352 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
22:49:47.0091 3352 MSSQLServerADHelper - ok
22:49:47.0101 3352 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:49:47.0101 3352 MSTEE - ok
22:49:47.0104 3352 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:49:47.0104 3352 MTConfig - ok
22:49:47.0139 3352 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:49:47.0139 3352 Mup - ok
22:49:47.0176 3352 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
22:49:47.0179 3352 napagent - ok
22:49:47.0229 3352 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:49:47.0230 3352 NativeWifiP - ok
22:49:47.0271 3352 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
22:49:47.0275 3352 NDIS - ok
22:49:47.0296 3352 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:49:47.0297 3352 NdisCap - ok
22:49:47.0306 3352 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:49:47.0307 3352 NdisTapi - ok
22:49:47.0313 3352 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
22:49:47.0313 3352 Ndisuio - ok
22:49:47.0327 3352 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:49:47.0328 3352 NdisWan - ok
22:49:47.0334 3352 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
22:49:47.0335 3352 NDProxy - ok
22:49:47.0342 3352 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:49:47.0343 3352 NetBIOS - ok
22:49:47.0357 3352 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
22:49:47.0358 3352 NetBT - ok
22:49:47.0390 3352 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:49:47.0390 3352 Netlogon - ok
22:49:47.0437 3352 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:49:47.0439 3352 Netman - ok
22:49:47.0550 3352 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:47.0551 3352 NetMsmqActivator - ok
22:49:47.0553 3352 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:47.0554 3352 NetPipeActivator - ok
22:49:47.0588 3352 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:49:47.0591 3352 netprofm - ok
22:49:47.0593 3352 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:47.0594 3352 NetTcpActivator - ok
22:49:47.0597 3352 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:47.0597 3352 NetTcpPortSharing - ok
22:49:47.0639 3352 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:49:47.0639 3352 nfrd960 - ok
22:49:47.0669 3352 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
22:49:47.0671 3352 NlaSvc - ok
22:49:47.0679 3352 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:49:47.0680 3352 Npfs - ok
22:49:47.0720 3352 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:49:47.0721 3352 nsi - ok
22:49:47.0732 3352 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:49:47.0733 3352 nsiproxy - ok
22:49:47.0885 3352 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
22:49:47.0891 3352 Ntfs - ok
22:49:48.0001 3352 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:49:48.0002 3352 Null - ok
22:49:48.0003 3352 nvlddmkm - ok
22:49:48.0053 3352 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
22:49:48.0053 3352 nvraid - ok
22:49:48.0076 3352 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
22:49:48.0077 3352 nvstor - ok
22:49:48.0118 3352 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
22:49:48.0119 3352 nv_agp - ok
22:49:48.0122 3352 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
22:49:48.0123 3352 ohci1394 - ok
22:49:48.0147 3352 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:49:48.0149 3352 p2pimsvc - ok
22:49:48.0327 3352 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:49:48.0330 3352 p2psvc - ok
22:49:48.0377 3352 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:49:48.0378 3352 Parport - ok
22:49:48.0421 3352 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
22:49:48.0421 3352 partmgr - ok
22:49:48.0429 3352 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:49:48.0431 3352 PcaSvc - ok
22:49:48.0441 3352 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
22:49:48.0442 3352 pci - ok
22:49:48.0458 3352 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
22:49:48.0458 3352 pciide - ok
22:49:48.0477 3352 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:49:48.0479 3352 pcmcia - ok
22:49:48.0483 3352 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:49:48.0483 3352 pcw - ok
22:49:48.0532 3352 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:49:48.0535 3352 PEAUTH - ok
22:49:48.0620 3352 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:49:48.0620 3352 PerfHost - ok
22:49:48.0751 3352 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
22:49:48.0757 3352 pla - ok
22:49:48.0794 3352 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
22:49:48.0797 3352 PlugPlay - ok
22:49:48.0808 3352 PnkBstrA - ok
22:49:48.0834 3352 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:49:48.0835 3352 PNRPAutoReg - ok
22:49:48.0847 3352 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:49:48.0849 3352 PNRPsvc - ok
22:49:48.0953 3352 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
22:49:48.0955 3352 PolicyAgent - ok
22:49:48.0993 3352 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:49:48.0995 3352 Power - ok
22:49:49.0049 3352 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
22:49:49.0049 3352 PptpMiniport - ok
22:49:49.0058 3352 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:49:49.0058 3352 Processor - ok
22:49:49.0100 3352 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
22:49:49.0102 3352 ProfSvc - ok
22:49:49.0137 3352 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:49:49.0138 3352 ProtectedStorage - ok
22:49:49.0149 3352 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
22:49:49.0150 3352 Psched - ok
22:49:49.0178 3352 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
22:49:49.0179 3352 PxHlpa64 - ok
22:49:49.0256 3352 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:49:49.0263 3352 ql2300 - ok
22:49:49.0366 3352 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:49:49.0367 3352 ql40xx - ok
22:49:49.0405 3352 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:49:49.0407 3352 QWAVE - ok
22:49:49.0412 3352 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:49:49.0413 3352 QWAVEdrv - ok
22:49:49.0415 3352 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:49:49.0416 3352 RasAcd - ok
22:49:49.0445 3352 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:49:49.0446 3352 RasAgileVpn - ok
22:49:49.0456 3352 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:49:49.0457 3352 RasAuto - ok
22:49:49.0471 3352 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:49:49.0472 3352 Rasl2tp - ok
22:49:49.0484 3352 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
22:49:49.0487 3352 RasMan - ok
22:49:49.0493 3352 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:49:49.0494 3352 RasPppoe - ok
22:49:49.0502 3352 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:49:49.0503 3352 RasSstp - ok
22:49:49.0516 3352 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
22:49:49.0518 3352 rdbss - ok
22:49:49.0532 3352 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:49:49.0532 3352 rdpbus - ok
22:49:49.0545 3352 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:49:49.0545 3352 RDPCDD - ok
22:49:49.0549 3352 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:49:49.0549 3352 RDPENCDD - ok
22:49:49.0560 3352 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:49:49.0560 3352 RDPREFMP - ok
22:49:49.0589 3352 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
22:49:49.0590 3352 RDPWD - ok
22:49:49.0603 3352 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
22:49:49.0604 3352 rdyboost - ok
22:49:49.0612 3352 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:49:49.0613 3352 RemoteAccess - ok
22:49:49.0625 3352 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:49:49.0627 3352 RemoteRegistry - ok
22:49:50.0066 3352 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
22:49:50.0071 3352 RoxMediaDB10 - ok
22:49:50.0076 3352 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:49:50.0078 3352 RpcEptMapper - ok
22:49:50.0112 3352 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:49:50.0112 3352 RpcLocator - ok
22:49:50.0128 3352 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:49:50.0131 3352 RpcSs - ok
22:49:50.0172 3352 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:49:50.0173 3352 rspndr - ok
22:49:50.0175 3352 RxFilter - ok
22:49:50.0211 3352 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:49:50.0212 3352 SamSs - ok
22:49:50.0225 3352 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
22:49:50.0225 3352 sbp2port - ok
22:49:50.0239 3352 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:49:50.0241 3352 SCardSvr - ok
22:49:50.0270 3352 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
22:49:50.0270 3352 scfilter - ok
22:49:50.0323 3352 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
22:49:50.0328 3352 Schedule - ok
22:49:50.0367 3352 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:49:50.0368 3352 SCPolicySvc - ok
22:49:50.0383 3352 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
22:49:50.0385 3352 SDRSVC - ok
22:49:50.0393 3352 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:49:50.0394 3352 secdrv - ok
22:49:50.0397 3352 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
22:49:50.0399 3352 seclogon - ok
22:49:50.0409 3352 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
22:49:50.0410 3352 SENS - ok
22:49:50.0422 3352 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:49:50.0423 3352 SensrSvc - ok
22:49:50.0437 3352 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:49:50.0438 3352 Serenum - ok
22:49:50.0443 3352 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:49:50.0443 3352 Serial - ok
22:49:50.0477 3352 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:49:50.0477 3352 sermouse - ok
22:49:50.0558 3352 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
22:49:50.0559 3352 SessionEnv - ok
22:49:50.0583 3352 SessionLauncher - ok
22:49:50.0598 3352 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
22:49:50.0598 3352 sffdisk - ok
22:49:50.0607 3352 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:49:50.0608 3352 sffp_mmc - ok
22:49:50.0612 3352 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
22:49:50.0613 3352 sffp_sd - ok
22:49:50.0626 3352 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:49:50.0627 3352 sfloppy - ok
22:49:50.0693 3352 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:49:50.0695 3352 SharedAccess - ok
22:49:50.0723 3352 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
22:49:50.0725 3352 ShellHWDetection - ok
22:49:50.0734 3352 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:49:50.0734 3352 SiSRaid2 - ok
22:49:50.0739 3352 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:49:50.0740 3352 SiSRaid4 - ok
22:49:50.0750 3352 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:49:50.0750 3352 Smb - ok
22:49:50.0775 3352 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:49:50.0776 3352 SNMPTRAP - ok
22:49:50.0791 3352 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:49:50.0791 3352 spldr - ok
22:49:50.0876 3352 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
22:49:50.0879 3352 Spooler - ok
22:49:51.0133 3352 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
22:49:51.0148 3352 sppsvc - ok
22:49:51.0221 3352 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:49:51.0222 3352 sppuinotify - ok
22:49:51.0317 3352 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
22:49:51.0317 3352 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
22:49:51.0318 3352 sptd ( LockedFile.Multi.Generic ) - warning
22:49:51.0318 3352 sptd - detected LockedFile.Multi.Generic (1)
22:49:51.0428 3352 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:49:51.0429 3352 SQLBrowser - ok
22:49:51.0480 3352 SQLWriter (3c432a96363097870995e2a3c8b66abd) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:49:51.0481 3352 SQLWriter - ok
22:49:51.0548 3352 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
22:49:51.0550 3352 srv - ok
22:49:51.0591 3352 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
22:49:51.0593 3352 srv2 - ok
22:49:51.0628 3352 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
22:49:51.0629 3352 srvnet - ok
22:49:51.0665 3352 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
22:49:51.0666 3352 ssadbus - ok
22:49:51.0694 3352 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:49:51.0694 3352 ssadmdfl - ok
22:49:51.0766 3352 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
22:49:51.0767 3352 ssadmdm - ok
22:49:51.0803 3352 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys
22:49:51.0803 3352 ssadserd - ok
22:49:51.0833 3352 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:49:51.0835 3352 SSDPSRV - ok
22:49:51.0959 3352 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:49:51.0960 3352 SstpSvc - ok
22:49:52.0025 3352 Steam Client Service - ok
22:49:52.0051 3352 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:49:52.0051 3352 stexstor - ok
22:49:52.0089 3352 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
22:49:52.0089 3352 StillCam - ok
22:49:52.0192 3352 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
22:49:52.0195 3352 stisvc - ok
22:49:52.0264 3352 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
22:49:52.0264 3352 stllssvr - ok
22:49:52.0279 3352 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
22:49:52.0279 3352 swenum - ok
22:49:52.0333 3352 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:49:52.0336 3352 swprv - ok
22:49:52.0537 3352 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
22:49:52.0546 3352 SysMain - ok
22:49:52.0697 3352 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
22:49:52.0699 3352 TabletInputService - ok
22:49:52.0732 3352 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
22:49:52.0734 3352 TapiSrv - ok
22:49:52.0742 3352 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:49:52.0744 3352 TBS - ok
22:49:52.0789 3352 tclondrv (bb7c91d0e97aa8126212838d32dcc83c) C:\Windows\system32\DRIVERS\tclondrv.sys
22:49:52.0789 3352 tclondrv - ok
22:49:52.0894 3352 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
22:49:52.0902 3352 Tcpip - ok
22:49:53.0058 3352 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
22:49:53.0066 3352 TCPIP6 - ok
22:49:53.0160 3352 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
22:49:53.0161 3352 tcpipreg - ok
22:49:53.0171 3352 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:49:53.0171 3352 TDPIPE - ok
22:49:53.0206 3352 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
22:49:53.0206 3352 TDTCP - ok
22:49:53.0223 3352 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
22:49:53.0224 3352 tdx - ok
22:49:53.0241 3352 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
22:49:53.0242 3352 TermDD - ok
22:49:53.0292 3352 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
22:49:53.0296 3352 TermService - ok
22:49:53.0306 3352 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:49:53.0307 3352 Themes - ok
22:49:53.0465 3352 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:49:53.0466 3352 THREADORDER - ok
22:49:53.0479 3352 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:49:53.0481 3352 TrkWks - ok
22:49:53.0516 3352 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
22:49:53.0517 3352 TrustedInstaller - ok
22:49:53.0542 3352 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:49:53.0542 3352 tssecsrv - ok
22:49:53.0586 3352 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
22:49:53.0587 3352 tunnel - ok
22:49:53.0596 3352 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:49:53.0596 3352 uagp35 - ok
22:49:53.0652 3352 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
22:49:53.0653 3352 udfs - ok
22:49:53.0663 3352 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:49:53.0664 3352 UI0Detect - ok
22:49:53.0683 3352 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
22:49:53.0684 3352 uliagpkx - ok
22:49:53.0708 3352 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
22:49:53.0709 3352 umbus - ok
22:49:53.0725 3352 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:49:53.0725 3352 UmPass - ok
22:49:53.0793 3352 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:49:53.0795 3352 upnphost - ok
22:49:53.0829 3352 USBAAPL64 (9e58997a211c8c9ac9e6cffa53614a73) C:\Windows\system32\Drivers\usbaapl64.sys
22:49:53.0830 3352 USBAAPL64 - ok
22:49:53.0901 3352 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
22:49:53.0901 3352 usbccgp - ok
22:49:53.0924 3352 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
22:49:53.0924 3352 usbcir - ok
22:49:53.0972 3352 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
22:49:53.0972 3352 usbehci - ok
22:49:53.0999 3352 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
22:49:54.0000 3352 usbhub - ok
22:49:54.0023 3352 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
22:49:54.0023 3352 usbohci - ok
22:49:54.0037 3352 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:49:54.0037 3352 usbprint - ok
22:49:54.0072 3352 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:49:54.0072 3352 usbscan - ok
22:49:54.0115 3352 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:49:54.0116 3352 USBSTOR - ok
22:49:54.0125 3352 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
22:49:54.0125 3352 usbuhci - ok
22:49:54.0147 3352 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:49:54.0148 3352 UxSms - ok
22:49:54.0191 3352 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:49:54.0192 3352 VaultSvc - ok
22:49:54.0196 3352 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
22:49:54.0196 3352 vdrvroot - ok
22:49:54.0241 3352 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
22:49:54.0244 3352 vds - ok
22:49:54.0265 3352 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:49:54.0265 3352 vga - ok
22:49:54.0291 3352 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:49:54.0292 3352 VgaSave - ok
22:49:54.0310 3352 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
22:49:54.0311 3352 vhdmp - ok
22:49:54.0314 3352 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
22:49:54.0314 3352 viaide - ok
22:49:54.0329 3352 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
22:49:54.0329 3352 volmgr - ok
22:49:54.0349 3352 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
22:49:54.0351 3352 volmgrx - ok
22:49:54.0377 3352 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
22:49:54.0378 3352 volsnap - ok
22:49:54.0445 3352 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:49:54.0446 3352 vsmraid - ok
22:49:54.0812 3352 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
22:49:54.0820 3352 VSS - ok
22:49:55.0103 3352 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:49:55.0103 3352 vwifibus - ok
22:49:55.0123 3352 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:49:55.0124 3352 vwififlt - ok
22:49:55.0135 3352 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
22:49:55.0135 3352 vwifimp - ok
22:49:55.0267 3352 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:49:55.0270 3352 W32Time - ok
22:49:55.0395 3352 W3SVC (06d2b9bc146bb0f45f45ff7a296d50c4) C:\Windows\system32\inetsrv\iisw3adm.dll
22:49:55.0397 3352 W3SVC - ok
22:49:55.0414 3352 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:49:55.0415 3352 WacomPen - ok
22:49:55.0455 3352 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:49:55.0456 3352 WANARP - ok
22:49:55.0457 3352 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:49:55.0458 3352 Wanarpv6 - ok
22:49:55.0462 3352 WAS (06d2b9bc146bb0f45f45ff7a296d50c4) C:\Windows\system32\inetsrv\iisw3adm.dll
22:49:55.0464 3352 WAS - ok
22:49:55.0852 3352 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:49:55.0857 3352 WatAdminSvc - ok
22:49:56.0061 3352 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
22:49:56.0068 3352 wbengine - ok
22:49:56.0348 3352 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:49:56.0350 3352 WbioSrvc - ok
22:49:56.0467 3352 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
22:49:56.0469 3352 wcncsvc - ok
22:49:56.0499 3352 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:49:56.0501 3352 WcsPlugInService - ok
22:49:56.0579 3352 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:49:56.0579 3352 Wd - ok
22:49:56.0726 3352 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:49:56.0729 3352 Wdf01000 - ok
22:49:56.0770 3352 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:49:56.0772 3352 WdiServiceHost - ok
22:49:56.0774 3352 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:49:56.0775 3352 WdiSystemHost - ok
22:49:56.0844 3352 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
22:49:56.0846 3352 WebClient - ok
22:49:56.0878 3352 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:49:56.0880 3352 Wecsvc - ok
22:49:56.0914 3352 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:49:56.0916 3352 wercplsupport - ok
22:49:56.0951 3352 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:49:56.0952 3352 WerSvc - ok
22:49:57.0022 3352 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:49:57.0022 3352 WfpLwf - ok
22:49:57.0046 3352 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:49:57.0046 3352 WIMMount - ok
22:49:57.0105 3352 WinDefend - ok
22:49:57.0109 3352 WinHttpAutoProxySvc - ok
22:49:57.0212 3352 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:49:57.0213 3352 Winmgmt - ok
22:49:57.0382 3352 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
22:49:57.0391 3352 WinRM - ok
22:49:57.0554 3352 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:49:57.0559 3352 Wlansvc - ok
22:49:58.0197 3352 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:49:58.0206 3352 wlidsvc - ok
22:49:58.0279 3352 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
22:49:58.0279 3352 wltrysvc - ok
22:49:58.0788 3352 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:49:58.0788 3352 WmiAcpi - ok
22:49:58.0898 3352 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:49:58.0899 3352 wmiApSrv - ok
22:49:58.0930 3352 WMPNetworkSvc - ok
22:49:58.0979 3352 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:49:58.0980 3352 WPCSvc - ok
22:49:59.0028 3352 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
22:49:59.0030 3352 WPDBusEnum - ok
22:49:59.0067 3352 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:49:59.0068 3352 ws2ifsl - ok
22:49:59.0148 3352 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
22:49:59.0150 3352 wscsvc - ok
22:49:59.0190 3352 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
22:49:59.0190 3352 WSDPrintDevice - ok
22:49:59.0192 3352 WSearch - ok
22:49:59.0975 3352 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:49:59.0986 3352 wuauserv - ok
22:50:00.0330 3352 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
22:50:00.0331 3352 WudfPf - ok
22:50:00.0380 3352 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:50:00.0381 3352 WUDFRd - ok
22:50:00.0433 3352 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
22:50:00.0435 3352 wudfsvc - ok
22:50:00.0534 3352 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:50:00.0536 3352 WwanSvc - ok
22:50:00.0555 3352 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
22:50:01.0495 3352 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:50:01.0495 3352 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:50:01.0505 3352 Boot (0x1200) (a5c682221bb3be9ca89446427c662f59) \Device\Harddisk0\DR0\Partition0
22:50:01.0507 3352 \Device\Harddisk0\DR0\Partition0 - ok
22:50:01.0516 3352 Boot (0x1200) (78d9b7da3fb3aea9283e388faf2c2666) \Device\Harddisk0\DR0\Partition1
22:50:01.0527 3352 \Device\Harddisk0\DR0\Partition1 - ok
22:50:01.0527 3352 ============================================================
22:50:01.0527 3352 Scan finished
22:50:01.0527 3352 ============================================================
22:50:01.0531 1032 Detected object count: 2
22:50:01.0531 1032 Actual detected object count: 2
22:50:13.0797 1032 sptd ( LockedFile.Multi.Generic ) - skipped by user
22:50:13.0797 1032 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
22:50:13.0797 1032 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:50:13.0797 1032 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
22:50:20.0214 3052 Deinitialize success




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-21 22:57:46
-----------------------------
22:57:46.046 OS Version: Windows x64 6.1.7600
22:57:46.046 Number of processors: 8 586 0x1E05
22:57:46.047 ComputerName: MRCOMPUTER-PC UserName: MrComputer
22:57:51.163 Initialize success
22:57:54.588 AVAST engine defs: 12062101
09:57:51.298 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:57:51.299 Disk 0 Vendor: ST31000528AS CC45 Size: 953869MB BusType: 3
09:57:51.333 Disk 0 MBR read successfully
09:57:51.334 Disk 0 MBR scan
09:57:51.370 Disk 0 Windows VISTA default MBR code
09:57:51.376 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:57:51.389 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
09:57:51.408 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 938828 MB offset 30801920
09:57:51.451 Disk 0 scanning C:\Windows\system32\drivers
09:58:06.063 Service scanning
09:58:20.800 Modules scanning
09:58:20.800 Disk 0 trace - called modules:
09:58:20.816 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8007a5f2c0]<<spjk.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
09:58:20.817 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e43060]
09:58:20.818 3 CLASSPNP.SYS[fffff880013af43f] -> nt!IofCallDriver -> [0xfffffa8007bc2520]
09:58:20.818 5 ACPI.sys[fffff8800100b781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007bc4060]
09:58:20.818 \Driver\atapi[0xfffffa8007ba76a0] -> IRP_MJ_CREATE -> 0xfffffa8007a5f2c0
09:58:28.838 AVAST engine scan C:\Windows
09:59:05.043 AVAST engine scan C:\Windows\system32
10:06:26.814 AVAST engine scan C:\Windows\system32\drivers
10:07:50.163 AVAST engine scan C:\Users\MrComputer
10:58:22.592 AVAST engine scan C:\ProgramData
11:09:44.170 Scan finished successfully
11:47:45.493 Disk 0 MBR has been saved successfully to "C:\Users\MrComputer\Desktop\MBR.dat"
11:47:45.497 The log file has been saved successfully to "C:\Users\MrComputer\Desktop\aswMBR.txt"




C:\ProgramData\Microsoft\Windows\DRM\B7DA.tmp Win64/Olmarik.AH trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\BB06.tmp Win64/Olmarik.AH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.06.2012_14.47.31\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.06.2012_14.47.31\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.06.2012_14.47.31\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.KS trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.06.2012_14.47.31\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.06.2012_14.47.31\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\21.06.2012_14.47.31\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Users\MrComputer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FSMHPUQF\2395ccc009752c4a[1].htm JS/Fraud.NAP trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4WEX5DD0\action[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WTMZKJ6I\action[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:56 PM

Posted 22 June 2012 - 10:57 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 rabbitsongs

rabbitsongs
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:here-and-there
  • Local time:08:56 PM

Posted 22 June 2012 - 02:18 PM

Both MBAM scans came back clean. Here is the log for MiniToolBox:

MiniToolBox by Farbar Version: 09-06-2012
Ran by MrComputer (administrator) on 22-06-2012 at 15:12:25
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "127.0.0.1"
"network.proxy.http_port", 54970
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1505 Draft 802.11n WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MrComputer-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.md.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 90-4C-E5-0B-52-F3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-25-64-DE-D6-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : Dell Wireless 1505 Draft 802.11n WLAN Mini-Card
Physical Address. . . . . . . . . : 90-4C-E5-0B-52-F3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::dc77:9c09:3e2:3e34%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.149(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, June 22, 2012 3:07:23 PM
Lease Expires . . . . . . . . . . : Saturday, June 23, 2012 3:07:25 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 194006245
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-92-C0-8D-00-25-64-DE-D6-5B
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.md.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:387a:647:ba04:dfb4(Preferred)
Link-local IPv6 Address . . . . . : fe80::387a:647:ba04:dfb4%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4004:800::1002
74.125.228.69
74.125.228.65
74.125.228.72
74.125.228.64
74.125.228.70
74.125.228.73
74.125.228.67
74.125.228.66
74.125.228.68
74.125.228.71
74.125.228.78


Pinging google.com [74.125.228.8] with 32 bytes of data:
Reply from 74.125.228.8: bytes=32 time=15ms TTL=55
Reply from 74.125.228.8: bytes=32 time=19ms TTL=55

Ping statistics for 74.125.228.8:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 15ms, Maximum = 19ms, Average = 17ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=95ms TTL=49
Reply from 72.30.38.140: bytes=32 time=91ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 91ms, Maximum = 95ms, Average = 93ms
Server: cdns01.comcast.net
Address: 75.75.75.75

DNS request timed out.
timeout was 2 seconds.
Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
14...90 4c e5 0b 52 f3 ......Microsoft Virtual WiFi Miniport Adapter
12...00 25 64 de d6 5b ......Broadcom NetLink ™ Gigabit Ethernet
11...90 4c e5 0b 52 f3 ......Dell Wireless 1505 Draft 802.11n WLAN Mini-Card
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.149 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.149 281
192.168.1.149 255.255.255.255 On-link 192.168.1.149 281
192.168.1.255 255.255.255.255 On-link 192.168.1.149 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.149 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.149 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:4137:9e76:387a:647:ba04:dfb4/128
On-link
11 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::387a:647:ba04:dfb4/128
On-link
11 281 fe80::dc77:9c09:3e2:3e34/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/22/2012 02:20:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/21/2012 10:45:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/21/2012 10:45:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/21/2012 10:45:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/21/2012 10:40:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/19/2012 11:01:07 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16446, time stamp: 0x4fb57c8f
Faulting module name: iertutil.dll, version: 9.0.8112.16446, time stamp: 0x4fb57b3c
Exception code: 0xc0000005
Fault offset: 0x001166d6
Faulting process id: 0x950
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/19/2012 10:14:43 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: jscript9.dll, version: 9.0.8112.16446, time stamp: 0x4fb57f7f
Exception code: 0xc0000005
Fault offset: 0x000adc5d
Faulting process id: 0xb0c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (06/19/2012 06:35:19 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16446, time stamp: 0x4fb57c8f
Faulting module name: Flash10o.ocx, version: 10.2.153.1, time stamp: 0x4d79ae94
Exception code: 0xc0000005
Fault offset: 0x0019894a
Faulting process id: 0x1010
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/19/2012 06:18:01 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: jscript9.dll, version: 9.0.8112.16446, time stamp: 0x4fb57f7f
Exception code: 0xc0000005
Fault offset: 0x0000accb
Faulting process id: 0xaf8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (06/17/2012 03:59:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16446, time stamp: 0x4fb58407
Exception code: 0xc00000fd
Fault offset: 0x002b85a4
Faulting process id: 0x17bc
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (06/22/2012 03:07:27 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
luafv
RxFilter

Error: (06/22/2012 03:07:19 PM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (06/22/2012 00:02:39 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
luafv
RxFilter

Error: (06/22/2012 00:02:29 PM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (06/21/2012 09:31:29 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
luafv
RxFilter

Error: (06/21/2012 09:31:27 PM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (06/21/2012 04:36:35 PM) (Source: Service Control Manager) (User: )
Description: The Windows Driver Foundation - User-mode Driver Framework service depends on the Plug and Play service which failed to start because of the following error:
%%1115

Error: (06/21/2012 04:36:35 PM) (Source: Service Control Manager) (User: )
Description: The Plug and Play service failed to start due to the following error:
%%1115

Error: (06/21/2012 04:36:35 PM) (Source: Service Control Manager) (User: )
Description: The Desktop Window Manager Session Manager service failed to start due to the following error:
%%1115

Error: (06/21/2012 04:36:35 PM) (Source: Service Control Manager) (User: )
Description: The Human Interface Device Access service failed to start due to the following error:
%%1115


Microsoft Office Sessions:
=========================
Error: (06/22/2012 02:20:56 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (06/21/2012 10:45:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\MrComputer\Desktop\esetsmartinstaller_enu.exe

Error: (06/21/2012 10:45:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\MrComputer\Desktop\esetsmartinstaller_enu.exe

Error: (06/21/2012 10:45:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\MrComputer\Desktop\esetsmartinstaller_enu.exe

Error: (06/21/2012 10:40:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\MrComputer\Desktop\esetsmartinstaller_enu.exe

Error: (06/19/2012 11:01:07 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164464fb57c8fiertutil.dll9.0.8112.164464fb57b3cc0000005001166d695001cd4e2c59e6a741C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\syswow64\iertutil.dll98cee2ff-ba1f-11e1-af97-002564ded65b

Error: (06/19/2012 10:14:43 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5jscript9.dll9.0.8112.164464fb57f7fc0000005000adc5db0c01cd4e0a55bf32f1\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\jscript9.dll1ced1ed2-ba19-11e1-aefc-002564ded65b

Error: (06/19/2012 06:35:19 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164464fb57c8fFlash10o.ocx10.2.153.14d79ae94c00000050019894a101001cd4e07319c1fbfC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Macromed\Flash\Flash10o.ocx769479f6-b9fa-11e1-aee9-002564ded65b

Error: (06/19/2012 06:18:01 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5jscript9.dll9.0.8112.164464fb57f7fc00000050000accbaf801cd4dfb423cd75c\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\jscript9.dll0bed6bdf-b9f8-11e1-aee9-002564ded65b

Error: (06/17/2012 03:59:22 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5MSHTML.dll9.0.8112.164464fb58407c00000fd002b85a417bc01cd4c8e2cbfa812\\.\globalroot\systemroot\svchost.exeC:\Windows\system32\MSHTML.dlledc2b6d9-b8b6-11e1-a150-002564ded65b


=========================== Installed Programs ============================

µTorrent (Version: 1.8.5)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 10 ActiveX (Version: 10.2.153.1)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Age of Conan - Hyborian Adventures
Age of Mythology
Age of Mythology - The Titans Expansion
Aion (Version: 1.5.0.0)
aioscnnr (Version: 7.2.5.0)
Amazon Games & Software Downloader (Version: 2.0.2.0)
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
Analogue: A Hate Story Demo
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Arcanum Of Steamworks and Magick Obscura
ATI AVIVO64 Codecs (Version: 11.6.0.51125)
ATI Catalyst Registration (Version: 3.00.0000)
Audacity 1.3.13 (Unicode)
Audiosurf
Avidemux 2.5 (Version: 2.5.6.7716)
Baldur's Gate II
Baldur's Gate Tutu
Banctec Service Agreement (Version: 2.0.0)
Battlefield 3™ (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 1.104.0)
Black & White® 2 (Version: 1.00.0000)
Black & White® 2 Battle of the Gods (Version: 1.00.0000)
Bonjour (Version: 3.0.0.10)
Borderlands
Breath of Death VII
C4USelfUpdater (Version: 1.00.0000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0405.2205.37728)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility64 (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
CDDRV_Installer (Version: 4.60)
center (Version: 6.2.5.0)
Champions Online
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
City of Villains/City of Heroes (remove only)
ClipX
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Crimson Editor SVN286 (Version: SVN286)
Crysis
Cthulhu Saves the World
Curse Client (Version: 4.0.1.104)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
Deus Ex - HDTP
Deus Ex: Human Revolution
Diablo II
Digital - A Love Story 1.1 (Version: 1.1)
DirectXInstallService (Version: 9.0.2)
Divine Divinity Demo
DivX Setup (Version: 2.3.0.20)
Download Updater (AOL LLC)
Dragon Age Awakening Redesigned
Dragon Age II
Dragon Age II Demo
Dragon Age Toolset (Version: 1.01)
Dragon Age: Origins
Dragon Age: Origins - Awakening
Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.13.01.801 (Version: 01.13.01.8017)
Dungeons of Dredmor
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
EQ2MAP Updater 1.2.4 (Version: 1.2.4)
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
essentials (Version: 6.0.14.0)
EVE Online: Incarna
EverQuest II
Fallout 2
Fallout Tactics
Fallout: New Vegas
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
Francesco's leveled creatures-items mod 4.5b
Game Booster (Version: 2.0.0.0)
GameSpy Comrade (Version: 1.5.0.156)
Garmin Lifetime Updater (Version: 2.0.12)
GOG.com Downloader version 3.0.40 (Version: 3.0.40)
Guild Wars
Half-Life 2
Half-Life 2: Episode One
Half-Life 2: Episode Two
Half-Life 2: Lost Coast
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
Hitman: Blood Money Demo
HitmanPro 3.6 (Version: 3.6.0.153)
HP Deskjet 1000 J110 series Basic Device Software (Version: 21.0.952.0)
HP Deskjet 1000 J110 series Help (Version: 140.0.63.63)
HydraVision (Version: 4.2.184.0)
Icewind Dale II
iPod To Computer Transfer 5.6
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 27 (Version: 6.0.270)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
Junk Mail filter update (Version: 14.0.8089.726)
KhalInstallWrapper (Version: 2.00.0000)
Kingdoms Of Amalur: Reckoning
Kodak AIO Printer (Version: 7.0.3.0)
KODAK AiO Software (Version: 7.2.0.0)
League of Legends (Version: 1.3)
Logitech SetPoint (Version: 4.80)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mass Effect (Version: 1.00)
Mass Effect™ 3 (Version: 1.01.0.0)
Medieval II: Total War
Medieval II: Total War Kingdoms
Mega Manager (Version: 3.3.05)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (BWDATOOLSET) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Monkey Island 2: Special Edition
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
Mozilla Thunderbird 13.0 (x86 en-US) (Version: 13.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
Multimedia Card Reader (Version: 1.4.915.1)
NCsoft Launcher (Version: 1.5.7.0)
Network Stumbler 0.4.0 (remove only)
Neverwinter Nights 2: Platinum
Neverwinter Nights Diamond Edition
Nexus Mod Manager (Version: 0.18.7)
NVIDIA Install Application (Version: 2.0.14.0)
NVIDIA PhysX (Version: 9.11.1107)
Oblivion (Version: 1.00.0000)
ocr (Version: 6.2.3.50)
OpenAL
OpenOffice.org 3.4 (Version: 3.4.9590)
Origin (Version: 8.5.0.4554)
Pando Media Booster (Version: 2.3.5.2)
Plants vs. Zombies
Populous - The Beginning
PowerDVD DX (Version: 8.3.5424)
PRC Pack
PreReq (Version: 6.2.2.60)
ProfitUI Reborn Updater
Psychonauts
PunkBuster Services (Version: 0.991)
Puzzle Quest (Version: 1.01)
QuickTime (Version: 7.70.80.34)
Realm of the Mad God
Realtek High Definition Audio Driver (Version: 6.0.1.6215)
RGF HotSpot version 0.6b (Version: 0.6b)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.1900.0)
Scabbar Mod ver 1.03 (Version: 1.03)
Sid Meier's Civilization 4 Demo (Version: 1.00.0000)
Sid Meier's Civilization IV: Beyond the Sword
Sid Meier's Civilization IV: Colonization
Sid Meier's Civilization IV: Warlords
Sid Meier's Civilization V SDK
Sins of a Solar Empire
Sins of a Solar Empire (Version: 1.00.00)
SlimGUI v2.79 (Version: v2.79)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Star Wars® Knights of the Old Republic® II: The Sith Lords™ (Version: 1.00.0000)
Star Wars: Knights of the Old Republic
StarCraft II (Version: 1.3.2.18317)
Station Launcher (Version: 1.01.4001)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Team Fortress 2
Terraria
The Elder Scrolls V: Skyrim
The Lord of the Rings Online™: Siege of Mirkwood™ v03.00.05.801 (Version: 03.00.05.8011)
The Sims™ 3 (Version: 1.19.44)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Late Night (Version: 6.2.4)
The Sims™ 3 World Adventures (Version: 2.12.8)
The Witcher 2
The Witcher 2: Bonus Content
Torchlight
Tribes Ascend (Version: 1.0.980.0)
TSLRCM 1.6
Unity Web Player (Version: )
Unofficial Oblivion Patch v3.2.0 (Version: 3.2.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Vampire: The Masquerade - Bloodlines
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VD64Inst (Version: 1.00.0000)
VidiotMaps Map Overlay
VtMB - ClanQuest 2.1
Warhammer Online - Age of Reckoning (Version: )
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
WinRAR archiver
World of Warcraft (Version: 4.0.1.13164)
xUI v1.6 Build 8 (Version: v1.6 Build 8)
Xvid Video Codec (Version: 1.3.2)

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 8183.12 MB
Available physical RAM: 6106.31 MB
Total Pagefile: 16364.38 MB
Available Pagefile: 14020.9 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.51 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:916.82 GB) (Free:220.89 GB) NTFS

========================= Users: ========================================

User accounts for \\MRCOMPUTER-PC

Administrator ASPNET Guest
MrComputer


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:56 PM

Posted 22 June 2012 - 02:54 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe

Click on LOOK,post the generated log

Do you still have issues?

#7 rabbitsongs

rabbitsongs
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:here-and-there
  • Local time:08:56 PM

Posted 22 June 2012 - 03:03 PM

No iexplorer.exe or random guitar noises since yesterday and MBAM hasn't notified me of any outgoing or incoming threats. I still have a bunch of svchost.exe processes running but I understand that is common. Here is the SystemLook log:

SystemLook 30.07.11 by jpshortstuff
Log created at 16:00 on 22/06/2012 by MrComputer
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\erdnt\cache64\services.exe --a---- 328704 bytes [20:29 21/06/2012] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

-= EOF =-

What do you think?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:56 PM

Posted 22 June 2012 - 03:23 PM

Can you post the infections found by MBAM?

#9 rabbitsongs

rabbitsongs
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:here-and-there
  • Local time:08:56 PM

Posted 22 June 2012 - 03:28 PM

MBAM said I was clean for both the full scan and the quick scan when I ran it this morning. Should I do a full scan again?

Here is the MBAM log from earlier today:

Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.22.07

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
MrComputer :: MRCOMPUTER-PC [administrator]

Protection: Enabled

6/22/2012 12:04:24 PM
mbam-log-2012-06-22 (12-04-24).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 978933
Time elapsed: 3 hour(s), 1 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:56 PM

Posted 22 June 2012 - 03:31 PM

Not necessary

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#11 rabbitsongs

rabbitsongs
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:here-and-there
  • Local time:08:56 PM

Posted 22 June 2012 - 03:34 PM

FSS Log:

Farbar Service Scanner Version: 22-06-2012
Ran by MrComputer (administrator) on 22-06-2012 at 16:33:11
Running from "C:\Users\MrComputer\Desktop"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 07:30] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-10 18:41] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-12 15:53] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:56 PM

Posted 22 June 2012 - 03:40 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your FLASH PLAYER

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#13 rabbitsongs

rabbitsongs
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:here-and-there
  • Local time:08:56 PM

Posted 22 June 2012 - 03:47 PM

Thanks a bunch naren! You guys are internet superheroes :)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:56 PM

Posted 22 June 2012 - 04:08 PM

you're welcome :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users