Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Autoruns entry virus or malware?


  • This topic is locked This topic is locked
9 replies to this topic

#1 Archquark

Archquark

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:39 AM

Posted 21 August 2012 - 05:20 PM

I ran Autoruns to see if there were any startup programs I could disable. I found the following highlited in yellow which I have copied and pasted. Although the lines can be deleted they reappear again after a restart.


HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
뚠ϒ뚠ϒ File not found: ϒ뚠ϒ
뚠ϒ뚠ϒ File not found: ϒ뚠ϒ
뚠ϒ뚠ϒ File not found: ϒ뚠ϒ
뚠ϒ뚠ϒ뚠ϒ뚠ϒ File not found: ϒ뚠ϒ뚠ϒ뚠ϒ

My computer has had several crashes in the past week and I am concerned that there may be a virus or trojan that BitDefender 2013 is not finding. I have a DELL XPS 8500,i7-3770 CPU, 16 GB 1600 Mhz Ram, 2TB Seagate HD. system is Windows 7 Home Premium.

BitDefender had found Adware.Solimba.H earlier this week but had quarantined the two following entries:

File: I:\FRANK-PC\Backup Set 2012-08-05 010000\Backup Files 2012-08-05 010000\Backup files 16.zip.virus-Adware.Solimba.H=>C=>Users=>Frank=>Downloads=>SpeedFan.exe=>(NSIS o)=>lzma_solid_nsis0002 Adware.Solimba.H
File: I:\FRANK-PC\Backup Set 2012-07-22 024950\Backup Files 2012-07-22 024950\Backup files 16.zip.virus-Adware.Solimba.H=>C=>Users=>Frank=>Downloads=>SpeedFan.exe=>(NSIS o)=>lzma_solid_nsis0002

Edited by Archquark, 21 August 2012 - 06:27 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:39 AM

Posted 21 August 2012 - 09:29 PM

The common line of File not Found makes these leftover files. Probably an old malware removal.

Delete and reboot.


Lets look a bit farther.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.

Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next run Superantisypware (SAS):

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.


>>>>
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.

>>>>
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Archquark

Archquark
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:39 AM

Posted 22 August 2012 - 01:22 AM

Result from MiniToolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Frank (administrator) on 21-08-2012 at 23:20:03
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Dell Wireless 1703 802.11b/g/n (2.4GHz) = Wireless Network Connection (Hardware not present)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Frank-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 84-4B-F5-0B-67-E4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 5C-F9-DD-70-86-0F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7435:8527:e083:8cb7%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.18(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : August-20-12 9:43:10 PM
Lease Expires . . . . . . . . . . : August-23-12 9:43:10 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 240974301
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-85-5D-86-5C-F9-DD-70-86-0F
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7373874D-AEF7-46FB-B099-7A18209CB84A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:205a:1def:3f57:fded(Preferred)
Link-local IPv6 Address . . . . . : fe80::205a:1def:3f57:fded%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: mymodem
Address: 192.168.2.1

Name: google.com
Addresses: 2001:4860:4008:802::100e
74.125.226.64
74.125.226.67
74.125.226.73
74.125.226.69
74.125.226.66
74.125.226.78
74.125.226.68
74.125.226.65
74.125.226.71
74.125.226.72
74.125.226.70


Pinging google.com [74.125.226.64] with 32 bytes of data:
Request timed out.
Reply from 74.125.226.64: bytes=32 time=21ms TTL=55

Ping statistics for 74.125.226.64:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 21ms, Average = 21ms
Server: mymodem
Address: 192.168.2.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=187ms TTL=52
Reply from 72.30.38.140: bytes=32 time=103ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 103ms, Maximum = 187ms, Average = 145ms
Server: mymodem
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=64
Reply from 127.0.0.1: bytes=32 time=1ms TTL=64

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
17...84 4b f5 0b 67 e4 ......Bluetooth Device (Personal Area Network)
11...5c f9 dd 70 86 0f ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.18 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.18 276
192.168.2.18 255.255.255.255 On-link 192.168.2.18 276
192.168.2.255 255.255.255.255 On-link 192.168.2.18 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.18 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.18 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:9d38:953c:205a:1def:3f57:fded/128
On-link
11 276 fe80::/64 On-link
19 306 fe80::/64 On-link
19 306 fe80::205a:1def:3f57:fded/128
On-link
11 276 fe80::7435:8527:e083:8cb7/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
Catalog9 02 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
Catalog9 03 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
Catalog9 04 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
Catalog9 05 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
Catalog9 06 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
Catalog9 07 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
Catalog9 08 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
Catalog9 09 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
Catalog9 10 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll [97256] (Bitdefender)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)
x64-Catalog9 02 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)
x64-Catalog9 03 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)
x64-Catalog9 04 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)
x64-Catalog9 05 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)
x64-Catalog9 06 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)
x64-Catalog9 07 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)
x64-Catalog9 08 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)
x64-Catalog9 09 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)
x64-Catalog9 10 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 17 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 18 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 19 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 20 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 21 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 22 C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll [117368] (Bitdefender)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/21/2012 04:49:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: comctl32.dll, version: 6.10.7601.17514, time stamp: 0x4ce7c45b
Exception code: 0xc000041d
Fault offset: 0x0000000000087abd
Faulting process id: 0x12f0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (08/21/2012 04:48:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: comctl32.dll, version: 6.10.7601.17514, time stamp: 0x4ce7c45b
Exception code: 0xc0000005
Fault offset: 0x0000000000087abd
Faulting process id: 0x12f0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (08/20/2012 09:44:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2012 09:43:12 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname Frank-PC.local already in use; will try Frank-PC-2.local instead

Error: (08/20/2012 09:43:12 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Frank-PC.local. Addr 192.168.2.18

Error: (08/20/2012 09:43:12 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.10:5353 4 Frank-PC.local. Addr 192.168.2.10

Error: (08/20/2012 09:37:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2012 09:35:58 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname Frank-PC.local already in use; will try Frank-PC-2.local instead

Error: (08/20/2012 09:35:58 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Frank-PC.local. Addr 192.168.2.18

Error: (08/20/2012 09:35:58 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.10:5353 4 Frank-PC.local. Addr 192.168.2.10


System errors:
=============
Error: (08/20/2012 09:43:20 PM) (Source: NetBT) (User: )
Description: The name "FRANK-PC :20" could not be registered on the interface with IP address 192.168.2.18.
The computer with the IP address 192.168.2.10 did not allow the name to be claimed by
this computer.

Error: (08/20/2012 09:43:20 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{2EBFF484-3A9A-437E-8E3E-24593CB52B6B} because another computer on the network has the same name. The server could not start.

Error: (08/20/2012 09:36:11 PM) (Source: NetBT) (User: )
Description: The name "FRANK-PC :20" could not be registered on the interface with IP address 192.168.2.18.
The computer with the IP address 192.168.2.10 did not allow the name to be claimed by
this computer.

Error: (08/20/2012 09:36:11 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{2EBFF484-3A9A-437E-8E3E-24593CB52B6B} because another computer on the network has the same name. The server could not start.

Error: (08/20/2012 09:18:58 PM) (Source: NetBT) (User: )
Description: The name "FRANK-PC :20" could not be registered on the interface with IP address 192.168.2.18.
The computer with the IP address 192.168.2.10 did not allow the name to be claimed by
this computer.

Error: (08/20/2012 09:18:58 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{2EBFF484-3A9A-437E-8E3E-24593CB52B6B} because another computer on the network has the same name. The server could not start.

Error: (08/20/2012 09:05:37 PM) (Source: NetBT) (User: )
Description: The name "FRANK-PC :20" could not be registered on the interface with IP address 192.168.2.18.
The computer with the IP address 192.168.2.10 did not allow the name to be claimed by
this computer.

Error: (08/20/2012 09:05:37 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{2EBFF484-3A9A-437E-8E3E-24593CB52B6B} because another computer on the network has the same name. The server could not start.

Error: (08/20/2012 09:05:23 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:04:07 PM on ?20/?08/?2012 was unexpected.

Error: (08/20/2012 06:58:18 PM) (Source: NetBT) (User: )
Description: The name "FRANK-PC :20" could not be registered on the interface with IP address 192.168.2.18.
The computer with the IP address 192.168.2.10 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================
Error: (08/21/2012 04:49:05 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4comctl32.dll6.10.7601.175144ce7c45bc000041d0000000000087abd12f001cd7f3e5cd5f87dC:\Windows\Explorer.EXEC:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dlla499bc5f-ebd1-11e1-b44d-844bf50b67e4

Error: (08/21/2012 04:48:57 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4comctl32.dll6.10.7601.175144ce7c45bc00000050000000000087abd12f001cd7f3e5cd5f87dC:\Windows\Explorer.EXEC:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dlla01c03bb-ebd1-11e1-b44d-844bf50b67e4

Error: (08/20/2012 09:44:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2012 09:43:12 PM) (Source: Bonjour Service)(User: )
Description: Local Hostname Frank-PC.local already in use; will try Frank-PC-2.local instead

Error: (08/20/2012 09:43:12 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Frank-PC.local. Addr 192.168.2.18

Error: (08/20/2012 09:43:12 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.10:5353 4 Frank-PC.local. Addr 192.168.2.10

Error: (08/20/2012 09:37:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2012 09:35:58 PM) (Source: Bonjour Service)(User: )
Description: Local Hostname Frank-PC.local already in use; will try Frank-PC-2.local instead

Error: (08/20/2012 09:35:58 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Frank-PC.local. Addr 192.168.2.18

Error: (08/20/2012 09:35:58 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.10:5353 4 Frank-PC.local. Addr 192.168.2.10


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70727.2220)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Atheros Bluetooth Suite (64) (Version: 7.4.0.115)
Bitdefender Total Security 2013 (Version: 16.16.0.1348)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0806.1213.19931)
Catalyst Control Center Graphics Previews Common (Version: 2012.0806.1213.19931)
Catalyst Control Center InstallProxy (Version: 2012.0806.1213.19931)
Catalyst Control Center Localization All (Version: 2012.0806.1213.19931)
ccc-utility64 (Version: 2012.0806.1213.19931)
CCC Help Chinese Standard (Version: 2012.0806.1212.19931)
CCC Help Chinese Traditional (Version: 2012.0806.1212.19931)
CCC Help Czech (Version: 2012.0806.1212.19931)
CCC Help Danish (Version: 2012.0806.1212.19931)
CCC Help Dutch (Version: 2012.0806.1212.19931)
CCC Help English (Version: 2012.0806.1212.19931)
CCC Help Finnish (Version: 2012.0806.1212.19931)
CCC Help French (Version: 2012.0806.1212.19931)
CCC Help German (Version: 2012.0806.1212.19931)
CCC Help Greek (Version: 2012.0806.1212.19931)
CCC Help Hungarian (Version: 2012.0806.1212.19931)
CCC Help Italian (Version: 2012.0806.1212.19931)
CCC Help Japanese (Version: 2012.0806.1212.19931)
CCC Help Korean (Version: 2012.0806.1212.19931)
CCC Help Norwegian (Version: 2012.0806.1212.19931)
CCC Help Polish (Version: 2012.0806.1212.19931)
CCC Help Portuguese (Version: 2012.0806.1212.19931)
CCC Help Russian (Version: 2012.0806.1212.19931)
CCC Help Spanish (Version: 2012.0806.1212.19931)
CCC Help Swedish (Version: 2012.0806.1212.19931)
CCC Help Thai (Version: 2012.0806.1212.19931)
CCC Help Turkish (Version: 2012.0806.1212.19931)
CCleaner (Version: 3.20)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Core Temp 1.0 RC3 (Version: 1.0)
CPUID CPU-Z 1.61
CPUID HWMonitor 1.19
CyberLink PowerDVD 9.5 (Version: 9.5.1.5127)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.67)
Dell DataSafe Local Backup (Version: 9.4.67)
Dell Digital Delivery (Version: 2.2.3000.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Version: 3.1.5907.39)
Dell WLAN and Bluetooth Client Installation (Version: 9.0)
EasyBCD 2.1.2 (Version: 2.1.2)
EPSON Printer Software
EPSON Scan
Futuremark SystemInfo (Version: 4.9.0)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
Heaven DX11 Benchmark version 3.0 (Version: 3.0)
High-Definition Video Playback (Version: 11.1.11500.4.273)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.1.1399)
Intel® Processor ID Utility (Version: 4.50.0000)
Intel® Rapid Storage Technology (Version: 11.1.0.1006)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
Intel® Trusted Connect Service Client (Version: 1.23.219.2)
iolo technologies' System Mechanic (Version: 11.0.5)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (64-bit) (Version: 6.0.330)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Medal of Honor Allied Assault
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSI Afterburner 2.2.3 (Version: 2.2.3)
MSI Kombustor 2.3.0
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
Nero 10 ClipartPack (Version: 10.6.10000.11.0)
Nero 10 Kwik Themes 1 (Version: 10.6.10000.1.0)
Nero 10 Kwik Themes 2 (Version: 10.6.10000.2.0)
Nero 10 Kwik Themes 3 (Version: 10.6.10000.1.0)
Nero 10 Kwik Themes 4 (Version: 10.6.10100.1.0)
Nero 10 Menu TemplatePack 1 (Version: 10.6.10000.0.0)
Nero 10 Menu TemplatePack 2 (Version: 10.6.10000.0.0)
Nero 10 Menu TemplatePack 3 (Version: 10.6.10000.1.0)
Nero 10 Menu TemplatePack Basic (Version: 10.6.10000.0.0)
Nero 10 Movie ThemePack Basic (Version: 10.6.10000.1.0)
Nero 10 PiP EffectPack 1 (Version: 10.6.10000.0.0)
Nero 10 Sample ImagePack (Version: 10.6.10000.11.0)
Nero 10 Sample Videos (Version: 10.6.10000.11.0)
Nero 10 Video TransitionPack 1 (Version: 10.6.10000.0.0)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp 10 (Version: 5.8.10600.6.100)
Nero BackItUp 10 Help (CHM) (Version: 10.6.10600)
Nero Burning ROM 10 (Version: 10.6.10700.5.100)
Nero BurningROM 10 Help (CHM) (Version: 10.6.10600)
Nero BurnRights 10 (Version: 4.4.10400.2.100)
Nero BurnRights 10 Help (CHM) (Version: 10.6.10600)
Nero Control Center 10 (Version: 10.6.13000.0.11)
Nero ControlCenter 10 Help (CHM) (Version: 10.6.10700)
Nero Core Components 10 (Version: 2.0.19900.9.11)
Nero Core Components 11 (Version: 11.0.16300.1.23)
Nero CoverDesigner 10 (Version: 5.6.10600.4.100)
Nero CoverDesigner 10 Help (CHM) (Version: 10.6.10600)
Nero DiscSpeed 10 (Version: 6.4.10500.1.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.6.10600)
Nero Express 10 (Version: 10.6.10800.6.100)
Nero Express 10 Help (CHM) (Version: 10.6.10600)
Nero InfoTool 10 (Version: 7.4.10300.1.100)
Nero InfoTool 10 Help (CHM) (Version: 10.6.10600)
Nero Kwik Media (Version: 1.14.12000.23.100)
Nero Kwik Media Help (CHM) (Version: 11.0.10300)
Nero Multimedia Suite 10 Platinum HD (Version: 10.6.11800)
Nero Prerequisite Installer 1.0 (Version: 11.0.11500)
Nero Recode 10 (Version: 4.10.10700.5.100)
Nero Recode 10 Help (CHM) (Version: 10.6.10600)
Nero RescueAgent 10 (Version: 3.6.10500.3.100)
Nero RescueAgent 10 Help (CHM) (Version: 10.6.10700)
Nero SharedVideoCodecs (Version: 1.0.11500.1.5)
Nero SoundTrax 10 (Version: 4.10.10500.4.100)
Nero SoundTrax 10 Help (CHM) (Version: 10.6.10600)
Nero StartSmart 10 (Version: 10.6.10500.3.100)
Nero StartSmart 10 Help (CHM) (Version: 10.6.10600)
Nero Update (Version: 11.0.11500.28.0)
Nero Vision 10 (Version: 7.4.11000.9.100)
Nero Vision 10 Help (CHM) (Version: 10.6.10600)
Nero WaveEditor 10 (Version: 5.10.10700.6.100)
Nero WaveEditor 10 Help (CHM) (Version: 10.6.10600)
nero.prerequisites.msi (Version: 11.0.20010)
Nikon Message Center 2 (Version: 2.1.0)
Nikon Movie Editor (Version: 2.3.1)
PCMark 7 (Version: 1.0.4)
PerformanceTest v7.0 (64-bit) (Version: 7.0)
Picasa 3 (Version: 3.8)
Picture Control Utility x64 (Version: 1.4.3)
Quicken 2012 (Version: 21.1.2.14)
Rapport (Version: 3.5.1201.94)
Realtek Ethernet Controller Driver (Version: 7.61.612.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6537)
Secunia PSI (3.0.0.3001) (Version: 3.0.0.3001)
SiSoftware Sandra Personal 2012.SP5 (Version: 18.57.2012.8)
SIW version 2011.10.29 (Version: 2011.10.29)
Skype™ 5.10 (Version: 5.10.116)
Speccy (Version: 1.17)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
System Checkup 3.3 (Version: 3.3.2.29)
System Requirements Lab for Intel (64-bit) (Version: 4.5.5.0)
System Requirements Lab for Intel (Version: 4.5.5.0)
TechPowerUp GPU-Z
TomTom HOME (Version: 2.9.0)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
ViewNX 2 (Version: 2.3.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 16347.27 MB
Available physical RAM: 12951.96 MB
Total Pagefile: 32692.73 MB
Available Pagefile: 28997.71 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.35 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:1850.73 GB) (Free:1693.34 GB) NTFS
7 Drive i: (HITACHI) (Fixed) (Total:931.51 GB) (Free:538.39 GB) NTFS
9 Drive k: (LEXAR MEDIA) (Removable) (Total:0.24 GB) (Free:0.16 GB) NTFS

========================= Users: ========================================

User accounts for \\FRANK-PC

Administrator Frank Guest


**** End of log ****

#4 Archquark

Archquark
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:39 AM

Posted 22 August 2012 - 01:46 AM

[size="6"][/size]Result from RKill:

Rkill 2.3.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/22/2012 12:45:23 AM in x64 mode.
Windows Version: Windows 7 Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Background Intelligent Transfer Service (BITS) is not Running.
Startup Type set to: Automatic (Delayed Start)

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual


* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/22/2012 12:45:30 AM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)


Result from SuperAntiSpyware Did not find anything but I deleted log by running CCleaner . Sorry for being an idiot.

RESULT FROM ESET ONLINE SCANNER This scan found and quarantied 4 items!

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Users\Frank\Downloads\Nero-8.3.6.0_eng_update.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined
C:\Users\Frank\Downloads\siw-setup.exe Win32/OpenCandy application cleaned by deleting - quarantined


Result from TDSSKiller
1:02:36.0355 7252 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
01:02:38.0367 7252 ============================================================
01:02:38.0367 7252 Current date / time: 2012/08/22 01:02:38.0367
01:02:38.0367 7252 SystemInfo:
01:02:38.0367 7252
01:02:38.0367 7252 OS Version: 6.1.7601 ServicePack: 1.0
01:02:38.0367 7252 Product type: Workstation
01:02:38.0367 7252 ComputerName: FRANK-PC
01:02:38.0367 7252 UserName: Frank
01:02:38.0367 7252 Windows directory: C:\Windows
01:02:38.0367 7252 System windows directory: C:\Windows
01:02:38.0367 7252 Running under WOW64
01:02:38.0367 7252 Processor architecture: Intel x64
01:02:38.0367 7252 Number of processors: 8
01:02:38.0367 7252 Page size: 0x1000
01:02:38.0367 7252 Boot type: Normal boot
01:02:38.0367 7252 ============================================================
01:02:49.0350 7252 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:02:49.0365 7252 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:02:49.0412 7252 ============================================================
01:02:49.0412 7252 \Device\Harddisk0\DR0:
01:02:49.0412 7252 MBR partitions:
01:02:49.0412 7252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1880000
01:02:49.0412 7252 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1894000, BlocksNum 0xE7574000
01:02:49.0412 7252 \Device\Harddisk1\DR1:
01:02:49.0412 7252 MBR partitions:
01:02:49.0412 7252 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
01:02:49.0412 7252 ============================================================
01:02:49.0459 7252 C: <-> \Device\Harddisk0\DR0\Partition2
01:02:49.0475 7252 I: <-> \Device\Harddisk1\DR1\Partition1
01:02:49.0475 7252 ============================================================
01:02:49.0475 7252 Initialize success
01:02:49.0475 7252 ============================================================
01:03:32.0749 3660 ============================================================
01:03:32.0749 3660 Scan started
01:03:32.0749 3660 Mode: Manual; TDLFS;
01:03:32.0749 3660 ============================================================
01:03:33.0264 3660 ================ Scan system memory ========================
01:03:33.0264 3660 System memory - ok
01:03:33.0264 3660 ================ Scan services =============================
01:03:33.0389 3660 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
01:03:33.0389 3660 !SASCORE - ok
01:03:33.0482 3660 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:03:33.0498 3660 1394ohci - ok
01:03:33.0498 3660 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:03:33.0498 3660 ACPI - ok
01:03:33.0513 3660 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:03:33.0513 3660 AcpiPmi - ok
01:03:33.0607 3660 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:03:33.0607 3660 AdobeARMservice - ok
01:03:33.0654 3660 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:03:33.0669 3660 AdobeFlashPlayerUpdateSvc - ok
01:03:33.0685 3660 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:03:33.0685 3660 adp94xx - ok
01:03:33.0701 3660 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:03:33.0701 3660 adpahci - ok
01:03:33.0716 3660 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:03:33.0716 3660 adpu320 - ok
01:03:33.0747 3660 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:03:33.0747 3660 AeLookupSvc - ok
01:03:33.0763 3660 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
01:03:33.0763 3660 AERTFilters - ok
01:03:33.0779 3660 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:03:33.0779 3660 AFD - ok
01:03:33.0794 3660 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:03:33.0794 3660 agp440 - ok
01:03:33.0810 3660 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:03:33.0810 3660 ALG - ok
01:03:33.0810 3660 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:03:33.0810 3660 aliide - ok
01:03:33.0825 3660 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
01:03:33.0825 3660 AMD External Events Utility - ok
01:03:33.0841 3660 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:03:33.0841 3660 amdide - ok
01:03:33.0841 3660 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
01:03:33.0841 3660 AmdK8 - ok
01:03:33.0950 3660 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
01:03:34.0044 3660 amdkmdag - ok
01:03:34.0059 3660 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
01:03:34.0059 3660 amdkmdap - ok
01:03:34.0059 3660 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
01:03:34.0075 3660 AmdPPM - ok
01:03:34.0075 3660 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:03:34.0075 3660 amdsata - ok
01:03:34.0075 3660 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
01:03:34.0075 3660 amdsbs - ok
01:03:34.0091 3660 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:03:34.0091 3660 amdxata - ok
01:03:34.0106 3660 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:03:34.0106 3660 AppID - ok
01:03:34.0106 3660 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:03:34.0106 3660 AppIDSvc - ok
01:03:34.0122 3660 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
01:03:34.0137 3660 Appinfo - ok
01:03:34.0184 3660 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:03:34.0247 3660 Apple Mobile Device - ok
01:03:34.0262 3660 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
01:03:34.0262 3660 arc - ok
01:03:34.0262 3660 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:03:34.0262 3660 arcsas - ok
01:03:34.0325 3660 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:03:34.0371 3660 aspnet_state - ok
01:03:34.0387 3660 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:03:34.0387 3660 AsyncMac - ok
01:03:34.0403 3660 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:03:34.0403 3660 atapi - ok
01:03:34.0434 3660 [ D0B119D6F52BDCA8D204F79D27690209 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
01:03:34.0434 3660 AthBTPort - ok
01:03:34.0496 3660 [ D24159FA178DCCE3B41226640D5E9C8D ] AtherosSvc C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
01:03:34.0512 3660 AtherosSvc - ok
01:03:34.0543 3660 [ 3D68A1EEF77307142636AF5127990BCB ] athr C:\Windows\system32\DRIVERS\athrx.sys
01:03:34.0574 3660 athr - ok
01:03:34.0590 3660 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
01:03:34.0590 3660 AtiHDAudioService - ok
01:03:34.0605 3660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:03:34.0605 3660 AudioEndpointBuilder - ok
01:03:34.0605 3660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:03:34.0605 3660 AudioSrv - ok
01:03:34.0652 3660 [ F57DE310BF3BD9DF0F7D301C1D7F5432 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
01:03:34.0652 3660 avc3 - ok
01:03:34.0668 3660 [ 4C6BCC638798ABE1F70AFCA70D889C3F ] avchv C:\Windows\system32\DRIVERS\avchv.sys
01:03:34.0668 3660 avchv - ok
01:03:34.0683 3660 [ 6DC4CCA415BBF2FC629BEB532AA0E6CD ] avckf C:\Windows\system32\DRIVERS\avckf.sys
01:03:34.0683 3660 avckf - ok
01:03:34.0699 3660 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:03:34.0699 3660 AxInstSV - ok
01:03:34.0699 3660 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
01:03:34.0715 3660 b06bdrv - ok
01:03:34.0730 3660 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:03:34.0730 3660 b57nd60a - ok
01:03:34.0777 3660 [ 7AE869F895AB52EA1BD88E38D66524C3 ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
01:03:34.0793 3660 BdDesktopParental - ok
01:03:34.0808 3660 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:03:34.0808 3660 BDESVC - ok
01:03:34.0902 3660 [ 9920B815BC3B3F2D69071842DD18D422 ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
01:03:34.0917 3660 BdfNdisf - ok
01:03:34.0933 3660 [ 4CE4B0098FC315C237FA8867F07886C4 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
01:03:34.0933 3660 bdfwfpf - ok
01:03:34.0964 3660 [ 31571D77C6186AD228F52EE4EBDF8EE9 ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys
01:03:34.0964 3660 BDSandBox - ok
01:03:34.0964 3660 [ 50F796CB1E8C80F3D19435CB50C3DAB5 ] BDVEDISK C:\Windows\system32\DRIVERS\bdvedisk.sys
01:03:34.0980 3660 BDVEDISK - ok
01:03:34.0980 3660 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:03:34.0980 3660 Beep - ok
01:03:34.0995 3660 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
01:03:34.0995 3660 BFE - ok
01:03:35.0058 3660 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
01:03:35.0073 3660 BITS - ok
01:03:35.0073 3660 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:03:35.0089 3660 blbdrive - ok
01:03:35.0105 3660 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:03:35.0105 3660 Bonjour Service - ok
01:03:35.0105 3660 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:03:35.0120 3660 bowser - ok
01:03:35.0120 3660 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
01:03:35.0120 3660 BrFiltLo - ok
01:03:35.0136 3660 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
01:03:35.0136 3660 BrFiltUp - ok
01:03:35.0151 3660 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
01:03:35.0151 3660 Browser - ok
01:03:35.0151 3660 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:03:35.0151 3660 Brserid - ok
01:03:35.0167 3660 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:03:35.0167 3660 BrSerWdm - ok
01:03:35.0167 3660 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:03:35.0167 3660 BrUsbMdm - ok
01:03:35.0183 3660 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:03:35.0183 3660 BrUsbSer - ok
01:03:35.0198 3660 [ 50D912C86B924C397DEAE7C813E25B78 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
01:03:35.0198 3660 BTATH_A2DP - ok
01:03:35.0198 3660 [ 486362291E8C2AABC3698FCB0052D042 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
01:03:35.0198 3660 btath_avdt - ok
01:03:35.0214 3660 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
01:03:35.0214 3660 BTATH_BUS - ok
01:03:35.0214 3660 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
01:03:35.0214 3660 BTATH_HCRP - ok
01:03:35.0214 3660 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
01:03:35.0214 3660 BTATH_LWFLT - ok
01:03:35.0229 3660 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
01:03:35.0229 3660 BTATH_RCP - ok
01:03:35.0229 3660 [ E2BC720E66DA3E51E41D47C12FE353F1 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
01:03:35.0245 3660 BtFilter - ok
01:03:35.0261 3660 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
01:03:35.0261 3660 BthEnum - ok
01:03:35.0261 3660 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
01:03:35.0276 3660 BTHMODEM - ok
01:03:35.0276 3660 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
01:03:35.0292 3660 BthPan - ok
01:03:35.0292 3660 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
01:03:35.0307 3660 BTHPORT - ok
01:03:35.0323 3660 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:03:35.0323 3660 bthserv - ok
01:03:35.0339 3660 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
01:03:35.0339 3660 BTHUSB - ok
01:03:35.0354 3660 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:03:35.0354 3660 cdfs - ok
01:03:35.0370 3660 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:03:35.0370 3660 cdrom - ok
01:03:35.0370 3660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:03:35.0385 3660 CertPropSvc - ok
01:03:35.0385 3660 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
01:03:35.0385 3660 circlass - ok
01:03:35.0401 3660 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:03:35.0401 3660 CLFS - ok
01:03:35.0479 3660 [ FC9946B9121978E38943C2D20F129377 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
01:03:35.0479 3660 CLKMSVC10_9EC60124 - ok
01:03:35.0526 3660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:03:35.0541 3660 clr_optimization_v2.0.50727_32 - ok
01:03:35.0557 3660 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:03:35.0557 3660 clr_optimization_v2.0.50727_64 - ok
01:03:35.0573 3660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:03:35.0604 3660 clr_optimization_v4.0.30319_32 - ok
01:03:35.0619 3660 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:03:35.0619 3660 clr_optimization_v4.0.30319_64 - ok
01:03:35.0619 3660 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
01:03:35.0635 3660 CmBatt - ok
01:03:35.0635 3660 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:03:35.0635 3660 cmdide - ok
01:03:35.0651 3660 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
01:03:35.0651 3660 CNG - ok
01:03:35.0651 3660 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
01:03:35.0651 3660 Compbatt - ok
01:03:35.0651 3660 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
01:03:35.0651 3660 CompositeBus - ok
01:03:35.0666 3660 COMSysApp - ok
01:03:35.0697 3660 [ 3CA734CE373E5675FBC15CA2C45228E5 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
01:03:35.0697 3660 cpudrv64 - ok
01:03:35.0713 3660 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:03:35.0713 3660 crcdisk - ok
01:03:35.0744 3660 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:03:35.0744 3660 CryptSvc - ok
01:03:35.0807 3660 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
01:03:35.0807 3660 cvhsvc - ok
01:03:35.0838 3660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:03:35.0838 3660 DcomLaunch - ok
01:03:35.0869 3660 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:03:35.0869 3660 defragsvc - ok
01:03:35.0885 3660 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
01:03:35.0885 3660 DellDigitalDelivery - ok
01:03:35.0900 3660 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:03:35.0900 3660 DfsC - ok
01:03:35.0916 3660 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:03:35.0916 3660 Dhcp - ok
01:03:35.0916 3660 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:03:35.0916 3660 discache - ok
01:03:35.0931 3660 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
01:03:35.0931 3660 Disk - ok
01:03:35.0947 3660 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:03:35.0947 3660 Dnscache - ok
01:03:35.0963 3660 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:03:35.0963 3660 dot3svc - ok
01:03:35.0978 3660 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:03:35.0978 3660 DPS - ok
01:03:35.0994 3660 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:03:35.0994 3660 drmkaud - ok
01:03:36.0009 3660 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:03:36.0009 3660 DXGKrnl - ok
01:03:36.0025 3660 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:03:36.0025 3660 EapHost - ok
01:03:36.0056 3660 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
01:03:36.0103 3660 ebdrv - ok
01:03:36.0119 3660 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:03:36.0119 3660 EFS - ok
01:03:36.0150 3660 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:03:36.0150 3660 ehRecvr - ok
01:03:36.0165 3660 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:03:36.0165 3660 ehSched - ok
01:03:36.0181 3660 [ F21A07780BBD64ADEF872F50E8CE2E75 ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
01:03:36.0181 3660 ElRawDisk - ok
01:03:36.0197 3660 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:03:36.0197 3660 elxstor - ok
01:03:36.0212 3660 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:03:36.0212 3660 ErrDev - ok
01:03:36.0228 3660 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:03:36.0228 3660 EventSystem - ok
01:03:36.0243 3660 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:03:36.0243 3660 exfat - ok
01:03:36.0259 3660 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:03:36.0259 3660 fastfat - ok
01:03:36.0275 3660 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:03:36.0290 3660 Fax - ok
01:03:36.0290 3660 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
01:03:36.0290 3660 fdc - ok
01:03:36.0306 3660 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:03:36.0306 3660 fdPHost - ok
01:03:36.0321 3660 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:03:36.0321 3660 FDResPub - ok
01:03:36.0337 3660 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:03:36.0337 3660 FileInfo - ok
01:03:36.0337 3660 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:03:36.0353 3660 Filetrace - ok
01:03:36.0353 3660 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
01:03:36.0353 3660 flpydisk - ok
01:03:36.0384 3660 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:03:36.0384 3660 FltMgr - ok
01:03:36.0399 3660 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
01:03:36.0415 3660 FontCache - ok
01:03:36.0446 3660 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:03:36.0446 3660 FontCache3.0.0.0 - ok
01:03:36.0446 3660 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:03:36.0446 3660 FsDepends - ok
01:03:36.0462 3660 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:03:36.0462 3660 Fs_Rec - ok
01:03:36.0493 3660 [ AE6F0A6562D3ECCD613DE1FD8612AC4E ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
01:03:36.0493 3660 Futuremark SystemInfo Service - ok
01:03:36.0493 3660 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:03:36.0493 3660 fvevol - ok
01:03:36.0509 3660 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:03:36.0509 3660 gagp30kx - ok
01:03:36.0540 3660 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:03:36.0540 3660 GEARAspiWDM - ok
01:03:36.0555 3660 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:03:36.0555 3660 gpsvc - ok
01:03:36.0602 3660 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:03:36.0602 3660 gupdate - ok
01:03:36.0602 3660 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:03:36.0602 3660 gupdatem - ok
01:03:36.0602 3660 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
01:03:36.0618 3660 gusvc - ok
01:03:36.0649 3660 [ 07177B5A8C277074C30AC515FEBD4F37 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
01:03:36.0649 3660 gzflt - ok
01:03:36.0649 3660 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:03:36.0649 3660 hcw85cir - ok
01:03:36.0665 3660 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:03:36.0680 3660 HdAudAddService - ok
01:03:36.0680 3660 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:03:36.0696 3660 HDAudBus - ok
01:03:36.0696 3660 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
01:03:36.0696 3660 HidBatt - ok
01:03:36.0696 3660 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
01:03:36.0696 3660 HidBth - ok
01:03:36.0696 3660 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
01:03:36.0696 3660 HidIr - ok
01:03:36.0711 3660 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
01:03:36.0711 3660 hidserv - ok
01:03:36.0711 3660 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:03:36.0711 3660 HidUsb - ok
01:03:36.0727 3660 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:03:36.0727 3660 hkmsvc - ok
01:03:36.0743 3660 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:03:36.0758 3660 HomeGroupListener - ok
01:03:36.0774 3660 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:03:36.0774 3660 HomeGroupProvider - ok
01:03:36.0774 3660 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:03:36.0774 3660 HpSAMD - ok
01:03:36.0789 3660 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:03:36.0789 3660 HTTP - ok
01:03:36.0805 3660 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:03:36.0805 3660 hwpolicy - ok
01:03:36.0805 3660 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
01:03:36.0805 3660 i8042prt - ok
01:03:36.0836 3660 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\drivers\iaStor.sys
01:03:36.0836 3660 iaStor - ok
01:03:36.0867 3660 [ 545462D0DBE24AF379BA869B7C185CCD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
01:03:36.0867 3660 IAStorDataMgrSvc - ok
01:03:36.0867 3660 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:03:36.0883 3660 iaStorV - ok
01:03:36.0899 3660 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:03:36.0899 3660 idsvc - ok
01:03:36.0914 3660 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:03:36.0914 3660 iirsp - ok
01:03:36.0930 3660 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:03:36.0930 3660 IKEEXT - ok
01:03:37.0008 3660 [ 40FB2F6CEB3FC935EC18D656D2758CD4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:03:37.0023 3660 IntcAzAudAddService - ok
01:03:37.0039 3660 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
01:03:37.0039 3660 IntcDAud - ok
01:03:37.0086 3660 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
01:03:37.0086 3660 Intel® Capability Licensing Service Interface - ok
01:03:37.0086 3660 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:03:37.0086 3660 intelide - ok
01:03:37.0101 3660 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:03:37.0101 3660 intelppm - ok
01:03:37.0164 3660 [ B5A662956977407C6B9B88A846FEF9BD ] ioloSystemService C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
01:03:37.0164 3660 ioloSystemService - ok
01:03:37.0179 3660 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:03:37.0179 3660 IPBusEnum - ok
01:03:37.0195 3660 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:03:37.0195 3660 IpFilterDriver - ok
01:03:37.0211 3660 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:03:37.0211 3660 iphlpsvc - ok
01:03:37.0211 3660 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:03:37.0211 3660 IPMIDRV - ok
01:03:37.0226 3660 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:03:37.0226 3660 IPNAT - ok
01:03:37.0257 3660 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
01:03:37.0257 3660 iPod Service - ok
01:03:37.0273 3660 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:03:37.0273 3660 IRENUM - ok
01:03:37.0289 3660 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:03:37.0289 3660 isapnp - ok
01:03:37.0289 3660 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:03:37.0304 3660 iScsiPrt - ok
01:03:37.0304 3660 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
01:03:37.0304 3660 iusb3hcs - ok
01:03:37.0320 3660 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
01:03:37.0320 3660 iusb3hub - ok
01:03:37.0335 3660 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
01:03:37.0335 3660 iusb3xhc - ok
01:03:37.0367 3660 [ D22982C269775BCBDDA8A0F82A9ADE9E ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
01:03:37.0367 3660 jhi_service - ok
01:03:37.0382 3660 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:03:37.0382 3660 kbdclass - ok
01:03:37.0398 3660 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:03:37.0398 3660 kbdhid - ok
01:03:37.0398 3660 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:03:37.0398 3660 KeyIso - ok
01:03:37.0413 3660 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:03:37.0429 3660 KSecDD - ok
01:03:37.0429 3660 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:03:37.0429 3660 KSecPkg - ok
01:03:37.0445 3660 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:03:37.0445 3660 ksthunk - ok
01:03:37.0460 3660 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:03:37.0460 3660 KtmRm - ok
01:03:37.0476 3660 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:03:37.0476 3660 LanmanServer - ok
01:03:37.0491 3660 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:03:37.0507 3660 LanmanWorkstation - ok
01:03:37.0507 3660 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:03:37.0507 3660 lltdio - ok
01:03:37.0523 3660 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:03:37.0523 3660 lltdsvc - ok
01:03:37.0538 3660 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:03:37.0538 3660 lmhosts - ok
01:03:37.0554 3660 [ 5C08357C65F658E29B5DDC2EF18D575C ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
01:03:37.0554 3660 LMS - ok
01:03:37.0569 3660 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:03:37.0569 3660 LSI_FC - ok
01:03:37.0569 3660 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:03:37.0569 3660 LSI_SAS - ok
01:03:37.0585 3660 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
01:03:37.0585 3660 LSI_SAS2 - ok
01:03:37.0585 3660 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:03:37.0585 3660 LSI_SCSI - ok
01:03:37.0601 3660 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:03:37.0601 3660 luafv - ok
01:03:37.0616 3660 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
01:03:37.0616 3660 MBAMProtector - ok
01:03:37.0663 3660 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:03:37.0663 3660 MBAMService - ok
01:03:37.0679 3660 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:03:37.0679 3660 Mcx2Svc - ok
01:03:37.0679 3660 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
01:03:37.0694 3660 megasas - ok
01:03:37.0694 3660 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
01:03:37.0710 3660 MegaSR - ok
01:03:37.0725 3660 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
01:03:37.0725 3660 MEIx64 - ok
01:03:37.0725 3660 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:03:37.0725 3660 MMCSS - ok
01:03:37.0741 3660 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:03:37.0741 3660 Modem - ok
01:03:37.0772 3660 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:03:37.0772 3660 monitor - ok
01:03:37.0788 3660 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:03:37.0788 3660 mouclass - ok
01:03:37.0788 3660 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:03:37.0788 3660 mouhid - ok
01:03:37.0803 3660 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:03:37.0803 3660 mountmgr - ok
01:03:37.0819 3660 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:03:37.0835 3660 mpio - ok
01:03:37.0835 3660 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:03:37.0850 3660 mpsdrv - ok
01:03:37.0850 3660 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:03:37.0866 3660 MpsSvc - ok
01:03:37.0881 3660 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:03:37.0881 3660 MRxDAV - ok
01:03:37.0881 3660 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:03:37.0881 3660 mrxsmb - ok
01:03:37.0897 3660 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:03:37.0897 3660 mrxsmb10 - ok
01:03:37.0913 3660 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:03:37.0913 3660 mrxsmb20 - ok
01:03:37.0913 3660 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:03:37.0913 3660 msahci - ok
01:03:37.0913 3660 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:03:37.0913 3660 msdsm - ok
01:03:37.0928 3660 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:03:37.0928 3660 MSDTC - ok
01:03:37.0959 3660 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:03:37.0959 3660 Msfs - ok
01:03:37.0959 3660 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:03:37.0959 3660 mshidkmdf - ok
01:03:37.0975 3660 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:03:37.0975 3660 msisadrv - ok
01:03:37.0991 3660 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:03:37.0991 3660 MSiSCSI - ok
01:03:37.0991 3660 msiserver - ok
01:03:38.0006 3660 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:03:38.0006 3660 MSKSSRV - ok
01:03:38.0022 3660 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:03:38.0022 3660 MSPCLOCK - ok
01:03:38.0037 3660 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:03:38.0037 3660 MSPQM - ok
01:03:38.0037 3660 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:03:38.0037 3660 MsRPC - ok
01:03:38.0053 3660 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:03:38.0053 3660 mssmbios - ok
01:03:38.0069 3660 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:03:38.0069 3660 MSTEE - ok
01:03:38.0084 3660 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
01:03:38.0084 3660 MTConfig - ok
01:03:38.0084 3660 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:03:38.0100 3660 Mup - ok
01:03:38.0115 3660 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:03:38.0115 3660 napagent - ok
01:03:38.0131 3660 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:03:38.0131 3660 NativeWifiP - ok
01:03:38.0162 3660 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
01:03:38.0178 3660 NAUpdate - ok
01:03:38.0193 3660 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:03:38.0193 3660 NDIS - ok
01:03:38.0209 3660 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:03:38.0209 3660 NdisCap - ok
01:03:38.0225 3660 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:03:38.0225 3660 NdisTapi - ok
01:03:38.0225 3660 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:03:38.0225 3660 Ndisuio - ok
01:03:38.0256 3660 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:03:38.0256 3660 NdisWan - ok
01:03:38.0256 3660 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:03:38.0256 3660 NDProxy - ok
01:03:38.0271 3660 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:03:38.0271 3660 NetBIOS - ok
01:03:38.0287 3660 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:03:38.0287 3660 NetBT - ok
01:03:38.0318 3660 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:03:38.0318 3660 Netlogon - ok
01:03:38.0349 3660 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:03:38.0349 3660 Netman - ok
01:03:38.0381 3660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:38.0412 3660 NetMsmqActivator - ok
01:03:38.0412 3660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:38.0412 3660 NetPipeActivator - ok
01:03:38.0443 3660 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:03:38.0443 3660 netprofm - ok
01:03:38.0459 3660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:38.0459 3660 NetTcpActivator - ok
01:03:38.0459 3660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:38.0459 3660 NetTcpPortSharing - ok
01:03:38.0459 3660 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:03:38.0459 3660 nfrd960 - ok
01:03:38.0474 3660 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:03:38.0474 3660 NlaSvc - ok
01:03:38.0490 3660 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:03:38.0490 3660 Npfs - ok
01:03:38.0505 3660 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:03:38.0505 3660 nsi - ok
01:03:38.0505 3660 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:03:38.0505 3660 nsiproxy - ok
01:03:38.0537 3660 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:03:38.0552 3660 Ntfs - ok
01:03:38.0568 3660 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:03:38.0568 3660 Null - ok
01:03:38.0568 3660 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:03:38.0583 3660 nvraid - ok
01:03:38.0583 3660 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:03:38.0599 3660 nvstor - ok
01:03:38.0599 3660 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:03:38.0615 3660 nv_agp - ok
01:03:38.0615 3660 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:03:38.0615 3660 ohci1394 - ok
01:03:38.0630 3660 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:03:38.0630 3660 ose - ok
01:03:38.0724 3660 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:03:38.0739 3660 osppsvc - ok
01:03:38.0755 3660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:03:38.0755 3660 p2pimsvc - ok
01:03:38.0771 3660 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:03:38.0786 3660 p2psvc - ok
01:03:38.0786 3660 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
01:03:38.0786 3660 Parport - ok
01:03:38.0802 3660 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:03:38.0802 3660 partmgr - ok
01:03:38.0817 3660 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:03:38.0817 3660 PcaSvc - ok
01:03:38.0849 3660 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
01:03:38.0911 3660 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
01:03:38.0927 3660 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
01:03:38.0927 3660 pci - ok
01:03:38.0942 3660 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:03:38.0942 3660 pciide - ok
01:03:38.0958 3660 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:03:38.0958 3660 pcmcia - ok
01:03:38.0973 3660 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:03:38.0973 3660 pcw - ok
01:03:38.0989 3660 [ 8570C04D9DBFDDD2CCF655DEB4D84715 ] PDFsFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys
01:03:38.0989 3660 PDFsFilter - ok
01:03:39.0005 3660 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:03:39.0020 3660 PEAUTH - ok
01:03:39.0051 3660 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:03:39.0067 3660 PerfHost - ok
01:03:39.0098 3660 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:03:39.0114 3660 pla - ok
01:03:39.0129 3660 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:03:39.0129 3660 PlugPlay - ok
01:03:39.0145 3660 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:03:39.0145 3660 PNRPAutoReg - ok
01:03:39.0145 3660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:03:39.0161 3660 PNRPsvc - ok
01:03:39.0176 3660 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:03:39.0176 3660 PolicyAgent - ok
01:03:39.0176 3660 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
01:03:39.0192 3660 Power - ok
01:03:39.0192 3660 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:03:39.0192 3660 PptpMiniport - ok
01:03:39.0207 3660 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
01:03:39.0207 3660 Processor - ok
01:03:39.0239 3660 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:03:39.0239 3660 ProfSvc - ok
01:03:39.0239 3660 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:03:39.0239 3660 ProtectedStorage - ok
01:03:39.0254 3660 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:03:39.0254 3660 Psched - ok
01:03:39.0301 3660 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
01:03:39.0301 3660 PSI - ok
01:03:39.0317 3660 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:03:39.0332 3660 ql2300 - ok
01:03:39.0348 3660 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:03:39.0348 3660 ql40xx - ok
01:03:39.0363 3660 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:03:39.0363 3660 QWAVE - ok
01:03:39.0379 3660 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:03:39.0379 3660 QWAVEdrv - ok
01:03:39.0473 3660 [ 00935D8DA2DCD34017544CFEBA97D1E7 ] RapportCerberus_42020 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_42020.sys
01:03:39.0473 3660 RapportCerberus_42020 - ok
01:03:39.0504 3660 [ E00B1DAC20B52781A6F697235A1CE9D4 ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
01:03:39.0519 3660 RapportEI64 - ok
01:03:39.0551 3660 [ A0D6937897654813C27CB149FC4337E4 ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys
01:03:39.0551 3660 RapportKE64 - ok
01:03:39.0566 3660 [ 61B37C0B3FD7DA7414C20D917469BFFF ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
01:03:39.0566 3660 RapportMgmtService - ok
01:03:39.0582 3660 [ 9B5D119785654BF8219DCBD0C1925FF7 ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
01:03:39.0582 3660 RapportPG64 - ok
01:03:39.0597 3660 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:03:39.0597 3660 RasAcd - ok
01:03:39.0613 3660 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:03:39.0613 3660 RasAgileVpn - ok
01:03:39.0644 3660 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:03:39.0644 3660 RasAuto - ok
01:03:39.0660 3660 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:03:39.0660 3660 Rasl2tp - ok
01:03:39.0675 3660 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:03:39.0675 3660 RasMan - ok
01:03:39.0691 3660 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:03:39.0691 3660 RasPppoe - ok
01:03:39.0707 3660 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:03:39.0707 3660 RasSstp - ok
01:03:39.0722 3660 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:03:39.0722 3660 rdbss - ok
01:03:39.0738 3660 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
01:03:39.0738 3660 rdpbus - ok
01:03:39.0753 3660 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:03:39.0753 3660 RDPCDD - ok
01:03:39.0753 3660 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:03:39.0753 3660 RDPENCDD - ok
01:03:39.0769 3660 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:03:39.0769 3660 RDPREFMP - ok
01:03:39.0785 3660 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:03:39.0785 3660 RDPWD - ok
01:03:39.0816 3660 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:03:39.0816 3660 rdyboost - ok
01:03:39.0831 3660 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:03:39.0831 3660 RemoteAccess - ok
01:03:39.0847 3660 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:03:39.0847 3660 RemoteRegistry - ok
01:03:39.0863 3660 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
01:03:39.0863 3660 RFCOMM - ok
01:03:39.0878 3660 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:03:39.0878 3660 RpcEptMapper - ok
01:03:39.0894 3660 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:03:39.0894 3660 RpcLocator - ok
01:03:39.0909 3660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
01:03:39.0925 3660 RpcSs - ok
01:03:39.0925 3660 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:03:39.0941 3660 rspndr - ok
01:03:39.0956 3660 [ 3713DACCA1025B05A6343104112708D9 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
01:03:39.0972 3660 RTL8167 - ok
01:03:39.0987 3660 [ 92C63B7D2A4CDFA188019B5BA5D12847 ] SafeBox C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
01:03:39.0987 3660 SafeBox - ok
01:03:40.0003 3660 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:03:40.0003 3660 SamSs - ok
01:03:40.0050 3660 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x64\Sandra.sys
01:03:40.0050 3660 SANDRA - ok
01:03:40.0065 3660 [ 36053AA992E2B0A7C0C2CE0A00F5DF71 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe
01:03:40.0065 3660 SandraAgentSrv - ok
01:03:40.0143 3660 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
01:03:40.0143 3660 SASDIFSV - ok
01:03:40.0190 3660 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
01:03:40.0190 3660 SASKUTIL - ok
01:03:40.0206 3660 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:03:40.0206 3660 sbp2port - ok
01:03:40.0221 3660 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:03:40.0221 3660 SCardSvr - ok
01:03:40.0237 3660 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:03:40.0237 3660 scfilter - ok
01:03:40.0253 3660 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:03:40.0268 3660 Schedule - ok
01:03:40.0299 3660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:03:40.0299 3660 SCPolicySvc - ok
01:03:40.0315 3660 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:03:40.0315 3660 SDRSVC - ok
01:03:40.0315 3660 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:03:40.0315 3660 secdrv - ok
01:03:40.0331 3660 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:03:40.0331 3660 seclogon - ok
01:03:40.0393 3660 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
01:03:40.0393 3660 Secunia PSI Agent - ok
01:03:40.0424 3660 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
01:03:40.0424 3660 SENS - ok
01:03:40.0440 3660 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:03:40.0440 3660 SensrSvc - ok
01:03:40.0455 3660 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
01:03:40.0455 3660 Serenum - ok
01:03:40.0455 3660 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
01:03:40.0455 3660 Serial - ok
01:03:40.0455 3660 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:03:40.0455 3660 sermouse - ok
01:03:40.0487 3660 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
01:03:40.0487 3660 SessionEnv - ok
01:03:40.0487 3660 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:03:40.0487 3660 sffdisk - ok
01:03:40.0487 3660 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:03:40.0487 3660 sffp_mmc - ok
01:03:40.0502 3660 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:03:40.0502 3660 sffp_sd - ok
01:03:40.0502 3660 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:03:40.0502 3660 sfloppy - ok
01:03:40.0549 3660 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
01:03:40.0549 3660 Sftfs - ok
01:03:40.0580 3660 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
01:03:40.0580 3660 sftlist - ok
01:03:40.0596 3660 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
01:03:40.0596 3660 Sftplay - ok
01:03:40.0596 3660 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
01:03:40.0611 3660 Sftredir - ok
01:03:40.0643 3660 [ 4215C271D6E6898C3F4DABAB4F387DC9 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
01:03:40.0658 3660 SftService - ok
01:03:40.0674 3660 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
01:03:40.0674 3660 Sftvol - ok
01:03:40.0689 3660 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
01:03:40.0689 3660 sftvsa - ok
01:03:40.0705 3660 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:03:40.0721 3660 SharedAccess - ok
01:03:40.0736 3660 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:03:40.0736 3660 ShellHWDetection - ok
01:03:40.0752 3660 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
01:03:40.0752 3660 SiSRaid2 - ok
01:03:40.0767 3660 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:03:40.0767 3660 SiSRaid4 - ok
01:03:40.0799 3660 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:03:40.0814 3660 SkypeUpdate - ok
01:03:40.0830 3660 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:03:40.0830 3660 Smb - ok
01:03:40.0845 3660 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:03:40.0845 3660 SNMPTRAP - ok
01:03:40.0861 3660 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:03:40.0861 3660 spldr - ok
01:03:40.0877 3660 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
01:03:40.0877 3660 Spooler - ok
01:03:40.0923 3660 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
01:03:40.0955 3660 sppsvc - ok
01:03:40.0986 3660 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:03:40.0986 3660 sppuinotify - ok
01:03:41.0001 3660 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:03:41.0001 3660 srv - ok
01:03:41.0017 3660 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:03:41.0033 3660 srv2 - ok
01:03:41.0048 3660 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:03:41.0048 3660 srvnet - ok
01:03:41.0064 3660 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:03:41.0064 3660 SSDPSRV - ok
01:03:41.0079 3660 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:03:41.0079 3660 SstpSvc - ok
01:03:41.0111 3660 Steam Client Service - ok
01:03:41.0126 3660 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
01:03:41.0126 3660 stexstor - ok
01:03:41.0157 3660 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
01:03:41.0157 3660 stisvc - ok
01:03:41.0173 3660 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:03:41.0173 3660 swenum - ok
01:03:41.0189 3660 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:03:41.0204 3660 swprv - ok
01:03:41.0220 3660 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
01:03:41.0235 3660 SysMain - ok
01:03:41.0251 3660 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:03:41.0251 3660 TabletInputService - ok
01:03:41.0267 3660 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:03:41.0267 3660 TapiSrv - ok
01:03:41.0298 3660 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:03:41.0298 3660 TBS - ok
01:03:41.0313 3660 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:03:41.0345 3660 Tcpip - ok
01:03:41.0360 3660 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:03:41.0360 3660 TCPIP6 - ok
01:03:41.0391 3660 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:03:41.0391 3660 tcpipreg - ok
01:03:41.0391 3660 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:03:41.0391 3660 TDPIPE - ok
01:03:41.0391 3660 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:03:41.0407 3660 TDTCP - ok
01:03:41.0407 3660 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:03:41.0407 3660 tdx - ok
01:03:41.0423 3660 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:03:41.0423 3660 TermDD - ok
01:03:41.0438 3660 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
01:03:41.0438 3660 TermService - ok
01:03:41.0454 3660 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:03:41.0454 3660 Themes - ok
01:03:41.0485 3660 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:03:41.0485 3660 THREADORDER - ok
01:03:41.0516 3660 [ E9CA6ED72EA9F56BD6E98C7042092A1C ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
01:03:41.0532 3660 TomTomHOMEService - ok
01:03:41.0532 3660 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:03:41.0532 3660 TrkWks - ok
01:03:41.0563 3660 [ DF219721DDFFCBE03AA894B6B6742BA1 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
01:03:41.0579 3660 trufos - ok
01:03:41.0610 3660 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:03:41.0610 3660 TrustedInstaller - ok
01:03:41.0625 3660 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:03:41.0625 3660 tssecsrv - ok
01:03:41.0641 3660 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:03:41.0641 3660 TsUsbFlt - ok
01:03:41.0657 3660 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
01:03:41.0657 3660 TsUsbGD - ok
01:03:41.0672 3660 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:03:41.0672 3660 tunnel - ok
01:03:41.0688 3660 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:03:41.0688 3660 uagp35 - ok
01:03:41.0703 3660 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:03:41.0703 3660 udfs - ok
01:03:41.0719 3660 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:03:41.0735 3660 UI0Detect - ok
01:03:41.0750 3660 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:03:41.0750 3660 uliagpkx - ok
01:03:41.0766 3660 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:03:41.0766 3660 umbus - ok
01:03:41.0781 3660 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
01:03:41.0781 3660 UmPass - ok
01:03:41.0813 3660 [ 0DFC9713D117B349E41A2A477448107A ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
01:03:41.0828 3660 UNS - ok
01:03:41.0859 3660 [ 2B1970C804C16D887C28246DB6078EC4 ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
01:03:41.0875 3660 UPDATESRV - ok
01:03:41.0891 3660 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:03:41.0891 3660 upnphost - ok
01:03:41.0906 3660 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:03:41.0906 3660 usbccgp - ok
01:03:41.0906 3660 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:03:41.0922 3660 usbcir - ok
01:03:41.0922 3660 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:03:41.0922 3660 usbehci - ok
01:03:41.0937 3660 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:03:41.0937 3660 usbhub - ok
01:03:41.0937 3660 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:03:41.0937 3660 usbohci - ok
01:03:41.0953 3660 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:03:41.0953 3660 usbprint - ok
01:03:41.0969 3660 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:03:41.0984 3660 usbscan - ok
01:03:41.0984 3660 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:03:41.0984 3660 USBSTOR - ok
01:03:42.0000 3660 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
01:03:42.0015 3660 usbuhci - ok
01:03:42.0031 3660 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:03:42.0031 3660 UxSms - ok
01:03:42.0031 3660 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
01:03:42.0031 3660 VaultSvc - ok
01:03:42.0047 3660 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:03:42.0047 3660 vdrvroot - ok
01:03:42.0062 3660 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
01:03:42.0062 3660 vds - ok
01:03:42.0078 3660 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:03:42.0078 3660 vga - ok
01:03:42.0078 3660 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:03:42.0078 3660 VgaSave - ok
01:03:42.0109 3660 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:03:42.0109 3660 vhdmp - ok
01:03:42.0109 3660 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
01:03:42.0109 3660 viaide - ok
01:03:42.0125 3660 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:03:42.0125 3660 volmgr - ok
01:03:42.0140 3660 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:03:42.0140 3660 volmgrx - ok
01:03:42.0140 3660 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:03:42.0140 3660 volsnap - ok
01:03:42.0156 3660 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:03:42.0171 3660 vsmraid - ok
01:03:42.0187 3660 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
01:03:42.0203 3660 VSS - ok
01:03:42.0234 3660 [ 44A325DDD4199F68C56492B33E7E3B75 ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
01:03:42.0249 3660 VSSERV - ok
01:03:42.0249 3660 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:03:42.0249 3660 vwifibus - ok
01:03:42.0265 3660 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:03:42.0265 3660 vwififlt - ok
01:03:42.0281 3660 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:03:42.0296 3660 W32Time - ok
01:03:42.0296 3660 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:03:42.0296 3660 WacomPen - ok
01:03:42.0312 3660 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:03:42.0327 3660 WANARP - ok
01:03:42.0327 3660 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:03:42.0327 3660 Wanarpv6 - ok
01:03:42.0359 3660 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:03:42.0374 3660 WatAdminSvc - ok
01:03:42.0390 3660 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
01:03:42.0421 3660 wbengine - ok
01:03:42.0421 3660 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:03:42.0437 3660 WbioSrvc - ok
01:03:42.0452 3660 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:03:42.0452 3660 wcncsvc - ok
01:03:42.0468 3660 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:03:42.0468 3660 WcsPlugInService - ok
01:03:42.0483 3660 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
01:03:42.0483 3660 Wd - ok
01:03:42.0515 3660 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:03:42.0515 3660 Wdf01000 - ok
01:03:42.0530 3660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:03:42.0530 3660 WdiServiceHost - ok
01:03:42.0530 3660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:03:42.0530 3660 WdiSystemHost - ok
01:03:42.0546 3660 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
01:03:42.0546 3660 WebClient - ok
01:03:42.0561 3660 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:03:42.0561 3660 Wecsvc - ok
01:03:42.0577 3660 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:03:42.0577 3660 wercplsupport - ok
01:03:42.0593 3660 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:03:42.0593 3660 WerSvc - ok
01:03:42.0593 3660 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:03:42.0608 3660 WfpLwf - ok
01:03:42.0624 3660 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
01:03:42.0624 3660 WimFltr - ok
01:03:42.0639 3660 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:03:42.0639 3660 WIMMount - ok
01:03:42.0655 3660 WinDefend - ok
01:03:42.0655 3660 WinHttpAutoProxySvc - ok
01:03:42.0686 3660 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:03:42.0686 3660 Winmgmt - ok
01:03:42.0717 3660 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
01:03:42.0749 3660 WinRM - ok
01:03:42.0780 3660 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:03:42.0780 3660 WinUsb - ok
01:03:42.0811 3660 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:03:42.0811 3660 Wlansvc - ok
01:03:42.0873 3660 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
01:03:42.0873 3660 wlcrasvc - ok
01:03:42.0951 3660 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:03:42.0967 3660 wlidsvc - ok
01:03:42.0967 3660 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:03:42.0967 3660 WmiAcpi - ok
01:03:42.0998 3660 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:03:42.0998 3660 wmiApSrv - ok
01:03:42.0998 3660 WMPNetworkSvc - ok
01:03:43.0029 3660 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:03:43.0029 3660 WPCSvc - ok
01:03:43.0029 3660 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:03:43.0045 3660 WPDBusEnum - ok
01:03:43.0045 3660 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:03:43.0045 3660 ws2ifsl - ok
01:03:43.0061 3660 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
01:03:43.0076 3660 wscsvc - ok
01:03:43.0076 3660 WSearch - ok
01:03:43.0123 3660 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
01:03:43.0154 3660 wuauserv - ok
01:03:43.0154 3660 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:03:43.0154 3660 WudfPf - ok
01:03:43.0170 3660 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:03:43.0170 3660 WUDFRd - ok
01:03:43.0201 3660 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:03:43.0201 3660 wudfsvc - ok
01:03:43.0217 3660 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
01:03:43.0232 3660 WwanSvc - ok
01:03:43.0248 3660 [ D83C2FF7EA53E66B8EA7901D710494EA ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
01:03:43.0248 3660 ZAtheros Bt&Wlan Coex Agent - ok
01:03:43.0263 3660 [ A3E1CEB2AFA02268DDD6522BA24B8F0E ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
01:03:43.0263 3660 ZAtheros Wlan Agent - ok
01:03:43.0279 3660 ================ Scan global ===============================
01:03:43.0326 3660 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:03:43.0326 3660 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
01:03:43.0341 3660 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
01:03:43.0357 3660 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:03:43.0373 3660 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:03:43.0373 3660 [Global] - ok
01:03:43.0373 3660 ================ Scan MBR ==================================
01:03:43.0388 3660 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
01:03:43.0575 3660 \Device\Harddisk0\DR0 - ok
01:03:43.0575 3660 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
01:03:43.0685 3660 \Device\Harddisk1\DR1 - ok
01:03:43.0685 3660 ================ Scan VBR ==================================
01:03:43.0685 3660 [ 6A4E0FE155150B49F27CCE8EC6444279 ] \Device\Harddisk0\DR0\Partition1
01:03:43.0685 3660 \Device\Harddisk0\DR0\Partition1 - ok
01:03:43.0700 3660 [ ECA81971940A245F568F468983F82920 ] \Device\Harddisk0\DR0\Partition2
01:03:43.0700 3660 \Device\Harddisk0\DR0\Partition2 - ok
01:03:43.0716 3660 [ 9A007817960E6548D7C4570FF00EFC8F ] \Device\Harddisk1\DR1\Partition1
01:03:43.0716 3660 \Device\Harddisk1\DR1\Partition1 - ok
01:03:43.0716 3660 ============================================================
01:03:43.0716 3660 Scan finished
01:03:43.0716 3660 ============================================================
01:03:43.0716 2916 Detected object count: 0
01:03:43.0716 2916 Actual detected object count: 0
01:05:37.0222 7000 Deinitialize success

Edited by Archquark, 22 August 2012 - 02:42 AM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:39 AM

Posted 22 August 2012 - 09:32 PM

Looks like some file corruption,,


Please run SFC, System File Checker
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Archquark

Archquark
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:39 AM

Posted 22 August 2012 - 11:11 PM

Boopme,

I ran sfc /scannow and received the following:

Verification 100% complete.
Windows Resource Protection did not find any integrity violations.

I appreciate your taking the time to help me. Programs are still locking up (ie Bitdefender Total Security, Internet Explorer) so I am in the process of running Eset Online Scanner again. It is approximately 37% complete at this time.

Archquark

#7 Archquark

Archquark
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:39 AM

Posted 22 August 2012 - 11:51 PM

ESET Online Scanner found no problems on last scan

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:39 AM

Posted 23 August 2012 - 08:10 AM

I think we need to get a deeper look and see if something more sinister is in here causing the lockups or if its a soft/hardware issue.

Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Archquark

Archquark
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:39 AM

Posted 23 August 2012 - 03:53 PM

Boopme

I have completed DDS,Ark and Attach file compilation as requested and posted in Virus, Trojan, Spyware, and Malware Removal Log forum.

GMER would not let me select several fields which were grayed out: System,Sections,Devices,Modules,Processes,Threads and Libraries as shown in the Preparation Guide

Regards,

Archquark

Edited by Archquark, 23 August 2012 - 03:54 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:39 AM

Posted 23 August 2012 - 06:17 PM

Thank you!

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users