Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Solution needed.


  • Please log in to reply
15 replies to this topic

#1 Montezuma45

Montezuma45

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 26 November 2012 - 02:37 PM

I received this while in Facebook playing Hidden Chronicles. It seems to be the only time I get it but I haven't been able to find out much about it.


Posted Image

I'm also getting one that pops up about upgrading from Firefox 17.0 to 17.1 or 17.2 (obviously, there are no versions 17.1 or 17.2) but I didn't get a screen print of it.

Where do I start?

Dell computer with quad-core, Windows 7 Home Premium.

Curt

Edited by Montezuma45, 26 November 2012 - 02:39 PM.


BC AdBot (Login to Remove)

 


#2 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:12:14 AM

Posted 26 November 2012 - 04:02 PM

Download TDSSkiller
  • Right Click it Run as Admin.
  • Click on Change parameters
  • Select TDLFS file system
  • Click the Scan button
  • Post the LOG In your next reply

    Do not change the default options on scan results

Some types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it.

  • Before saving any of your security programs, rename them first. For example, before you save Malwarebytes', rename it to something like MBblah.exe and then click on Save and save it to your desktop. Same thing after you install it. Before running it, rename the main executable file first

    Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.

    If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run..
  • Another work around is by not using the mouse to install it, Just use the arrow keys, tab, and enter keys.



Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here or here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.
For a complete visual tutorial of MBAM, see http://thespykiller.co.uk/index.php/topic,5946.0.html

Please include the following in your reply:
MBAM log
TDSSKiller log

#3 Montezuma45

Montezuma45
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 26 November 2012 - 04:43 PM

This is the TDDS scan results.

15:39:56.0751 4696 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:39:57.0095 4696 ============================================================
15:39:57.0095 4696 Current date / time: 2012/11/26 15:39:57.0095
15:39:57.0095 4696 SystemInfo:
15:39:57.0095 4696
15:39:57.0095 4696 OS Version: 6.1.7601 ServicePack: 1.0
15:39:57.0095 4696 Product type: Workstation
15:39:57.0095 4696 ComputerName: SUN2
15:39:57.0095 4696 UserName: Curt
15:39:57.0095 4696 Windows directory: C:\Windows
15:39:57.0095 4696 System windows directory: C:\Windows
15:39:57.0095 4696 Running under WOW64
15:39:57.0095 4696 Processor architecture: Intel x64
15:39:57.0095 4696 Number of processors: 4
15:39:57.0095 4696 Page size: 0x1000
15:39:57.0095 4696 Boot type: Normal boot
15:39:57.0095 4696 ============================================================
15:39:59.0871 4696 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:40:00.0027 4696 ============================================================
15:40:00.0027 4696 \Device\Harddisk0\DR0:
15:40:00.0027 4696 MBR partitions:
15:40:00.0027 4696 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1139000
15:40:00.0027 4696 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1154800, BlocksNum 0x74EE530
15:40:00.0043 4696 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x8642D70, BlocksNum 0xA641846
15:40:00.0074 4696 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x12C87000, BlocksNum 0x124F8000
15:40:00.0090 4696 \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x2517F800, BlocksNum 0x124F8000
15:40:00.0121 4696 \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0x37678000, BlocksNum 0x124F8000
15:40:00.0137 4696 \Device\Harddisk0\DR0\Partition7: MBR, Type 0x7, StartLBA 0x49B70800, BlocksNum 0x124F8000
15:40:00.0152 4696 \Device\Harddisk0\DR0\Partition8: MBR, Type 0x7, StartLBA 0x5C069000, BlocksNum 0x1869D000
15:40:00.0152 4696 ============================================================
15:40:00.0183 4696 C: <-> \Device\Harddisk0\DR0\Partition2
15:40:00.0215 4696 F: <-> \Device\Harddisk0\DR0\Partition4
15:40:00.0261 4696 G: <-> \Device\Harddisk0\DR0\Partition5
15:40:00.0277 4696 H: <-> \Device\Harddisk0\DR0\Partition6
15:40:00.0511 4696 I: <-> \Device\Harddisk0\DR0\Partition7
15:40:00.0605 4696 J: <-> \Device\Harddisk0\DR0\Partition8
15:40:00.0745 4696 E: <-> \Device\Harddisk0\DR0\Partition3
15:40:00.0745 4696 ============================================================
15:40:00.0745 4696 Initialize success
15:40:00.0745 4696 ============================================================
15:40:45.0252 1288 ============================================================
15:40:45.0252 1288 Scan started
15:40:45.0252 1288 Mode: Manual; TDLFS;
15:40:45.0252 1288 ============================================================
15:40:47.0966 1288 ================ Scan system memory ========================
15:40:47.0966 1288 System memory - ok
15:40:47.0966 1288 ================ Scan services =============================
15:40:48.0107 1288 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:40:48.0122 1288 1394ohci - ok
15:40:48.0153 1288 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
15:40:48.0153 1288 61883 - ok
15:40:48.0185 1288 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:40:48.0185 1288 ACPI - ok
15:40:48.0231 1288 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:40:48.0247 1288 AcpiPmi - ok
15:40:48.0325 1288 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:40:48.0325 1288 AdobeARMservice - ok
15:40:48.0465 1288 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:40:48.0465 1288 AdobeFlashPlayerUpdateSvc - ok
15:40:48.0512 1288 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:40:48.0528 1288 adp94xx - ok
15:40:48.0543 1288 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:40:48.0559 1288 adpahci - ok
15:40:48.0575 1288 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:40:48.0575 1288 adpu320 - ok
15:40:48.0606 1288 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:40:48.0606 1288 AeLookupSvc - ok
15:40:48.0653 1288 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:40:48.0668 1288 AFD - ok
15:40:48.0699 1288 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:40:48.0699 1288 agp440 - ok
15:40:48.0715 1288 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:40:48.0731 1288 ALG - ok
15:40:48.0746 1288 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:40:48.0746 1288 aliide - ok
15:40:48.0777 1288 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:40:48.0777 1288 AMD External Events Utility - ok
15:40:48.0777 1288 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:40:48.0793 1288 amdide - ok
15:40:48.0809 1288 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:40:48.0809 1288 AmdK8 - ok
15:40:48.0980 1288 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:40:49.0152 1288 amdkmdag - ok
15:40:49.0199 1288 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:40:49.0199 1288 amdkmdap - ok
15:40:49.0214 1288 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:40:49.0214 1288 AmdPPM - ok
15:40:49.0245 1288 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:40:49.0245 1288 amdsata - ok
15:40:49.0277 1288 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:40:49.0277 1288 amdsbs - ok
15:40:49.0277 1288 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:40:49.0292 1288 amdxata - ok
15:40:49.0339 1288 [ E3C6DAE5493E9B07EE98711D04D863FF ] ampa C:\Windows\system32\ampa.sys
15:40:49.0370 1288 ampa - ok
15:40:49.0401 1288 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:40:49.0401 1288 AppID - ok
15:40:49.0417 1288 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:40:49.0417 1288 AppIDSvc - ok
15:40:49.0448 1288 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:40:49.0448 1288 Appinfo - ok
15:40:49.0479 1288 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:40:49.0479 1288 arc - ok
15:40:49.0495 1288 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:40:49.0495 1288 arcsas - ok
15:40:49.0573 1288 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:40:49.0589 1288 aspnet_state - ok
15:40:49.0604 1288 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:40:49.0604 1288 AsyncMac - ok
15:40:49.0635 1288 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:40:49.0635 1288 atapi - ok
15:40:49.0682 1288 [ 195786ED7A26E1913A4F9799FDBC2C71 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:40:49.0698 1288 athr - ok
15:40:49.0745 1288 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
15:40:49.0760 1288 AtiHdmiService - ok
15:40:49.0916 1288 [ 60216B0E704584DE6D5A9F59E9C34C47 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:40:49.0963 1288 atikmdag - ok
15:40:50.0010 1288 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
15:40:50.0010 1288 AtiPcie - ok
15:40:50.0041 1288 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:40:50.0057 1288 AudioEndpointBuilder - ok
15:40:50.0057 1288 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:40:50.0072 1288 AudioSrv - ok
15:40:50.0088 1288 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
15:40:50.0088 1288 Avc - ok
15:40:50.0135 1288 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:40:50.0135 1288 AxInstSV - ok
15:40:50.0166 1288 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:40:50.0166 1288 b06bdrv - ok
15:40:50.0181 1288 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:40:50.0197 1288 b57nd60a - ok
15:40:50.0213 1288 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:40:50.0213 1288 BDESVC - ok
15:40:50.0213 1288 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:40:50.0213 1288 Beep - ok
15:40:50.0275 1288 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:40:50.0291 1288 BFE - ok
15:40:50.0337 1288 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:40:50.0384 1288 BITS - ok
15:40:50.0400 1288 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:40:50.0400 1288 blbdrive - ok
15:40:50.0431 1288 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:40:50.0431 1288 bowser - ok
15:40:50.0447 1288 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:40:50.0447 1288 BrFiltLo - ok
15:40:50.0462 1288 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:40:50.0462 1288 BrFiltUp - ok
15:40:50.0478 1288 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:40:50.0493 1288 Browser - ok
15:40:50.0509 1288 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:40:50.0525 1288 Brserid - ok
15:40:50.0540 1288 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:40:50.0540 1288 BrSerWdm - ok
15:40:50.0556 1288 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:40:50.0556 1288 BrUsbMdm - ok
15:40:50.0571 1288 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:40:50.0571 1288 BrUsbSer - ok
15:40:50.0587 1288 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:40:50.0587 1288 BTHMODEM - ok
15:40:50.0603 1288 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:40:50.0603 1288 bthserv - ok
15:40:50.0618 1288 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:40:50.0618 1288 cdfs - ok
15:40:50.0649 1288 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:40:50.0665 1288 cdrom - ok
15:40:50.0696 1288 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:40:50.0696 1288 CertPropSvc - ok
15:40:50.0712 1288 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:40:50.0712 1288 circlass - ok
15:40:50.0743 1288 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:40:50.0743 1288 CLFS - ok
15:40:50.0821 1288 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:40:50.0821 1288 clr_optimization_v2.0.50727_32 - ok
15:40:50.0852 1288 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:40:50.0852 1288 clr_optimization_v2.0.50727_64 - ok
15:40:50.0946 1288 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:40:51.0039 1288 clr_optimization_v4.0.30319_32 - ok
15:40:51.0055 1288 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:40:51.0102 1288 clr_optimization_v4.0.30319_64 - ok
15:40:51.0149 1288 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:40:51.0149 1288 CmBatt - ok
15:40:51.0164 1288 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:40:51.0164 1288 cmdide - ok
15:40:51.0195 1288 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:40:51.0195 1288 CNG - ok
15:40:51.0242 1288 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:40:51.0242 1288 Compbatt - ok
15:40:51.0289 1288 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:40:51.0289 1288 CompositeBus - ok
15:40:51.0289 1288 COMSysApp - ok
15:40:51.0305 1288 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:40:51.0305 1288 crcdisk - ok
15:40:51.0351 1288 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:40:51.0351 1288 CryptSvc - ok
15:40:51.0383 1288 [ C7259495924D21F1AFA26467D9F4DAE0 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
15:40:51.0383 1288 dc3d - ok
15:40:51.0429 1288 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:40:51.0445 1288 DcomLaunch - ok
15:40:51.0476 1288 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:40:51.0476 1288 defragsvc - ok
15:40:51.0507 1288 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:40:51.0507 1288 DfsC - ok
15:40:51.0523 1288 [ CFBB4907C7542180B5E0282301240006 ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
15:40:51.0554 1288 DgiVecp - ok
15:40:51.0570 1288 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:40:51.0585 1288 Dhcp - ok
15:40:51.0585 1288 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:40:51.0585 1288 discache - ok
15:40:51.0601 1288 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:40:51.0601 1288 Disk - ok
15:40:51.0632 1288 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:40:51.0632 1288 Dnscache - ok
15:40:51.0695 1288 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
15:40:51.0695 1288 DockLoginService - ok
15:40:51.0726 1288 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:40:51.0726 1288 dot3svc - ok
15:40:51.0773 1288 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:40:51.0773 1288 Dot4 - ok
15:40:51.0804 1288 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:40:51.0804 1288 Dot4Print - ok
15:40:51.0835 1288 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:40:51.0851 1288 dot4usb - ok
15:40:51.0882 1288 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:40:51.0882 1288 DPS - ok
15:40:51.0897 1288 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:40:51.0897 1288 drmkaud - ok
15:40:51.0944 1288 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:40:51.0960 1288 DXGKrnl - ok
15:40:51.0975 1288 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:40:51.0991 1288 EapHost - ok
15:40:52.0053 1288 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:40:52.0116 1288 ebdrv - ok
15:40:52.0131 1288 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:40:52.0147 1288 EFS - ok
15:40:52.0163 1288 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:40:52.0178 1288 ehRecvr - ok
15:40:52.0194 1288 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:40:52.0194 1288 ehSched - ok
15:40:52.0225 1288 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:40:52.0241 1288 elxstor - ok
15:40:52.0256 1288 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:40:52.0256 1288 ErrDev - ok
15:40:52.0272 1288 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:40:52.0272 1288 EventSystem - ok
15:40:52.0287 1288 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:40:52.0303 1288 exfat - ok
15:40:52.0319 1288 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:40:52.0319 1288 fastfat - ok
15:40:52.0334 1288 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:40:52.0334 1288 fdc - ok
15:40:52.0350 1288 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:40:52.0350 1288 fdPHost - ok
15:40:52.0350 1288 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:40:52.0365 1288 FDResPub - ok
15:40:52.0365 1288 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:40:52.0365 1288 FileInfo - ok
15:40:52.0381 1288 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:40:52.0381 1288 Filetrace - ok
15:40:52.0397 1288 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:40:52.0397 1288 flpydisk - ok
15:40:52.0428 1288 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:40:52.0428 1288 FltMgr - ok
15:40:52.0490 1288 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:40:52.0506 1288 FontCache - ok
15:40:52.0537 1288 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:40:52.0537 1288 FontCache3.0.0.0 - ok
15:40:52.0553 1288 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:40:52.0553 1288 FsDepends - ok
15:40:52.0584 1288 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:40:52.0584 1288 fssfltr - ok
15:40:52.0677 1288 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:40:52.0724 1288 fsssvc - ok
15:40:52.0787 1288 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:40:52.0787 1288 Fs_Rec - ok
15:40:52.0833 1288 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:40:52.0849 1288 fvevol - ok
15:40:52.0865 1288 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:40:52.0865 1288 gagp30kx - ok
15:40:52.0911 1288 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
15:40:52.0911 1288 GoToAssist - ok
15:40:52.0958 1288 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:40:52.0989 1288 gpsvc - ok
15:40:53.0083 1288 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:40:53.0083 1288 gupdate - ok
15:40:53.0114 1288 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:40:53.0114 1288 gupdatem - ok
15:40:53.0130 1288 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:40:53.0130 1288 hcw85cir - ok
15:40:53.0161 1288 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:40:53.0161 1288 HDAudBus - ok
15:40:53.0192 1288 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:40:53.0192 1288 HidBatt - ok
15:40:53.0192 1288 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:40:53.0223 1288 HidBth - ok
15:40:53.0223 1288 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:40:53.0223 1288 HidIr - ok
15:40:53.0270 1288 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:40:53.0270 1288 hidserv - ok
15:40:53.0286 1288 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:40:53.0286 1288 HidUsb - ok
15:40:53.0301 1288 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:40:53.0317 1288 hkmsvc - ok
15:40:53.0333 1288 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:40:53.0348 1288 HomeGroupListener - ok
15:40:53.0364 1288 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:40:53.0379 1288 HomeGroupProvider - ok
15:40:53.0426 1288 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:40:53.0442 1288 hpqcxs08 - ok
15:40:53.0457 1288 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:40:53.0457 1288 hpqddsvc - ok
15:40:53.0457 1288 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:40:53.0473 1288 HpSAMD - ok
15:40:53.0520 1288 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:40:53.0598 1288 HPSLPSVC - ok
15:40:53.0660 1288 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:40:53.0676 1288 HTTP - ok
15:40:53.0691 1288 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:40:53.0691 1288 hwpolicy - ok
15:40:53.0738 1288 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:40:53.0738 1288 i8042prt - ok
15:40:53.0754 1288 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:40:53.0754 1288 iaStorV - ok
15:40:53.0801 1288 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:40:53.0801 1288 idsvc - ok
15:40:53.0832 1288 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:40:53.0832 1288 iirsp - ok
15:40:53.0847 1288 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:40:53.0863 1288 IKEEXT - ok
15:40:53.0941 1288 [ 9526F32B8A76F8DC25A1587400E30084 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:40:54.0003 1288 IntcAzAudAddService - ok
15:40:54.0019 1288 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:40:54.0019 1288 intelide - ok
15:40:54.0035 1288 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:40:54.0035 1288 intelppm - ok
15:40:54.0113 1288 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
15:40:54.0113 1288 IntuitUpdateServiceV4 - ok
15:40:54.0144 1288 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:40:54.0144 1288 IPBusEnum - ok
15:40:54.0191 1288 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:40:54.0191 1288 IpFilterDriver - ok
15:40:54.0237 1288 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:40:54.0284 1288 iphlpsvc - ok
15:40:54.0300 1288 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:40:54.0300 1288 IPMIDRV - ok
15:40:54.0315 1288 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:40:54.0315 1288 IPNAT - ok
15:40:54.0347 1288 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:40:54.0347 1288 IRENUM - ok
15:40:54.0362 1288 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:40:54.0362 1288 isapnp - ok
15:40:54.0378 1288 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:40:54.0378 1288 iScsiPrt - ok
15:40:54.0425 1288 [ D85F3F18E44F7447B5F1BA5C85BAEB7C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
15:40:54.0440 1288 k57nd60a - ok
15:40:54.0456 1288 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:40:54.0456 1288 kbdclass - ok
15:40:54.0471 1288 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:40:54.0471 1288 kbdhid - ok
15:40:54.0487 1288 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:40:54.0487 1288 KeyIso - ok
15:40:54.0518 1288 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:40:54.0518 1288 KSecDD - ok
15:40:54.0549 1288 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:40:54.0549 1288 KSecPkg - ok
15:40:54.0565 1288 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:40:54.0565 1288 ksthunk - ok
15:40:54.0581 1288 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:40:54.0581 1288 KtmRm - ok
15:40:54.0627 1288 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:40:54.0627 1288 LanmanServer - ok
15:40:54.0659 1288 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:40:54.0674 1288 LanmanWorkstation - ok
15:40:54.0705 1288 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:40:54.0705 1288 lltdio - ok
15:40:54.0721 1288 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:40:54.0721 1288 lltdsvc - ok
15:40:54.0737 1288 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:40:54.0737 1288 lmhosts - ok
15:40:54.0768 1288 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:40:54.0768 1288 LSI_FC - ok
15:40:54.0783 1288 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:40:54.0783 1288 LSI_SAS - ok
15:40:54.0799 1288 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:40:54.0799 1288 LSI_SAS2 - ok
15:40:54.0815 1288 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:40:54.0815 1288 LSI_SCSI - ok
15:40:54.0830 1288 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:40:54.0846 1288 luafv - ok
15:40:54.0877 1288 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:40:54.0877 1288 Mcx2Svc - ok
15:40:54.0924 1288 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
15:40:54.0924 1288 MDM - ok
15:40:54.0939 1288 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:40:54.0955 1288 megasas - ok
15:40:54.0971 1288 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:40:54.0971 1288 MegaSR - ok
15:40:55.0049 1288 Microsoft SharePoint Workspace Audit Service - ok
15:40:55.0080 1288 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:40:55.0080 1288 MMCSS - ok
15:40:55.0095 1288 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:40:55.0095 1288 Modem - ok
15:40:55.0127 1288 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:40:55.0127 1288 monitor - ok
15:40:55.0142 1288 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:40:55.0142 1288 mouclass - ok
15:40:55.0158 1288 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:40:55.0158 1288 mouhid - ok
15:40:55.0189 1288 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:40:55.0189 1288 mountmgr - ok
15:40:55.0236 1288 [ 313265CF4F5F02ED927774DA1DB3FE00 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:40:55.0236 1288 MozillaMaintenance - ok
15:40:55.0267 1288 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:40:55.0283 1288 MpFilter - ok
15:40:55.0314 1288 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:40:55.0314 1288 mpio - ok
15:40:55.0345 1288 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:40:55.0345 1288 mpsdrv - ok
15:40:55.0392 1288 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:40:55.0423 1288 MpsSvc - ok
15:40:55.0470 1288 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:40:55.0485 1288 MRxDAV - ok
15:40:55.0517 1288 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:40:55.0517 1288 mrxsmb - ok
15:40:55.0563 1288 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:40:55.0563 1288 mrxsmb10 - ok
15:40:55.0626 1288 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:40:55.0626 1288 mrxsmb20 - ok
15:40:55.0673 1288 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:40:55.0673 1288 msahci - ok
15:40:55.0735 1288 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:40:55.0735 1288 msdsm - ok
15:40:55.0751 1288 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:40:55.0751 1288 MSDTC - ok
15:40:55.0797 1288 [ 72949A24D37A20A54B3D4D3DADBB55E9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
15:40:55.0813 1288 MSDV - ok
15:40:55.0813 1288 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:40:55.0813 1288 Msfs - ok
15:40:55.0829 1288 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:40:55.0829 1288 mshidkmdf - ok
15:40:55.0860 1288 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:40:55.0860 1288 msisadrv - ok
15:40:55.0891 1288 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:40:55.0891 1288 MSiSCSI - ok
15:40:55.0907 1288 msiserver - ok
15:40:55.0922 1288 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:40:55.0938 1288 MSKSSRV - ok
15:40:55.0969 1288 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:40:55.0969 1288 MsMpSvc - ok
15:40:55.0985 1288 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:40:55.0985 1288 MSPCLOCK - ok
15:40:56.0016 1288 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:40:56.0016 1288 MSPQM - ok
15:40:56.0063 1288 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:40:56.0063 1288 MsRPC - ok
15:40:56.0109 1288 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:40:56.0109 1288 mssmbios - ok
15:40:56.0156 1288 MSSQL$SQLEXPRESS - ok
15:40:56.0187 1288 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:40:56.0187 1288 MSSQLServerADHelper100 - ok
15:40:56.0203 1288 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:40:56.0203 1288 MSTEE - ok
15:40:56.0219 1288 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:40:56.0219 1288 MTConfig - ok
15:40:56.0250 1288 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:40:56.0265 1288 Mup - ok
15:40:56.0297 1288 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:40:56.0312 1288 napagent - ok
15:40:56.0375 1288 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:40:56.0390 1288 NativeWifiP - ok
15:40:56.0499 1288 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:40:56.0499 1288 NAUpdate - ok
15:40:56.0593 1288 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:40:56.0609 1288 NDIS - ok
15:40:56.0702 1288 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:40:56.0702 1288 NdisCap - ok
15:40:56.0733 1288 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:40:56.0733 1288 NdisTapi - ok
15:40:56.0780 1288 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:40:56.0780 1288 Ndisuio - ok
15:40:56.0811 1288 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:40:56.0827 1288 NdisWan - ok
15:40:56.0858 1288 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:40:56.0858 1288 NDProxy - ok
15:40:56.0905 1288 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:40:56.0905 1288 Net Driver HPZ12 - ok
15:40:56.0921 1288 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:40:56.0921 1288 NetBIOS - ok
15:40:56.0999 1288 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:40:56.0999 1288 NetBT - ok
15:40:57.0014 1288 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:40:57.0030 1288 Netlogon - ok
15:40:57.0077 1288 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:40:57.0092 1288 Netman - ok
15:40:57.0155 1288 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:40:57.0170 1288 NetMsmqActivator - ok
15:40:57.0186 1288 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:40:57.0186 1288 NetPipeActivator - ok
15:40:57.0233 1288 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:40:57.0233 1288 netprofm - ok
15:40:57.0248 1288 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:40:57.0248 1288 NetTcpActivator - ok
15:40:57.0264 1288 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:40:57.0264 1288 NetTcpPortSharing - ok
15:40:57.0295 1288 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:40:57.0311 1288 nfrd960 - ok
15:40:57.0342 1288 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:40:57.0342 1288 NisDrv - ok
15:40:57.0373 1288 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
15:40:57.0373 1288 NisSrv - ok
15:40:57.0420 1288 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:40:57.0498 1288 NlaSvc - ok
15:40:57.0498 1288 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:40:57.0498 1288 Npfs - ok
15:40:57.0513 1288 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:40:57.0529 1288 nsi - ok
15:40:57.0545 1288 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:40:57.0545 1288 nsiproxy - ok
15:40:57.0576 1288 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:40:57.0591 1288 Ntfs - ok
15:40:57.0623 1288 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:40:57.0623 1288 Null - ok
15:40:57.0669 1288 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:40:57.0669 1288 nvraid - ok
15:40:57.0732 1288 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:40:57.0732 1288 nvstor - ok
15:40:57.0763 1288 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:40:57.0763 1288 nv_agp - ok
15:40:57.0794 1288 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:40:57.0794 1288 ohci1394 - ok
15:40:57.0841 1288 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:40:57.0841 1288 ose - ok
15:40:58.0028 1288 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:40:58.0122 1288 osppsvc - ok
15:40:58.0184 1288 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:40:58.0184 1288 p2pimsvc - ok
15:40:58.0247 1288 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:40:58.0247 1288 p2psvc - ok
15:40:58.0278 1288 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:40:58.0278 1288 Parport - ok
15:40:58.0309 1288 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:40:58.0309 1288 partmgr - ok
15:40:58.0309 1288 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:40:58.0309 1288 PcaSvc - ok
15:40:58.0371 1288 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
15:40:58.0418 1288 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
15:40:58.0449 1288 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:40:58.0449 1288 pci - ok
15:40:58.0465 1288 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:40:58.0465 1288 pciide - ok
15:40:58.0496 1288 PCLEPCI - ok
15:40:58.0512 1288 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:40:58.0512 1288 pcmcia - ok
15:40:58.0543 1288 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:40:58.0543 1288 pcw - ok
15:40:58.0605 1288 [ AC627D9160D7763CAF611250F3F9B208 ] PDFProFiltSrvPP e:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
15:40:58.0699 1288 PDFProFiltSrvPP - ok
15:40:58.0715 1288 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:40:58.0730 1288 PEAUTH - ok
15:40:58.0839 1288 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:40:58.0839 1288 PerfHost - ok
15:40:58.0949 1288 [ 8BA0E6570112C4F27571A3C21B3A02A6 ] PGMTrusted f:\Program Files (x86)\Pogo Games\PGMTrusted.exe
15:40:59.0042 1288 PGMTrusted - ok
15:40:59.0105 1288 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:40:59.0136 1288 pla - ok
15:40:59.0151 1288 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:40:59.0167 1288 PlugPlay - ok
15:40:59.0167 1288 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:40:59.0183 1288 Pml Driver HPZ12 - ok
15:40:59.0183 1288 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:40:59.0183 1288 PNRPAutoReg - ok
15:40:59.0198 1288 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:40:59.0198 1288 PNRPsvc - ok
15:40:59.0245 1288 [ 32D374C60778253B81FA76C2FE19E155 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
15:40:59.0245 1288 Point64 - ok
15:40:59.0261 1288 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:40:59.0276 1288 PolicyAgent - ok
15:40:59.0292 1288 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:40:59.0292 1288 Power - ok
15:40:59.0323 1288 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:40:59.0323 1288 PptpMiniport - ok
15:40:59.0339 1288 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:40:59.0339 1288 Processor - ok
15:40:59.0385 1288 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:40:59.0401 1288 ProfSvc - ok
15:40:59.0401 1288 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:40:59.0401 1288 ProtectedStorage - ok
15:40:59.0432 1288 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:40:59.0432 1288 Psched - ok
15:40:59.0495 1288 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:40:59.0557 1288 PSI_SVC_2 - ok
15:40:59.0588 1288 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:40:59.0588 1288 PxHlpa64 - ok
15:40:59.0635 1288 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:40:59.0666 1288 ql2300 - ok
15:40:59.0682 1288 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:40:59.0682 1288 ql40xx - ok
15:40:59.0697 1288 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:40:59.0713 1288 QWAVE - ok
15:40:59.0713 1288 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:40:59.0729 1288 QWAVEdrv - ok
15:40:59.0729 1288 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:40:59.0729 1288 RasAcd - ok
15:40:59.0760 1288 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:40:59.0760 1288 RasAgileVpn - ok
15:40:59.0775 1288 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:40:59.0775 1288 RasAuto - ok
15:40:59.0807 1288 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:40:59.0807 1288 Rasl2tp - ok
15:40:59.0838 1288 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:40:59.0853 1288 RasMan - ok
15:40:59.0869 1288 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:40:59.0885 1288 RasPppoe - ok
15:40:59.0900 1288 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:40:59.0900 1288 RasSstp - ok
15:40:59.0947 1288 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:40:59.0963 1288 rdbss - ok
15:41:00.0009 1288 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:41:00.0009 1288 rdpbus - ok
15:41:00.0025 1288 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:41:00.0041 1288 RDPCDD - ok
15:41:00.0056 1288 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:41:00.0056 1288 RDPENCDD - ok
15:41:00.0072 1288 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:41:00.0072 1288 RDPREFMP - ok
15:41:00.0103 1288 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:41:00.0119 1288 RDPWD - ok
15:41:00.0150 1288 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:41:00.0150 1288 rdyboost - ok
15:41:00.0165 1288 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:41:00.0165 1288 RemoteAccess - ok
15:41:00.0181 1288 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:41:00.0181 1288 RemoteRegistry - ok
15:41:00.0212 1288 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:41:00.0212 1288 RpcEptMapper - ok
15:41:00.0243 1288 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:41:00.0243 1288 RpcLocator - ok
15:41:00.0290 1288 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:41:00.0290 1288 RpcSs - ok
15:41:00.0353 1288 [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105 C:\Windows\system32\DRIVERS\RsFx0105.sys
15:41:00.0353 1288 RsFx0105 - ok
15:41:00.0368 1288 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:41:00.0368 1288 rspndr - ok
15:41:00.0384 1288 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:41:00.0384 1288 SamSs - ok
15:41:00.0415 1288 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:41:00.0415 1288 sbp2port - ok
15:41:00.0462 1288 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
15:41:01.0725 1288 SBSDWSCService - ok
15:41:01.0741 1288 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:41:01.0741 1288 SCardSvr - ok
15:41:01.0772 1288 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:41:01.0772 1288 scfilter - ok
15:41:01.0819 1288 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:41:01.0819 1288 Schedule - ok
15:41:01.0850 1288 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:41:01.0850 1288 SCPolicySvc - ok
15:41:01.0881 1288 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:41:01.0881 1288 SDRSVC - ok
15:41:01.0944 1288 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:41:01.0944 1288 SeaPort - ok
15:41:01.0959 1288 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:41:01.0975 1288 secdrv - ok
15:41:02.0006 1288 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:41:02.0006 1288 seclogon - ok
15:41:02.0006 1288 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:41:02.0022 1288 SENS - ok
15:41:02.0053 1288 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:41:02.0053 1288 SensrSvc - ok
15:41:02.0069 1288 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:41:02.0069 1288 Serenum - ok
15:41:02.0084 1288 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:41:02.0084 1288 Serial - ok
15:41:02.0100 1288 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:41:02.0100 1288 sermouse - ok
15:41:02.0115 1288 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:41:02.0115 1288 SessionEnv - ok
15:41:02.0147 1288 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:41:02.0147 1288 sffdisk - ok
15:41:02.0162 1288 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:41:02.0162 1288 sffp_mmc - ok
15:41:02.0178 1288 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:41:02.0178 1288 sffp_sd - ok
15:41:02.0178 1288 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:41:02.0178 1288 sfloppy - ok
15:41:02.0193 1288 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:41:02.0209 1288 SharedAccess - ok
15:41:02.0225 1288 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:41:02.0225 1288 ShellHWDetection - ok
15:41:02.0240 1288 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:41:02.0240 1288 SiSRaid2 - ok
15:41:02.0256 1288 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:41:02.0256 1288 SiSRaid4 - ok
15:41:02.0256 1288 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:41:02.0256 1288 Smb - ok
15:41:02.0271 1288 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:41:02.0271 1288 SNMPTRAP - ok
15:41:02.0318 1288 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:41:02.0318 1288 spldr - ok
15:41:02.0365 1288 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:41:02.0381 1288 Spooler - ok
15:41:02.0459 1288 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:41:02.0505 1288 sppsvc - ok
15:41:02.0521 1288 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:41:02.0521 1288 sppuinotify - ok
15:41:02.0583 1288 [ 131575CDF93FDF365DE107D0242E52D8 ] sptd C:\Windows\system32\Drivers\sptd.sys
15:41:02.0583 1288 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 131575CDF93FDF365DE107D0242E52D8
15:41:02.0599 1288 sptd ( LockedFile.Multi.Generic ) - warning
15:41:02.0599 1288 sptd - detected LockedFile.Multi.Generic (1)
15:41:02.0661 1288 [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
15:41:02.0677 1288 SQLAgent$SQLEXPRESS - ok
15:41:02.0724 1288 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:41:02.0724 1288 SQLBrowser - ok
15:41:02.0739 1288 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:41:02.0755 1288 SQLWriter - ok
15:41:02.0786 1288 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:41:02.0786 1288 srv - ok
15:41:02.0864 1288 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:41:02.0880 1288 srv2 - ok
15:41:02.0911 1288 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:41:02.0911 1288 srvnet - ok
15:41:02.0942 1288 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:41:02.0958 1288 SSDPSRV - ok
15:41:02.0973 1288 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
15:41:02.0989 1288 SSPORT - ok
15:41:03.0005 1288 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:41:03.0005 1288 SstpSvc - ok
15:41:03.0036 1288 [ B1800F5DA5114148E405F21292EDF77A ] StarPortLite C:\Windows\system32\DRIVERS\StarPortLite.sys
15:41:03.0067 1288 StarPortLite - ok
15:41:03.0083 1288 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:41:03.0083 1288 stexstor - ok
15:41:03.0114 1288 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:41:03.0129 1288 stisvc - ok
15:41:03.0145 1288 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:41:03.0145 1288 swenum - ok
15:41:03.0192 1288 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:41:03.0207 1288 swprv - ok
15:41:03.0254 1288 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:41:03.0301 1288 SysMain - ok
15:41:03.0317 1288 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:41:03.0317 1288 TabletInputService - ok
15:41:03.0332 1288 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:41:03.0348 1288 TapiSrv - ok
15:41:03.0363 1288 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:41:03.0363 1288 TBS - ok
15:41:03.0410 1288 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:41:03.0441 1288 Tcpip - ok
15:41:03.0473 1288 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:41:03.0488 1288 TCPIP6 - ok
15:41:03.0519 1288 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:41:03.0535 1288 tcpipreg - ok
15:41:03.0551 1288 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:41:03.0551 1288 TDPIPE - ok
15:41:03.0566 1288 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:41:03.0582 1288 TDTCP - ok
15:41:03.0613 1288 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:41:03.0613 1288 tdx - ok
15:41:03.0753 1288 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
15:41:03.0800 1288 TeamViewer7 - ok
15:41:03.0816 1288 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:41:03.0816 1288 TermDD - ok
15:41:03.0878 1288 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:41:03.0909 1288 TermService - ok
15:41:03.0909 1288 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:41:03.0909 1288 Themes - ok
15:41:03.0941 1288 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:41:03.0941 1288 THREADORDER - ok
15:41:03.0956 1288 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:41:03.0956 1288 TrkWks - ok
15:41:03.0987 1288 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:41:03.0987 1288 TrustedInstaller - ok
15:41:04.0019 1288 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:41:04.0019 1288 tssecsrv - ok
15:41:04.0065 1288 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:41:04.0065 1288 TsUsbFlt - ok
15:41:04.0097 1288 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:41:04.0112 1288 tunnel - ok
15:41:04.0128 1288 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:41:04.0128 1288 uagp35 - ok
15:41:04.0175 1288 [ 5EDDA7F88B0E92C6D1CADA8F7A95358B ] UBFWNet6 C:\Windows\system32\DRIVERS\ubfwnet6.sys
15:41:04.0175 1288 UBFWNet6 - ok
15:41:04.0237 1288 [ BFB5F255636977FE72E7CC14FB404FAC ] ubohci C:\Windows\system32\DRIVERS\ubohci.sys
15:41:04.0253 1288 ubohci - ok
15:41:04.0268 1288 [ B6AF2605AB31D65A47CC96EA19D67347 ] ubsbm C:\Windows\system32\DRIVERS\ubsbm.sys
15:41:04.0268 1288 ubsbm - ok
15:41:04.0284 1288 [ AF7A45A3AF3ABFC2101D270F46C11AE6 ] ubumapi C:\Windows\system32\DRIVERS\ubumapi.sys
15:41:04.0299 1288 ubumapi - ok
15:41:04.0331 1288 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:41:04.0331 1288 udfs - ok
15:41:04.0346 1288 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:41:04.0346 1288 UI0Detect - ok
15:41:04.0362 1288 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:41:04.0362 1288 uliagpkx - ok
15:41:04.0377 1288 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:41:04.0377 1288 umbus - ok
15:41:04.0393 1288 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:41:04.0393 1288 UmPass - ok
15:41:04.0440 1288 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:41:04.0455 1288 upnphost - ok
15:41:04.0471 1288 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:41:04.0487 1288 usbccgp - ok
15:41:04.0518 1288 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:41:04.0518 1288 usbcir - ok
15:41:04.0549 1288 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:41:04.0549 1288 usbehci - ok
15:41:04.0580 1288 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:41:04.0580 1288 usbhub - ok
15:41:04.0611 1288 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:41:04.0611 1288 usbohci - ok
15:41:04.0643 1288 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:41:04.0643 1288 usbprint - ok
15:41:04.0674 1288 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:41:04.0674 1288 usbscan - ok
15:41:04.0705 1288 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:41:04.0721 1288 USBSTOR - ok
15:41:04.0736 1288 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:41:04.0736 1288 usbuhci - ok
15:41:04.0736 1288 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:41:04.0736 1288 UxSms - ok
15:41:04.0752 1288 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:41:04.0752 1288 VaultSvc - ok
15:41:04.0783 1288 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:41:04.0783 1288 vdrvroot - ok
15:41:04.0814 1288 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:41:04.0814 1288 vds - ok
15:41:04.0861 1288 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:41:04.0877 1288 vga - ok
15:41:04.0877 1288 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:41:04.0892 1288 VgaSave - ok
15:41:04.0939 1288 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:41:04.0939 1288 vhdmp - ok
15:41:04.0970 1288 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:41:04.0970 1288 viaide - ok
15:41:04.0986 1288 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:41:04.0986 1288 volmgr - ok
15:41:05.0001 1288 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:41:05.0001 1288 volmgrx - ok
15:41:05.0033 1288 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:41:05.0048 1288 volsnap - ok
15:41:05.0064 1288 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:41:05.0064 1288 vsmraid - ok
15:41:05.0111 1288 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:41:05.0142 1288 VSS - ok
15:41:05.0173 1288 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:41:05.0189 1288 vwifibus - ok
15:41:05.0204 1288 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:41:05.0220 1288 vwififlt - ok
15:41:05.0235 1288 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:41:05.0235 1288 vwifimp - ok
15:41:05.0251 1288 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:41:05.0251 1288 W32Time - ok
15:41:05.0267 1288 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:41:05.0267 1288 WacomPen - ok
15:41:05.0298 1288 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:41:05.0298 1288 WANARP - ok
15:41:05.0329 1288 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:41:05.0329 1288 Wanarpv6 - ok
15:41:05.0391 1288 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:41:05.0407 1288 WatAdminSvc - ok
15:41:05.0454 1288 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:41:05.0485 1288 wbengine - ok
15:41:05.0501 1288 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:41:05.0501 1288 WbioSrvc - ok
15:41:05.0516 1288 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:41:05.0516 1288 wcncsvc - ok
15:41:05.0532 1288 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:41:05.0532 1288 WcsPlugInService - ok
15:41:05.0547 1288 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:41:05.0547 1288 Wd - ok
15:41:05.0579 1288 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:41:05.0610 1288 Wdf01000 - ok
15:41:05.0610 1288 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:41:05.0625 1288 WdiServiceHost - ok
15:41:05.0625 1288 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:41:05.0625 1288 WdiSystemHost - ok
15:41:05.0688 1288 [ F70D9DBF55CBF7F0B5705BD5FE79D907 ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
15:41:05.0813 1288 Web Assistant Updater - ok
15:41:05.0844 1288 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:41:05.0844 1288 WebClient - ok
15:41:05.0875 1288 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:41:05.0875 1288 Wecsvc - ok
15:41:05.0891 1288 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:41:05.0891 1288 wercplsupport - ok
15:41:05.0906 1288 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:41:05.0906 1288 WerSvc - ok
15:41:05.0922 1288 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:41:05.0922 1288 WfpLwf - ok
15:41:05.0937 1288 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:41:05.0937 1288 WIMMount - ok
15:41:05.0953 1288 WinDefend - ok
15:41:05.0969 1288 WinHttpAutoProxySvc - ok
15:41:06.0015 1288 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:41:06.0015 1288 Winmgmt - ok
15:41:06.0078 1288 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:41:06.0109 1288 WinRM - ok
15:41:06.0156 1288 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:41:06.0156 1288 WinUsb - ok
15:41:06.0203 1288 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:41:06.0218 1288 Wlansvc - ok
15:41:06.0249 1288 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:41:06.0249 1288 wlcrasvc - ok
15:41:06.0343 1288 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:41:06.0390 1288 wlidsvc - ok
15:41:06.0421 1288 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:41:06.0421 1288 WmiAcpi - ok
15:41:06.0452 1288 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:41:06.0452 1288 wmiApSrv - ok
15:41:06.0483 1288 WMPNetworkSvc - ok
15:41:06.0499 1288 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:41:06.0499 1288 WPCSvc - ok
15:41:06.0515 1288 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:41:06.0530 1288 WPDBusEnum - ok
15:41:06.0546 1288 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:41:06.0546 1288 ws2ifsl - ok
15:41:06.0561 1288 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:41:06.0561 1288 wscsvc - ok
15:41:06.0577 1288 WSearch - ok
15:41:06.0639 1288 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:41:06.0686 1288 wuauserv - ok
15:41:06.0717 1288 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:41:06.0749 1288 WudfPf - ok
15:41:06.0827 1288 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:41:06.0873 1288 WUDFRd - ok
15:41:06.0905 1288 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:41:06.0936 1288 wudfsvc - ok
15:41:06.0967 1288 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:41:06.0998 1288 WwanSvc - ok
15:41:07.0029 1288 ================ Scan global ===============================
15:41:07.0092 1288 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:41:07.0123 1288 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:41:07.0123 1288 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:41:07.0154 1288 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:41:07.0185 1288 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:41:07.0201 1288 [Global] - ok
15:41:07.0201 1288 ================ Scan MBR ==================================
15:41:07.0232 1288 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:41:07.0575 1288 \Device\Harddisk0\DR0 - ok
15:41:07.0575 1288 ================ Scan VBR ==================================
15:41:07.0575 1288 [ 5F524207C43C21420533E018F4C97E4D ] \Device\Harddisk0\DR0\Partition1
15:41:07.0575 1288 \Device\Harddisk0\DR0\Partition1 - ok
15:41:07.0591 1288 [ 8F53C360337160746AC3A76A1EDABAB2 ] \Device\Harddisk0\DR0\Partition2
15:41:07.0607 1288 \Device\Harddisk0\DR0\Partition2 - ok
15:41:07.0607 1288 [ 190CFDEEC3D81686FEBCB8A32D09FC73 ] \Device\Harddisk0\DR0\Partition3
15:41:07.0607 1288 \Device\Harddisk0\DR0\Partition3 - ok
15:41:07.0638 1288 [ 5950459B2FEFC0DFC01C954D29949661 ] \Device\Harddisk0\DR0\Partition4
15:41:07.0638 1288 \Device\Harddisk0\DR0\Partition4 - ok
15:41:07.0653 1288 [ D9A3DC868A5C5A347EFD3761D80307D7 ] \Device\Harddisk0\DR0\Partition5
15:41:07.0653 1288 \Device\Harddisk0\DR0\Partition5 - ok
15:41:07.0669 1288 [ C61C2DEA3007975E807D22A5DA3BFD97 ] \Device\Harddisk0\DR0\Partition6
15:41:07.0669 1288 \Device\Harddisk0\DR0\Partition6 - ok
15:41:07.0685 1288 [ 93750211F6BBEFEA47D029AD554446A1 ] \Device\Harddisk0\DR0\Partition7
15:41:07.0685 1288 \Device\Harddisk0\DR0\Partition7 - ok
15:41:07.0700 1288 [ 693D349DBFBCEA62CA7DEFABF963E47C ] \Device\Harddisk0\DR0\Partition8
15:41:07.0700 1288 \Device\Harddisk0\DR0\Partition8 - ok
15:41:07.0700 1288 ============================================================
15:41:07.0700 1288 Scan finished
15:41:07.0700 1288 ============================================================
15:41:07.0716 3760 Detected object count: 1
15:41:07.0716 3760 Actual detected object count: 1
15:41:28.0777 3760 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:41:28.0777 3760 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

#4 Montezuma45

Montezuma45
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 26 November 2012 - 05:02 PM

mbam report.

Although it may be apparent of what to do, I'll await instructions.


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.26.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Curt :: SUN2 [administrator]

11/26/2012 3:54:16 PM
mbam-log-2012-11-26 (16-00-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 239619
Time elapsed: 4 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Curt\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> No action taken.

(end)

#5 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:12:14 AM

Posted 26 November 2012 - 05:40 PM

Please download AdwCleaner by Xplode to your desktop.
  • Make sure all programs are closed
  • Doubleclick adwcleaner.exe
  • Click Delete
  • Press OK when prompted
  • Restart your computer when asked
  • Copy and paste the contents of the text files that opens after your computer restarts to a reply to this thread. (The log is also saved to C:\AdwCleaner[S1].txt)

Let's try an ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Check Remove found threats and Scan potentially unwanted applications (If given the option, choose "Quarantine" instead of delete.)
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

Please include the following in your reply
ESET log
ADWcleaner log
Any questions/comments you may have

Edited by Sightless, 26 November 2012 - 05:40 PM.


#6 Montezuma45

Montezuma45
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 26 November 2012 - 08:04 PM

# AdwCleaner v2.009 - Logfile created 11/26/2012 at 18:49:15
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Curt - SUN2
# Boot Mode : Normal
# Running from : H:\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Web Assistant Updater

***** [Files / Folders] *****

File Deleted : C:\user.js
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Curt\AppData\Local\TempDir
Folder Deleted : C:\Users\Curt\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Curt\Desktop\Software

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.FCTB000060497Pos
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.FCTB000060497Pos.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\FCTB000060497
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0 (en-US)

Profile name : default
File : C:\Users\Curt\AppData\Roaming\Mozilla\Firefox\Profiles\xzx1ux86.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\fy2uy93b.default\prefs.js

Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

*************************

AdwCleaner[S2].txt - [3028 octets] - [26/11/2012 18:49:15]

########## EOF - C:\AdwCleaner[S2].txt - [3088 octets] ##########

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:14 AM

Posted 26 November 2012 - 08:26 PM

Hello, if youu haven't... Rerun MBAM,update and Remove what it finds.. I would also run JRT/

Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Montezuma45

Montezuma45
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 26 November 2012 - 10:04 PM

ESET scan didn't find anything.

I think I'm going to try using the system to see if it has fixed it.

It looks like ADWCleaner removed something and one of the previous scans did too.

Maybe I got it.

#9 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:12:14 AM

Posted 26 November 2012 - 10:08 PM

Hi, be sure to run malwarebytes once more and be sure to remove what it finds.

#10 Montezuma45

Montezuma45
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 27 November 2012 - 01:55 AM

I still have the problem. :(

But I did get a screen print of the Firefox spoof.

Posted Image

I'm going to start from scratch and re-run everything.

#11 Montezuma45

Montezuma45
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 27 November 2012 - 02:14 AM

So far, so good. :)


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.27.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Curt :: SUN2 [administrator]

11/27/2012 1:03:50 AM
mbam-log-2012-11-27 (01-03-50).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 239650
Time elapsed: 3 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#12 Montezuma45

Montezuma45
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 27 November 2012 - 09:16 AM

ESET results:

H:\Downloads\outlook-express-s32-downloader.exe a variant of Win32/Soft32Downloader.A application cleaned by deleting - quarantined

#13 Montezuma45

Montezuma45
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 27 November 2012 - 09:49 AM

JRT results:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.5.5 (11.27.2012:2)
OS: Windows 7 Home Premium x64
Ran by Curt on Tue 11/27/2012 at 8:44:24.88
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-1331703710-3522024605-3825559902-1001\software\web assistant"



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/27/2012 at 8:48:27.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#14 Montezuma45

Montezuma45
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 27 November 2012 - 09:53 AM

This may be a silly question but I'll ask.

Could this be a virus on Zynga.com? Could their game be infected and I get the results? I don't see this popping up anywhere but when I play the game and noone has told me that it has a virus "name" yet. I have found a few things on my system but, basically, it seems pretty clean.

What do you think?

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:14 AM

Posted 27 November 2012 - 10:42 AM

Firefox is at Version 17. You should update from the link below and not "freshbrowser.com "
http://support.mozilla.org/en-US/kb/update-firefox-latest-version

Chances are that if downloaded from Zynga or Facebook that there is no virus,but a good chance there is Ad/spyware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users