Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Returnil found malware, some look like false positives, others I'm not sure about


  • Please log in to reply
9 replies to this topic

#1 redxiii

redxiii

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:52 PM

Posted 28 November 2012 - 12:42 PM

Hello everyone,

I have a Dell Inspiron N4110 that comes with Windows 7 Home Premium pre-installed. It was purchased only 3 months ago. I use Returnil (free virtual mode attracted me) and Microsoft Security Essentials. Everything is up to date. I just completed Returnil's Full System Scan on High Sensitivity (in hindsight, this may be my issue) and it came up with a few items:

1. Backdoor: C:\WINDOWS\WINSXS\X86_MICROSOFT-WINDOWS-FTP_31BF3856AD364E35_6.1.7601.17514_NONE_AEF2C7DBB6CC16C1\FTP.EXE
(Google did not yield any meaningful results)
2. Backdoor: C:\WINDOWS\WINSXS\X86_MICROSOFT-WINDOWS-FTP_31BF3856AD364E35_6.1.7601.17514_NONE_AEF2C7DBB6CC16C1\FTP.EXE

Attemping to repair these two resulted in errors and Returnil asking me to reboot. Upon reboot, there was no difference except that Returnil is now saying I need to do a system restore (and of course, wants me to upgrade to get additional features)

Additionally there were these:
3. CCSETUP320.exe
I'm sure many of you will recognize as CCleaner. I always download from the webpages the program sends me to and the updates are usually on filehippo
4. "Virus"
The two entries inside are Chrome extensions. I'm 99% certain these are false positives, but thought I'd mention it
5. "Archive bomb": C:\USERS\AUSTIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\F_000610
Might be false positive?
6. Security Risk: C:\DRIVERS\CHIPSET_USB3\ISSETUP.DLL (->(PecBundle)->(PECompact))
I'm pretty sure this is a false positive... this laptop does have a USB 3 port.

So, do I have malware or anything on my computer? Most of the extensions I use in FF and Chrome seem like they should be preventing a lot of potentially unwanted stuff. Script blockers / flash blockers, ad blockers, LSO cookie deletion...

My computer isn't slow or anything. I removed a lot of the crapware with the IObit batch uninstaller when I first got it, then CCleaned up, then used SmartDefrag. I'm fairly regular about using these tools as a regimen to maintain my computer.

BC AdBot (Login to Remove)

 


#2 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:03:52 AM

Posted 28 November 2012 - 03:26 PM

Download TDSSkiller
  • Right Click it Run as Admin.
  • Click on Change parameters
  • Select TDLFS file system
  • Click the Scan button
  • Post the LOG In your next reply

    Do not change the default options on scan results

Some types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it.

  • Before saving any of your security programs, rename them first. For example, before you save Malwarebytes', rename it to something like MBblah.exe and then click on Save and save it to your desktop. Same thing after you install it. Before running it, rename the main executable file first

    Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.

    If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run..
  • Another work around is by not using the mouse to install it, Just use the arrow keys, tab, and enter keys.



Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here or here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.
For a complete visual tutorial of MBAM, see http://thespykiller.co.uk/index.php/topic,5946.0.html

Please include the following in your reply:
TDSSKiller
MBAM log

#3 redxiii

redxiii
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:52 PM

Posted 28 November 2012 - 06:06 PM

14:55:32.0442 96552 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:55:33.0050 96552 ============================================================
14:55:33.0050 96552 Current date / time: 2012/11/28 14:55:33.0050
14:55:33.0050 96552 SystemInfo:
14:55:33.0050 96552
14:55:33.0050 96552 OS Version: 6.1.7601 ServicePack: 1.0
14:55:33.0050 96552 Product type: Workstation
14:55:33.0050 96552 ComputerName: [redacted]
14:55:33.0051 96552 UserName: [redacted]
14:55:33.0051 96552 Windows directory: C:\Windows
14:55:33.0051 96552 System windows directory: C:\Windows
14:55:33.0051 96552 Running under WOW64
14:55:33.0051 96552 Processor architecture: Intel x64
14:55:33.0051 96552 Number of processors: 4
14:55:33.0051 96552 Page size: 0x1000
14:55:33.0051 96552 Boot type: Normal boot
14:55:33.0051 96552 ============================================================
14:55:33.0685 96552 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:55:33.0697 96552 ============================================================
14:55:33.0697 96552 \Device\Harddisk0\DR0:
14:55:33.0697 96552 MBR partitions:
14:55:33.0698 96552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
14:55:33.0698 96552 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x37C41830
14:55:33.0698 96552 ============================================================
14:55:33.0734 96552 C: <-> \Device\Harddisk0\DR0\Partition2
14:55:33.0734 96552 ============================================================
14:55:33.0734 96552 Initialize success
14:55:33.0735 96552 ============================================================
14:55:55.0715 95976 ============================================================
14:55:55.0715 95976 Scan started
14:55:55.0715 95976 Mode: Manual; TDLFS;
14:55:55.0715 95976 ============================================================
14:55:56.0368 95976 ================ Scan system memory ========================
14:55:56.0368 95976 System memory - ok
14:55:56.0369 95976 ================ Scan services =============================
14:55:56.0540 95976 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:55:56.0559 95976 1394ohci - ok
14:55:56.0589 95976 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:55:56.0592 95976 ACPI - ok
14:55:56.0615 95976 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:55:56.0623 95976 AcpiPmi - ok
14:55:56.0660 95976 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:55:56.0778 95976 adp94xx - ok
14:55:56.0817 95976 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:55:56.0908 95976 adpahci - ok
14:55:56.0940 95976 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:55:56.0948 95976 adpu320 - ok
14:55:56.0986 95976 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:55:56.0988 95976 AeLookupSvc - ok
14:55:57.0066 95976 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:55:57.0070 95976 AERTFilters - ok
14:55:57.0136 95976 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:55:57.0159 95976 AFD - ok
14:55:57.0205 95976 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:55:57.0216 95976 agp440 - ok
14:55:57.0251 95976 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:55:57.0262 95976 ALG - ok
14:55:57.0298 95976 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:55:57.0306 95976 aliide - ok
14:55:57.0315 95976 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:55:57.0322 95976 amdide - ok
14:55:57.0340 95976 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:55:57.0347 95976 AmdK8 - ok
14:55:57.0359 95976 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:55:57.0363 95976 AmdPPM - ok
14:55:57.0392 95976 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:55:57.0405 95976 amdsata - ok
14:55:57.0431 95976 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:55:57.0447 95976 amdsbs - ok
14:55:57.0468 95976 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:55:57.0469 95976 amdxata - ok
14:55:57.0520 95976 [ 12E7A43A3C6840A063A82B04F7EF47C0 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
14:55:57.0533 95976 AMPPAL - ok
14:55:57.0556 95976 [ 12E7A43A3C6840A063A82B04F7EF47C0 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
14:55:57.0557 95976 AMPPALP - ok
14:55:57.0651 95976 [ 2CC0CBF2707BE4D5B6CE6B87D9DA2F97 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
14:55:57.0657 95976 AMPPALR3 - ok
14:55:57.0737 95976 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:55:57.0749 95976 AppID - ok
14:55:57.0781 95976 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:55:57.0786 95976 AppIDSvc - ok
14:55:57.0794 95976 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:55:57.0796 95976 Appinfo - ok
14:55:57.0830 95976 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:55:57.0842 95976 arc - ok
14:55:57.0860 95976 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:55:57.0866 95976 arcsas - ok
14:55:57.0967 95976 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:55:58.0010 95976 aspnet_state - ok
14:55:58.0048 95976 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:55:58.0056 95976 AsyncMac - ok
14:55:58.0107 95976 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:55:58.0115 95976 atapi - ok
14:55:58.0195 95976 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:55:58.0226 95976 AudioEndpointBuilder - ok
14:55:58.0255 95976 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:55:58.0260 95976 AudioSrv - ok
14:55:58.0320 95976 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:55:58.0334 95976 AxInstSV - ok
14:55:58.0397 95976 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:55:58.0434 95976 b06bdrv - ok
14:55:58.0484 95976 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:55:58.0505 95976 b57nd60a - ok
14:55:58.0539 95976 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:55:58.0552 95976 BDESVC - ok
14:55:58.0575 95976 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:55:58.0582 95976 Beep - ok
14:55:58.0644 95976 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:55:58.0657 95976 BFE - ok
14:55:58.0711 95976 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:55:58.0727 95976 BITS - ok
14:55:58.0773 95976 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:55:58.0782 95976 blbdrive - ok
14:55:58.0930 95976 [ 0F46D2845BD7DDACA52340ECC2B65DA3 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:55:58.0939 95976 Bluetooth Device Monitor - ok
14:55:59.0042 95976 [ 3341DE556EC28252D603277609EEF8BF ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
14:55:59.0119 95976 Bluetooth Media Service - ok
14:55:59.0200 95976 [ 5D5C3EC9BE1107DEDF0FEB55B7F3BD77 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:55:59.0206 95976 Bluetooth OBEX Service - ok
14:55:59.0242 95976 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:55:59.0243 95976 bowser - ok
14:55:59.0285 95976 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:55:59.0288 95976 BrFiltLo - ok
14:55:59.0300 95976 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:55:59.0304 95976 BrFiltUp - ok
14:55:59.0349 95976 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:55:59.0351 95976 Browser - ok
14:55:59.0370 95976 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:55:59.0380 95976 Brserid - ok
14:55:59.0393 95976 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:55:59.0397 95976 BrSerWdm - ok
14:55:59.0402 95976 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:55:59.0406 95976 BrUsbMdm - ok
14:55:59.0418 95976 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:55:59.0421 95976 BrUsbSer - ok
14:55:59.0465 95976 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
14:55:59.0472 95976 BthEnum - ok
14:55:59.0496 95976 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:55:59.0506 95976 BTHMODEM - ok
14:55:59.0537 95976 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:55:59.0548 95976 BthPan - ok
14:55:59.0612 95976 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
14:55:59.0642 95976 BTHPORT - ok
14:55:59.0689 95976 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:55:59.0692 95976 bthserv - ok
14:55:59.0740 95976 [ D6CEEC2F878149E4DB9FE93FA5D8FE60 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
14:55:59.0741 95976 BTHSSecurityMgr - ok
14:55:59.0760 95976 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
14:55:59.0770 95976 BTHUSB - ok
14:55:59.0825 95976 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
14:55:59.0833 95976 btmaudio - ok
14:55:59.0858 95976 [ AB0A33001FE7EBB209D9D52CED11BE1A ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
14:55:59.0867 95976 btmaux - ok
14:55:59.0910 95976 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
14:55:59.0925 95976 btmhsf - ok
14:55:59.0937 95976 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:55:59.0939 95976 cdfs - ok
14:55:59.0995 95976 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:56:00.0008 95976 cdrom - ok
14:56:00.0059 95976 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:56:00.0064 95976 CertPropSvc - ok
14:56:00.0085 95976 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:56:00.0095 95976 circlass - ok
14:56:00.0119 95976 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:56:00.0130 95976 CLFS - ok
14:56:00.0198 95976 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:56:00.0201 95976 clr_optimization_v2.0.50727_32 - ok
14:56:00.0246 95976 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:56:00.0252 95976 clr_optimization_v2.0.50727_64 - ok
14:56:00.0352 95976 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:56:00.0389 95976 clr_optimization_v4.0.30319_32 - ok
14:56:00.0428 95976 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:56:00.0460 95976 clr_optimization_v4.0.30319_64 - ok
14:56:00.0503 95976 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:56:00.0512 95976 CmBatt - ok
14:56:00.0554 95976 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:56:00.0562 95976 cmdide - ok
14:56:00.0630 95976 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:56:00.0639 95976 CNG - ok
14:56:00.0657 95976 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:56:00.0658 95976 Compbatt - ok
14:56:00.0674 95976 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:56:00.0682 95976 CompositeBus - ok
14:56:00.0689 95976 COMSysApp - ok
14:56:00.0700 95976 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:56:00.0706 95976 crcdisk - ok
14:56:00.0791 95976 [ 63A7739AC9C1E38589B3EDB1DAEB9DF5 ] CronService C:\Prey\platform\windows\cronsvc.exe
14:56:00.0793 95976 CronService - ok
14:56:00.0862 95976 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:56:00.0866 95976 CryptSvc - ok
14:56:00.0928 95976 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
14:56:00.0944 95976 CtClsFlt - ok
14:56:01.0008 95976 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:56:01.0031 95976 DcomLaunch - ok
14:56:01.0085 95976 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:56:01.0104 95976 defragsvc - ok
14:56:01.0209 95976 [ 2050309BAB03DFCEE455DBF913BF91B1 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
14:56:01.0238 95976 DellDigitalDelivery - ok
14:56:01.0286 95976 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:56:01.0289 95976 DfsC - ok
14:56:01.0351 95976 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:56:01.0360 95976 Dhcp - ok
14:56:01.0410 95976 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:56:01.0413 95976 discache - ok
14:56:01.0434 95976 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:56:01.0437 95976 Disk - ok
14:56:01.0479 95976 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:56:01.0481 95976 Dnscache - ok
14:56:01.0518 95976 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:56:01.0539 95976 dot3svc - ok
14:56:01.0559 95976 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:56:01.0561 95976 DPS - ok
14:56:01.0597 95976 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:56:01.0604 95976 drmkaud - ok
14:56:01.0674 95976 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:56:01.0746 95976 DXGKrnl - ok
14:56:01.0825 95976 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:56:01.0831 95976 EapHost - ok
14:56:01.0926 95976 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:56:02.0042 95976 ebdrv - ok
14:56:02.0093 95976 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:56:02.0096 95976 EFS - ok
14:56:02.0171 95976 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:56:02.0213 95976 ehRecvr - ok
14:56:02.0229 95976 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:56:02.0240 95976 ehSched - ok
14:56:02.0296 95976 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:56:02.0335 95976 elxstor - ok
14:56:02.0370 95976 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:56:02.0373 95976 ErrDev - ok
14:56:02.0439 95976 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:56:02.0447 95976 EventSystem - ok
14:56:02.0550 95976 [ 532B8FF8E07F3772B086620377654F95 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:56:02.0626 95976 EvtEng - ok
14:56:02.0651 95976 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:56:02.0666 95976 exfat - ok
14:56:02.0715 95976 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:56:02.0720 95976 fastfat - ok
14:56:02.0772 95976 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:56:02.0830 95976 Fax - ok
14:56:02.0866 95976 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:56:02.0875 95976 fdc - ok
14:56:02.0936 95976 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:56:02.0941 95976 fdPHost - ok
14:56:02.0955 95976 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:56:02.0964 95976 FDResPub - ok
14:56:03.0000 95976 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:56:03.0002 95976 FileInfo - ok
14:56:03.0010 95976 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:56:03.0019 95976 Filetrace - ok
14:56:03.0034 95976 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:56:03.0041 95976 flpydisk - ok
14:56:03.0052 95976 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:56:03.0058 95976 FltMgr - ok
14:56:03.0153 95976 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:56:03.0176 95976 FontCache - ok
14:56:03.0226 95976 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:56:03.0231 95976 FontCache3.0.0.0 - ok
14:56:03.0235 95976 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:56:03.0240 95976 FsDepends - ok
14:56:03.0283 95976 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:56:03.0290 95976 Fs_Rec - ok
14:56:03.0310 95976 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:56:03.0317 95976 fvevol - ok
14:56:03.0349 95976 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:56:03.0360 95976 gagp30kx - ok
14:56:03.0418 95976 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:56:03.0447 95976 gpsvc - ok
14:56:03.0517 95976 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:56:03.0521 95976 gupdate - ok
14:56:03.0542 95976 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:56:03.0545 95976 gupdatem - ok
14:56:03.0582 95976 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:56:03.0588 95976 hcw85cir - ok
14:56:03.0627 95976 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:56:03.0638 95976 HDAudBus - ok
14:56:03.0661 95976 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:56:03.0665 95976 HidBatt - ok
14:56:03.0684 95976 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:56:03.0696 95976 HidBth - ok
14:56:03.0729 95976 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:56:03.0738 95976 HidIr - ok
14:56:03.0775 95976 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:56:03.0779 95976 hidserv - ok
14:56:03.0813 95976 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:56:03.0823 95976 HidUsb - ok
14:56:03.0844 95976 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:56:03.0847 95976 hkmsvc - ok
14:56:03.0869 95976 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:56:03.0887 95976 HomeGroupListener - ok
14:56:03.0928 95976 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:56:03.0935 95976 HomeGroupProvider - ok
14:56:03.0961 95976 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:56:03.0970 95976 HpSAMD - ok
14:56:04.0030 95976 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:56:04.0077 95976 HTTP - ok
14:56:04.0097 95976 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:56:04.0097 95976 hwpolicy - ok
14:56:04.0143 95976 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:56:04.0156 95976 i8042prt - ok
14:56:04.0218 95976 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
14:56:04.0226 95976 iaStor - ok
14:56:04.0288 95976 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:56:04.0331 95976 iaStorV - ok
14:56:04.0380 95976 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
14:56:04.0384 95976 iBtFltCoex - ok
14:56:04.0439 95976 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:56:04.0474 95976 idsvc - ok
14:56:04.0781 95976 [ 0BD58366C86EF9DDC4F61AFED0CADA99 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:56:05.0147 95976 igfx - ok
14:56:05.0172 95976 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:56:05.0178 95976 iirsp - ok
14:56:05.0239 95976 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:56:05.0268 95976 IKEEXT - ok
14:56:05.0316 95976 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
14:56:05.0332 95976 Impcd - ok
14:56:05.0376 95976 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
14:56:05.0381 95976 intaud_WaveExtensible - ok
14:56:05.0472 95976 [ 1B491F385EE96F9D9EE4CB430C8CD29E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:56:05.0571 95976 IntcAzAudAddService - ok
14:56:05.0591 95976 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:56:05.0601 95976 IntcDAud - ok
14:56:05.0636 95976 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:56:05.0640 95976 intelide - ok
14:56:05.0672 95976 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:56:05.0677 95976 intelppm - ok
14:56:05.0713 95976 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:56:05.0720 95976 IPBusEnum - ok
14:56:05.0735 95976 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:56:05.0741 95976 IpFilterDriver - ok
14:56:05.0783 95976 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:56:05.0787 95976 iphlpsvc - ok
14:56:05.0809 95976 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:56:05.0813 95976 IPMIDRV - ok
14:56:05.0818 95976 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:56:05.0824 95976 IPNAT - ok
14:56:05.0859 95976 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:56:05.0863 95976 IRENUM - ok
14:56:05.0878 95976 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:56:05.0881 95976 isapnp - ok
14:56:05.0895 95976 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:56:05.0906 95976 iScsiPrt - ok
14:56:05.0941 95976 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
14:56:05.0945 95976 iwdbus - ok
14:56:05.0970 95976 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:56:05.0974 95976 kbdclass - ok
14:56:06.0007 95976 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:56:06.0011 95976 kbdhid - ok
14:56:06.0032 95976 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:56:06.0033 95976 KeyIso - ok
14:56:06.0077 95976 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:56:06.0078 95976 KSecDD - ok
14:56:06.0087 95976 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:56:06.0089 95976 KSecPkg - ok
14:56:06.0120 95976 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:56:06.0124 95976 ksthunk - ok
14:56:06.0159 95976 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:56:06.0171 95976 KtmRm - ok
14:56:06.0237 95976 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:56:06.0240 95976 LanmanServer - ok
14:56:06.0279 95976 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:56:06.0283 95976 LanmanWorkstation - ok
14:56:06.0326 95976 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:56:06.0336 95976 lltdio - ok
14:56:06.0374 95976 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:56:06.0415 95976 lltdsvc - ok
14:56:06.0460 95976 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:56:06.0464 95976 lmhosts - ok
14:56:06.0541 95976 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:56:06.0547 95976 LMS - ok
14:56:06.0597 95976 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:56:06.0611 95976 LSI_FC - ok
14:56:06.0646 95976 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:56:06.0658 95976 LSI_SAS - ok
14:56:06.0680 95976 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:56:06.0689 95976 LSI_SAS2 - ok
14:56:06.0696 95976 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:56:06.0707 95976 LSI_SCSI - ok
14:56:06.0737 95976 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:56:06.0741 95976 luafv - ok
14:56:06.0779 95976 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:56:06.0785 95976 Mcx2Svc - ok
14:56:06.0798 95976 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:56:06.0807 95976 megasas - ok
14:56:06.0833 95976 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:56:06.0982 95976 MegaSR - ok
14:56:07.0048 95976 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:56:07.0058 95976 MEIx64 - ok
14:56:07.0088 95976 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:56:07.0093 95976 MMCSS - ok
14:56:07.0109 95976 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:56:07.0119 95976 Modem - ok
14:56:07.0149 95976 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:56:07.0151 95976 monitor - ok
14:56:07.0191 95976 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:56:07.0201 95976 mouclass - ok
14:56:07.0244 95976 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:56:07.0252 95976 mouhid - ok
14:56:07.0288 95976 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:56:07.0291 95976 mountmgr - ok
14:56:07.0352 95976 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:56:07.0398 95976 MozillaMaintenance - ok
14:56:07.0435 95976 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:56:07.0451 95976 mpio - ok
14:56:07.0471 95976 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:56:07.0476 95976 mpsdrv - ok
14:56:07.0538 95976 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:56:07.0548 95976 MpsSvc - ok
14:56:07.0564 95976 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:56:07.0571 95976 MRxDAV - ok
14:56:07.0603 95976 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:56:07.0605 95976 mrxsmb - ok
14:56:07.0621 95976 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:56:07.0627 95976 mrxsmb10 - ok
14:56:07.0647 95976 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:56:07.0648 95976 mrxsmb20 - ok
14:56:07.0691 95976 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:56:07.0700 95976 msahci - ok
14:56:07.0742 95976 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:56:07.0757 95976 msdsm - ok
14:56:07.0798 95976 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:56:07.0815 95976 MSDTC - ok
14:56:07.0870 95976 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:56:07.0872 95976 Msfs - ok
14:56:07.0897 95976 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:56:07.0904 95976 mshidkmdf - ok
14:56:07.0943 95976 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:56:07.0945 95976 msisadrv - ok
14:56:07.0990 95976 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:56:08.0007 95976 MSiSCSI - ok
14:56:08.0014 95976 msiserver - ok
14:56:08.0055 95976 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:56:08.0062 95976 MSKSSRV - ok
14:56:08.0087 95976 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:56:08.0088 95976 MSPCLOCK - ok
14:56:08.0111 95976 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:56:08.0117 95976 MSPQM - ok
14:56:08.0143 95976 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:56:08.0147 95976 MsRPC - ok
14:56:08.0152 95976 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:56:08.0157 95976 mssmbios - ok
14:56:08.0165 95976 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:56:08.0168 95976 MSTEE - ok
14:56:08.0181 95976 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:56:08.0185 95976 MTConfig - ok
14:56:08.0188 95976 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:56:08.0189 95976 Mup - ok
14:56:08.0257 95976 [ 265937BC59819DF1DAB65E27C60F94C0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:56:08.0282 95976 MyWiFiDHCPDNS - ok
14:56:08.0338 95976 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:56:08.0359 95976 napagent - ok
14:56:08.0431 95976 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:56:08.0448 95976 NativeWifiP - ok
14:56:08.0535 95976 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
14:56:08.0539 95976 NAUpdate - ok
14:56:08.0619 95976 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:56:08.0642 95976 NDIS - ok
14:56:08.0688 95976 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:56:08.0697 95976 NdisCap - ok
14:56:08.0721 95976 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:56:08.0727 95976 NdisTapi - ok
14:56:08.0746 95976 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:56:08.0753 95976 Ndisuio - ok
14:56:08.0761 95976 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:56:08.0772 95976 NdisWan - ok
14:56:08.0781 95976 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:56:08.0787 95976 NDProxy - ok
14:56:08.0792 95976 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:56:08.0792 95976 NetBIOS - ok
14:56:08.0809 95976 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:56:08.0816 95976 NetBT - ok
14:56:08.0827 95976 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:56:08.0829 95976 Netlogon - ok
14:56:08.0872 95976 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:56:08.0884 95976 Netman - ok
14:56:08.0914 95976 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:56:08.0934 95976 NetMsmqActivator - ok
14:56:08.0943 95976 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:56:08.0947 95976 NetPipeActivator - ok
14:56:08.0983 95976 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:56:08.0994 95976 netprofm - ok
14:56:09.0004 95976 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:56:09.0007 95976 NetTcpActivator - ok
14:56:09.0016 95976 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:56:09.0018 95976 NetTcpPortSharing - ok
14:56:09.0253 95976 [ 774C9ECCEF83AB8A3D1466F19809C95F ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
14:56:09.0498 95976 NETwNs64 - ok
14:56:09.0533 95976 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:56:09.0539 95976 nfrd960 - ok
14:56:09.0592 95976 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:56:09.0595 95976 NlaSvc - ok
14:56:09.0716 95976 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
14:56:09.0770 95976 NOBU - ok
14:56:09.0865 95976 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:56:09.0866 95976 Npfs - ok
14:56:09.0900 95976 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:56:09.0901 95976 nsi - ok
14:56:09.0919 95976 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:56:09.0920 95976 nsiproxy - ok
14:56:09.0992 95976 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:56:10.0004 95976 Ntfs - ok
14:56:10.0042 95976 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:56:10.0046 95976 Null - ok
14:56:10.0098 95976 [ D584ABB6A308933A5F72B46C9E5A783F ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
14:56:10.0102 95976 nusb3hub - ok
14:56:10.0123 95976 [ 345B9C04E2036DA4346E3249A5BDFD06 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:56:10.0130 95976 nusb3xhc - ok
14:56:10.0150 95976 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:56:10.0157 95976 nvraid - ok
14:56:10.0203 95976 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:56:10.0210 95976 nvstor - ok
14:56:10.0232 95976 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:56:10.0238 95976 nv_agp - ok
14:56:10.0256 95976 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:56:10.0260 95976 ohci1394 - ok
14:56:10.0291 95976 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:56:10.0299 95976 p2pimsvc - ok
14:56:10.0322 95976 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:56:10.0331 95976 p2psvc - ok
14:56:10.0346 95976 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:56:10.0354 95976 Parport - ok
14:56:10.0393 95976 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:56:10.0394 95976 partmgr - ok
14:56:10.0450 95976 [ 7C0582921913D00180EC2B8518BA135C ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
14:56:10.0453 95976 pbfilter - ok
14:56:10.0474 95976 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:56:10.0478 95976 PcaSvc - ok
14:56:10.0516 95976 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:56:10.0517 95976 pci - ok
14:56:10.0536 95976 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:56:10.0539 95976 pciide - ok
14:56:10.0576 95976 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:56:10.0585 95976 pcmcia - ok
14:56:10.0597 95976 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:56:10.0598 95976 pcw - ok
14:56:10.0608 95976 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:56:10.0625 95976 PEAUTH - ok
14:56:10.0697 95976 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:56:10.0706 95976 PerfHost - ok
14:56:10.0780 95976 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:56:10.0842 95976 pla - ok
14:56:10.0894 95976 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:56:10.0900 95976 PlugPlay - ok
14:56:10.0918 95976 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:56:10.0922 95976 PNRPAutoReg - ok
14:56:10.0941 95976 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:56:10.0944 95976 PNRPsvc - ok
14:56:10.0989 95976 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:56:10.0993 95976 PolicyAgent - ok
14:56:11.0031 95976 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
14:56:11.0037 95976 Power - ok
14:56:11.0073 95976 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:56:11.0080 95976 PptpMiniport - ok
14:56:11.0109 95976 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:56:11.0114 95976 Processor - ok
14:56:11.0154 95976 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
14:56:11.0158 95976 ProfSvc - ok
14:56:11.0171 95976 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:56:11.0173 95976 ProtectedStorage - ok
14:56:11.0203 95976 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:56:11.0208 95976 Psched - ok
14:56:11.0247 95976 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:56:11.0250 95976 PxHlpa64 - ok
14:56:11.0339 95976 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:56:11.0424 95976 ql2300 - ok
14:56:11.0441 95976 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:56:11.0448 95976 ql40xx - ok
14:56:11.0488 95976 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:56:11.0510 95976 QWAVE - ok
14:56:11.0531 95976 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:56:11.0538 95976 QWAVEdrv - ok
14:56:11.0553 95976 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:56:11.0558 95976 RasAcd - ok
14:56:11.0615 95976 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:56:11.0626 95976 RasAgileVpn - ok
14:56:11.0673 95976 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:56:11.0680 95976 RasAuto - ok
14:56:11.0684 95976 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:56:11.0699 95976 Rasl2tp - ok
14:56:11.0728 95976 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:56:11.0738 95976 RasMan - ok
14:56:11.0742 95976 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:56:11.0749 95976 RasPppoe - ok
14:56:11.0767 95976 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:56:11.0775 95976 RasSstp - ok
14:56:11.0796 95976 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:56:11.0800 95976 rdbss - ok
14:56:11.0805 95976 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:56:11.0810 95976 rdpbus - ok
14:56:11.0840 95976 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:56:11.0846 95976 RDPCDD - ok
14:56:11.0867 95976 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:56:11.0873 95976 RDPENCDD - ok
14:56:11.0882 95976 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:56:11.0886 95976 RDPREFMP - ok
14:56:11.0928 95976 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:56:11.0948 95976 RDPWD - ok
14:56:11.0973 95976 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:56:11.0975 95976 rdyboost - ok
14:56:12.0067 95976 [ 7196BE857E29007470FF9B689C7F29A7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:56:12.0077 95976 RegSrvc - ok
14:56:12.0129 95976 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:56:12.0143 95976 RemoteAccess - ok
14:56:12.0197 95976 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:56:12.0234 95976 RemoteRegistry - ok
14:56:12.0297 95976 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:56:12.0309 95976 RFCOMM - ok
14:56:12.0435 95976 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
14:56:12.0523 95976 RoxMediaDB12OEM - ok
14:56:12.0564 95976 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
14:56:12.0590 95976 RoxWatch12 - ok
14:56:12.0628 95976 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:56:12.0634 95976 RpcEptMapper - ok
14:56:12.0666 95976 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:56:12.0670 95976 RpcLocator - ok
14:56:12.0696 95976 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:56:12.0707 95976 RpcSs - ok
14:56:12.0755 95976 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:56:12.0767 95976 rspndr - ok
14:56:12.0821 95976 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:56:12.0834 95976 RSUSBSTOR - ok
14:56:12.0898 95976 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:56:12.0927 95976 RTL8167 - ok
14:56:13.0010 95976 [ 955801E0F88A288FFA5C8248E15226E1 ] rvseng C:\Windows\system32\drivers\rvseng.sys
14:56:13.0028 95976 rvseng - ok
14:56:13.0062 95976 [ AE2591B11CDBE7E0AAC33647A130FB3E ] rvsmon C:\Windows\system32\drivers\rvsmon.sys
14:56:13.0064 95976 rvsmon - ok
14:56:13.0148 95976 [ E40433A0CB626AEBE8D3072D70CE9850 ] RVSMONBL C:\Program Files (x86)\Returnil\RSS\rvsmon.exe
14:56:13.0173 95976 RVSMONBL - ok
14:56:13.0197 95976 [ 38344AB743CFF9E3346D01174727368F ] rvsmonf C:\Windows\system32\drivers\rvsmonf.sys
14:56:13.0201 95976 rvsmonf - ok
14:56:13.0238 95976 [ 1D4024AC50734ACFDF3DDA252044710D ] rvsmonn C:\Windows\system32\drivers\rvsmonn2.sys
14:56:13.0246 95976 rvsmonn - ok
14:56:13.0255 95976 [ 2EC9D7190C0D07CE240006D68A31A17F ] rvsystem C:\Windows\system32\drivers\rvsystem.sys
14:56:13.0258 95976 rvsystem - ok
14:56:13.0285 95976 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:56:13.0289 95976 SamSs - ok
14:56:13.0308 95976 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:56:13.0322 95976 sbp2port - ok
14:56:13.0378 95976 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:56:13.0398 95976 SCardSvr - ok
14:56:13.0437 95976 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:56:13.0446 95976 scfilter - ok
14:56:13.0486 95976 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:56:13.0529 95976 Schedule - ok
14:56:13.0584 95976 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:56:13.0587 95976 SCPolicySvc - ok
14:56:13.0610 95976 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:56:13.0631 95976 SDRSVC - ok
14:56:13.0660 95976 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:56:13.0664 95976 secdrv - ok
14:56:13.0679 95976 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:56:13.0690 95976 seclogon - ok
14:56:13.0709 95976 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:56:13.0711 95976 SENS - ok
14:56:13.0744 95976 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:56:13.0756 95976 SensrSvc - ok
14:56:13.0803 95976 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
14:56:13.0811 95976 Serenum - ok
14:56:13.0844 95976 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
14:56:13.0857 95976 Serial - ok
14:56:13.0880 95976 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:56:13.0883 95976 sermouse - ok
14:56:13.0905 95976 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:56:13.0909 95976 SessionEnv - ok
14:56:13.0912 95976 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:56:13.0915 95976 sffdisk - ok
14:56:13.0919 95976 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:56:13.0922 95976 sffp_mmc - ok
14:56:13.0925 95976 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:56:13.0928 95976 sffp_sd - ok
14:56:13.0931 95976 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:56:13.0934 95976 sfloppy - ok
14:56:14.0035 95976 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
14:56:14.0063 95976 SftService - ok
14:56:14.0121 95976 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:56:14.0149 95976 SharedAccess - ok
14:56:14.0202 95976 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:56:14.0214 95976 ShellHWDetection - ok
14:56:14.0263 95976 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:56:14.0274 95976 SiSRaid2 - ok
14:56:14.0294 95976 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:56:14.0306 95976 SiSRaid4 - ok
14:56:14.0369 95976 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
14:56:14.0371 95976 SmartDefragDriver - ok
14:56:14.0381 95976 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:56:14.0394 95976 Smb - ok
14:56:14.0438 95976 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:56:14.0443 95976 SNMPTRAP - ok
14:56:14.0464 95976 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:56:14.0466 95976 spldr - ok
14:56:14.0493 95976 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
14:56:14.0503 95976 Spooler - ok
14:56:14.0595 95976 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:56:14.0739 95976 sppsvc - ok
14:56:14.0754 95976 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:56:14.0760 95976 sppuinotify - ok
14:56:14.0800 95976 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:56:14.0809 95976 srv - ok
14:56:14.0837 95976 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:56:14.0842 95976 srv2 - ok
14:56:14.0852 95976 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:56:14.0855 95976 srvnet - ok
14:56:14.0878 95976 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:56:14.0881 95976 SSDPSRV - ok
14:56:14.0885 95976 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:56:14.0888 95976 SstpSvc - ok
14:56:14.0929 95976 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:56:14.0937 95976 stexstor - ok
14:56:15.0000 95976 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:56:15.0013 95976 stisvc - ok
14:56:15.0058 95976 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
14:56:15.0078 95976 stllssvr - ok
14:56:15.0117 95976 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:56:15.0125 95976 swenum - ok
14:56:15.0171 95976 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:56:15.0201 95976 swprv - ok
14:56:15.0285 95976 [ AAD83760A0887975D8F524B4D2C86060 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:56:15.0351 95976 SynTP - ok
14:56:15.0418 95976 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:56:15.0492 95976 SysMain - ok
14:56:15.0509 95976 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:56:15.0511 95976 TabletInputService - ok
14:56:15.0524 95976 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:56:15.0547 95976 TapiSrv - ok
14:56:15.0576 95976 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:56:15.0579 95976 TBS - ok
14:56:15.0658 95976 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:56:15.0677 95976 Tcpip - ok
14:56:15.0738 95976 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:56:15.0749 95976 TCPIP6 - ok
14:56:15.0783 95976 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:56:15.0787 95976 tcpipreg - ok
14:56:15.0804 95976 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:56:15.0812 95976 TDPIPE - ok
14:56:15.0853 95976 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:56:15.0858 95976 TDTCP - ok
14:56:15.0875 95976 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:56:15.0888 95976 tdx - ok
14:56:15.0901 95976 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:56:15.0906 95976 TermDD - ok
14:56:15.0938 95976 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:56:15.0966 95976 TermService - ok
14:56:15.0982 95976 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:56:15.0985 95976 Themes - ok
14:56:16.0015 95976 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:56:16.0019 95976 THREADORDER - ok
14:56:16.0036 95976 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:56:16.0044 95976 TrkWks - ok
14:56:16.0097 95976 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:56:16.0101 95976 TrustedInstaller - ok
14:56:16.0135 95976 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:56:16.0199 95976 tssecsrv - ok
14:56:16.0224 95976 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:56:16.0229 95976 TsUsbFlt - ok
14:56:16.0255 95976 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:56:16.0264 95976 TsUsbGD - ok
14:56:16.0306 95976 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:56:16.0319 95976 tunnel - ok
14:56:16.0340 95976 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:56:16.0345 95976 uagp35 - ok
14:56:16.0362 95976 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:56:16.0384 95976 udfs - ok
14:56:16.0443 95976 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:56:16.0456 95976 UI0Detect - ok
14:56:16.0464 95976 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:56:16.0476 95976 uliagpkx - ok
14:56:16.0503 95976 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:56:16.0507 95976 umbus - ok
14:56:16.0523 95976 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:56:16.0531 95976 UmPass - ok
14:56:16.0668 95976 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:56:16.0683 95976 UNS - ok
14:56:16.0716 95976 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:56:16.0719 95976 upnphost - ok
14:56:16.0758 95976 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:56:16.0772 95976 usbccgp - ok
14:56:16.0798 95976 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:56:16.0804 95976 usbcir - ok
14:56:16.0823 95976 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:56:16.0834 95976 usbehci - ok
14:56:16.0897 95976 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:56:16.0925 95976 usbhub - ok
14:56:16.0969 95976 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:56:16.0978 95976 usbohci - ok
14:56:17.0006 95976 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:56:17.0013 95976 usbprint - ok
14:56:17.0035 95976 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
14:56:17.0046 95976 USBSTOR - ok
14:56:17.0087 95976 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:56:17.0096 95976 usbuhci - ok
14:56:17.0156 95976 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:56:17.0172 95976 usbvideo - ok
14:56:17.0216 95976 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:56:17.0222 95976 UxSms - ok
14:56:17.0247 95976 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:56:17.0251 95976 VaultSvc - ok
14:56:17.0296 95976 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:56:17.0298 95976 vdrvroot - ok
14:56:17.0330 95976 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:56:17.0387 95976 vds - ok
14:56:17.0406 95976 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:56:17.0411 95976 vga - ok
14:56:17.0414 95976 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:56:17.0417 95976 VgaSave - ok
14:56:17.0437 95976 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:56:17.0445 95976 vhdmp - ok
14:56:17.0466 95976 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:56:17.0474 95976 viaide - ok
14:56:17.0483 95976 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:56:17.0486 95976 volmgr - ok
14:56:17.0502 95976 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:56:17.0509 95976 volmgrx - ok
14:56:17.0516 95976 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:56:17.0518 95976 volsnap - ok
14:56:17.0540 95976 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:56:17.0556 95976 vsmraid - ok
14:56:17.0635 95976 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:56:17.0657 95976 VSS - ok
14:56:17.0671 95976 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:56:17.0675 95976 vwifibus - ok
14:56:17.0697 95976 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:56:17.0707 95976 vwififlt - ok
14:56:17.0726 95976 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:56:17.0730 95976 vwifimp - ok
14:56:17.0799 95976 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:56:17.0822 95976 W32Time - ok
14:56:17.0864 95976 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:56:17.0872 95976 WacomPen - ok
14:56:17.0904 95976 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:56:17.0916 95976 WANARP - ok
14:56:17.0928 95976 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:56:17.0931 95976 Wanarpv6 - ok
14:56:17.0993 95976 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:56:18.0116 95976 wbengine - ok
14:56:18.0131 95976 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:56:18.0140 95976 WbioSrvc - ok
14:56:18.0157 95976 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:56:18.0215 95976 wcncsvc - ok
14:56:18.0230 95976 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:56:18.0235 95976 WcsPlugInService - ok
14:56:18.0262 95976 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:56:18.0270 95976 Wd - ok
14:56:18.0300 95976 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:56:18.0304 95976 Wdf01000 - ok
14:56:18.0317 95976 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:56:18.0319 95976 WdiServiceHost - ok
14:56:18.0323 95976 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:56:18.0326 95976 WdiSystemHost - ok
14:56:18.0347 95976 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:56:18.0372 95976 WebClient - ok
14:56:18.0381 95976 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:56:18.0391 95976 Wecsvc - ok
14:56:18.0415 95976 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:56:18.0418 95976 wercplsupport - ok
14:56:18.0448 95976 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:56:18.0461 95976 WerSvc - ok
14:56:18.0504 95976 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:56:18.0512 95976 WfpLwf - ok
14:56:18.0570 95976 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:56:18.0587 95976 WimFltr - ok
14:56:18.0604 95976 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:56:18.0612 95976 WIMMount - ok
14:56:18.0631 95976 WinDefend - ok
14:56:18.0637 95976 WinHttpAutoProxySvc - ok
14:56:18.0691 95976 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:56:18.0699 95976 Winmgmt - ok
14:56:18.0783 95976 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:56:18.0901 95976 WinRM - ok
14:56:18.0967 95976 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:56:18.0977 95976 WinUsb - ok
14:56:19.0027 95976 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:56:19.0053 95976 Wlansvc - ok
14:56:19.0112 95976 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:56:19.0122 95976 wlcrasvc - ok
14:56:19.0246 95976 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:56:19.0308 95976 wlidsvc - ok
14:56:19.0348 95976 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:56:19.0356 95976 WmiAcpi - ok
14:56:19.0405 95976 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:56:19.0410 95976 wmiApSrv - ok
14:56:19.0444 95976 WMPNetworkSvc - ok
14:56:19.0477 95976 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:56:19.0489 95976 WPCSvc - ok
14:56:19.0509 95976 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:56:19.0521 95976 WPDBusEnum - ok
14:56:19.0552 95976 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:56:19.0560 95976 ws2ifsl - ok
14:56:19.0580 95976 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:56:19.0587 95976 wscsvc - ok
14:56:19.0594 95976 WSearch - ok
14:56:19.0700 95976 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:56:19.0760 95976 wuauserv - ok
14:56:19.0785 95976 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:56:19.0798 95976 WudfPf - ok
14:56:19.0836 95976 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:56:19.0843 95976 WUDFRd - ok
14:56:19.0864 95976 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:56:19.0870 95976 wudfsvc - ok
14:56:19.0895 95976 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:56:19.0911 95976 WwanSvc - ok
14:56:19.0934 95976 ================ Scan global ===============================
14:56:19.0964 95976 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:56:20.0007 95976 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:56:20.0036 95976 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:56:20.0072 95976 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:56:20.0097 95976 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:56:20.0108 95976 [Global] - ok
14:56:20.0109 95976 ================ Scan MBR ==================================
14:56:20.0130 95976 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:56:20.0589 95976 \Device\Harddisk0\DR0 - ok
14:56:20.0590 95976 ================ Scan VBR ==================================
14:56:20.0595 95976 [ 14D5A56B914D7B729578C86D59F3F49F ] \Device\Harddisk0\DR0\Partition1
14:56:20.0598 95976 \Device\Harddisk0\DR0\Partition1 - ok
14:56:20.0640 95976 [ 94E3A9D1F06424214BAE0DEC5ECED9A7 ] \Device\Harddisk0\DR0\Partition2
14:56:20.0643 95976 \Device\Harddisk0\DR0\Partition2 - ok
14:56:20.0644 95976 ============================================================
14:56:20.0644 95976 Scan finished
14:56:20.0644 95976 ============================================================
14:56:20.0658 26916 Detected object count: 0
14:56:20.0658 26916 Actual detected object count: 0


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.28.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
[redacted] :: [redacted] [limited]

11/28/2012 2:58:49 PM
mbam-log-2012-11-28 (14-58-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 206413
Time elapsed: 4 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:03:52 AM

Posted 28 November 2012 - 06:38 PM

Hi, to me those all look like false positives. 2 FTP.exe entries could be associated with Windows built in FTP function.

Let's run 2 more to be sure.

Please download AdwCleaner by Xplode to your desktop.
  • Make sure all programs are closed
  • Doubleclick adwcleaner.exe
  • Click Delete
  • Press OK when prompted
  • Restart your computer when asked
  • Copy and paste the contents of the text files that opens after your computer restarts to a reply to this thread. (The log is also saved to C:\AdwCleaner[S1].txt)

Let's try an ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Check Remove found threats and Scan potentially unwanted applications (If given the option, choose "Quarantine" instead of delete.)
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

Please include the following in your reply
ADWCleaner log
ESET log
Any questions/comments you may have

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:52 AM

Posted 28 November 2012 - 09:29 PM

Hello, the first 2 items were backdoors of the FTP type. We shoud b sure about these as this allows hackers to remotely control your computer, steal critical system information and download and execute files.
Can we submit these for a second opinion??

Please visit the online Jotti Virus Scanner Posted Image<--link
  • Browse to the following filepath:

    ---------put the filepath here -------

  • Click on the Posted Image button.
    The scanner will check the file with various AV companies.
  • Copy and paste the results box into a reply to this thread.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:03:52 AM

Posted 28 November 2012 - 09:37 PM

Hi, adding to boopme's instructions, the filepath is: C:\WINDOWS\WINSXS\X86_MICROSOFT-WINDOWS-FTP_31BF3856AD364E35_6.1.7601.17514_NONE_AEF2C7DBB6CC16C1\FTP.EXE

#7 redxiii

redxiii
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:52 PM

Posted 28 November 2012 - 11:39 PM

Jotti results:
This file has been scanned before. The results for this previous scan are listed below.

Filename: ftp.exe
Status:
Scan finished. 0 out of 20 scanners reported malware.
Scan taken on: Thu 23 Aug 2012 21:42:30 (CET) Permalink

Additional info
File size: 42496 bytes
Filetype: PE32 executable for MS Windows (console) Intel 80386 32-bit
MD5: 9996103f8a650bdb3586c9aae1101912
SHA1: e2e444f527dc7d20732bfec10055de916647565f

For the ESET log, I was unable to export any results to a file, because "No threats were found" thus, no option to export a list.

ADW log:
# AdwCleaner v2.009 - Logfile created 11/28/2012 at 17:05:39
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : [redacted] - [redacted]
# Boot Mode : Normal
# Running from : C:\Users\[redacted]\Downloads\Malware cleanup tools\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\[redacted]\AppData\Roaming\Mozilla\Firefox\Profiles\xcrfjagi.default\extensions\staged

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\[redacted]\AppData\Roaming\Mozilla\Firefox\Profiles\xcrfjagi.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.91

File : C:\Users\[redacted]\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1106 octets] - [28/11/2012 17:05:18]
AdwCleaner[S2].txt - [1040 octets] - [28/11/2012 17:05:39]

########## EOF - C:\AdwCleaner[S2].txt - [1100 octets] ##########

^- I have questions about this log... what Firefox profile information did the program delete? Am I going to discover all my open tabs have disappeared the next time I open FF?

Edited by redxiii, 28 November 2012 - 11:40 PM.


#8 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:03:52 AM

Posted 29 November 2012 - 10:48 AM

Hi, it removed the preference file, which (as far as I know) should not affect open tabs. It is mostly for setting changes you can make in the preference menu.

#9 redxiii

redxiii
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:52 PM

Posted 29 November 2012 - 01:06 PM

Ah I see. So, it seems I am in the clear then...

Thank you very much for your help!

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:52 AM

Posted 29 November 2012 - 02:25 PM

False Positives.,, All clear.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users