Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

JS/Downloader.gen.a


  • This topic is locked This topic is locked
19 replies to this topic

#1 struckdumb1

struckdumb1

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 27 December 2012 - 07:12 AM

Hi,

I hope you can help.
I was viewing a web site that I myself run and looking back over some older pages.
Some years back someone hacked my site and added their own content to some of my pages - this included what I think was called the virut virus.
At the time my PC was infected and you guys very kindly sorted it out for me.

It appears that I didn't fully remove every infected page from my site.
Having checked these older pages my McAfee Security Centre alerted me to some Trojans.
McAfee reported that these were successfully dealt with.

I began checking my archived web pages to see if the hacked content was on my computer or only on the pages stored online. I didn't see anything untoward on my own pages but during this check my Dreamweaver software froze.
I deleted all temporary internet files and ran an mbam quick scan in safe mode - this showed nothing.

I have rebooted now in normal mode and a number of programmes are crashing or refusing to load including internet explorer - so I can't access the web that way.
I am currently running an mbam full scan (26 minutes in)which is already showing 2 objects detected.

McAfee shows a half dozen or so reports all pretty much the same:
Virus or threat detected
Name: JS/Downloader.gen.a&lrm...?Dowbloader.gen.a(Trojan)
The location is in Temporary Internet Files
However these are reported as dealt with.

I am running:
Window 7

Thanks for your anticipated help.

Paul

BC AdBot (Login to Remove)

 


#2 struckdumb1

struckdumb1
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 27 December 2012 - 08:43 AM

In case it helps - I now have the mbam report from a complete scan:


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.27.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Paul and Gurinder :: PAULANDGURINDER [administrator]

27/12/2012 11:35:10
mbam-log-2012-12-27 (11-35-10).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 508515
Time elapsed: 1 hour(s), 44 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{FC3B0BA3-54BA-B5E3-D5C0-F347D3A18289} (Trojan.Agent.GPC) -> Data: C:\Users\Paul and Gurinder\AppData\Roaming\Skype\paulandgurinder\chatsync\33\userinit.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:37 AM

Posted 27 December 2012 - 10:25 AM

Hello, I would suggest you also run these..

TDSS Alt
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.


>>>
Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.

>>>
Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.




Now I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 struckdumb1

struckdumb1
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 27 December 2012 - 10:30 AM

Okay - thanks for the help.
Here is that first report.

15:27:53.0184 9920 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:27:54.0351 9920 ============================================================
15:27:54.0351 9920 Current date / time: 2012/12/27 15:27:54.0351
15:27:54.0351 9920 SystemInfo:
15:27:54.0351 9920
15:27:54.0351 9920 OS Version: 6.1.7601 ServicePack: 1.0
15:27:54.0351 9920 Product type: Workstation
15:27:54.0351 9920 ComputerName: PAULANDGURINDER
15:27:54.0351 9920 UserName: Paul and Gurinder
15:27:54.0351 9920 Windows directory: C:\Windows
15:27:54.0351 9920 System windows directory: C:\Windows
15:27:54.0351 9920 Running under WOW64
15:27:54.0351 9920 Processor architecture: Intel x64
15:27:54.0351 9920 Number of processors: 8
15:27:54.0351 9920 Page size: 0x1000
15:27:54.0351 9920 Boot type: Normal boot
15:27:54.0351 9920 ============================================================
15:27:55.0053 9920 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1700000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B602, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:27:55.0068 9920 ============================================================
15:27:55.0068 9920 \Device\Harddisk0\DR0:
15:27:55.0068 9920 MBR partitions:
15:27:55.0068 9920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x2680000
15:27:55.0068 9920 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2694000, BlocksNum 0xE6776000
15:27:55.0068 9920 ============================================================
15:27:55.0115 9920 C: <-> \Device\Harddisk0\DR0\Partition2
15:27:55.0115 9920 ============================================================
15:27:55.0115 9920 Initialize success
15:27:55.0115 9920 ============================================================
15:28:35.0348 8492 ============================================================
15:28:35.0348 8492 Scan started
15:28:35.0348 8492 Mode: Manual; TDLFS;
15:28:35.0348 8492 ============================================================
15:28:36.0268 8492 ================ Scan system memory ========================
15:28:36.0268 8492 System memory - ok
15:28:36.0268 8492 ================ Scan services =============================
15:28:37.0298 8492 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:28:37.0329 8492 1394ohci - ok
15:28:37.0391 8492 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:28:37.0422 8492 ACPI - ok
15:28:37.0469 8492 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:28:37.0500 8492 AcpiPmi - ok
15:28:37.0641 8492 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:28:37.0688 8492 Adobe LM Service - ok
15:28:37.0797 8492 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
15:28:37.0797 8492 AdobeActiveFileMonitor9.0 - ok
15:28:37.0906 8492 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:28:37.0906 8492 AdobeARMservice - ok
15:28:38.0124 8492 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:28:38.0187 8492 AdobeFlashPlayerUpdateSvc - ok
15:28:38.0218 8492 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:28:38.0218 8492 adp94xx - ok
15:28:38.0265 8492 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:28:38.0265 8492 adpahci - ok
15:28:38.0296 8492 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:28:38.0296 8492 adpu320 - ok
15:28:38.0327 8492 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:28:38.0327 8492 AeLookupSvc - ok
15:28:38.0374 8492 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:28:38.0405 8492 AFD - ok
15:28:38.0421 8492 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:28:38.0421 8492 agp440 - ok
15:28:38.0436 8492 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:28:38.0452 8492 ALG - ok
15:28:38.0452 8492 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:28:38.0452 8492 aliide - ok
15:28:38.0452 8492 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:28:38.0452 8492 amdide - ok
15:28:38.0452 8492 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:28:38.0452 8492 AmdK8 - ok
15:28:38.0468 8492 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:28:38.0468 8492 AmdPPM - ok
15:28:38.0499 8492 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:28:38.0530 8492 amdsata - ok
15:28:38.0561 8492 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:28:38.0561 8492 amdsbs - ok
15:28:38.0577 8492 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:28:38.0608 8492 amdxata - ok
15:28:38.0624 8492 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:28:38.0655 8492 AppID - ok
15:28:38.0670 8492 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:28:38.0670 8492 AppIDSvc - ok
15:28:38.0670 8492 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:28:38.0702 8492 Appinfo - ok
15:28:38.0733 8492 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:28:38.0764 8492 Apple Mobile Device - ok
15:28:38.0795 8492 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:28:38.0795 8492 arc - ok
15:28:38.0811 8492 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:28:38.0826 8492 arcsas - ok
15:28:38.0982 8492 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:28:38.0998 8492 aspnet_state - ok
15:28:39.0060 8492 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:28:39.0060 8492 AsyncMac - ok
15:28:39.0076 8492 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:28:39.0076 8492 atapi - ok
15:28:39.0123 8492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:28:39.0138 8492 AudioEndpointBuilder - ok
15:28:39.0154 8492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:28:39.0154 8492 AudioSrv - ok
15:28:39.0170 8492 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:28:39.0185 8492 AxInstSV - ok
15:28:39.0263 8492 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:28:39.0279 8492 b06bdrv - ok
15:28:39.0294 8492 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:28:39.0294 8492 b57nd60a - ok
15:28:39.0326 8492 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:28:39.0326 8492 BDESVC - ok
15:28:39.0372 8492 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:28:39.0372 8492 Beep - ok
15:28:39.0466 8492 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:28:39.0497 8492 BFE - ok
15:28:39.0544 8492 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:28:39.0591 8492 BITS - ok
15:28:39.0606 8492 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:28:39.0606 8492 blbdrive - ok
15:28:39.0794 8492 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:28:39.0840 8492 Bonjour Service - ok
15:28:39.0887 8492 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:28:39.0918 8492 bowser - ok
15:28:39.0934 8492 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:28:39.0934 8492 BrFiltLo - ok
15:28:39.0965 8492 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:28:39.0965 8492 BrFiltUp - ok
15:28:39.0981 8492 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:28:40.0012 8492 Browser - ok
15:28:40.0074 8492 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:28:40.0074 8492 Brserid - ok
15:28:40.0090 8492 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:28:40.0090 8492 BrSerWdm - ok
15:28:40.0106 8492 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:28:40.0106 8492 BrUsbMdm - ok
15:28:40.0137 8492 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:28:40.0137 8492 BrUsbSer - ok
15:28:40.0152 8492 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:28:40.0152 8492 BTHMODEM - ok
15:28:40.0152 8492 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:28:40.0152 8492 bthserv - ok
15:28:40.0184 8492 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:28:40.0184 8492 cdfs - ok
15:28:40.0215 8492 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:28:40.0230 8492 cdrom - ok
15:28:40.0262 8492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:28:40.0277 8492 CertPropSvc - ok
15:28:40.0324 8492 [ DF8D07059E7237E0BE9C1421EF5F9482 ] cfwids C:\Windows\system32\drivers\cfwids.sys
15:28:40.0355 8492 cfwids - ok
15:28:40.0371 8492 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:28:40.0371 8492 circlass - ok
15:28:40.0402 8492 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:28:40.0418 8492 CLFS - ok
15:28:40.0511 8492 [ BB86F147B2A7152E4B4D71A2F0A87D41 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
15:28:40.0511 8492 CLKMSVC10_9EC60124 - ok
15:28:40.0574 8492 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:28:40.0589 8492 clr_optimization_v2.0.50727_32 - ok
15:28:40.0620 8492 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:28:40.0620 8492 clr_optimization_v2.0.50727_64 - ok
15:28:40.0683 8492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:28:40.0698 8492 clr_optimization_v4.0.30319_32 - ok
15:28:40.0745 8492 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:28:40.0761 8492 clr_optimization_v4.0.30319_64 - ok
15:28:40.0776 8492 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:28:40.0776 8492 CmBatt - ok
15:28:40.0792 8492 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:28:40.0792 8492 cmdide - ok
15:28:40.0823 8492 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:28:40.0854 8492 CNG - ok
15:28:40.0854 8492 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:28:40.0870 8492 Compbatt - ok
15:28:40.0886 8492 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:28:40.0917 8492 CompositeBus - ok
15:28:40.0932 8492 COMSysApp - ok
15:28:40.0964 8492 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:28:40.0964 8492 crcdisk - ok
15:28:41.0042 8492 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
15:28:41.0042 8492 Creative ALchemy AL6 Licensing Service - ok
15:28:41.0088 8492 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
15:28:41.0120 8492 Creative Audio Engine Licensing Service - ok
15:28:41.0166 8492 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:28:41.0182 8492 CryptSvc - ok
15:28:41.0244 8492 [ 24B0B8D3CBB46ED5F16551974AE8D222 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
15:28:41.0244 8492 CTAudSvcService - ok
15:28:41.0432 8492 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:28:41.0463 8492 cvhsvc - ok
15:28:41.0494 8492 [ 958EF96991ABCCFDAC0953C4A24081DC ] DAZContentManagementService C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
15:28:41.0525 8492 DAZContentManagementService - ok
15:28:41.0572 8492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:28:41.0588 8492 DcomLaunch - ok
15:28:41.0619 8492 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:28:41.0619 8492 defragsvc - ok
15:28:41.0650 8492 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:28:41.0650 8492 DfsC - ok
15:28:41.0697 8492 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
15:28:41.0728 8492 dg_ssudbus - ok
15:28:41.0775 8492 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:28:41.0822 8492 Dhcp - ok
15:28:41.0868 8492 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:28:41.0868 8492 discache - ok
15:28:41.0884 8492 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:28:41.0884 8492 Disk - ok
15:28:41.0900 8492 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:28:41.0915 8492 Dnscache - ok
15:28:41.0962 8492 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:28:41.0978 8492 dot3svc - ok
15:28:41.0978 8492 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:28:41.0978 8492 DPS - ok
15:28:42.0009 8492 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:28:42.0024 8492 drmkaud - ok
15:28:42.0102 8492 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:28:42.0134 8492 DXGKrnl - ok
15:28:42.0149 8492 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:28:42.0149 8492 EapHost - ok
15:28:42.0321 8492 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:28:42.0352 8492 ebdrv - ok
15:28:42.0383 8492 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:28:42.0414 8492 EFS - ok
15:28:42.0492 8492 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:28:42.0524 8492 ehRecvr - ok
15:28:42.0555 8492 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:28:42.0555 8492 ehSched - ok
15:28:42.0586 8492 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:28:42.0586 8492 elxstor - ok
15:28:42.0664 8492 [ CDCA791AFA0483F44BBA576DBFAFD04D ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
15:28:42.0695 8492 EPSON_PM_RPCV4_01 - ok
15:28:42.0711 8492 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:28:42.0711 8492 ErrDev - ok
15:28:42.0758 8492 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:28:42.0773 8492 EventSystem - ok
15:28:42.0789 8492 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:28:42.0789 8492 exfat - ok
15:28:42.0820 8492 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:28:42.0820 8492 fastfat - ok
15:28:42.0851 8492 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:28:42.0851 8492 Fax - ok
15:28:42.0867 8492 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:28:42.0867 8492 fdc - ok
15:28:42.0914 8492 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:28:42.0914 8492 fdPHost - ok
15:28:42.0929 8492 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:28:42.0929 8492 FDResPub - ok
15:28:42.0945 8492 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:28:42.0945 8492 FileInfo - ok
15:28:42.0960 8492 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:28:42.0960 8492 Filetrace - ok
15:28:42.0992 8492 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:28:43.0054 8492 FLEXnet Licensing Service - ok
15:28:43.0070 8492 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:28:43.0070 8492 flpydisk - ok
15:28:43.0101 8492 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:28:43.0116 8492 FltMgr - ok
15:28:43.0163 8492 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:28:43.0194 8492 FontCache - ok
15:28:43.0226 8492 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:28:43.0257 8492 FontCache3.0.0.0 - ok
15:28:43.0272 8492 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:28:43.0272 8492 FsDepends - ok
15:28:43.0319 8492 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:28:43.0350 8492 Fs_Rec - ok
15:28:43.0350 8492 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:28:43.0382 8492 fvevol - ok
15:28:43.0413 8492 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:28:43.0413 8492 gagp30kx - ok
15:28:43.0460 8492 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:28:43.0491 8492 GEARAspiWDM - ok
15:28:43.0569 8492 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:28:43.0600 8492 gpsvc - ok
15:28:43.0694 8492 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:28:43.0740 8492 gupdate - ok
15:28:43.0772 8492 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:28:43.0772 8492 gupdatem - ok
15:28:43.0787 8492 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:28:43.0787 8492 hcw85cir - ok
15:28:43.0834 8492 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:28:43.0865 8492 HdAudAddService - ok
15:28:43.0881 8492 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:28:43.0912 8492 HDAudBus - ok
15:28:43.0928 8492 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:28:43.0928 8492 HidBatt - ok
15:28:43.0928 8492 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:28:43.0928 8492 HidBth - ok
15:28:43.0928 8492 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:28:43.0928 8492 HidIr - ok
15:28:43.0959 8492 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:28:43.0974 8492 hidserv - ok
15:28:43.0990 8492 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:28:44.0021 8492 HidUsb - ok
15:28:44.0115 8492 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
15:28:44.0146 8492 HipShieldK - ok
15:28:44.0177 8492 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:28:44.0208 8492 hkmsvc - ok
15:28:44.0255 8492 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:28:44.0302 8492 HomeGroupListener - ok
15:28:44.0333 8492 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:28:44.0333 8492 HomeGroupProvider - ok
15:28:44.0349 8492 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:28:44.0364 8492 HpSAMD - ok
15:28:44.0396 8492 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:28:44.0411 8492 HTTP - ok
15:28:44.0411 8492 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:28:44.0427 8492 hwpolicy - ok
15:28:44.0458 8492 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:28:44.0458 8492 i8042prt - ok
15:28:44.0552 8492 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:28:44.0552 8492 iaStor - ok
15:28:44.0598 8492 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:28:44.0645 8492 IAStorDataMgrSvc - ok
15:28:44.0708 8492 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:28:44.0754 8492 iaStorV - ok
15:28:44.0832 8492 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:28:44.0926 8492 idsvc - ok
15:28:44.0926 8492 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:28:44.0942 8492 iirsp - ok
15:28:45.0113 8492 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:28:45.0144 8492 IKEEXT - ok
15:28:45.0176 8492 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:28:45.0176 8492 intelide - ok
15:28:45.0207 8492 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:28:45.0207 8492 intelppm - ok
15:28:45.0238 8492 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:28:45.0254 8492 IPBusEnum - ok
15:28:45.0300 8492 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:28:45.0300 8492 IpFilterDriver - ok
15:28:45.0394 8492 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:28:45.0425 8492 iphlpsvc - ok
15:28:45.0441 8492 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:28:45.0472 8492 IPMIDRV - ok
15:28:45.0472 8492 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:28:45.0472 8492 IPNAT - ok
15:28:45.0597 8492 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:28:45.0675 8492 iPod Service - ok
15:28:45.0706 8492 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:28:45.0706 8492 IRENUM - ok
15:28:45.0706 8492 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:28:45.0706 8492 isapnp - ok
15:28:45.0737 8492 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:28:45.0768 8492 iScsiPrt - ok
15:28:45.0924 8492 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
15:28:45.0956 8492 k57nd60a - ok
15:28:46.0002 8492 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:28:46.0002 8492 kbdclass - ok
15:28:46.0018 8492 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:28:46.0049 8492 kbdhid - ok
15:28:46.0049 8492 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:28:46.0049 8492 KeyIso - ok
15:28:46.0080 8492 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:28:46.0096 8492 KSecDD - ok
15:28:46.0158 8492 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:28:46.0190 8492 KSecPkg - ok
15:28:46.0190 8492 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:28:46.0190 8492 ksthunk - ok
15:28:46.0252 8492 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:28:46.0252 8492 KtmRm - ok
15:28:46.0314 8492 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:28:46.0330 8492 LanmanServer - ok
15:28:46.0346 8492 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:28:46.0408 8492 LanmanWorkstation - ok
15:28:46.0408 8492 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:28:46.0408 8492 lltdio - ok
15:28:46.0439 8492 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:28:46.0439 8492 lltdsvc - ok
15:28:46.0455 8492 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:28:46.0470 8492 lmhosts - ok
15:28:46.0486 8492 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:28:46.0486 8492 LSI_FC - ok
15:28:46.0486 8492 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:28:46.0502 8492 LSI_SAS - ok
15:28:46.0502 8492 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:28:46.0502 8492 LSI_SAS2 - ok
15:28:46.0502 8492 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:28:46.0502 8492 LSI_SCSI - ok
15:28:46.0517 8492 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:28:46.0517 8492 luafv - ok
15:28:46.0611 8492 [ 9504F1DDA1B67FB8D526FD4F8CC882F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
15:28:46.0611 8492 McAWFwk - ok
15:28:46.0704 8492 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:28:46.0751 8492 McMPFSvc - ok
15:28:46.0767 8492 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:28:46.0767 8492 mcmscsvc - ok
15:28:46.0767 8492 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:28:46.0767 8492 McNaiAnn - ok
15:28:46.0767 8492 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:28:46.0767 8492 McNASvc - ok
15:28:46.0829 8492 [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
15:28:46.0845 8492 McODS - ok
15:28:46.0845 8492 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:28:46.0845 8492 McOobeSv - ok
15:28:46.0845 8492 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
15:28:46.0845 8492 McProxy - ok
15:28:46.0954 8492 [ 9BBCECBE3FE5AF5958A770DC512D0473 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:28:47.0001 8492 McShield - ok
15:28:47.0032 8492 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:28:47.0032 8492 Mcx2Svc - ok
15:28:47.0032 8492 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:28:47.0032 8492 megasas - ok
15:28:47.0048 8492 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:28:47.0048 8492 MegaSR - ok
15:28:47.0079 8492 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:28:47.0094 8492 MEIx64 - ok
15:28:47.0110 8492 [ 2D53234C24B0103FDE0BE06782AA6F80 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
15:28:47.0157 8492 mfeapfk - ok
15:28:47.0188 8492 [ C0EAF4F2367C44157E1DE4817238FEC2 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
15:28:47.0219 8492 mfeavfk - ok
15:28:47.0266 8492 mfeavfk01 - ok
15:28:47.0313 8492 [ 05248F2E6E1AFA6972D058C36199DEB7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:28:47.0313 8492 mfefire - ok
15:28:47.0391 8492 [ 6856931F9F5B757E9D09369CC35096B9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
15:28:47.0422 8492 mfefirek - ok
15:28:47.0484 8492 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
15:28:47.0516 8492 mfehidk - ok
15:28:47.0562 8492 [ B5B96149BE124092F577DE54EC7D4D65 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
15:28:47.0594 8492 mferkdet - ok
15:28:47.0625 8492 [ DC5483CAD90D95D65B618E35C66E28DF ] mfevtp C:\Windows\system32\mfevtps.exe
15:28:47.0656 8492 mfevtp - ok
15:28:47.0687 8492 [ E18162EA85F1531964F8222CC9E25E26 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
15:28:47.0718 8492 mfewfpk - ok
15:28:47.0750 8492 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:28:47.0750 8492 MMCSS - ok
15:28:47.0765 8492 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:28:47.0765 8492 Modem - ok
15:28:47.0781 8492 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:28:47.0781 8492 monitor - ok
15:28:47.0828 8492 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:28:47.0828 8492 mouclass - ok
15:28:47.0859 8492 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:28:47.0859 8492 mouhid - ok
15:28:47.0874 8492 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:28:47.0906 8492 mountmgr - ok
15:28:47.0921 8492 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:28:47.0952 8492 mpio - ok
15:28:47.0984 8492 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:28:47.0984 8492 mpsdrv - ok
15:28:48.0046 8492 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:28:48.0077 8492 MpsSvc - ok
15:28:48.0108 8492 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:28:48.0140 8492 MRxDAV - ok
15:28:48.0155 8492 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:28:48.0186 8492 mrxsmb - ok
15:28:48.0233 8492 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:28:48.0264 8492 mrxsmb10 - ok
15:28:48.0280 8492 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:28:48.0296 8492 mrxsmb20 - ok
15:28:48.0327 8492 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:28:48.0358 8492 msahci - ok
15:28:48.0358 8492 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:28:48.0389 8492 msdsm - ok
15:28:48.0420 8492 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:28:48.0420 8492 MSDTC - ok
15:28:48.0452 8492 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:28:48.0452 8492 Msfs - ok
15:28:48.0467 8492 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:28:48.0483 8492 mshidkmdf - ok
15:28:48.0498 8492 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:28:48.0498 8492 msisadrv - ok
15:28:48.0530 8492 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:28:48.0530 8492 MSiSCSI - ok
15:28:48.0530 8492 msiserver - ok
15:28:48.0545 8492 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:28:48.0545 8492 MSK80Service - ok
15:28:48.0545 8492 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:28:48.0561 8492 MSKSSRV - ok
15:28:48.0561 8492 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:28:48.0561 8492 MSPCLOCK - ok
15:28:48.0576 8492 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:28:48.0576 8492 MSPQM - ok
15:28:48.0608 8492 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:28:48.0623 8492 MsRPC - ok
15:28:48.0639 8492 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:28:48.0639 8492 mssmbios - ok
15:28:48.0654 8492 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:28:48.0654 8492 MSTEE - ok
15:28:48.0654 8492 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:28:48.0654 8492 MTConfig - ok
15:28:48.0670 8492 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:28:48.0670 8492 Mup - ok
15:28:48.0701 8492 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:28:48.0732 8492 napagent - ok
15:28:48.0764 8492 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:28:48.0764 8492 NativeWifiP - ok
15:28:48.0904 8492 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:28:48.0935 8492 NAUpdate - ok
15:28:48.0982 8492 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:28:49.0013 8492 NDIS - ok
15:28:49.0044 8492 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:28:49.0044 8492 NdisCap - ok
15:28:49.0060 8492 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:28:49.0060 8492 NdisTapi - ok
15:28:49.0076 8492 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:28:49.0107 8492 Ndisuio - ok
15:28:49.0122 8492 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:28:49.0122 8492 NdisWan - ok
15:28:49.0138 8492 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:28:49.0154 8492 NDProxy - ok
15:28:49.0200 8492 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:28:49.0200 8492 NetBIOS - ok
15:28:49.0200 8492 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:28:49.0232 8492 NetBT - ok
15:28:49.0232 8492 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:28:49.0247 8492 Netlogon - ok
15:28:49.0294 8492 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:28:49.0325 8492 Netman - ok
15:28:49.0356 8492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:28:49.0403 8492 NetMsmqActivator - ok
15:28:49.0403 8492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:28:49.0403 8492 NetPipeActivator - ok
15:28:49.0450 8492 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:28:49.0481 8492 netprofm - ok
15:28:49.0481 8492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:28:49.0481 8492 NetTcpActivator - ok
15:28:49.0481 8492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:28:49.0481 8492 NetTcpPortSharing - ok
15:28:49.0497 8492 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:28:49.0512 8492 nfrd960 - ok
15:28:49.0559 8492 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:28:49.0653 8492 NlaSvc - ok
15:28:50.0027 8492 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
15:28:50.0214 8492 NOBU - ok
15:28:50.0230 8492 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:28:50.0230 8492 Npfs - ok
15:28:50.0277 8492 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:28:50.0277 8492 nsi - ok
15:28:50.0308 8492 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:28:50.0308 8492 nsiproxy - ok
15:28:50.0448 8492 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:28:50.0480 8492 Ntfs - ok
15:28:50.0604 8492 [ A23E6B28095F026C0B2BDC2650459423 ] NTI BackupNowEZSvr C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe
15:28:50.0651 8492 NTI BackupNowEZSvr - ok
15:28:50.0698 8492 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
15:28:50.0729 8492 NTIDrvr - ok
15:28:50.0745 8492 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:28:50.0745 8492 Null - ok
15:28:50.0807 8492 [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:28:50.0838 8492 NVHDA - ok
15:28:51.0291 8492 [ 776DD6D83AAC47554FDABC5064323B05 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:28:51.0431 8492 nvlddmkm - ok
15:28:51.0462 8492 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:28:51.0494 8492 nvraid - ok
15:28:51.0525 8492 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:28:51.0556 8492 nvstor - ok
15:28:51.0759 8492 [ AB8EF17D22AB43EDDC1ECDDC945E79DE ] NVSvc C:\Windows\system32\nvvsvc.exe
15:28:51.0790 8492 NVSvc - ok
15:28:51.0806 8492 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:28:51.0806 8492 nv_agp - ok
15:28:51.0821 8492 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:28:51.0821 8492 ohci1394 - ok
15:28:51.0899 8492 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:28:51.0930 8492 ose - ok
15:28:52.0352 8492 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:28:52.0586 8492 osppsvc - ok
15:28:52.0648 8492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:28:52.0648 8492 p2pimsvc - ok
15:28:52.0679 8492 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:28:52.0742 8492 p2psvc - ok
15:28:52.0757 8492 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:28:52.0757 8492 Parport - ok
15:28:52.0804 8492 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:28:52.0835 8492 partmgr - ok
15:28:52.0866 8492 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:28:52.0866 8492 PcaSvc - ok
15:28:52.0898 8492 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:28:52.0929 8492 pci - ok
15:28:52.0976 8492 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:28:52.0991 8492 pciide - ok
15:28:53.0007 8492 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:28:53.0007 8492 pcmcia - ok
15:28:53.0054 8492 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:28:53.0054 8492 pcw - ok
15:28:53.0085 8492 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:28:53.0100 8492 PEAUTH - ok
15:28:53.0303 8492 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:28:53.0303 8492 PerfHost - ok
15:28:53.0522 8492 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:28:53.0568 8492 pla - ok
15:28:53.0693 8492 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:28:53.0740 8492 PlugPlay - ok
15:28:53.0756 8492 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:28:53.0771 8492 PNRPAutoReg - ok
15:28:53.0787 8492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:28:53.0787 8492 PNRPsvc - ok
15:28:53.0880 8492 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:28:53.0943 8492 PolicyAgent - ok
15:28:53.0974 8492 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
15:28:54.0005 8492 Power - ok
15:28:54.0068 8492 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:28:54.0114 8492 PptpMiniport - ok
15:28:54.0130 8492 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:28:54.0130 8492 Processor - ok
15:28:54.0192 8492 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:28:54.0239 8492 ProfSvc - ok
15:28:54.0255 8492 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:28:54.0255 8492 ProtectedStorage - ok
15:28:54.0286 8492 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:28:54.0286 8492 Psched - ok
15:28:54.0348 8492 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:28:54.0380 8492 PxHlpa64 - ok
15:28:54.0458 8492 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:28:54.0473 8492 ql2300 - ok
15:28:54.0473 8492 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:28:54.0473 8492 ql40xx - ok
15:28:54.0504 8492 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:28:54.0504 8492 QWAVE - ok
15:28:54.0536 8492 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:28:54.0536 8492 QWAVEdrv - ok
15:28:54.0551 8492 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:28:54.0551 8492 RasAcd - ok
15:28:54.0582 8492 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:28:54.0598 8492 RasAgileVpn - ok
15:28:54.0629 8492 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:28:54.0660 8492 RasAuto - ok
15:28:54.0692 8492 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:28:54.0723 8492 Rasl2tp - ok
15:28:54.0770 8492 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:28:54.0801 8492 RasMan - ok
15:28:54.0832 8492 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:28:54.0848 8492 RasPppoe - ok
15:28:54.0863 8492 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:28:54.0863 8492 RasSstp - ok
15:28:54.0879 8492 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:28:54.0879 8492 rdbss - ok
15:28:54.0894 8492 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:28:54.0894 8492 rdpbus - ok
15:28:54.0910 8492 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:28:54.0910 8492 RDPCDD - ok
15:28:54.0957 8492 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:28:54.0957 8492 RDPENCDD - ok
15:28:54.0972 8492 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:28:54.0972 8492 RDPREFMP - ok
15:28:55.0019 8492 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:28:55.0019 8492 RDPWD - ok
15:28:55.0050 8492 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:28:55.0097 8492 rdyboost - ok
15:28:55.0128 8492 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:28:55.0128 8492 RemoteAccess - ok
15:28:55.0144 8492 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:28:55.0175 8492 RemoteRegistry - ok
15:28:55.0378 8492 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:28:55.0425 8492 RoxMediaDB12OEM - ok
15:28:55.0472 8492 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:28:55.0487 8492 RoxWatch12 - ok
15:28:55.0518 8492 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:28:55.0518 8492 RpcEptMapper - ok
15:28:55.0565 8492 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:28:55.0565 8492 RpcLocator - ok
15:28:55.0628 8492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:28:55.0628 8492 RpcSs - ok
15:28:55.0659 8492 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:28:55.0659 8492 rspndr - ok
15:28:55.0659 8492 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:28:55.0659 8492 SamSs - ok
15:28:55.0706 8492 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:28:55.0721 8492 sbp2port - ok
15:28:55.0752 8492 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:28:55.0768 8492 SCardSvr - ok
15:28:55.0768 8492 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:28:55.0799 8492 scfilter - ok
15:28:55.0830 8492 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:28:55.0846 8492 Schedule - ok
15:28:55.0862 8492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:28:55.0862 8492 SCPolicySvc - ok
15:28:55.0877 8492 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:28:55.0893 8492 SDRSVC - ok
15:28:55.0940 8492 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:28:55.0940 8492 secdrv - ok
15:28:55.0940 8492 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:28:55.0971 8492 seclogon - ok
15:28:55.0971 8492 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:28:55.0986 8492 SENS - ok
15:28:56.0002 8492 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:28:56.0002 8492 SensrSvc - ok
15:28:56.0018 8492 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:28:56.0018 8492 Serenum - ok
15:28:56.0049 8492 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:28:56.0049 8492 Serial - ok
15:28:56.0049 8492 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:28:56.0049 8492 sermouse - ok
15:28:56.0096 8492 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:28:56.0111 8492 SessionEnv - ok
15:28:56.0127 8492 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:28:56.0127 8492 sffdisk - ok
15:28:56.0127 8492 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:28:56.0142 8492 sffp_mmc - ok
15:28:56.0142 8492 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:28:56.0174 8492 sffp_sd - ok
15:28:56.0174 8492 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:28:56.0174 8492 sfloppy - ok
15:28:56.0267 8492 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:28:56.0298 8492 Sftfs - ok
15:28:56.0392 8492 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:28:56.0423 8492 sftlist - ok
15:28:56.0439 8492 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:28:56.0470 8492 Sftplay - ok
15:28:56.0532 8492 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:28:56.0564 8492 Sftredir - ok
15:28:56.0688 8492 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:28:56.0720 8492 SftService - ok
15:28:56.0735 8492 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:28:56.0751 8492 Sftvol - ok
15:28:56.0766 8492 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:28:56.0813 8492 sftvsa - ok
15:28:56.0860 8492 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:28:56.0860 8492 SharedAccess - ok
15:28:56.0922 8492 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:28:56.0969 8492 ShellHWDetection - ok
15:28:56.0985 8492 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:28:56.0985 8492 SiSRaid2 - ok
15:28:57.0000 8492 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:28:57.0000 8492 SiSRaid4 - ok
15:28:57.0250 8492 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:28:57.0297 8492 Skype C2C Service - ok
15:28:57.0422 8492 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:29:00.0713 8492 SkypeUpdate - ok
15:29:00.0744 8492 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:29:00.0744 8492 Smb - ok
15:29:00.0791 8492 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:29:00.0807 8492 SNMPTRAP - ok
15:29:00.0807 8492 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:29:00.0807 8492 spldr - ok
15:29:00.0869 8492 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:29:00.0869 8492 Spooler - ok
15:29:01.0181 8492 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:29:01.0212 8492 sppsvc - ok
15:29:01.0244 8492 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:29:01.0244 8492 sppuinotify - ok
15:29:01.0290 8492 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:29:01.0322 8492 srv - ok
15:29:01.0400 8492 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:29:01.0431 8492 srv2 - ok
15:29:01.0462 8492 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:29:01.0493 8492 srvnet - ok
15:29:01.0524 8492 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:29:01.0540 8492 SSDPSRV - ok
15:29:01.0556 8492 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:29:01.0556 8492 SstpSvc - ok
15:29:01.0618 8492 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
15:29:01.0665 8492 ssudmdm - ok
15:29:01.0680 8492 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:29:01.0680 8492 stexstor - ok
15:29:01.0821 8492 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:29:01.0868 8492 stisvc - ok
15:29:01.0914 8492 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:29:01.0946 8492 stllssvr - ok
15:29:01.0977 8492 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:29:01.0977 8492 swenum - ok
15:29:02.0024 8492 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:29:02.0039 8492 swprv - ok
15:29:02.0180 8492 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:29:02.0180 8492 SysMain - ok
15:29:02.0273 8492 [ 6B153E518DBE6EF59191152E1ECF7ED4 ] t3 C:\Windows\system32\drivers\t3.sys
15:29:02.0304 8492 t3 - ok
15:29:02.0320 8492 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:29:02.0351 8492 TabletInputService - ok
15:29:02.0492 8492 [ FFDF8B9B796E5243214233A8DB622E3D ] TabletServiceWacom C:\Windows\system32\Wacom_Tablet.exe
15:29:02.0538 8492 TabletServiceWacom - ok
15:29:02.0601 8492 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:29:02.0616 8492 TapiSrv - ok
15:29:02.0632 8492 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:29:02.0632 8492 TBS - ok
15:29:02.0710 8492 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:29:02.0741 8492 Tcpip - ok
15:29:02.0804 8492 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:29:02.0804 8492 TCPIP6 - ok
15:29:02.0850 8492 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:29:02.0882 8492 tcpipreg - ok
15:29:02.0897 8492 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:29:02.0897 8492 TDPIPE - ok
15:29:02.0944 8492 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:29:02.0975 8492 TDTCP - ok
15:29:03.0022 8492 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:29:03.0038 8492 tdx - ok
15:29:03.0334 8492 [ 851C5080261DFC1FCDC21DF0E5EA3BCB ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
15:29:03.0615 8492 TeamViewer8 - ok
15:29:03.0630 8492 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:29:03.0662 8492 TermDD - ok
15:29:03.0818 8492 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:29:03.0864 8492 TermService - ok
15:29:03.0896 8492 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:29:03.0896 8492 Themes - ok
15:29:03.0942 8492 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:29:03.0942 8492 THREADORDER - ok
15:29:03.0974 8492 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:29:03.0989 8492 TrkWks - ok
15:29:04.0052 8492 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:29:04.0098 8492 TrustedInstaller - ok
15:29:04.0114 8492 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:29:04.0130 8492 tssecsrv - ok
15:29:04.0161 8492 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:29:04.0176 8492 TsUsbFlt - ok
15:29:04.0208 8492 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:29:04.0239 8492 TsUsbGD - ok
15:29:04.0270 8492 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:29:04.0270 8492 tunnel - ok
15:29:04.0286 8492 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:29:04.0286 8492 uagp35 - ok
15:29:04.0348 8492 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
15:29:04.0395 8492 UBHelper - ok
15:29:04.0410 8492 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:29:04.0442 8492 udfs - ok
15:29:04.0473 8492 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:29:04.0488 8492 UI0Detect - ok
15:29:04.0520 8492 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:29:04.0520 8492 uliagpkx - ok
15:29:04.0551 8492 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:29:04.0582 8492 umbus - ok
15:29:04.0598 8492 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:29:04.0598 8492 UmPass - ok
15:29:04.0769 8492 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:29:04.0769 8492 upnphost - ok
15:29:04.0847 8492 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:29:04.0878 8492 usbaudio - ok
15:29:05.0003 8492 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:29:05.0019 8492 usbccgp - ok
15:29:05.0034 8492 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:29:05.0034 8492 usbcir - ok
15:29:05.0066 8492 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:29:05.0081 8492 usbehci - ok
15:29:05.0159 8492 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:29:05.0190 8492 usbhub - ok
15:29:05.0237 8492 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:29:05.0284 8492 usbohci - ok
15:29:05.0300 8492 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:29:05.0300 8492 usbprint - ok
15:29:05.0315 8492 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:29:05.0331 8492 usbscan - ok
15:29:05.0331 8492 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:29:05.0331 8492 USBSTOR - ok
15:29:05.0346 8492 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:29:05.0393 8492 usbuhci - ok
15:29:05.0471 8492 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:29:05.0502 8492 usbvideo - ok
15:29:05.0549 8492 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:29:05.0549 8492 UxSms - ok
15:29:05.0565 8492 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:29:05.0565 8492 VaultSvc - ok
15:29:05.0612 8492 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:29:05.0612 8492 vdrvroot - ok
15:29:05.0643 8492 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:29:05.0690 8492 vds - ok
15:29:05.0705 8492 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:29:05.0721 8492 vga - ok
15:29:05.0721 8492 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:29:05.0721 8492 VgaSave - ok
15:29:05.0736 8492 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:29:05.0768 8492 vhdmp - ok
15:29:05.0768 8492 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:29:05.0783 8492 viaide - ok
15:29:05.0783 8492 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:29:05.0814 8492 volmgr - ok
15:29:05.0846 8492 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:29:05.0877 8492 volmgrx - ok
15:29:05.0924 8492 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:29:05.0955 8492 volsnap - ok
15:29:05.0986 8492 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:29:06.0002 8492 vsmraid - ok
15:29:06.0064 8492 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:29:06.0064 8492 VSS - ok
15:29:06.0064 8492 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:29:06.0064 8492 vwifibus - ok
15:29:06.0126 8492 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:29:06.0126 8492 W32Time - ok
15:29:06.0173 8492 [ F39FC224758290A3193C68C091E6F11A ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
15:29:06.0204 8492 wacmoumonitor - ok
15:29:06.0236 8492 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
15:29:06.0282 8492 wacommousefilter - ok
15:29:06.0282 8492 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:29:06.0282 8492 WacomPen - ok
15:29:06.0345 8492 [ BB9D431C8D025BA13E60ADDDCFF04F1A ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
15:29:06.0345 8492 wacomvhid - ok
15:29:06.0345 8492 [ 8B4255329EDFBA3ECFBD0714476FAD38 ] WacomVKHid C:\Windows\system32\DRIVERS\WacomVKHid.sys
15:29:06.0376 8492 WacomVKHid - ok
15:29:06.0407 8492 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:29:06.0423 8492 WANARP - ok
15:29:06.0438 8492 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:29:06.0438 8492 Wanarpv6 - ok
15:29:06.0563 8492 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:29:06.0594 8492 WatAdminSvc - ok
15:29:06.0688 8492 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:29:06.0735 8492 wbengine - ok
15:29:06.0766 8492 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:29:06.0782 8492 WbioSrvc - ok
15:29:06.0844 8492 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:29:06.0891 8492 wcncsvc - ok
15:29:06.0906 8492 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:29:06.0922 8492 WcsPlugInService - ok
15:29:06.0922 8492 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:29:06.0922 8492 Wd - ok
15:29:07.0000 8492 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:29:07.0031 8492 Wdf01000 - ok
15:29:07.0031 8492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:29:07.0047 8492 WdiServiceHost - ok
15:29:07.0047 8492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:29:07.0047 8492 WdiSystemHost - ok
15:29:07.0062 8492 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:29:07.0078 8492 WebClient - ok
15:29:07.0094 8492 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:29:07.0109 8492 Wecsvc - ok
15:29:07.0125 8492 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:29:07.0125 8492 wercplsupport - ok
15:29:07.0156 8492 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:29:07.0187 8492 WerSvc - ok
15:29:07.0203 8492 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:29:07.0218 8492 WfpLwf - ok
15:29:07.0250 8492 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:29:07.0281 8492 WimFltr - ok
15:29:07.0328 8492 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:29:07.0328 8492 WIMMount - ok
15:29:07.0343 8492 WinDefend - ok
15:29:07.0343 8492 WinHttpAutoProxySvc - ok
15:29:07.0437 8492 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:29:07.0437 8492 Winmgmt - ok
15:29:07.0624 8492 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:29:07.0640 8492 WinRM - ok
15:29:07.0702 8492 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:29:07.0733 8492 WinUsb - ok
15:29:07.0811 8492 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:29:07.0811 8492 Wlansvc - ok
15:29:07.0905 8492 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:29:07.0936 8492 wlcrasvc - ok
15:29:08.0498 8492 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:29:08.0513 8492 wlidsvc - ok
15:29:08.0529 8492 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:29:08.0529 8492 WmiAcpi - ok
15:29:08.0576 8492 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:29:08.0576 8492 wmiApSrv - ok
15:29:08.0591 8492 WMPNetworkSvc - ok
15:29:08.0607 8492 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:29:08.0607 8492 WPCSvc - ok
15:29:08.0622 8492 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:29:08.0654 8492 WPDBusEnum - ok
15:29:08.0669 8492 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:29:08.0669 8492 ws2ifsl - ok
15:29:08.0700 8492 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:29:08.0700 8492 wscsvc - ok
15:29:08.0700 8492 WSearch - ok
15:29:08.0872 8492 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:29:08.0903 8492 wuauserv - ok
15:29:08.0966 8492 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:29:08.0966 8492 WudfPf - ok
15:29:09.0044 8492 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:29:09.0090 8492 WUDFRd - ok
15:29:09.0122 8492 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:29:09.0153 8492 wudfsvc - ok
15:29:09.0168 8492 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:29:09.0168 8492 WwanSvc - ok
15:29:09.0200 8492 ================ Scan global ===============================
15:29:09.0215 8492 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:29:09.0278 8492 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:29:09.0324 8492 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:29:09.0340 8492 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:29:09.0387 8492 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:29:09.0387 8492 [Global] - ok
15:29:09.0387 8492 ================ Scan MBR ==================================
15:29:09.0402 8492 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:29:09.0917 8492 \Device\Harddisk0\DR0 - ok
15:29:09.0917 8492 ================ Scan VBR ==================================
15:29:09.0917 8492 [ 22B2D69DB2C15D6A98A6A99D71FF00A5 ] \Device\Harddisk0\DR0\Partition1
15:29:09.0917 8492 \Device\Harddisk0\DR0\Partition1 - ok
15:29:09.0948 8492 [ 2CACEE2DB41671F21F50E16E50C210D5 ] \Device\Harddisk0\DR0\Partition2
15:29:09.0948 8492 \Device\Harddisk0\DR0\Partition2 - ok
15:29:09.0948 8492 ============================================================
15:29:09.0948 8492 Scan finished
15:29:09.0948 8492 ============================================================
15:29:09.0964 5596 Detected object count: 0
15:29:09.0964 5596 Actual detected object count: 0

#5 struckdumb1

struckdumb1
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 27 December 2012 - 10:51 AM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-27 15:37:33
-----------------------------
15:37:33.844 OS Version: Windows x64 6.1.7601 Service Pack 1
15:37:33.844 Number of processors: 8 586 0x2A07
15:37:33.844 ComputerName: PAULANDGURINDER UserName:
15:37:34.670 Initialize success
15:39:45.130 AVAST engine defs: 12122701
15:41:15.735 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:41:15.750 Disk 0 Vendor: Intel___ 1.0. Size: 1907735MB BusType: 8
15:41:15.766 Disk 0 MBR read successfully
15:41:15.766 Disk 0 MBR scan
15:41:15.766 Disk 0 Windows VISTA default MBR code
15:41:15.766 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
15:41:15.766 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 19712 MB offset 81920
15:41:15.781 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 1887980 MB offset 40452096
15:41:15.828 Disk 0 scanning C:\Windows\system32\drivers
15:41:28.105 Service scanning
15:41:46.997 Modules scanning
15:41:46.997 Disk 0 trace - called modules:
15:41:47.013 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:41:47.028 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800cb43060]
15:41:47.028 3 CLASSPNP.SYS[fffff88001c6c43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800a589050]
15:41:47.746 AVAST engine scan C:\Windows
15:42:00.476 AVAST engine scan C:\Windows\system32
15:46:16.862 AVAST engine scan C:\Windows\system32\drivers
15:46:37.844 AVAST engine scan C:\Users\Paul and Gurinder
15:49:51.725 Disk 0 MBR has been saved successfully to "C:\Users\Paul and Gurinder\Desktop\MBR.dat"
15:49:51.725 The log file has been saved successfully to "C:\Users\Paul and Gurinder\Desktop\aswMBR.txt"
15:51:14.419 Disk 0 MBR has been saved successfully to "C:\Users\Paul and Gurinder\Documents\Documents\Delete\MBR.dat"
15:51:14.435 The log file has been saved successfully to "C:\Users\Paul and Gurinder\Documents\Documents\Delete\aswMBR.txt"

#6 struckdumb1

struckdumb1
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 27 December 2012 - 01:33 PM

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined


That's the lot done.

Edited by struckdumb1, 27 December 2012 - 01:34 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:37 AM

Posted 27 December 2012 - 02:21 PM

Looks clean now.. Any issues on that end?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 struckdumb1

struckdumb1
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 27 December 2012 - 05:17 PM

Looks ok - software running alright at the moment.
Is that Win32/HiddenStart.A not a problem?

Thanks very much for the help.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:37 AM

Posted 27 December 2012 - 06:04 PM

This is quarantined and can no longer harm your PC.

Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 struckdumb1

struckdumb1
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 28 December 2012 - 09:51 AM

Hi,

Thanks again - I have now created new system restore point and deleted old restore points.

I was previously getting some error messages and programmes closing or struggling - one message I think was wermgr.exe.
A slightly different 'wer' error message came up today when my browser crashed - sorry, but I didn't note down the exact message.
Might this be of any concern?

Thanks

Paul

Edited by struckdumb1, 28 December 2012 - 11:01 AM.


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:37 AM

Posted 28 December 2012 - 08:22 PM

wermgr.exe is the Windows Problem Reporting process. The proper one is located in the folder C:\Windows\System32.
Do a file search and see where yours is.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 struckdumb1

struckdumb1
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 29 December 2012 - 06:03 AM

Seach showed the following:

x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.1.7601.17514_none_227e1c01642654f4_wermgr.exe_d92a3b6c
Type - EXE_D92A3B6C File 53 KB
Folder - Backup (C:\Windows\winsxs)

amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.1.7600.16385_none_7c6ba3bd1f954290_wermgr.exe_d92a3b6c
Type - EXE_D92A3B6C File 50 KB
Folder - Backup (C:\Windows\winsxs)

wermgr 50 KB
Folder - System 32 (C;\Windows)

wermgr 50 KB
Folder - amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.1.7600.16385_none_7c6ba3bd1f954290 (C:\Windows\winsxs)

wermgr 53 KB
Folder - SysWOW64 (C:\Windows)

wermgr 53 KB
Folder - x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.1.7601.17514_none_227e1c01642654f4 (C:\Windows\winsxs)

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:37 AM

Posted 29 December 2012 - 08:09 PM

Hello,can you submit these for tests

x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.1.7601.17514_none_227e1c01642654f4_wermgr.exe_d92a3b6c
Type - EXE_D92A3B6C File 53 KB
Folder - Backup (C:\Windows\winsxs)

amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.1.7600.16385_none_7c6ba3bd1f954290_wermgr.exe_d92a3b6c
Type - EXE_D92A3B6C File 50 KB
Folder - Backup (C:\Windows\winsxs)

wermgr 50 KB
Folder - System 32 (C;\Windows)


wermgr 50 KB
Folder - amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.1.7600.16385_none_7c6ba3bd1f954290 (C:\Windows\winsxs)

wermgr 53 KB
Folder - SysWOW64 (C:\Windows)

wermgr 53 KB
Folder - x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.1.7601.17514_none_227e1c01642654f4 (C:\Windows\winsxs)



Please visit the online Jotti Virus Scanner Posted Image<--link
  • Browse to the following filepath:

    ---------put the filepath here -------

  • Click on the Posted Image button.
    The scanner will check the file with various AV companies.
  • Copy and paste the results box into a reply to this thread.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 struckdumb1

struckdumb1
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 30 December 2012 - 08:46 AM

Sorry but I'm not fully sure that I'm doing this properly.
I have been putting the wermgr file from those locations in the search box at Jotti - is that right?

The results all say Found Nothing.

I also found today that I am unable to download some large files that a business associate has sent me.
Neither can I download Google Chrome.
Might something associated with this virus be affecting that?

Actually Ijust downloaded Firefox and that is able to download the files that Internet Explorer couldn't.
Is there a fault with my Explorer?

Edited by struckdumb1, 30 December 2012 - 09:47 AM.


#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:37 AM

Posted 30 December 2012 - 07:16 PM

I think it best to do the prep guide. About these some thing will and wont download. May have a hidden malware.

Those files are OK ,n ,as Jotti returned no results.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users