Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect in Firefox


  • Please log in to reply
11 replies to this topic

#1 numble

numble

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 17 January 2013 - 09:05 PM

Sometimes when I do a google search in firefox, my first result is redirected to the IP address above, but only the first time I click it. If I go back and click the result again, I am directed to the real result. I have only run malwarebyte antimalware and microsoft security essentials. I did full scans with both and came up with nothing.

Could someone please help me? Thanks.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 17 January 2013 - 09:22 PM

Hello numble. Lets start here as it is common and the fastest.

In FireFox it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 numble

numble
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 17 January 2013 - 10:37 PM

Thanks for your help boopme. I found an extension that looked strange. It is called Mozilla Framework Assistant 3.0.1, published by mozilla.org. This extension is not on my other computer running the same version of firefox, and I can't find any info on it when I search. I'm assuming it's not legit. I have disabled it, and so far the google results seem fine for now. The problem has been intermittent, so I guess I will have to wait and see.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 18 January 2013 - 01:37 PM

If you want to scan further we can,just let me know.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 numble

numble
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 18 January 2013 - 02:47 PM

That's probably a good idea. Where should I start?

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 18 January 2013 - 03:49 PM

OK...


MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results



ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 numble

numble
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 18 January 2013 - 09:14 PM

Here are the logs.


MiniToolBox by Farbar Version:10-01-2013
Ran by Brooke (administrator) on 18-01-2013 at 16:43:16
Running from "C:\Users\Brooke\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6230 = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Hardware not present)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Brooke-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 84-8F-69-B6-9E-52
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6230
Physical Address. . . . . . . . . : 88-53-2E-59-E7-0A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9c6c:ad97:6d1e:705d%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, January 17, 2013 7:28:00 PM
Lease Expires . . . . . . . . . . : Saturday, January 19, 2013 4:36:24 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 294146862
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-5F-9D-8E-88-53-2E-59-E7-0A
DNS Servers . . . . . . . . . . . : 68.94.156.1
68.94.157.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 88-53-2E-59-E7-0E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{137B1F0A-339F-4B04-8C38-7E597DD79CBE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5C5C1CE1-BEA9-41CC-98FC-1F12FE30CD5A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7900B05D-2284-4527-99DB-9E05BD7F3B8B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:28cd:303c:bbb1:7d2c(Preferred)
Link-local IPv6 Address . . . . . : fe80::28cd:303c:bbb1:7d2c%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dnsr1.sbcglobal.net
Address: 68.94.156.1

Name: google.com
Addresses: 2607:f8b0:4009:800::1006
74.125.225.8
74.125.225.9
74.125.225.14
74.125.225.0
74.125.225.1
74.125.225.2
74.125.225.3
74.125.225.4
74.125.225.5
74.125.225.6
74.125.225.7


Pinging google.com [74.125.225.69] with 32 bytes of data:
Reply from 74.125.225.69: bytes=32 time=79ms TTL=51
Reply from 74.125.225.69: bytes=32 time=64ms TTL=51

Ping statistics for 74.125.225.69:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 79ms, Average = 71ms
Server: dnsr1.sbcglobal.net
Address: 68.94.156.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=198ms TTL=45
Reply from 206.190.36.45: bytes=32 time=157ms TTL=45

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 157ms, Maximum = 198ms, Average = 177ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...84 8f 69 b6 9e 52 ......Realtek PCIe GBE Family Controller
13...88 53 2e 59 e7 0a ......Intel® Centrino® Advanced-N 6230
11...88 53 2e 59 e7 0e ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.103 281
192.168.1.103 255.255.255.255 On-link 192.168.1.103 281
192.168.1.255 255.255.255.255 On-link 192.168.1.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:9d38:953c:28cd:303c:bbb1:7d2c/128
On-link
13 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::28cd:303c:bbb1:7d2c/128
On-link
13 281 fe80::9c6c:ad97:6d1e:705d/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/18/2013 01:45:20 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/17/2013 09:41:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 210055

Error: (01/17/2013 09:41:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 210055

Error: (01/17/2013 09:41:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/17/2013 09:37:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (01/17/2013 09:37:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (01/17/2013 09:37:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/17/2013 09:22:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (01/17/2013 09:22:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014

Error: (01/17/2013 09:22:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/14/2013 00:54:11 PM) (Source: DCOM) (User: )
Description: {F4396DC6-E851-4D3A-8D01-34E6949F3500}

Error: (01/10/2013 10:47:11 PM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}

Error: (12/27/2012 10:14:54 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.141.2591.0

Update Source: %NT AUTHORITY59

Update Stage: 4.1.0522.00

Source Path: 4.1.0522.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/27/2012 10:14:54 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.141.2591.0

Update Source: %NT AUTHORITY59

Update Stage: 4.1.0522.00

Source Path: 4.1.0522.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/17/2012 04:44:24 PM) (Source: DCOM) (User: )
Description: {F4396DC6-E851-4D3A-8D01-34E6949F3500}

Error: (12/16/2012 00:18:05 PM) (Source: DCOM) (User: )
Description: {F4396DC6-E851-4D3A-8D01-34E6949F3500}

Error: (12/13/2012 01:01:36 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/13/2012 01:00:59 PM) (Source: DCOM) (User: )
Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}

Error: (12/09/2012 00:31:06 PM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa8007751a00, 0xfffff800041b73d8, 0xfffffa80073ddbd0)C:\Windows\MEMORY.DMP120912-20061-01

Error: (12/09/2012 00:30:55 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:14:59 PM on ?12/?9/?2012 was unexpected.


Microsoft Office Sessions:
=========================
Error: (01/18/2013 01:45:20 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (01/17/2013 09:41:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 210055

Error: (01/17/2013 09:41:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 210055

Error: (01/17/2013 09:41:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/17/2013 09:37:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (01/17/2013 09:37:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (01/17/2013 09:37:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/17/2013 09:22:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (01/17/2013 09:22:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014

Error: (01/17/2013 09:22:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

1001 Nights: The Adventures Of Sindbad
7 Wonders II
A Magnetic Adventure
AccelerometerP11 (Version: 2.00.11.22)
Action Ball 2 (Version: 1.0)
Action Ball Deluxe (Version: 1.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Alabama Smith in Escape from Pompeii
Alabama Smith in the Quest of Fate
Alchemy
Alex Gordon
Alexandra Fortune - Mystery of the Lunar Archipelago
Alien Outbreak 2: Invasion (Version: 1.0)
Alter Ego US (Version: 1.0.0.0)
Amazing Slow Downer (remove only)
Amazon Games & Software Downloader (Version: 2.0.2.0)
Amelie's Cafe
Amelie's Cafe: Holiday Spirit (Version: 1.0)
Amelie's Cafe: Summer Time
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Arctic Quest 2
Arxon
Assassin's Creed (Version: 1.02)
Auralia 3.5 Student Edition (Version: 3.5)
Aztec Tribe (Version: 1.0)
Aztec Tribe: New Land (Version: 1.0)
Beach Party Craze
Bejeweled Deluxe 1.87 (Version: 1.87)
Bejeweled Twist
Big Kahuna Reef 2 - Chain Reaction
Bilbo - The Four Corners of the World
Birder's Diary 3.7 (Version: 3.7)
Black Mirror 2 1.0 (Version: 1.0)
Black Mirror 3 (Version: 1.0.21.0)
Bonjour (Version: 3.0.0.10)
Build A Lot 3 Passport To Europe
Call Of Atlantis
Carl the Caveman (Version: 1.0)
Ceville (Version: 1.0.2)
Chains
City Magnate (Version: 1.0)
Clue Classic (remove only)
Clutter
Crop Busters (Version: 1.0)
Crusaders Of Space 2 (Version: 1.0)
Crystalix
Daemonica
Dancing Craze
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Stage (Version: 1.5.201.0)
Dell Support Center (Version: 3.1.5907.39)
Digger Adventures (Version: 1.0)
Dragon Puzzle (Version: 1.0)
DWARFS
Enchanted Cavern (Version: 1.0)
Fairy Words
Farm Frenzy 2
Farm Frenzy 3
Farmscapes
Fashion Craze
Fashion Season (Version: 1.0)
Fatal Hearts
Finding Doggy (Version: 1.0)
Fishdom 2
Fishdom Frosty Splash
Fishdom Spooky Splash
Flower Quest (Version: 1.0)
Froggy's Adventures (Version: 1.0)
Frogs vs Storks
Fruit Lockers 2 - The Enchanting Islands
Game of LIFE (remove only)
Garden Defense
Gardenscapes
Gourmania
Gourmania 2: Great Expectations
Gourmania 3: Zoo Zoom (Version: 1.0)
Grand Master Chess Online (Version: 1.0)
Gray Matter 1.0 (Version: 1.0)
Guitar Pro 6
Hamlet
Haunted Domains (Version: 1.0)
Heroes Of Hellas
Heroes of Hellas 2 Olympia
Hidden World
Holly 2 - Magic Land
Holly. A Christmas Tale Deluxe (Version: 1.0)
Hotdish (Version: 1.00.0000)
Hotel Mogul
Hyperballoid 2 (Version: 1.0)
Hyperspace Invader (Version: 1.0)
Intel PROSet Wireless
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.2.0.0587)
Intel® PROSet/Wireless WiFi Software (Version: 14.2.0000)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
Intel® WiDi (Version: 2.1.39.0)
Intel® Wireless Display
Island Realms
iTunes (Version: 11.0.1.12)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
Jenny's Fish Shop (Version: 1.0)
JMicron Flash Media Controller Driver (Version: 1.0.55.0)
Joan Jade and the Gates of Xibalba
Journey of Hope
Juliette's Fashion Empire (Version: 1.0)
Konas Crate
Land of Runes 1.0 (Version: 1.0)
Lernout & Hauspie TruVoice American English TTS Engine
Living Cookbook 2013 (Version: 4.0.40)
Luxor 3
Magic Encyclopedia - Moon Light
Magic Encyclopedia. First Story
Magic Shop (Version: 1.0)
Mahjongg Artifacts (Version: 1.0)
Mahjongg Artifacts Chapter 2
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Zoo Tycoon
Midnight Mysteries Salem Witch Trials
Midnight Mysteries The Edgar Allan Poe Conspiracy
Mishap An Accidental Haunting
Monster House 1.0 (Version: 1.0)
Monster Mash
Mortimer Beckett and the Lost King
Mortimer Beckett And The Secrets Of Spooky Manor
Mortimer Beckett And The Time Paradox
Mozilla Firefox 18.0 (x86 en-US) (Version: 18.0)
Mozilla Maintenance Service (Version: 18.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Farm Life (Version: 1.0)
My Kingdom for the Princess
Mysteries of Horus (Version: 1.0)
Mystery Cookbook
Mystery Stories Berlin Nights
Natalie Brooks - Secrets of Treasure House
Natalie Brooks - The Treasures of the Lost Kingdom (Version: 1.0)
New Yankee in King Arthurs Court
NVIDIA 3D Vision Driver 268.30 (Version: 268.30)
NVIDIA Control Panel 268.30 (Version: 268.30)
NVIDIA Graphics Driver 268.30 (Version: 268.30)
NVIDIA HD Audio Driver 1.2.22.1 (Version: 1.2.22.1)
NVIDIA Install Application (Version: 2.265.41.0)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6830)
NVIDIA Update Components (Version: 1.0.21)
Olympus DSS Player
OpenAL
Oriental Dreams
Pet Show Craze
Pickers
PL-2303 USB-to-Serial (Version: 1.3.0)
Plant Tycoon
Plants vs. Zombies
PopCap Browser Plugin
Quickset64 (Version: 11.0.10)
QuickTime (Version: 7.73.80.64)
Raven Lite 1.0 (Version: 1.0.9.13)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6312)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.27.0)
Rescue Frenzy (Version: 1.0)
Robin Hood (Version: 1.0)
RoboForm 7-8-5-7 (All Users) (Version: 7-8-5-7)
RollerCoaster Tycoon 3 Platinum (Version: 1.00.000)
Rome - Total War - Gold Edition (Version: 1.6)
Royal Envoy 2
Sacra Terra Angelic Night
Sea Bounty - Dead Man's Chest
Sheep's Quest
Sid Meier's Civilization 4 Complete (Version: 1.74)
Sid Meier's Civilization IV Colonization (Version: 1.00)
Ski Resort Mogul (Version: 1.0)
Sky Kingdoms
Sky Taxi 4 (Version: 1.0)
Snark Busters 2 All Revved Up
Snark Busters Welcome to the Club
Snowy Puzzle Islands 1.0 (Version: 1.0)
Snowy: Fish Frenzy (Version: 1.0)
Snowy: Lunch Rush (Version: 1.0)
Snowy: Space Trip (Version: 1.0)
Snowy: The Bear's Adventures (Version: 1.0)
Snowy: Treasure Hunter (Version: 1.0)
Snowy: Treasure Hunter 2 (Version: 1.0)
Sprill - The Mystery of The Bermuda Triangle
Sprill and Ritchie - Adventures In Time
Stand O'Food
Strike Ball 3
Stronghold (Version: 1.20.0000)
Stronghold 2 (Version: 1.40.1000)
Stronghold Crusader Extreme (Version: 1.20.0000)
Stronghold Legends (Version: 1.20.0000)
Summer Resort Mogul 1.0 (Version: 1.0)
Sunshine Acres (Version: 1.0)
Supermarket Mania
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.6.0)
Talismania
TELL ME MORE
Thayer eField Guide Viewer v5.0 (Version: 5.0.2)
The Curse Of Montezuma
The Golden Years - Way Out West
The Great Tree
The Joy of Farming (Version: 1.0)
The Treasures Of Montezuma
The Treasures Of Montezuma 2
The UnderGarden 1.0
Time Breaker (Version: 1.0)
Tory's Shop'n'Rush 1.0 (Version: 1.0)
Treasure Masters, Inc.
Tropical Farm (Version: 1.0)
Tropico 4 1.00 (Version: 1.00)
Turtix
Turtix - Rescue Adventure (Version: 1.0)
TV Translator Configuration Utility (Version: 1.0.24)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Vacation Mogul
Vampires vs Zombies (Version: 1.0)
Virtual City
Virtual Farm (Version: 1.0)
VTrain (Vocabulary Trainer) 5.2
Wik and the Fable of Souls
World of Goo (Version: 1.1BB)
Zak & Jack in Showdown at Monstertown (Version: 1.0)
Zoo Tycoon 2 - Ultimate Collection (Version: 1.00.0000)
Zuma's Revenge!
Zuma Deluxe

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 8086.17 MB
Available physical RAM: 6039.82 MB
Total Pagefile: 16170.53 MB
Available Pagefile: 13908.72 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.6 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:698.54 GB) (Free:350.57 GB) NTFS

========================= Users: ========================================

User accounts for \\BROOKE-LAPTOP

Administrator Brooke Guest
UpdatusUser


**** End of log ****





16:48:33.0794 4264 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:48:34.0234 4264 ============================================================
16:48:34.0234 4264 Current date / time: 2013/01/18 16:48:34.0234
16:48:34.0234 4264 SystemInfo:
16:48:34.0234 4264
16:48:34.0234 4264 OS Version: 6.1.7601 ServicePack: 1.0
16:48:34.0234 4264 Product type: Workstation
16:48:34.0234 4264 ComputerName: BROOKE-LAPTOP
16:48:34.0234 4264 UserName: Brooke
16:48:34.0234 4264 Windows directory: C:\Windows
16:48:34.0234 4264 System windows directory: C:\Windows
16:48:34.0234 4264 Running under WOW64
16:48:34.0234 4264 Processor architecture: Intel x64
16:48:34.0234 4264 Number of processors: 8
16:48:34.0234 4264 Page size: 0x1000
16:48:34.0234 4264 Boot type: Normal boot
16:48:34.0234 4264 ============================================================
16:48:35.0105 4264 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:48:35.0115 4264 ============================================================
16:48:35.0115 4264 \Device\Harddisk0\DR0:
16:48:35.0115 4264 MBR partitions:
16:48:35.0115 4264 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:48:35.0115 4264 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000
16:48:35.0115 4264 ============================================================
16:48:35.0135 4264 C: <-> \Device\Harddisk0\DR0\Partition2
16:48:35.0135 4264 ============================================================
16:48:35.0135 4264 Initialize success
16:48:35.0135 4264 ============================================================
16:49:23.0690 5320 ============================================================
16:49:23.0690 5320 Scan started
16:49:23.0690 5320 Mode: Manual; TDLFS;
16:49:23.0690 5320 ============================================================
16:49:23.0862 5320 ================ Scan system memory ========================
16:49:23.0862 5320 System memory - ok
16:49:23.0862 5320 ================ Scan services =============================
16:49:24.0065 5320 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:49:24.0080 5320 1394ohci - ok
16:49:24.0111 5320 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
16:49:24.0111 5320 Acceler - ok
16:49:24.0143 5320 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:49:24.0143 5320 ACPI - ok
16:49:24.0174 5320 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:49:24.0174 5320 AcpiPmi - ok
16:49:24.0314 5320 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:49:24.0314 5320 AdobeARMservice - ok
16:49:24.0361 5320 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:49:24.0361 5320 adp94xx - ok
16:49:24.0408 5320 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:49:24.0423 5320 adpahci - ok
16:49:24.0439 5320 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:49:24.0439 5320 adpu320 - ok
16:49:24.0470 5320 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:49:24.0470 5320 AeLookupSvc - ok
16:49:24.0548 5320 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
16:49:24.0548 5320 AERTFilters - ok
16:49:24.0595 5320 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:49:24.0611 5320 AFD - ok
16:49:24.0642 5320 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:49:24.0642 5320 agp440 - ok
16:49:24.0673 5320 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:49:24.0673 5320 ALG - ok
16:49:24.0689 5320 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:49:24.0689 5320 aliide - ok
16:49:24.0767 5320 [ FF6F0F6A2D72065AE4300426FA414693 ] Amazon Download Agent C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
16:49:24.0782 5320 Amazon Download Agent - ok
16:49:24.0798 5320 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:49:24.0798 5320 amdide - ok
16:49:24.0829 5320 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:49:24.0829 5320 AmdK8 - ok
16:49:24.0829 5320 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:49:24.0845 5320 AmdPPM - ok
16:49:24.0860 5320 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:49:24.0876 5320 amdsata - ok
16:49:24.0891 5320 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:49:24.0891 5320 amdsbs - ok
16:49:24.0907 5320 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:49:24.0907 5320 amdxata - ok
16:49:24.0923 5320 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
16:49:24.0923 5320 AMPPAL - ok
16:49:24.0938 5320 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
16:49:24.0938 5320 AMPPALP - ok
16:49:25.0063 5320 [ 864C632B999BE1237A3DC46736E71F27 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
16:49:25.0079 5320 AMPPALR3 - ok
16:49:25.0110 5320 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:49:25.0110 5320 AppID - ok
16:49:25.0141 5320 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:49:25.0141 5320 AppIDSvc - ok
16:49:25.0172 5320 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:49:25.0172 5320 Appinfo - ok
16:49:25.0219 5320 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:49:25.0235 5320 Apple Mobile Device - ok
16:49:25.0250 5320 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:49:25.0250 5320 arc - ok
16:49:25.0266 5320 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:49:25.0266 5320 arcsas - ok
16:49:25.0297 5320 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:49:25.0297 5320 AsyncMac - ok
16:49:25.0313 5320 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:49:25.0313 5320 atapi - ok
16:49:25.0359 5320 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:49:25.0375 5320 AudioEndpointBuilder - ok
16:49:25.0391 5320 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:49:25.0391 5320 AudioSrv - ok
16:49:25.0422 5320 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:49:25.0422 5320 AxInstSV - ok
16:49:25.0469 5320 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:49:25.0469 5320 b06bdrv - ok
16:49:25.0500 5320 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:49:25.0515 5320 b57nd60a - ok
16:49:25.0547 5320 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:49:25.0547 5320 BDESVC - ok
16:49:25.0578 5320 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:49:25.0578 5320 Beep - ok
16:49:25.0625 5320 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:49:25.0640 5320 BFE - ok
16:49:25.0687 5320 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:49:25.0703 5320 BITS - ok
16:49:25.0734 5320 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:49:25.0734 5320 blbdrive - ok
16:49:25.0812 5320 [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:49:25.0827 5320 Bluetooth Device Monitor - ok
16:49:25.0859 5320 [ E43D73CAF1023976EFBA1D0F0E69E271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
16:49:25.0874 5320 Bluetooth Media Service - ok
16:49:25.0921 5320 [ 20427929646784A482DF34EF8C4FED23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
16:49:25.0937 5320 Bluetooth OBEX Service - ok
16:49:25.0968 5320 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:49:25.0968 5320 Bonjour Service - ok
16:49:26.0015 5320 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:49:26.0015 5320 bowser - ok
16:49:26.0030 5320 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:49:26.0030 5320 BrFiltLo - ok
16:49:26.0046 5320 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:49:26.0046 5320 BrFiltUp - ok
16:49:26.0093 5320 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:49:26.0108 5320 Browser - ok
16:49:26.0124 5320 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:49:26.0139 5320 Brserid - ok
16:49:26.0155 5320 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:49:26.0155 5320 BrSerWdm - ok
16:49:26.0171 5320 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:49:26.0186 5320 BrUsbMdm - ok
16:49:26.0186 5320 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:49:26.0202 5320 BrUsbSer - ok
16:49:26.0217 5320 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:49:26.0217 5320 BthEnum - ok
16:49:26.0233 5320 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:49:26.0233 5320 BTHMODEM - ok
16:49:26.0264 5320 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:49:26.0264 5320 BthPan - ok
16:49:26.0295 5320 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:49:26.0295 5320 BTHPORT - ok
16:49:26.0327 5320 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:49:26.0342 5320 bthserv - ok
16:49:26.0373 5320 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
16:49:26.0373 5320 BTHSSecurityMgr - ok
16:49:26.0405 5320 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:49:26.0405 5320 BTHUSB - ok
16:49:26.0436 5320 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
16:49:26.0436 5320 btmaudio - ok
16:49:26.0467 5320 [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
16:49:26.0467 5320 btmaux - ok
16:49:26.0498 5320 [ 0B1CC2221DC5990E4557A78CE9AFAD4F ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
16:49:26.0498 5320 btmhsf - ok
16:49:26.0545 5320 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:49:26.0545 5320 cdfs - ok
16:49:26.0576 5320 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:49:26.0576 5320 cdrom - ok
16:49:26.0607 5320 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:49:26.0623 5320 CertPropSvc - ok
16:49:26.0654 5320 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:49:26.0654 5320 circlass - ok
16:49:26.0670 5320 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:49:26.0685 5320 CLFS - ok
16:49:26.0732 5320 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:49:26.0732 5320 clr_optimization_v2.0.50727_32 - ok
16:49:26.0779 5320 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:49:26.0779 5320 clr_optimization_v2.0.50727_64 - ok
16:49:26.0841 5320 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:49:26.0841 5320 clr_optimization_v4.0.30319_32 - ok
16:49:26.0873 5320 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:49:26.0873 5320 clr_optimization_v4.0.30319_64 - ok
16:49:26.0919 5320 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:49:26.0919 5320 CmBatt - ok
16:49:26.0935 5320 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:49:26.0935 5320 cmdide - ok
16:49:26.0997 5320 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:49:27.0013 5320 CNG - ok
16:49:27.0044 5320 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:49:27.0044 5320 Compbatt - ok
16:49:27.0060 5320 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:49:27.0075 5320 CompositeBus - ok
16:49:27.0075 5320 COMSysApp - ok
16:49:27.0091 5320 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:49:27.0107 5320 crcdisk - ok
16:49:27.0153 5320 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:49:27.0169 5320 CryptSvc - ok
16:49:27.0216 5320 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:49:27.0231 5320 DcomLaunch - ok
16:49:27.0263 5320 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:49:27.0278 5320 defragsvc - ok
16:49:27.0294 5320 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:49:27.0309 5320 DfsC - ok
16:49:27.0325 5320 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:49:27.0341 5320 Dhcp - ok
16:49:27.0356 5320 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:49:27.0356 5320 discache - ok
16:49:27.0387 5320 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:49:27.0387 5320 Disk - ok
16:49:27.0465 5320 [ E5A7B1EC51A89C1DC7440DC07DE7EC00 ] DM1Service C:\Program Files (x86)\Olympus\DeviceDetector\DM1Service.exe
16:49:27.0465 5320 DM1Service - ok
16:49:27.0497 5320 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:49:27.0497 5320 Dnscache - ok
16:49:27.0528 5320 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:49:27.0543 5320 dot3svc - ok
16:49:27.0543 5320 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:49:27.0559 5320 DPS - ok
16:49:27.0590 5320 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:49:27.0590 5320 drmkaud - ok
16:49:27.0637 5320 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:49:27.0653 5320 DXGKrnl - ok
16:49:27.0684 5320 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:49:27.0684 5320 EapHost - ok
16:49:27.0762 5320 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:49:27.0793 5320 ebdrv - ok
16:49:27.0840 5320 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:49:27.0840 5320 EFS - ok
16:49:27.0902 5320 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:49:27.0918 5320 ehRecvr - ok
16:49:27.0933 5320 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:49:27.0933 5320 ehSched - ok
16:49:27.0965 5320 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:49:27.0980 5320 elxstor - ok
16:49:27.0980 5320 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:49:27.0980 5320 ErrDev - ok
16:49:28.0027 5320 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:49:28.0027 5320 EventSystem - ok
16:49:28.0121 5320 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:49:28.0141 5320 EvtEng - ok
16:49:28.0161 5320 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:49:28.0161 5320 exfat - ok
16:49:28.0181 5320 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:49:28.0181 5320 fastfat - ok
16:49:28.0221 5320 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:49:28.0241 5320 Fax - ok
16:49:28.0261 5320 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:49:28.0271 5320 fdc - ok
16:49:28.0271 5320 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:49:28.0281 5320 fdPHost - ok
16:49:28.0291 5320 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:49:28.0291 5320 FDResPub - ok
16:49:28.0311 5320 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:49:28.0311 5320 FileInfo - ok
16:49:28.0331 5320 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:49:28.0331 5320 Filetrace - ok
16:49:28.0341 5320 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:49:28.0341 5320 flpydisk - ok
16:49:28.0351 5320 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:49:28.0361 5320 FltMgr - ok
16:49:28.0401 5320 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:49:28.0411 5320 FontCache - ok
16:49:28.0461 5320 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:49:28.0461 5320 FontCache3.0.0.0 - ok
16:49:28.0471 5320 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:49:28.0481 5320 FsDepends - ok
16:49:28.0501 5320 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:49:28.0501 5320 Fs_Rec - ok
16:49:28.0541 5320 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:49:28.0541 5320 fvevol - ok
16:49:28.0571 5320 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:49:28.0571 5320 gagp30kx - ok
16:49:28.0611 5320 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:49:28.0611 5320 GEARAspiWDM - ok
16:49:28.0661 5320 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:49:28.0671 5320 gpsvc - ok
16:49:28.0691 5320 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:49:28.0691 5320 hcw85cir - ok
16:49:28.0721 5320 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:49:28.0731 5320 HdAudAddService - ok
16:49:28.0761 5320 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:49:28.0771 5320 HDAudBus - ok
16:49:28.0781 5320 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:49:28.0781 5320 HidBatt - ok
16:49:28.0791 5320 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:49:28.0791 5320 HidBth - ok
16:49:28.0811 5320 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:49:28.0811 5320 HidIr - ok
16:49:28.0831 5320 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:49:28.0841 5320 hidserv - ok
16:49:28.0861 5320 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:49:28.0861 5320 HidUsb - ok
16:49:28.0891 5320 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:49:28.0891 5320 hkmsvc - ok
16:49:28.0901 5320 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:49:28.0911 5320 HomeGroupListener - ok
16:49:28.0941 5320 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:49:28.0941 5320 HomeGroupProvider - ok
16:49:28.0971 5320 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:49:28.0971 5320 HpSAMD - ok
16:49:29.0001 5320 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:49:29.0011 5320 HTTP - ok
16:49:29.0021 5320 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:49:29.0021 5320 hwpolicy - ok
16:49:29.0051 5320 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:49:29.0051 5320 i8042prt - ok
16:49:29.0081 5320 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:49:29.0091 5320 iaStor - ok
16:49:29.0151 5320 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:49:29.0151 5320 IAStorDataMgrSvc - ok
16:49:29.0211 5320 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:49:29.0221 5320 iaStorV - ok
16:49:29.0241 5320 [ 8A4EC1C3F10385181B1066120C610AE5 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
16:49:29.0251 5320 iBtFltCoex - ok
16:49:29.0311 5320 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:49:29.0311 5320 IDriverT - ok
16:49:29.0371 5320 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:49:29.0391 5320 idsvc - ok
16:49:29.0601 5320 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:49:29.0791 5320 igfx - ok
16:49:29.0821 5320 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:49:29.0821 5320 iirsp - ok
16:49:29.0851 5320 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:49:29.0871 5320 IKEEXT - ok
16:49:29.0911 5320 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:49:29.0911 5320 intaud_WaveExtensible - ok
16:49:29.0991 5320 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:49:30.0021 5320 IntcAzAudAddService - ok
16:49:30.0041 5320 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:49:30.0041 5320 intelide - ok
16:49:30.0071 5320 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:49:30.0071 5320 intelppm - ok
16:49:30.0091 5320 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:49:30.0091 5320 IPBusEnum - ok
16:49:30.0101 5320 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:49:30.0101 5320 IpFilterDriver - ok
16:49:30.0161 5320 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:49:30.0171 5320 iphlpsvc - ok
16:49:30.0191 5320 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:49:30.0191 5320 IPMIDRV - ok
16:49:30.0201 5320 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:49:30.0201 5320 IPNAT - ok
16:49:30.0231 5320 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:49:30.0241 5320 iPod Service - ok
16:49:30.0271 5320 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:49:30.0271 5320 IRENUM - ok
16:49:30.0291 5320 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:49:30.0301 5320 isapnp - ok
16:49:30.0311 5320 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:49:30.0321 5320 iScsiPrt - ok
16:49:30.0341 5320 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
16:49:30.0341 5320 iwdbus - ok
16:49:30.0381 5320 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:49:30.0381 5320 kbdclass - ok
16:49:30.0401 5320 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:49:30.0411 5320 kbdhid - ok
16:49:30.0431 5320 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:49:30.0441 5320 KeyIso - ok
16:49:30.0481 5320 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:49:30.0481 5320 KSecDD - ok
16:49:30.0491 5320 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:49:30.0501 5320 KSecPkg - ok
16:49:30.0521 5320 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:49:30.0521 5320 ksthunk - ok
16:49:30.0551 5320 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:49:30.0561 5320 KtmRm - ok
16:49:30.0591 5320 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:49:30.0601 5320 LanmanServer - ok
16:49:30.0621 5320 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:49:30.0621 5320 LanmanWorkstation - ok
16:49:30.0661 5320 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:49:30.0661 5320 lltdio - ok
16:49:30.0691 5320 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:49:30.0701 5320 lltdsvc - ok
16:49:30.0711 5320 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:49:30.0711 5320 lmhosts - ok
16:49:30.0751 5320 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:49:30.0761 5320 LMS - ok
16:49:30.0791 5320 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:49:30.0801 5320 LSI_FC - ok
16:49:30.0811 5320 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:49:30.0821 5320 LSI_SAS - ok
16:49:30.0831 5320 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:49:30.0841 5320 LSI_SAS2 - ok
16:49:30.0851 5320 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:49:30.0851 5320 LSI_SCSI - ok
16:49:30.0871 5320 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:49:30.0871 5320 luafv - ok
16:49:30.0901 5320 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:49:30.0901 5320 Mcx2Svc - ok
16:49:30.0911 5320 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:49:30.0911 5320 megasas - ok
16:49:30.0961 5320 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:49:30.0971 5320 MegaSR - ok
16:49:30.0991 5320 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:49:30.0991 5320 MEIx64 - ok
16:49:31.0051 5320 Microsoft SharePoint Workspace Audit Service - ok
16:49:31.0091 5320 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:49:31.0101 5320 MMCSS - ok
16:49:31.0111 5320 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:49:31.0111 5320 Modem - ok
16:49:31.0151 5320 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:49:31.0151 5320 monitor - ok
16:49:31.0201 5320 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:49:31.0201 5320 mouclass - ok
16:49:31.0211 5320 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
16:49:31.0221 5320 mouhid - ok
16:49:31.0241 5320 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:49:31.0251 5320 mountmgr - ok
16:49:31.0322 5320 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:49:31.0322 5320 MozillaMaintenance - ok
16:49:31.0372 5320 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
16:49:31.0372 5320 MpFilter - ok
16:49:31.0392 5320 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:49:31.0402 5320 mpio - ok
16:49:31.0422 5320 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:49:31.0422 5320 mpsdrv - ok
16:49:31.0462 5320 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:49:31.0482 5320 MpsSvc - ok
16:49:31.0492 5320 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:49:31.0492 5320 MRxDAV - ok
16:49:31.0512 5320 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:49:31.0512 5320 mrxsmb - ok
16:49:31.0522 5320 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:49:31.0532 5320 mrxsmb10 - ok
16:49:31.0542 5320 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:49:31.0552 5320 mrxsmb20 - ok
16:49:31.0572 5320 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:49:31.0572 5320 msahci - ok
16:49:31.0582 5320 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:49:31.0582 5320 msdsm - ok
16:49:31.0622 5320 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:49:31.0622 5320 MSDTC - ok
16:49:31.0642 5320 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:49:31.0642 5320 Msfs - ok
16:49:31.0672 5320 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:49:31.0672 5320 mshidkmdf - ok
16:49:31.0682 5320 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:49:31.0682 5320 msisadrv - ok
16:49:31.0702 5320 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:49:31.0702 5320 MSiSCSI - ok
16:49:31.0702 5320 msiserver - ok
16:49:31.0722 5320 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:49:31.0722 5320 MSKSSRV - ok
16:49:31.0782 5320 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:49:31.0782 5320 MsMpSvc - ok
16:49:31.0802 5320 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:49:31.0802 5320 MSPCLOCK - ok
16:49:31.0812 5320 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:49:31.0822 5320 MSPQM - ok
16:49:31.0832 5320 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:49:31.0842 5320 MsRPC - ok
16:49:31.0852 5320 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:49:31.0852 5320 mssmbios - ok
16:49:31.0872 5320 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:49:31.0872 5320 MSTEE - ok
16:49:31.0872 5320 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:49:31.0872 5320 MTConfig - ok
16:49:31.0882 5320 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:49:31.0882 5320 Mup - ok
16:49:31.0932 5320 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:49:31.0942 5320 MyWiFiDHCPDNS - ok
16:49:31.0972 5320 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:49:31.0992 5320 napagent - ok
16:49:32.0032 5320 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:49:32.0042 5320 NativeWifiP - ok
16:49:32.0082 5320 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:49:32.0092 5320 NDIS - ok
16:49:32.0102 5320 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:49:32.0102 5320 NdisCap - ok
16:49:32.0132 5320 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:49:32.0132 5320 NdisTapi - ok
16:49:32.0142 5320 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:49:32.0142 5320 Ndisuio - ok
16:49:32.0152 5320 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:49:32.0162 5320 NdisWan - ok
16:49:32.0162 5320 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:49:32.0172 5320 NDProxy - ok
16:49:32.0192 5320 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:49:32.0192 5320 NetBIOS - ok
16:49:32.0202 5320 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:49:32.0212 5320 NetBT - ok
16:49:32.0222 5320 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:49:32.0222 5320 Netlogon - ok
16:49:32.0262 5320 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:49:32.0272 5320 Netman - ok
16:49:32.0303 5320 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:49:32.0313 5320 netprofm - ok
16:49:32.0333 5320 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:49:32.0333 5320 NetTcpPortSharing - ok
16:49:32.0523 5320 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
16:49:32.0663 5320 NETwNs64 - ok
16:49:32.0683 5320 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:49:32.0683 5320 nfrd960 - ok
16:49:32.0733 5320 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:49:32.0743 5320 NisDrv - ok
16:49:32.0773 5320 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
16:49:32.0773 5320 NisSrv - ok
16:49:32.0833 5320 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:49:32.0843 5320 NlaSvc - ok
16:49:32.0873 5320 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:49:32.0883 5320 Npfs - ok
16:49:32.0913 5320 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:49:32.0913 5320 nsi - ok
16:49:32.0923 5320 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:49:32.0923 5320 nsiproxy - ok
16:49:33.0003 5320 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:49:33.0023 5320 Ntfs - ok
16:49:33.0053 5320 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:49:33.0053 5320 Null - ok
16:49:33.0083 5320 [ D584ABB6A308933A5F72B46C9E5A783F ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
16:49:33.0083 5320 nusb3hub - ok
16:49:33.0113 5320 [ 345B9C04E2036DA4346E3249A5BDFD06 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:49:33.0123 5320 nusb3xhc - ok
16:49:33.0397 5320 [ 573B0941A37AEBEE96085D56A103F57B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:49:33.0599 5320 nvlddmkm - ok
16:49:33.0599 5320 [ 43AF7EBEAC2AB623468E32CADDCB61A4 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
16:49:33.0615 5320 nvpciflt - ok
16:49:33.0631 5320 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:49:33.0631 5320 nvraid - ok
16:49:33.0646 5320 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:49:33.0646 5320 nvstor - ok
16:49:33.0693 5320 [ C500760572C6059918FB0C960967695B ] NVSvc C:\Windows\system32\nvvsvc.exe
16:49:33.0709 5320 NVSvc - ok
16:49:33.0771 5320 [ F28169A7ADF7B41809CF92D369E744F0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
16:49:33.0787 5320 nvUpdatusService - ok
16:49:33.0818 5320 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:49:33.0818 5320 nv_agp - ok
16:49:33.0818 5320 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:49:33.0833 5320 ohci1394 - ok
16:49:33.0865 5320 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:49:33.0880 5320 ose - ok
16:49:34.0021 5320 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:49:34.0052 5320 osppsvc - ok
16:49:34.0083 5320 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:49:34.0083 5320 p2pimsvc - ok
16:49:34.0099 5320 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:49:34.0099 5320 p2psvc - ok
16:49:34.0114 5320 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:49:34.0130 5320 Parport - ok
16:49:34.0161 5320 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:49:34.0177 5320 partmgr - ok
16:49:34.0192 5320 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:49:34.0208 5320 PcaSvc - ok
16:49:34.0223 5320 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:49:34.0223 5320 pci - ok
16:49:34.0255 5320 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:49:34.0255 5320 pciide - ok
16:49:34.0270 5320 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:49:34.0286 5320 pcmcia - ok
16:49:34.0301 5320 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:49:34.0301 5320 pcw - ok
16:49:34.0317 5320 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:49:34.0317 5320 PEAUTH - ok
16:49:34.0395 5320 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:49:34.0395 5320 PerfHost - ok
16:49:34.0457 5320 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:49:34.0489 5320 pla - ok
16:49:34.0504 5320 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:49:34.0520 5320 PlugPlay - ok
16:49:34.0520 5320 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:49:34.0535 5320 PNRPAutoReg - ok
16:49:34.0535 5320 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:49:34.0551 5320 PNRPsvc - ok
16:49:34.0567 5320 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:49:34.0582 5320 PolicyAgent - ok
16:49:34.0598 5320 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:49:34.0598 5320 Power - ok
16:49:34.0613 5320 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:49:34.0613 5320 PptpMiniport - ok
16:49:34.0629 5320 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:49:34.0629 5320 Processor - ok
16:49:34.0676 5320 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:49:34.0691 5320 ProfSvc - ok
16:49:34.0691 5320 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:49:34.0691 5320 ProtectedStorage - ok
16:49:34.0707 5320 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:49:34.0723 5320 Psched - ok
16:49:34.0754 5320 [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys
16:49:34.0754 5320 qicflt - ok
16:49:34.0816 5320 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:49:34.0847 5320 ql2300 - ok
16:49:34.0863 5320 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:49:34.0863 5320 ql40xx - ok
16:49:34.0894 5320 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:49:34.0894 5320 QWAVE - ok
16:49:34.0910 5320 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:49:34.0910 5320 QWAVEdrv - ok
16:49:34.0925 5320 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:49:34.0925 5320 RasAcd - ok
16:49:34.0957 5320 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:49:34.0957 5320 RasAgileVpn - ok
16:49:34.0972 5320 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:49:34.0972 5320 RasAuto - ok
16:49:34.0988 5320 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:49:34.0988 5320 Rasl2tp - ok
16:49:35.0035 5320 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:49:35.0050 5320 RasMan - ok
16:49:35.0066 5320 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:49:35.0066 5320 RasPppoe - ok
16:49:35.0097 5320 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:49:35.0097 5320 RasSstp - ok
16:49:35.0113 5320 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:49:35.0128 5320 rdbss - ok
16:49:35.0144 5320 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:49:35.0144 5320 rdpbus - ok
16:49:35.0159 5320 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:49:35.0159 5320 RDPCDD - ok
16:49:35.0191 5320 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:49:35.0191 5320 RDPENCDD - ok
16:49:35.0191 5320 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:49:35.0191 5320 RDPREFMP - ok
16:49:35.0253 5320 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:49:35.0253 5320 RDPWD - ok
16:49:35.0300 5320 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:49:35.0300 5320 rdyboost - ok
16:49:35.0362 5320 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:49:35.0378 5320 RegSrvc - ok
16:49:35.0393 5320 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:49:35.0409 5320 RemoteAccess - ok
16:49:35.0425 5320 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:49:35.0440 5320 RemoteRegistry - ok
16:49:35.0471 5320 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:49:35.0471 5320 RFCOMM - ok
16:49:35.0503 5320 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:49:35.0503 5320 RpcEptMapper - ok
16:49:35.0518 5320 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:49:35.0518 5320 RpcLocator - ok
16:49:35.0565 5320 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:49:35.0565 5320 RpcSs - ok
16:49:35.0596 5320 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:49:35.0596 5320 rspndr - ok
16:49:35.0643 5320 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:49:35.0659 5320 RTL8167 - ok
16:49:35.0674 5320 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:49:35.0674 5320 SamSs - ok
16:49:35.0690 5320 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:49:35.0690 5320 sbp2port - ok
16:49:35.0721 5320 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:49:35.0721 5320 SCardSvr - ok
16:49:35.0737 5320 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:49:35.0737 5320 scfilter - ok
16:49:35.0783 5320 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:49:35.0799 5320 Schedule - ok
16:49:35.0830 5320 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:49:35.0830 5320 SCPolicySvc - ok
16:49:35.0846 5320 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:49:35.0846 5320 SDRSVC - ok
16:49:35.0877 5320 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:49:35.0877 5320 secdrv - ok
16:49:35.0893 5320 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:49:35.0893 5320 seclogon - ok
16:49:35.0908 5320 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:49:35.0908 5320 SENS - ok
16:49:35.0924 5320 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:49:35.0924 5320 SensrSvc - ok
16:49:35.0924 5320 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:49:35.0939 5320 Serenum - ok
16:49:35.0939 5320 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:49:35.0939 5320 Serial - ok
16:49:35.0955 5320 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:49:35.0955 5320 sermouse - ok
16:49:35.0986 5320 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:49:35.0986 5320 SessionEnv - ok
16:49:36.0002 5320 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:49:36.0002 5320 sffdisk - ok
16:49:36.0017 5320 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:49:36.0033 5320 sffp_mmc - ok
16:49:36.0033 5320 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:49:36.0033 5320 sffp_sd - ok
16:49:36.0049 5320 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:49:36.0049 5320 sfloppy - ok
16:49:36.0064 5320 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:49:36.0080 5320 SharedAccess - ok
16:49:36.0095 5320 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:49:36.0095 5320 ShellHWDetection - ok
16:49:36.0111 5320 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:49:36.0111 5320 SiSRaid2 - ok
16:49:36.0142 5320 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:49:36.0142 5320 SiSRaid4 - ok
16:49:36.0158 5320 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:49:36.0173 5320 Smb - ok
16:49:36.0205 5320 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:49:36.0205 5320 SNMPTRAP - ok
16:49:36.0205 5320 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:49:36.0220 5320 spldr - ok
16:49:36.0267 5320 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:49:36.0283 5320 Spooler - ok
16:49:36.0345 5320 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:49:36.0392 5320 sppsvc - ok
16:49:36.0423 5320 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:49:36.0423 5320 sppuinotify - ok
16:49:36.0439 5320 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:49:36.0454 5320 srv - ok
16:49:36.0454 5320 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:49:36.0454 5320 srv2 - ok
16:49:36.0485 5320 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:49:36.0485 5320 srvnet - ok
16:49:36.0517 5320 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:49:36.0517 5320 SSDPSRV - ok
16:49:36.0532 5320 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:49:36.0548 5320 SstpSvc - ok
16:49:36.0563 5320 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
16:49:36.0579 5320 stdcfltn - ok
16:49:36.0641 5320 [ 0683504BBB3FFC0A73D9D217B63DD0E0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:49:36.0641 5320 Stereo Service - ok
16:49:36.0657 5320 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:49:36.0657 5320 stexstor - ok
16:49:36.0704 5320 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:49:36.0719 5320 stisvc - ok
16:49:36.0735 5320 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:49:36.0735 5320 swenum - ok
16:49:36.0766 5320 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:49:36.0782 5320 swprv - ok
16:49:36.0844 5320 [ B0C7D4DCF4800DF2F2145B500D0161E8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:49:36.0860 5320 SynTP - ok
16:49:36.0907 5320 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:49:36.0922 5320 SysMain - ok
16:49:36.0953 5320 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:49:36.0953 5320 TabletInputService - ok
16:49:36.0969 5320 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:49:36.0985 5320 TapiSrv - ok
16:49:36.0985 5320 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:49:37.0000 5320 TBS - ok
16:49:37.0078 5320 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:49:37.0109 5320 Tcpip - ok
16:49:37.0141 5320 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:49:37.0156 5320 TCPIP6 - ok
16:49:37.0172 5320 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:49:37.0172 5320 tcpipreg - ok
16:49:37.0203 5320 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:49:37.0203 5320 TDPIPE - ok
16:49:37.0234 5320 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:49:37.0234 5320 TDTCP - ok
16:49:37.0265 5320 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:49:37.0265 5320 tdx - ok
16:49:37.0281 5320 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:49:37.0281 5320 TermDD - ok
16:49:37.0312 5320 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:49:37.0328 5320 TermService - ok
16:49:37.0328 5320 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:49:37.0328 5320 Themes - ok
16:49:37.0359 5320 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:49:37.0359 5320 THREADORDER - ok
16:49:37.0375 5320 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:49:37.0375 5320 TrkWks - ok
16:49:37.0421 5320 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:49:37.0421 5320 TrustedInstaller - ok
16:49:37.0437 5320 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:49:37.0437 5320 tssecsrv - ok
16:49:37.0468 5320 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:49:37.0468 5320 TsUsbFlt - ok
16:49:37.0484 5320 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:49:37.0484 5320 TsUsbGD - ok
16:49:37.0515 5320 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:49:37.0515 5320 tunnel - ok
16:49:37.0531 5320 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:49:37.0531 5320 uagp35 - ok
16:49:37.0546 5320 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:49:37.0546 5320 udfs - ok
16:49:37.0577 5320 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:49:37.0577 5320 UI0Detect - ok
16:49:37.0609 5320 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:49:37.0609 5320 uliagpkx - ok
16:49:37.0640 5320 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:49:37.0640 5320 umbus - ok
16:49:37.0655 5320 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:49:37.0655 5320 UmPass - ok
16:49:37.0765 5320 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:49:37.0796 5320 UNS - ok
16:49:37.0811 5320 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:49:37.0811 5320 upnphost - ok
16:49:37.0827 5320 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:49:37.0843 5320 usbccgp - ok
16:49:37.0874 5320 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:49:37.0874 5320 usbcir - ok
16:49:37.0889 5320 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:49:37.0889 5320 usbehci - ok
16:49:37.0921 5320 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:49:37.0936 5320 usbhub - ok
16:49:37.0952 5320 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:49:37.0952 5320 usbohci - ok
16:49:37.0983 5320 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:49:37.0983 5320 usbprint - ok
16:49:37.0999 5320 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:49:37.0999 5320 USBSTOR - ok
16:49:38.0014 5320 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:49:38.0014 5320 usbuhci - ok
16:49:38.0045 5320 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:49:38.0045 5320 usbvideo - ok
16:49:38.0077 5320 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:49:38.0077 5320 UxSms - ok
16:49:38.0092 5320 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:49:38.0092 5320 VaultSvc - ok
16:49:38.0123 5320 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:49:38.0123 5320 vdrvroot - ok
16:49:38.0155 5320 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:49:38.0170 5320 vds - ok
16:49:38.0186 5320 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:49:38.0186 5320 vga - ok
16:49:38.0201 5320 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:49:38.0201 5320 VgaSave - ok
16:49:38.0201 5320 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:49:38.0217 5320 vhdmp - ok
16:49:38.0233 5320 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:49:38.0233 5320 viaide - ok
16:49:38.0248 5320 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:49:38.0248 5320 volmgr - ok
16:49:38.0264 5320 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:49:38.0264 5320 volmgrx - ok
16:49:38.0279 5320 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:49:38.0295 5320 volsnap - ok
16:49:38.0311 5320 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:49:38.0311 5320 vsmraid - ok
16:49:38.0357 5320 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:49:38.0373 5320 VSS - ok
16:49:38.0389 5320 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:49:38.0389 5320 vwifibus - ok
16:49:38.0420 5320 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:49:38.0420 5320 vwififlt - ok
16:49:38.0435 5320 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:49:38.0435 5320 vwifimp - ok
16:49:38.0467 5320 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:49:38.0482 5320 W32Time - ok
16:49:38.0482 5320 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:49:38.0482 5320 WacomPen - ok
16:49:38.0513 5320 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:49:38.0513 5320 WANARP - ok
16:49:38.0529 5320 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:49:38.0529 5320 Wanarpv6 - ok
16:49:38.0576 5320 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:49:38.0591 5320 WatAdminSvc - ok
16:49:38.0623 5320 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:49:38.0654 5320 wbengine - ok
16:49:38.0669 5320 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:49:38.0669 5320 WbioSrvc - ok
16:49:38.0685 5320 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:49:38.0685 5320 wcncsvc - ok
16:49:38.0701 5320 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:49:38.0701 5320 WcsPlugInService - ok
16:49:38.0716 5320 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:49:38.0716 5320 Wd - ok
16:49:38.0779 5320 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:49:38.0779 5320 Wdf01000 - ok
16:49:38.0794 5320 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:49:38.0794 5320 WdiServiceHost - ok
16:49:38.0810 5320 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:49:38.0810 5320 WdiSystemHost - ok
16:49:38.0841 5320 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:49:38.0841 5320 WebClient - ok
16:49:38.0857 5320 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:49:38.0872 5320 Wecsvc - ok
16:49:38.0872 5320 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:49:38.0888 5320 wercplsupport - ok
16:49:38.0903 5320 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:49:38.0903 5320 WerSvc - ok
16:49:38.0935 5320 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:49:38.0935 5320 WfpLwf - ok
16:49:38.0935 5320 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:49:38.0950 5320 WIMMount - ok
16:49:38.0950 5320 WinDefend - ok
16:49:38.0950 5320 WinHttpAutoProxySvc - ok
16:49:38.0997 5320 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:49:39.0013 5320 Winmgmt - ok
16:49:39.0075 5320 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:49:39.0106 5320 WinRM - ok
16:49:39.0153 5320 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:49:39.0153 5320 Wlansvc - ok
16:49:39.0169 5320 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:49:39.0169 5320 WmiAcpi - ok
16:49:39.0184 5320 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:49:39.0184 5320 wmiApSrv - ok
16:49:39.0215 5320 WMPNetworkSvc - ok
16:49:39.0231 5320 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:49:39.0231 5320 WPCSvc - ok
16:49:39.0247 5320 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:49:39.0247 5320 WPDBusEnum - ok
16:49:39.0262 5320 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:49:39.0262 5320 ws2ifsl - ok
16:49:39.0278 5320 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:49:39.0278 5320 wscsvc - ok
16:49:39.0293 5320 WSearch - ok
16:49:39.0371 5320 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:49:39.0387 5320 wuauserv - ok
16:49:39.0449 5320 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:49:39.0449 5320 WudfPf - ok
16:49:39.0481 5320 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:49:39.0481 5320 WUDFRd - ok
16:49:39.0527 5320 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:49:39.0527 5320 wudfsvc - ok
16:49:39.0559 5320 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:49:39.0574 5320 WwanSvc - ok
16:49:39.0605 5320 ================ Scan global ===============================
16:49:39.0637 5320 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:49:39.0683 5320 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:49:39.0699 5320 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:49:39.0730 5320 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:49:39.0746 5320 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:49:39.0761 5320 [Global] - ok
16:49:39.0761 5320 ================ Scan MBR ==================================
16:49:39.0761 5320 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:49:40.0151 5320 \Device\Harddisk0\DR0 - ok
16:49:40.0151 5320 ================ Scan VBR ==================================
16:49:40.0183 5320 [ B76A4FA0AA48098E1D407846702D3C54 ] \Device\Harddisk0\DR0\Partition1
16:49:40.0183 5320 \Device\Harddisk0\DR0\Partition1 - ok
16:49:40.0198 5320 [ F007E5637232D53662A1E47AAF8D1291 ] \Device\Harddisk0\DR0\Partition2
16:49:40.0198 5320 \Device\Harddisk0\DR0\Partition2 - ok
16:49:40.0198 5320 ============================================================
16:49:40.0198 5320 Scan finished
16:49:40.0198 5320 ============================================================
16:49:40.0214 5168 Detected object count: 0
16:49:40.0214 5168 Actual detected object count: 0
16:50:21.0152 5816 Deinitialize success



# AdwCleaner v2.106 - Logfile created 01/18/2013 at 16:52:05
# Updated 17/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Brooke - BROOKE-LAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Brooke\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Brooke\AppData\Roaming\iWin

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Brooke\AppData\Roaming\Mozilla\Firefox\Profiles\ddxbvday.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [830 octets] - [18/01/2013 16:52:05]

########## EOF - C:\AdwCleaner[S1].txt - [889 octets] ##########


(FROM ESET)


C:\Users\Brooke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\33caf615-29eea810 a variant of Java/Exploit.CVE-2013-0422.T trojan deleted - quarantined

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 18 January 2013 - 09:28 PM

You look real good.. Are you able to update MSE,Microsoft Security Essentials?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 numble

numble
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 18 January 2013 - 11:49 PM

I updated MSE and ran a full scan. It found nothing.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 19 January 2013 - 09:01 AM

I'd say you are good to go numble.
Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 numble

numble
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 19 January 2013 - 12:50 PM

I have done this. Thank you for your help.

Is there a better malware solution I should be using to prevent this from happening again? MSE didn't even find anything wrong.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 19 January 2013 - 03:32 PM

As to what ws found ...no not really. You most likely,albeit unwittingly installed that add on.

When a browser runs an applet, the Java Runtime Environment (JRE) stores the downloaded files into its cache folder (C:\Documents and Settings\username\Application Data\Sun\Java\Deployment\cache) for quick execution later and better performance. Malicious applets are also stored in the Java cache directory and your anti-virus may detect them and provide alerts. Notification of these files as a threat does not always mean that a machine has been infected; it indicates that a program included the viral class file but this does not mean that it used the malicious functionality.

These malicious applets are designed to exploit vulnerabilities in the Microsoft VM (Microsoft Security Bulletin MS03-011). If you are using the Sun JVM as your default virtual machine, these malicious applets cannot cause any harm to your computer. For more specific information about Java exploits, please refer to Virus found in the Java cache directory.

A number of anti-virus programs (AVG, avast, CA, Kaspersky, Symantec) and scanners will detect Java/ByteVerify (Exploit.OSX.Smid.c, Java:Djewers) but they cannot remove the applets. If you have the Java-Plugin installed, then deleting them from the Java cache should eliminate the problem. The Java Plug-In in the Control Panel is only present if you are using Sun's Java. If you don't have the Java-Plugin installed then just delete the files manually. The Microsoft Virtual machine stores the applets in the Temporary Internet Files.

Clear the entire cache to ensure everything is cleaned out:
I would install an Antimalware (like MBAM) below to run weekly as a compliment your AV.

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users