Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I am infected


  • Please log in to reply
6 replies to this topic

#1 davet620

davet620

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 04 February 2013 - 04:25 PM

I am supporting another user in a company. He has a windows 7 laptop. Using IE9, when he searches using bing or google, I get a valid looking list of results. clicking on any link goes to some bizarre website that is not what the link said it was going to go to. This happens when he is logged in or me. System restore is turned off. I have run a number of scanners and nothing has been found. Short of reformatting the laptop, I'm not sure what to do.

Thanks
David

BC AdBot (Login to Remove)

 


#2 tzimisharris

tzimisharris

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London,UK
  • Local time:06:59 AM

Posted 04 February 2013 - 05:14 PM

There a lot of reasons happening this. Did you check with different browser? What is happening?
Maybe there is a malicious plugin installed so disable all the plugins that you are not sure.
After that you can check the Proxy settings. Go to internet options->connections->Lan settings and check whether there is anything under proxy settings. If there is and you are not sure untick that selection which is the default settings.
It may worth clearing the DNS cache. Open command prompt and run ipconfig /flushdns It is possible a malicious application to poison the dns data.
You can also try the solution 2 of that website. http://kb.eset.com/esetkb/index?page=content&id=SOLN2933
Please when the pc is restarting after running the latter boot it in safe mode with networking to check if it is working. If yes restart your pc in normal mode and try again.
The only reason I am telling you to do this step is just in case a malicious application starts when windows start that change dns and MS host files.
These for now..
Hope it helps

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:59 AM

Posted 04 February 2013 - 09:32 PM

Do not run any other scans when you are being assisted

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 davet620

davet620
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 06 February 2013 - 03:55 PM

narenxp, here are the log files from the 3 scans as you requested. As fas as I can tell nothing suspicious was found, but I may have missed something. Let me know if I did anything incorrectly and/or how to proceed.

Thanks
David;



ESET:

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=3f153db78c0187499f6298fb5db57f47
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-06 07:55:07
# local_time=2013-02-06 02:55:07 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 44292827 111723957 0 0
# scanned=234409
# found=0
# cleaned=0
# scan_time=10169
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=3f153db78c0187499f6298fb5db57f47
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-02-06 07:55:09
# local_time=2013-02-06 02:55:09 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 44292829 111723959 0 0
# scanned=234424
# found=0
# cleaned=0
# scan_time=7269


AWS:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-06 11:31:12
-----------------------------
11:31:12.658 OS Version: Windows x64 6.1.7601 Service Pack 1
11:31:12.658 Number of processors: 8 586 0x2A07
11:31:12.658 ComputerName: SYR-CSASS-L7 UserName: dtinklep
11:31:12.918 Initialize success
11:32:11.654 AVAST engine defs: 13020600
11:33:50.242 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:33:50.244 Disk 0 Vendor: LITEONIT PMD9 Size: 122104MB BusType: 8
11:33:50.246 Disk 0 MBR read successfully
11:33:50.248 Disk 0 MBR scan
11:33:50.251 Disk 0 Windows VISTA default MBR code
11:33:50.253 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
11:33:50.259 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 752 MB offset 81920
11:33:50.263 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 121308 MB offset 1622016
11:33:50.271 Disk 0 scanning C:\Windows\system32\drivers
11:33:55.285 Service scanning
11:34:04.988 Service TmFilter C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys **LOCKED** 32
11:34:05.100 Service TmPreFilter C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys **LOCKED** 32
11:34:05.901 Service VSApiNt C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys **LOCKED** 32
11:34:07.505 Modules scanning
11:34:07.531 Disk 0 trace - called modules:
11:34:07.544 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
11:34:07.555 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800ec5c790]
11:34:07.566 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa800eb6fcb0]
11:34:07.578 5 stdcfltn.sys[fffff88001b55c52] -> nt!IofCallDriver -> [0xfffffa800cdb7d10]
11:34:07.590 7 ACPI.sys[fffff88000d677a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800cdba050]
11:34:07.880 AVAST engine scan C:\Windows
11:34:09.862 AVAST engine scan C:\Windows\system32
11:36:44.149 AVAST engine scan C:\Windows\system32\drivers
11:36:52.317 AVAST engine scan C:\Users\dtinklep
11:37:06.338 AVAST engine scan C:\ProgramData
11:37:48.455 Scan finished successfully
11:47:50.690 Disk 0 MBR has been saved successfully to "C:\Users\dtinklep\Desktop\MBR.dat"
11:47:50.695 The log file has been saved successfully to "C:\Users\dtinklep\Desktop\aswMBR.txt"


TDS Killer:

11:29:19.0916 5820 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:29:20.0348 5820 ============================================================
11:29:20.0348 5820 Current date / time: 2013/02/06 11:29:20.0348
11:29:20.0348 5820 SystemInfo:
11:29:20.0348 5820
11:29:20.0349 5820 OS Version: 6.1.7601 ServicePack: 1.0
11:29:20.0349 5820 Product type: Workstation
11:29:20.0349 5820 ComputerName: SYR-CSASS-L7
11:29:20.0349 5820 UserName: dtinklep
11:29:20.0349 5820 Windows directory: C:\Windows
11:29:20.0349 5820 System windows directory: C:\Windows
11:29:20.0349 5820 Running under WOW64
11:29:20.0349 5820 Processor architecture: Intel x64
11:29:20.0349 5820 Number of processors: 8
11:29:20.0349 5820 Page size: 0x1000
11:29:20.0349 5820 Boot type: Normal boot
11:29:20.0349 5820 ============================================================
11:29:20.0844 5820 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:29:20.0871 5820 ============================================================
11:29:20.0871 5820 \Device\Harddisk0\DR0:
11:29:20.0872 5820 MBR partitions:
11:29:20.0872 5820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x178000
11:29:20.0872 5820 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18C000, BlocksNum 0xECEE000
11:29:20.0872 5820 ============================================================
11:29:20.0874 5820 C: <-> \Device\Harddisk0\DR0\Partition2
11:29:20.0875 5820 ============================================================
11:29:20.0875 5820 Initialize success
11:29:20.0875 5820 ============================================================
11:29:22.0512 9628 ============================================================
11:29:22.0512 9628 Scan started
11:29:22.0512 9628 Mode: Manual;
11:29:22.0512 9628 ============================================================
11:29:22.0692 9628 ================ Scan system memory ========================
11:29:22.0692 9628 System memory - ok
11:29:22.0693 9628 ================ Scan services =============================
11:29:22.0724 9628 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
11:29:22.0748 9628 1394ohci - ok
11:29:22.0755 9628 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
11:29:22.0761 9628 Acceler - ok
11:29:22.0766 9628 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:29:22.0768 9628 ACPI - ok
11:29:22.0770 9628 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:29:22.0775 9628 AcpiPmi - ok
11:29:22.0797 9628 [ 6C40D5ED8951AB7B90D08AF655224EE4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:29:22.0810 9628 AdobeFlashPlayerUpdateSvc - ok
11:29:22.0816 9628 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:29:22.0827 9628 adp94xx - ok
11:29:22.0832 9628 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:29:22.0842 9628 adpahci - ok
11:29:22.0846 9628 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:29:22.0855 9628 adpu320 - ok
11:29:22.0858 9628 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:29:22.0864 9628 AeLookupSvc - ok
11:29:22.0869 9628 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
11:29:22.0876 9628 AESTFilters - ok
11:29:22.0882 9628 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:29:22.0884 9628 AFD - ok
11:29:22.0887 9628 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:29:22.0894 9628 agp440 - ok
11:29:22.0897 9628 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:29:22.0904 9628 ALG - ok
11:29:22.0906 9628 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:29:22.0911 9628 aliide - ok
11:29:22.0913 9628 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:29:22.0918 9628 amdide - ok
11:29:22.0921 9628 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:29:22.0926 9628 AmdK8 - ok
11:29:22.0929 9628 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:29:22.0935 9628 AmdPPM - ok
11:29:22.0938 9628 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:29:22.0945 9628 amdsata - ok
11:29:22.0949 9628 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:29:22.0956 9628 amdsbs - ok
11:29:22.0959 9628 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:29:22.0963 9628 amdxata - ok
11:29:22.0969 9628 [ E4F6A272A696B6442E5C84EC470E3676 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
11:29:22.0978 9628 ApfiltrService - ok
11:29:22.0982 9628 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:29:22.0988 9628 AppID - ok
11:29:22.0991 9628 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:29:22.0996 9628 AppIDSvc - ok
11:29:22.0998 9628 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:29:23.0004 9628 Appinfo - ok
11:29:23.0008 9628 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:29:23.0009 9628 AppMgmt - ok
11:29:23.0012 9628 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:29:23.0018 9628 arc - ok
11:29:23.0021 9628 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:29:23.0027 9628 arcsas - ok
11:29:23.0037 9628 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:29:23.0044 9628 aspnet_state - ok
11:29:23.0046 9628 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:29:23.0052 9628 AsyncMac - ok
11:29:23.0055 9628 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:29:23.0060 9628 atapi - ok
11:29:23.0067 9628 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:29:23.0077 9628 AudioEndpointBuilder - ok
11:29:23.0084 9628 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:29:23.0087 9628 AudioSrv - ok
11:29:23.0092 9628 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:29:23.0099 9628 AxInstSV - ok
11:29:23.0105 9628 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:29:23.0115 9628 b06bdrv - ok
11:29:23.0120 9628 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:29:23.0131 9628 b57nd60a - ok
11:29:23.0141 9628 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
11:29:23.0155 9628 BBSvc - ok
11:29:23.0161 9628 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
11:29:23.0176 9628 BBUpdate - ok
11:29:23.0179 9628 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:29:23.0186 9628 BDESVC - ok
11:29:23.0189 9628 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:29:23.0193 9628 Beep - ok
11:29:23.0202 9628 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:29:23.0212 9628 BFE - ok
11:29:23.0221 9628 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
11:29:23.0232 9628 BITS - ok
11:29:23.0235 9628 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:29:23.0241 9628 blbdrive - ok
11:29:23.0249 9628 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:29:23.0259 9628 Bonjour Service - ok
11:29:23.0262 9628 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:29:23.0270 9628 bowser - ok
11:29:23.0272 9628 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:29:23.0277 9628 BrFiltLo - ok
11:29:23.0280 9628 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:29:23.0285 9628 BrFiltUp - ok
11:29:23.0289 9628 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:29:23.0296 9628 BridgeMP - ok
11:29:23.0300 9628 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:29:23.0308 9628 Browser - ok
11:29:23.0312 9628 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:29:23.0323 9628 Brserid - ok
11:29:23.0325 9628 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:29:23.0332 9628 BrSerWdm - ok
11:29:23.0334 9628 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:29:23.0340 9628 BrUsbMdm - ok
11:29:23.0342 9628 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:29:23.0347 9628 BrUsbSer - ok
11:29:23.0349 9628 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:29:23.0357 9628 BTHMODEM - ok
11:29:23.0361 9628 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:29:23.0367 9628 bthserv - ok
11:29:23.0369 9628 catchme - ok
11:29:23.0372 9628 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:29:23.0379 9628 cdfs - ok
11:29:23.0383 9628 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:29:23.0391 9628 cdrom - ok
11:29:23.0394 9628 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:29:23.0401 9628 CertPropSvc - ok
11:29:23.0403 9628 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:29:23.0409 9628 circlass - ok
11:29:23.0414 9628 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:29:23.0416 9628 CLFS - ok
11:29:23.0422 9628 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:29:23.0432 9628 clr_optimization_v2.0.50727_32 - ok
11:29:23.0437 9628 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:29:23.0447 9628 clr_optimization_v2.0.50727_64 - ok
11:29:23.0453 9628 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:29:23.0466 9628 clr_optimization_v4.0.30319_32 - ok
11:29:23.0470 9628 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:29:23.0472 9628 clr_optimization_v4.0.30319_64 - ok
11:29:23.0474 9628 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:29:23.0480 9628 CmBatt - ok
11:29:23.0482 9628 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:29:23.0487 9628 cmdide - ok
11:29:23.0494 9628 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:29:23.0504 9628 CNG - ok
11:29:23.0507 9628 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:29:23.0512 9628 Compbatt - ok
11:29:23.0515 9628 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:29:23.0520 9628 CompositeBus - ok
11:29:23.0522 9628 COMSysApp - ok
11:29:23.0550 9628 [ DAFE706B30244C7920A7DF11B3FDE45B ] CoordinatorServiceHost C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
11:29:23.0559 9628 CoordinatorServiceHost - ok
11:29:23.0581 9628 [ 474425A857CD259222F649922DB45870 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:29:23.0599 9628 cphs - ok
11:29:23.0602 9628 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:29:23.0608 9628 crcdisk - ok
11:29:23.0619 9628 [ 6E163FAAF624A03A88DFD92E607DE6E5 ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
11:29:23.0631 9628 Credential Vault Host Control Service - ok
11:29:23.0633 9628 [ 8884B4D345DDB029F43AD2E7ADD54A30 ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
11:29:23.0640 9628 Credential Vault Host Storage - ok
11:29:23.0645 9628 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:29:23.0652 9628 CryptSvc - ok
11:29:23.0767 9628 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
11:29:23.0793 9628 CSC - ok
11:29:23.0804 9628 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
11:29:23.0808 9628 CscService - ok
11:29:23.0812 9628 [ 8CE04A5BDD2CE6E62CE02A1C27093104 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
11:29:23.0821 9628 CtClsFlt - ok
11:29:23.0823 9628 [ A84CAAE89B487931200B969D94018AFA ] cvusbdrv C:\Windows\system32\Drivers\cvusbdrv.sys
11:29:23.0829 9628 cvusbdrv - ok
11:29:23.0836 9628 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:29:23.0839 9628 DcomLaunch - ok
11:29:23.0846 9628 [ 3562C84415080B8B0C4D695A43372E3E ] dcpsysmgrsvc c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
11:29:23.0858 9628 dcpsysmgrsvc - ok
11:29:23.0864 9628 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:29:23.0872 9628 defragsvc - ok
11:29:23.0875 9628 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:29:23.0883 9628 DfsC - ok
11:29:23.0888 9628 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:29:23.0897 9628 Dhcp - ok
11:29:23.0899 9628 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:29:23.0900 9628 discache - ok
11:29:23.0902 9628 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:29:23.0908 9628 Disk - ok
11:29:23.0911 9628 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
11:29:23.0918 9628 dmvsc - ok
11:29:23.0922 9628 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:29:23.0929 9628 Dnscache - ok
11:29:23.0934 9628 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:29:23.0942 9628 dot3svc - ok
11:29:23.0946 9628 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:29:23.0953 9628 DPS - ok
11:29:23.0956 9628 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:29:23.0960 9628 drmkaud - ok
11:29:23.0964 9628 [ 0040A0132AAC1004E50055F8FBB14C08 ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys
11:29:23.0970 9628 dsNcAdpt - ok
11:29:23.0982 9628 [ 96ED262075C57ED40F08004F32FB1983 ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
11:29:23.0998 9628 dsNcService - ok
11:29:24.0009 9628 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:29:24.0022 9628 DXGKrnl - ok
11:29:24.0027 9628 [ 60633132A929C09FE78FAB16541F9E71 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
11:29:24.0038 9628 e1cexpress - ok
11:29:24.0041 9628 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:29:24.0048 9628 EapHost - ok
11:29:24.0077 9628 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:29:24.0096 9628 ebdrv - ok
11:29:24.0099 9628 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:29:24.0106 9628 EFS - ok
11:29:24.0115 9628 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:29:24.0128 9628 ehRecvr - ok
11:29:24.0131 9628 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:29:24.0140 9628 ehSched - ok
11:29:24.0147 9628 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:29:24.0158 9628 elxstor - ok
11:29:24.0160 9628 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:29:24.0165 9628 ErrDev - ok
11:29:24.0172 9628 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:29:24.0181 9628 EventSystem - ok
11:29:24.0197 9628 [ 5C08B9A2BAAEC1F33C2D50FD166DEEBB ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:29:24.0213 9628 EvtEng - ok
11:29:24.0217 9628 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:29:24.0226 9628 exfat - ok
11:29:24.0230 9628 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:29:24.0239 9628 fastfat - ok
11:29:24.0247 9628 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:29:24.0251 9628 Fax - ok
11:29:24.0253 9628 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:29:24.0260 9628 fdc - ok
11:29:24.0262 9628 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:29:24.0267 9628 fdPHost - ok
11:29:24.0270 9628 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:29:24.0275 9628 FDResPub - ok
11:29:24.0278 9628 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:29:24.0285 9628 FileInfo - ok
11:29:24.0292 9628 [ 13AE84E8E90D60CE9AF309EE08FF1B85 ] FileOpenManagerSvc C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe
11:29:24.0302 9628 FileOpenManagerSvc - ok
11:29:24.0304 9628 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:29:24.0311 9628 Filetrace - ok
11:29:24.0322 9628 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:29:24.0357 9628 FLEXnet Licensing Service - ok
11:29:24.0371 9628 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
11:29:24.0397 9628 FLEXnet Licensing Service 64 - ok
11:29:24.0400 9628 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:29:24.0407 9628 flpydisk - ok
11:29:24.0411 9628 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:29:24.0420 9628 FltMgr - ok
11:29:24.0431 9628 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:29:24.0443 9628 FontCache - ok
11:29:24.0448 9628 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:29:24.0457 9628 FontCache3.0.0.0 - ok
11:29:24.0459 9628 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:29:24.0465 9628 FsDepends - ok
11:29:24.0468 9628 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:29:24.0473 9628 Fs_Rec - ok
11:29:24.0477 9628 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:29:24.0479 9628 fvevol - ok
11:29:24.0481 9628 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:29:24.0488 9628 gagp30kx - ok
11:29:24.0496 9628 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:29:24.0506 9628 gpsvc - ok
11:29:24.0513 9628 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:29:24.0514 9628 gupdate - ok
11:29:24.0516 9628 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:29:24.0517 9628 gupdatem - ok
11:29:24.0521 9628 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:29:24.0537 9628 gusvc - ok
11:29:24.0540 9628 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:29:24.0545 9628 hcw85cir - ok
11:29:24.0548 9628 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:29:24.0549 9628 HDAudBus - ok
11:29:24.0551 9628 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:29:24.0558 9628 HidBatt - ok
11:29:24.0560 9628 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:29:24.0568 9628 HidBth - ok
11:29:24.0571 9628 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:29:24.0578 9628 HidIr - ok
11:29:24.0580 9628 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:29:24.0585 9628 hidserv - ok
11:29:24.0587 9628 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:29:24.0594 9628 HidUsb - ok
11:29:24.0597 9628 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:29:24.0603 9628 hkmsvc - ok
11:29:24.0607 9628 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:29:24.0616 9628 HomeGroupListener - ok
11:29:24.0620 9628 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:29:24.0628 9628 HomeGroupProvider - ok
11:29:24.0631 9628 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:29:24.0637 9628 HpSAMD - ok
11:29:24.0639 9628 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
11:29:24.0645 9628 HTCAND64 - ok
11:29:24.0648 9628 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
11:29:24.0653 9628 htcnprot - ok
11:29:24.0661 9628 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:29:24.0674 9628 HTTP - ok
11:29:24.0676 9628 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:29:24.0682 9628 hwpolicy - ok
11:29:24.0686 9628 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:29:24.0695 9628 i8042prt - ok
11:29:24.0702 9628 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:29:24.0704 9628 iaStor - ok
11:29:24.0708 9628 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:29:24.0715 9628 IAStorDataMgrSvc - ok
11:29:24.0721 9628 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:29:24.0731 9628 iaStorV - ok
11:29:24.0741 9628 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:29:24.0758 9628 idsvc - ok
11:29:24.0898 9628 [ 72A89FFAB63239771DEE03C15AE7CAFD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:29:24.0963 9628 igfx - ok
11:29:24.0968 9628 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:29:24.0973 9628 iirsp - ok
11:29:24.0983 9628 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:29:24.0993 9628 IKEEXT - ok
11:29:24.0998 9628 [ 28D387EEFAD7CC3A0BEB9C3262E83ADD ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
11:29:25.0007 9628 Intel® PROSet Monitoring Service - ok
11:29:25.0010 9628 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:29:25.0015 9628 intelide - ok
11:29:25.0017 9628 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:29:25.0023 9628 intelppm - ok
11:29:25.0026 9628 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:29:25.0033 9628 IPBusEnum - ok
11:29:25.0036 9628 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:29:25.0043 9628 IpFilterDriver - ok
11:29:25.0050 9628 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:29:25.0053 9628 iphlpsvc - ok
11:29:25.0056 9628 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:29:25.0065 9628 IPMIDRV - ok
11:29:25.0068 9628 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:29:25.0076 9628 IPNAT - ok
11:29:25.0078 9628 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:29:25.0083 9628 IRENUM - ok
11:29:25.0085 9628 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:29:25.0091 9628 isapnp - ok
11:29:25.0095 9628 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:29:25.0105 9628 iScsiPrt - ok
11:29:25.0109 9628 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
11:29:25.0123 9628 jhi_service - ok
11:29:25.0128 9628 [ 7A31161C2EB578C4DAB1B2C90F1D75D4 ] JuniperAccessService C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
11:29:25.0142 9628 JuniperAccessService - ok
11:29:25.0145 9628 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:29:25.0151 9628 kbdclass - ok
11:29:25.0153 9628 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:29:25.0160 9628 kbdhid - ok
11:29:25.0162 9628 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:29:25.0163 9628 KeyIso - ok
11:29:25.0166 9628 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:29:25.0173 9628 KSecDD - ok
11:29:25.0177 9628 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:29:25.0185 9628 KSecPkg - ok
11:29:25.0188 9628 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:29:25.0193 9628 ksthunk - ok
11:29:25.0198 9628 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:29:25.0207 9628 KtmRm - ok
11:29:25.0211 9628 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:29:25.0219 9628 LanmanServer - ok
11:29:25.0223 9628 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:29:25.0230 9628 LanmanWorkstation - ok
11:29:25.0233 9628 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:29:25.0240 9628 lltdio - ok
11:29:25.0245 9628 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:29:25.0254 9628 lltdsvc - ok
11:29:25.0256 9628 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:29:25.0261 9628 lmhosts - ok
11:29:25.0267 9628 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:29:25.0280 9628 LMS - ok
11:29:25.0284 9628 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:29:25.0291 9628 LSI_FC - ok
11:29:25.0294 9628 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:29:25.0302 9628 LSI_SAS - ok
11:29:25.0304 9628 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:29:25.0310 9628 LSI_SAS2 - ok
11:29:25.0313 9628 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:29:25.0320 9628 LSI_SCSI - ok
11:29:25.0323 9628 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:29:25.0332 9628 luafv - ok
11:29:25.0335 9628 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:29:25.0341 9628 Mcx2Svc - ok
11:29:25.0344 9628 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:29:25.0349 9628 megasas - ok
11:29:25.0354 9628 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:29:25.0363 9628 MegaSR - ok
11:29:25.0366 9628 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:29:25.0372 9628 MEIx64 - ok
11:29:25.0376 9628 Microsoft SharePoint Workspace Audit Service - ok
11:29:25.0379 9628 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:29:25.0380 9628 MMCSS - ok
11:29:25.0383 9628 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:29:25.0389 9628 Modem - ok
11:29:25.0392 9628 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:29:25.0392 9628 monitor - ok
11:29:25.0394 9628 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:29:25.0401 9628 mouclass - ok
11:29:25.0404 9628 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:29:25.0410 9628 mouhid - ok
11:29:25.0413 9628 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:29:25.0420 9628 mountmgr - ok
11:29:25.0424 9628 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:29:25.0434 9628 mpio - ok
11:29:25.0437 9628 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:29:25.0445 9628 mpsdrv - ok
11:29:25.0454 9628 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:29:25.0464 9628 MpsSvc - ok
11:29:25.0468 9628 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:29:25.0477 9628 MRxDAV - ok
11:29:25.0481 9628 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:29:25.0490 9628 mrxsmb - ok
11:29:25.0494 9628 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:29:25.0505 9628 mrxsmb10 - ok
11:29:25.0508 9628 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:29:25.0517 9628 mrxsmb20 - ok
11:29:25.0519 9628 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:29:25.0524 9628 msahci - ok
11:29:25.0528 9628 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:29:25.0536 9628 msdsm - ok
11:29:25.0539 9628 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:29:25.0549 9628 MSDTC - ok
11:29:25.0554 9628 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:29:25.0560 9628 Msfs - ok
11:29:25.0562 9628 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:29:25.0567 9628 mshidkmdf - ok
11:29:25.0569 9628 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:29:25.0574 9628 msisadrv - ok
11:29:25.0578 9628 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:29:25.0586 9628 MSiSCSI - ok
11:29:25.0588 9628 msiserver - ok
11:29:25.0590 9628 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:29:25.0595 9628 MSKSSRV - ok
11:29:25.0597 9628 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:29:25.0601 9628 MSPCLOCK - ok
11:29:25.0603 9628 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:29:25.0607 9628 MSPQM - ok
11:29:25.0613 9628 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:29:25.0622 9628 MsRPC - ok
11:29:25.0625 9628 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:29:25.0631 9628 mssmbios - ok
11:29:25.0633 9628 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:29:25.0637 9628 MSTEE - ok
11:29:25.0639 9628 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:29:25.0644 9628 MTConfig - ok
11:29:25.0646 9628 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:29:25.0651 9628 Mup - ok
11:29:25.0657 9628 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:29:25.0667 9628 napagent - ok
11:29:25.0672 9628 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:29:25.0684 9628 NativeWifiP - ok
11:29:25.0694 9628 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:29:25.0698 9628 NDIS - ok
11:29:25.0701 9628 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:29:25.0708 9628 NdisCap - ok
11:29:25.0710 9628 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:29:25.0716 9628 NdisTapi - ok
11:29:25.0719 9628 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:29:25.0726 9628 Ndisuio - ok
11:29:25.0730 9628 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:29:25.0739 9628 NdisWan - ok
11:29:25.0741 9628 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:29:25.0747 9628 NDProxy - ok
11:29:25.0750 9628 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:29:25.0756 9628 NetBIOS - ok
11:29:25.0760 9628 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:29:25.0761 9628 NetBT - ok
11:29:25.0763 9628 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:29:25.0764 9628 Netlogon - ok
11:29:25.0770 9628 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:29:25.0778 9628 Netman - ok
11:29:25.0786 9628 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:29:25.0798 9628 NetMsmqActivator - ok
11:29:25.0800 9628 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:29:25.0801 9628 NetPipeActivator - ok
11:29:25.0807 9628 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:29:25.0810 9628 netprofm - ok
11:29:25.0812 9628 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:29:25.0814 9628 NetTcpActivator - ok
11:29:25.0816 9628 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:29:25.0817 9628 NetTcpPortSharing - ok
11:29:25.0821 9628 [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
11:29:25.0829 9628 netvsc - ok
11:29:25.0897 9628 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
11:29:25.0952 9628 NETwNs64 - ok
11:29:25.0956 9628 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:29:25.0962 9628 nfrd960 - ok
11:29:25.0967 9628 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:29:25.0976 9628 NlaSvc - ok
11:29:25.0978 9628 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:29:25.0985 9628 Npfs - ok
11:29:25.0987 9628 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:29:25.0992 9628 nsi - ok
11:29:25.0994 9628 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:29:26.0000 9628 nsiproxy - ok
11:29:26.0017 9628 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:29:26.0033 9628 Ntfs - ok
11:29:26.0089 9628 [ A2BEAF0E75F7C14744BC084091517363 ] ntrtscan C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
11:29:26.0109 9628 ntrtscan - ok
11:29:26.0112 9628 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:29:26.0117 9628 Null - ok
11:29:26.0120 9628 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
11:29:26.0128 9628 nusb3hub - ok
11:29:26.0131 9628 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:29:26.0140 9628 nusb3xhc - ok
11:29:26.0144 9628 [ F12E3EA0386EBC284C893611107C6A96 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:29:26.0153 9628 NVHDA - ok
11:29:26.0275 9628 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:29:26.0349 9628 nvlddmkm - ok
11:29:26.0353 9628 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
11:29:26.0359 9628 nvpciflt - ok
11:29:26.0362 9628 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:29:26.0373 9628 nvraid - ok
11:29:26.0377 9628 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:29:26.0385 9628 nvstor - ok
11:29:26.0395 9628 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
11:29:26.0408 9628 NVSvc - ok
11:29:26.0421 9628 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:29:26.0477 9628 nvUpdatusService - ok
11:29:26.0480 9628 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:29:26.0488 9628 nv_agp - ok
11:29:26.0491 9628 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
11:29:26.0500 9628 O2FLASH - ok
11:29:26.0503 9628 [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR C:\Windows\system32\drivers\O2MDFw7x64.sys
11:29:26.0508 9628 O2MDFRDR - ok
11:29:26.0511 9628 [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR C:\Windows\system32\DRIVERS\O2MDRw7x64.sys
11:29:26.0517 9628 O2MDRRDR - ok
11:29:26.0538 9628 [ 4635935FC972C582632BF45C26BFCB0E ] O2SDIOAssist c:\Windows\SysWOW64\srvany.exe
11:29:26.0547 9628 O2SDIOAssist - ok
11:29:26.0551 9628 [ A9C1E6B7C134FAD124338B7944FA996D ] O2SDJRDR C:\Windows\system32\DRIVERS\o2sdjw7x64.sys
11:29:26.0559 9628 O2SDJRDR - ok
11:29:26.0562 9628 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:29:26.0571 9628 ohci1394 - ok
11:29:26.0576 9628 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:29:26.0590 9628 ose - ok
11:29:26.0633 9628 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:29:26.0653 9628 osppsvc - ok
11:29:26.0660 9628 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:29:26.0662 9628 p2pimsvc - ok
11:29:26.0668 9628 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:29:26.0678 9628 p2psvc - ok
11:29:26.0681 9628 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:29:26.0689 9628 Parport - ok
11:29:26.0692 9628 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:29:26.0698 9628 partmgr - ok
11:29:26.0701 9628 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
11:29:26.0715 9628 PassThru Service - ok
11:29:26.0718 9628 [ 363B3F857ABEE85767E01E3044C539CD ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys
11:29:26.0724 9628 PBADRV - ok
11:29:26.0728 9628 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:29:26.0735 9628 PcaSvc - ok
11:29:26.0739 9628 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:29:26.0748 9628 pci - ok
11:29:26.0751 9628 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:29:26.0755 9628 pciide - ok
11:29:26.0759 9628 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:29:26.0769 9628 pcmcia - ok
11:29:26.0772 9628 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:29:26.0778 9628 pcw - ok
11:29:26.0785 9628 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:29:26.0796 9628 PEAUTH - ok
11:29:26.0810 9628 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:29:26.0816 9628 PeerDistSvc - ok
11:29:26.0820 9628 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:29:26.0829 9628 PerfHost - ok
11:29:26.0846 9628 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:29:26.0859 9628 pla - ok
11:29:26.0865 9628 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:29:26.0874 9628 PlugPlay - ok
11:29:26.0877 9628 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:29:26.0882 9628 PNRPAutoReg - ok
11:29:26.0887 9628 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:29:26.0889 9628 PNRPsvc - ok
11:29:26.0895 9628 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:29:26.0904 9628 PolicyAgent - ok
11:29:26.0909 9628 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:29:26.0911 9628 Power - ok
11:29:26.0914 9628 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:29:26.0921 9628 PptpMiniport - ok
11:29:26.0924 9628 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:29:26.0929 9628 Processor - ok
11:29:26.0933 9628 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:29:26.0941 9628 ProfSvc - ok
11:29:26.0944 9628 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:29:26.0945 9628 ProtectedStorage - ok
11:29:26.0951 9628 [ 2A2562FCB8CC4FBFA6DE602B94A26074 ] ProxyHostService C:\Program Files (x86)\Proxy Networks\PROXY Pro Host\phsvc.exe
11:29:26.0967 9628 ProxyHostService - ok
11:29:26.0970 9628 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:29:26.0971 9628 Psched - ok
11:29:26.0974 9628 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
11:29:26.0980 9628 PxHlpa64 - ok
11:29:26.0995 9628 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:29:27.0009 9628 ql2300 - ok
11:29:27.0012 9628 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:29:27.0019 9628 ql40xx - ok
11:29:27.0024 9628 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:29:27.0032 9628 QWAVE - ok
11:29:27.0035 9628 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:29:27.0042 9628 QWAVEdrv - ok
11:29:27.0044 9628 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:29:27.0049 9628 RasAcd - ok
11:29:27.0052 9628 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:29:27.0059 9628 RasAgileVpn - ok
11:29:27.0062 9628 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:29:27.0069 9628 RasAuto - ok
11:29:27.0072 9628 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:29:27.0080 9628 Rasl2tp - ok
11:29:27.0085 9628 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:29:27.0094 9628 RasMan - ok
11:29:27.0097 9628 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:29:27.0105 9628 RasPppoe - ok
11:29:27.0107 9628 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:29:27.0115 9628 RasSstp - ok
11:29:27.0119 9628 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:29:27.0130 9628 rdbss - ok
11:29:27.0132 9628 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:29:27.0138 9628 rdpbus - ok
11:29:27.0140 9628 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:29:27.0141 9628 RDPCDD - ok
11:29:27.0145 9628 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:29:27.0154 9628 RDPDR - ok
11:29:27.0157 9628 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:29:27.0161 9628 RDPENCDD - ok
11:29:27.0163 9628 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:29:27.0168 9628 RDPREFMP - ok
11:29:27.0173 9628 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:29:27.0183 9628 RDPWD - ok
11:29:27.0187 9628 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:29:27.0197 9628 rdyboost - ok
11:29:27.0207 9628 [ F90CC59135F2945A6EBB1670A7BBD8B3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:29:27.0210 9628 RegSrvc - ok
11:29:27.0213 9628 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:29:27.0221 9628 RemoteAccess - ok
11:29:27.0224 9628 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:29:27.0232 9628 RemoteRegistry - ok
11:29:27.0246 9628 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
11:29:27.0272 9628 RoxMediaDB12OEM - ok
11:29:27.0276 9628 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
11:29:27.0290 9628 RoxWatch12 - ok
11:29:27.0293 9628 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:29:27.0300 9628 RpcEptMapper - ok
11:29:27.0302 9628 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:29:27.0308 9628 RpcLocator - ok
11:29:27.0314 9628 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:29:27.0317 9628 RpcSs - ok
11:29:27.0320 9628 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:29:27.0327 9628 rspndr - ok
11:29:27.0330 9628 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:29:27.0334 9628 s3cap - ok
11:29:27.0336 9628 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:29:27.0337 9628 SamSs - ok
11:29:27.0340 9628 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:29:27.0346 9628 sbp2port - ok
11:29:27.0350 9628 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:29:27.0358 9628 SCardSvr - ok
11:29:27.0361 9628 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:29:27.0367 9628 scfilter - ok
11:29:27.0377 9628 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:29:27.0389 9628 Schedule - ok
11:29:27.0393 9628 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:29:27.0393 9628 SCPolicySvc - ok
11:29:27.0397 9628 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:29:27.0406 9628 SDRSVC - ok
11:29:27.0408 9628 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:29:27.0414 9628 secdrv - ok
11:29:27.0417 9628 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:29:27.0422 9628 seclogon - ok
11:29:27.0445 9628 [ F3D951071C624137430FE65A67541EF9 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
11:29:27.0486 9628 SecureStorageService - ok
11:29:27.0490 9628 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:29:27.0496 9628 SENS - ok
11:29:27.0499 9628 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:29:27.0504 9628 SensrSvc - ok
11:29:27.0507 9628 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:29:27.0513 9628 Serenum - ok
11:29:27.0516 9628 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:29:27.0524 9628 Serial - ok
11:29:27.0527 9628 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:29:27.0534 9628 sermouse - ok
11:29:27.0539 9628 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:29:27.0547 9628 SessionEnv - ok
11:29:27.0549 9628 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:29:27.0554 9628 sffdisk - ok
11:29:27.0556 9628 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:29:27.0561 9628 sffp_mmc - ok
11:29:27.0563 9628 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:29:27.0569 9628 sffp_sd - ok
11:29:27.0571 9628 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:29:27.0576 9628 sfloppy - ok
11:29:27.0582 9628 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:29:27.0590 9628 SharedAccess - ok
11:29:27.0595 9628 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:29:27.0605 9628 ShellHWDetection - ok
11:29:27.0608 9628 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:29:27.0613 9628 SiSRaid2 - ok
11:29:27.0616 9628 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:29:27.0622 9628 SiSRaid4 - ok
11:29:27.0625 9628 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:29:27.0633 9628 Smb - ok
11:29:27.0637 9628 [ D48F87803F3965EE04D9BCB318791AAB ] SMR311 C:\Windows\system32\drivers\SMR311.SYS
11:29:27.0644 9628 SMR311 - ok
11:29:27.0648 9628 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:29:27.0654 9628 SNMPTRAP - ok
11:29:27.0659 9628 [ 4945020BC094C322571184A6E8056B3A ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
11:29:27.0684 9628 SolidWorks Licensing Service - ok
11:29:27.0687 9628 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:29:27.0692 9628 spldr - ok
11:29:27.0699 9628 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:29:27.0712 9628 Spooler - ok
11:29:27.0742 9628 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:29:27.0757 9628 sppsvc - ok
11:29:27.0760 9628 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:29:27.0766 9628 sppuinotify - ok
11:29:27.0772 9628 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:29:27.0784 9628 srv - ok
11:29:27.0790 9628 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:29:27.0802 9628 srv2 - ok
11:29:27.0806 9628 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:29:27.0815 9628 srvnet - ok
11:29:27.0819 9628 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:29:27.0821 9628 SSDPSRV - ok
11:29:27.0824 9628 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:29:27.0830 9628 SstpSvc - ok
11:29:27.0835 9628 [ 46B72C1C296C1E985D031D98F0FFA5E5 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
11:29:27.0846 9628 STacSV - ok
11:29:27.0848 9628 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
11:29:27.0853 9628 stdcfltn - ok
11:29:27.0860 9628 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:29:27.0877 9628 Stereo Service - ok
11:29:27.0880 9628 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:29:27.0885 9628 stexstor - ok
11:29:27.0892 9628 [ 501B376781EB6E46AAE43946E3DD7D84 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
11:29:27.0903 9628 STHDA - ok
11:29:27.0910 9628 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:29:27.0921 9628 stisvc - ok
11:29:27.0924 9628 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:29:27.0935 9628 stllssvr - ok
11:29:27.0937 9628 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
11:29:27.0943 9628 StorSvc - ok
11:29:27.0946 9628 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:29:27.0951 9628 storvsc - ok
11:29:27.0954 9628 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:29:27.0959 9628 swenum - ok
11:29:27.0965 9628 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:29:27.0975 9628 swprv - ok
11:29:27.0977 9628 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
11:29:27.0984 9628 SynthVid - ok
11:29:28.0000 9628 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:29:28.0016 9628 SysMain - ok
11:29:28.0019 9628 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:29:28.0027 9628 TabletInputService - ok
11:29:28.0032 9628 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:29:28.0041 9628 TapiSrv - ok
11:29:28.0044 9628 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:29:28.0045 9628 TBS - ok
11:29:28.0062 9628 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:29:28.0079 9628 Tcpip - ok
11:29:28.0097 9628 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:29:28.0104 9628 TCPIP6 - ok
11:29:28.0108 9628 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:29:28.0115 9628 tcpipreg - ok
11:29:28.0132 9628 [ E42D560E2163480E7B586B14ABEB3386 ] tcsd_win32.exe C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
11:29:28.0154 9628 tcsd_win32.exe - ok
11:29:28.0186 9628 [ 347D6407C90C0B6AC82F8249EBA9A482 ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
11:29:28.0210 9628 TdmService - ok
11:29:28.0213 9628 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:29:28.0219 9628 TDPIPE - ok
11:29:28.0222 9628 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:29:28.0228 9628 TDTCP - ok
11:29:28.0232 9628 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:29:28.0240 9628 tdx - ok
11:29:28.0242 9628 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:29:28.0248 9628 TermDD - ok
11:29:28.0256 9628 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:29:28.0266 9628 TermService - ok
11:29:28.0269 9628 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:29:28.0275 9628 Themes - ok
11:29:28.0277 9628 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:29:28.0279 9628 THREADORDER - ok
11:29:28.0282 9628 [ 505DB66467DF7658CC156B1704C7582C ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
11:29:28.0289 9628 tmactmon - ok
11:29:28.0296 9628 [ EFB980D4F0A565ECEA8BEFB22C620698 ] TMBMServer C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
11:29:28.0308 9628 TMBMServer - ok
11:29:28.0312 9628 [ 46EDB648C1B5C3ABD76BD5E912DAC026 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
11:29:28.0322 9628 tmcomm - ok
11:29:28.0324 9628 [ 30CF571B3320221E331D2D887CB8552B ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
11:29:28.0331 9628 tmevtmgr - ok
11:29:28.0343 9628 [ 55283E1FC92021AEBA8E1E5B7EBAD9D1 ] TmFilter C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys
11:29:28.0353 9628 TmFilter - ok
11:29:28.0380 9628 [ 245DB19AF7252BBB77E9B7E9D93CB69D ] tmlisten C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
11:29:28.0401 9628 tmlisten - ok
11:29:28.0404 9628 [ 8F82EF40FA762354530236ABE302FA35 ] TmPreFilter C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys
11:29:28.0410 9628 TmPreFilter - ok
11:29:28.0420 9628 [ EB689B4C0FCA28A7BA881BA31A9224D4 ] TmProxy C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe
11:29:28.0435 9628 TmProxy - ok
11:29:28.0438 9628 [ A42E6780C52B248AF54C6010A9A93384 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
11:29:28.0445 9628 tmtdi - ok
11:29:28.0449 9628 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:29:28.0456 9628 TrkWks - ok
11:29:28.0460 9628 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:29:28.0461 9628 TrustedInstaller - ok
11:29:28.0465 9628 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:29:28.0472 9628 tssecsrv - ok
11:29:28.0474 9628 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:29:28.0481 9628 TsUsbFlt - ok
11:29:28.0483 9628 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:29:28.0488 9628 TsUsbGD - ok
11:29:28.0492 9628 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:29:28.0501 9628 tunnel - ok
11:29:28.0504 9628 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:29:28.0510 9628 uagp35 - ok
11:29:28.0516 9628 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:29:28.0525 9628 udfs - ok
11:29:28.0530 9628 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:29:28.0537 9628 UI0Detect - ok
11:29:28.0540 9628 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:29:28.0546 9628 uliagpkx - ok
11:29:28.0549 9628 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:29:28.0555 9628 umbus - ok
11:29:28.0557 9628 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:29:28.0562 9628 UmPass - ok
11:29:28.0566 9628 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
11:29:28.0574 9628 UmRdpService - ok
11:29:28.0599 9628 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:29:28.0609 9628 UNS - ok
11:29:28.0616 9628 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:29:28.0625 9628 upnphost - ok
11:29:28.0628 9628 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:29:28.0636 9628 usbccgp - ok
11:29:28.0639 9628 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:29:28.0646 9628 usbcir - ok
11:29:28.0648 9628 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:29:28.0655 9628 usbehci - ok
11:29:28.0660 9628 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:29:28.0672 9628 usbhub - ok
11:29:28.0674 9628 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:29:28.0681 9628 usbohci - ok
11:29:28.0684 9628 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:29:28.0690 9628 usbprint - ok
11:29:28.0693 9628 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:29:28.0700 9628 usbscan - ok
11:29:28.0702 9628 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:29:28.0710 9628 USBSTOR - ok
11:29:28.0713 9628 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:29:28.0719 9628 usbuhci - ok
11:29:28.0723 9628 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:29:28.0732 9628 usbvideo - ok
11:29:28.0735 9628 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:29:28.0740 9628 UxSms - ok
11:29:28.0742 9628 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:29:28.0743 9628 VaultSvc - ok
11:29:28.0746 9628 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:29:28.0751 9628 vdrvroot - ok
11:29:28.0758 9628 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:29:28.0771 9628 vds - ok
11:29:28.0774 9628 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:29:28.0781 9628 vga - ok
11:29:28.0783 9628 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:29:28.0790 9628 VgaSave - ok
11:29:28.0793 9628 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:29:28.0803 9628 vhdmp - ok
11:29:28.0805 9628 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:29:28.0810 9628 viaide - ok
11:29:28.0813 9628 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:29:28.0819 9628 VMBusHID - ok
11:29:28.0821 9628 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:29:28.0827 9628 volmgr - ok
11:29:28.0832 9628 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:29:28.0834 9628 volmgrx - ok
11:29:28.0839 9628 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:29:28.0850 9628 volsnap - ok
11:29:28.0869 9628 [ BF63E3F8F1CED65F4F5AD22E0735B2E4 ] VSApiNt C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys
11:29:28.0888 9628 VSApiNt - ok
11:29:28.0892 9628 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:29:28.0900 9628 vsmraid - ok
11:29:28.0915 9628 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:29:28.0931 9628 VSS - ok
11:29:28.0934 9628 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:29:28.0940 9628 vwifibus - ok
11:29:28.0942 9628 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:29:28.0950 9628 vwififlt - ok
11:29:28.0953 9628 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:29:28.0958 9628 vwifimp - ok
11:29:28.0964 9628 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:29:28.0972 9628 W32Time - ok
11:29:28.0976 9628 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:29:28.0983 9628 WacomPen - ok
11:29:28.0986 9628 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:29:28.0993 9628 WANARP - ok
11:29:28.0995 9628 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:29:28.0996 9628 Wanarpv6 - ok
11:29:29.0009 9628 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:29:29.0023 9628 WatAdminSvc - ok
11:29:29.0038 9628 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:29:29.0053 9628 wbengine - ok
11:29:29.0057 9628 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:29:29.0066 9628 WbioSrvc - ok
11:29:29.0071 9628 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:29:29.0080 9628 wcncsvc - ok
11:29:29.0082 9628 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:29:29.0089 9628 WcsPlugInService - ok
11:29:29.0091 9628 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:29:29.0096 9628 Wd - ok
11:29:29.0105 9628 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:29:29.0117 9628 Wdf01000 - ok
11:29:29.0120 9628 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:29:29.0127 9628 WdiServiceHost - ok
11:29:29.0129 9628 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:29:29.0130 9628 WdiSystemHost - ok
11:29:29.0135 9628 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:29:29.0144 9628 WebClient - ok
11:29:29.0148 9628 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:29:29.0156 9628 Wecsvc - ok
11:29:29.0159 9628 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:29:29.0161 9628 wercplsupport - ok
11:29:29.0164 9628 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:29:29.0172 9628 WerSvc - ok
11:29:29.0175 9628 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:29:29.0180 9628 WfpLwf - ok
11:29:29.0182 9628 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:29:29.0188 9628 WIMMount - ok
11:29:29.0189 9628 WinDefend - ok
11:29:29.0193 9628 WinHttpAutoProxySvc - ok
11:29:29.0200 9628 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:29:29.0208 9628 Winmgmt - ok
11:29:29.0226 9628 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:29:29.0241 9628 WinRM - ok
11:29:29.0247 9628 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
11:29:29.0253 9628 WinUsb - ok
11:29:29.0262 9628 [ 7043DDF51D7135C1D1B83B4213DFED61 ] WinVNC4 C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe
11:29:29.0308 9628 WinVNC4 - ok
11:29:29.0318 9628 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:29:29.0329 9628 Wlansvc - ok
11:29:29.0332 9628 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:29:29.0340 9628 wlcrasvc - ok
11:29:29.0361 9628 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:29:29.0378 9628 wlidsvc - ok
11:29:29.0381 9628 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:29:29.0382 9628 WmiAcpi - ok
11:29:29.0387 9628 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:29:29.0400 9628 wmiApSrv - ok
11:29:29.0402 9628 WMPNetworkSvc - ok
11:29:29.0405 9628 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:29:29.0409 9628 WPCSvc - ok
11:29:29.0412 9628 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:29:29.0418 9628 WPDBusEnum - ok
11:29:29.0421 9628 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:29:29.0421 9628 ws2ifsl - ok
11:29:29.0424 9628 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:29:29.0432 9628 wscsvc - ok
11:29:29.0435 9628 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:29:29.0441 9628 WSDPrintDevice - ok
11:29:29.0444 9628 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
11:29:29.0450 9628 WSDScan - ok
11:29:29.0452 9628 WSearch - ok
11:29:29.0476 9628 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:29:29.0486 9628 wuauserv - ok
11:29:29.0490 9628 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:29:29.0497 9628 WudfPf - ok
11:29:29.0502 9628 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:29:29.0511 9628 WUDFRd - ok
11:29:29.0514 9628 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:29:29.0521 9628 wudfsvc - ok
11:29:29.0526 9628 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:29:29.0534 9628 WwanSvc - ok
11:29:29.0547 9628 [ B87E12317928739E22D2E3ACC7CCAC80 ] ZcfgSvc7 C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
11:29:29.0561 9628 ZcfgSvc7 - ok
11:29:29.0566 9628 ================ Scan global ===============================
11:29:29.0568 9628 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:29:29.0576 9628 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:29:29.0586 9628 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:29:29.0590 9628 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:29:29.0600 9628 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:29:29.0612 9628 [Global] - ok
11:29:29.0612 9628 ================ Scan MBR ==================================
11:29:29.0613 9628 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:29:29.0683 9628 \Device\Harddisk0\DR0 - ok
11:29:29.0683 9628 ================ Scan VBR ==================================
11:29:29.0684 9628 [ 3F7CC7538F24EC5A2EB5E74ACE31D350 ] \Device\Harddisk0\DR0\Partition1
11:29:29.0685 9628 \Device\Harddisk0\DR0\Partition1 - ok
11:29:29.0688 9628 [ B190A4F59533E9E9BC5B36797AF29266 ] \Device\Harddisk0\DR0\Partition2
11:29:29.0689 9628 \Device\Harddisk0\DR0\Partition2 - ok
11:29:29.0689 9628 ============================================================
11:29:29.0689 9628 Scan finished
11:29:29.0689 9628 ============================================================
11:29:29.0698 8016 Detected object count: 0
11:29:29.0698 8016 Actual detected object count: 0
11:34:46.0242 7984 Deinitialize success

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:59 AM

Posted 07 February 2013 - 01:59 AM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop. If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download. You can also right click on the link and select Save Link As
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the Posted Image icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply

===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply

===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:

  • In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

Edited by narenxp, 07 February 2013 - 03:47 AM.


#6 davet620

davet620
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 13 February 2013 - 11:55 AM

narenxp

 

malware bytes kept 'disappearing' in the middle of the run but then trend micro micro started to identify boboturbo.exe as a malicious service.  I'm not sure which was killing malware bytes but I'm guessing it was roboturbo.  I dit not run any further scans


Edited by davet620, 13 February 2013 - 11:59 AM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:59 AM

Posted 13 February 2013 - 11:57 AM

Disable Trend micro and try to run it or try safemode with networking.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users