Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijacked Six Ways To Sunday!


  • Please log in to reply
7 replies to this topic

#1 Harris1965

Harris1965

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 10 August 2013 - 08:10 PM

Originally, I became aware of Genieo and Babylon double-teaming me to hijack my browsers. After some Malware Bytes and Hitman Pro and ADWCleaner scans, we've added a Conduit search hijacking element. Genieo and Conduit are still lodged in msconfig start menu and Genieo is on the task bar.

 

 

Sure could use some help...just don't know if I'm making things better or worse at this point.

 

Thanks in advance.



BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:30 AM

Posted 11 August 2013 - 02:08 AM

:welcome:

 

Let's have a look..

 

:step1:  Install and run MBAM

 

:step2:    Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step2:  ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

==================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 Harris1965

Harris1965
  • Topic Starter

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 11 August 2013 - 07:35 PM

One long day with not much to show for it!

 

Here is Malware log. I apologize in advance but after four hours of monitoring it, I stepped away only to have my wife evidently reboot the PC allowing Malware to toss the adware by default but take no action on the PUPs!

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Gershman Family :: MONGO-II [administrator]

8/11/2013 9:11:36 AM
mbam-log-2013-08-11 (09-11-36).txt

Scan type: Full scan (C:\|G:\|H:\|O:\|S:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 956313
Time elapsed: 3 hour(s), 54 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 12
HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (Adware.GameVance) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Users\Gershman Family\AppData\Local\TopArcadeHits (PUP.Optional.TopArcadeHits.A) -> No action taken.
C:\Users\Gershman Family\AppData\Local\TopArcadeHits (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits (Adware.GameVance) -> Quarantined and deleted successfully.

Files Detected: 6
C:\Users\Gershman Family\AppData\Local\TopArcadeHits\tah.config (PUP.Optional.TopArcadeHits.A) -> No action taken.
C:\Users\Gershman Family\AppData\Local\TopArcadeHits\Toparcadehits.dll (PUP.Optional.TopArcadeHits.A) -> No action taken.
C:\Users\Gershman Family\AppData\Local\TopArcadeHits\tah.config (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Gershman Family\AppData\Local\TopArcadeHits\Toparcadehits.dll (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Play Toparcadehits Online.url (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Uninstall Toparcadehits.lnk (Adware.GameVance) -> Quarantined and deleted successfully.

(end)

 

 

The TSSDKiller produced no threats...I assume no log is needed.

 

 

I have tried twice now...three hours each time -  to run the ESET Scan. Both times, after reaching the 13% mark and uncovering four new threats, the computer virtually freezes indefinitely at the same file and I'm forced to manually reboot.

 

The file is C\USERS\Ben\AppData\Roaming\Skype\ben_gershman\msn.db-journal or something approximate. Ben is our fourteen yr old son away at camp.

 

Please advise how best to get thru this blockage, run the complete scan, and get you a full log with obviously other threats.

 

Again, thanks.



#4 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:30 AM

Posted 12 August 2013 - 03:13 AM

:step1: Even if TDSSKiller didn't find anything, I need still the log for review.

 

:step2: Quarantines the files found by MBAM.

 

We will run also other tools, if something get stuck:

 

===

 

:step1: Download Emsisoft Emergency Kit

  • Open EmsisoftEmergencyKit by  double-click Start.exe.
  • A new window will open. Under "Run Directly:" click Emergency Kit Scanner.
  • When asked to run an online update, click Yes.
  • When the update is finished, click the Back to Security Status link in the left corner. On the main screen click the Scan Now button.
  • Select the Deep Scan option and click the SCAN button.
  • When the scan is finished click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • Click the View Report button and in the Reports window double-click on the most recent log. Note, logs are named as follows: a2scan_<date>-<time>.txt.
  • Copy/paste the report contents in your next reply

 

:step2: Download SUPERAntiSpyware Free (aka SAS)

  •  Double-click SAS -setup.exe and follow the prompts to install the program.
  • At the end, be sure to Check for Updates to be sure it is current
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log back here.
  • Be sure to reboot the computer after you post the log.

Edited by GodfatherKing, 12 August 2013 - 03:14 AM.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#5 Harris1965

Harris1965
  • Topic Starter

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 13 August 2013 - 07:35 PM

Here is Malware

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Gershman Family :: MONGO-II [administrator]

8/12/2013 8:45:28 PM
mbam-log-2013-08-12 (20-45-28).txt

Scan type: Full scan (C:\|G:\|H:\|O:\|S:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 954810
Time elapsed: 3 hour(s), 52 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

And Kapersky

06:46:35.0299 6608 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

06:46:35.0858 6608 ============================================================

06:46:35.0858 6608 Current date / time: 2013/08/13 06:46:35.0858

06:46:35.0859 6608 SystemInfo:

06:46:35.0859 6608

06:46:35.0859 6608 OS Version: 6.1.7601 ServicePack: 1.0

06:46:35.0859 6608 Product type: Workstation

06:46:35.0859 6608 ComputerName: MONGO-II

06:46:35.0860 6608 UserName: Gershman Family

06:46:35.0860 6608 Windows directory: C:\Windows

06:46:35.0860 6608 System windows directory: C:\Windows

06:46:35.0860 6608 Running under WOW64

06:46:35.0860 6608 Processor architecture: Intel x64

06:46:35.0860 6608 Number of processors: 4

06:46:35.0860 6608 Page size: 0x1000

06:46:35.0860 6608 Boot type: Normal boot

06:46:35.0860 6608 ============================================================

06:46:38.0637 6608 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

06:46:38.0660 6608 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

06:46:41.0043 6608 Drive \Device\Harddisk2\DR2 - Size: 0xE8DED00000 (931.48 Gb), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

06:46:41.0128 6608 Drive \Device\Harddisk7\DR7 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

06:46:41.0133 6608 ============================================================

06:46:41.0133 6608 \Device\Harddisk0\DR0:

06:46:41.0143 6608 MBR partitions:

06:46:41.0143 6608 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

06:46:41.0144 6608 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55CEA800

06:46:41.0144 6608 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55D1D000, BlocksNum 0x1828800

06:46:41.0144 6608 \Device\Harddisk1\DR1:

06:46:41.0144 6608 MBR partitions:

06:46:41.0144 6608 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1F2180

06:46:41.0144 6608 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1F21BF, BlocksNum 0x1E849DBF

06:46:41.0144 6608 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x1EA3BF7E, BlocksNum 0x1B948CC3

06:46:41.0144 6608 \Device\Harddisk2\DR2:

06:46:41.0145 6608 MBR partitions:

06:46:41.0145 6608 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x746F6000

06:46:41.0145 6608 \Device\Harddisk7\DR7:

06:46:41.0146 6608 MBR partitions:

06:46:41.0146 6608 \Device\Harddisk7\DR7\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982

06:46:41.0146 6608 ============================================================

06:46:41.0207 6608 C: <-> \Device\Harddisk0\DR0\Partition2

06:46:41.0303 6608 D: <-> \Device\Harddisk0\DR0\Partition3

06:46:41.0332 6608 F: <-> \Device\Harddisk1\DR1\Partition1

06:46:41.0373 6608 G: <-> \Device\Harddisk1\DR1\Partition2

06:46:41.0413 6608 H: <-> \Device\Harddisk1\DR1\Partition3

06:46:41.0441 6608 O: <-> \Device\Harddisk7\DR7\Partition1

06:46:41.0474 6608 S: <-> \Device\Harddisk2\DR2\Partition1

06:46:41.0474 6608 ============================================================

06:46:41.0475 6608 Initialize success

06:46:41.0475 6608 ============================================================

06:47:23.0578 3388 ============================================================

06:47:23.0578 3388 Scan started

06:47:23.0578 3388 Mode: Manual; TDLFS;

06:47:23.0578 3388 ============================================================

06:47:28.0451 3388 ================ Scan system memory ========================

06:47:28.0451 3388 System memory - ok

06:47:28.0453 3388 ================ Scan services =============================

06:47:28.0576 3388 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE

06:47:28.0582 3388 !SASCORE - ok

06:47:28.0796 3388 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

06:47:28.0800 3388 1394ohci - ok

06:47:28.0873 3388 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

06:47:28.0881 3388 ACPI - ok

06:47:28.0907 3388 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

06:47:28.0909 3388 AcpiPmi - ok

06:47:29.0202 3388 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

06:47:29.0216 3388 AdobeARMservice - ok

06:47:29.0389 3388 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

06:47:29.0411 3388 AdobeFlashPlayerUpdateSvc - ok

06:47:29.0518 3388 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

06:47:29.0532 3388 adp94xx - ok

06:47:29.0553 3388 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

06:47:29.0559 3388 adpahci - ok

06:47:29.0574 3388 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

06:47:29.0577 3388 adpu320 - ok

06:47:29.0596 3388 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

06:47:29.0608 3388 AeLookupSvc - ok

06:47:29.0679 3388 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

06:47:29.0693 3388 AFD - ok

06:47:29.0737 3388 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

06:47:29.0741 3388 agp440 - ok

06:47:29.0757 3388 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

06:47:29.0761 3388 ALG - ok

06:47:29.0789 3388 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

06:47:29.0792 3388 aliide - ok

06:47:29.0862 3388 [ FF6F0F6A2D72065AE4300426FA414693 ] Amazon Download Agent C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe

06:47:29.0872 3388 Amazon Download Agent - ok

06:47:29.0925 3388 [ 2FDCB3E855076CE97CCB58E2CF8F2A09 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

06:47:29.0931 3388 AMD External Events Utility - ok

06:47:30.0013 3388 [ DD27F6C3DE9BFE50635C721E09EDC5DD ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe

06:47:30.0018 3388 AMD Reservation Manager - ok

06:47:30.0037 3388 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

06:47:30.0040 3388 amdide - ok

06:47:30.0056 3388 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys

06:47:30.0060 3388 amdiox64 - ok

06:47:30.0098 3388 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

06:47:30.0102 3388 AmdK8 - ok

06:47:30.0347 3388 [ 9920704BF815A5B42DA5264F013AAEB7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

06:47:30.0607 3388 amdkmdag - ok

06:47:30.0644 3388 [ 0D1055A47A8F5DC1CAA2701831293EBB ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

06:47:30.0647 3388 amdkmdap - ok

06:47:30.0659 3388 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

06:47:30.0660 3388 AmdPPM - ok

06:47:30.0692 3388 [ F747497A0EE5498F79B207F215B3D2D8 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys

06:47:30.0693 3388 amdsata - ok

06:47:30.0724 3388 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

06:47:30.0730 3388 amdsbs - ok

06:47:30.0769 3388 [ 2946D695E158615BAAA16248E63C7ADB ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys

06:47:30.0772 3388 amdxata - ok

06:47:30.0819 3388 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

06:47:30.0823 3388 AppID - ok

06:47:30.0844 3388 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

06:47:30.0848 3388 AppIDSvc - ok

06:47:30.0871 3388 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll

06:47:30.0875 3388 Appinfo - ok

06:47:30.0964 3388 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

06:47:30.0968 3388 Apple Mobile Device - ok

06:47:30.0987 3388 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

06:47:30.0991 3388 arc - ok

06:47:31.0008 3388 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

06:47:31.0012 3388 arcsas - ok

06:47:31.0116 3388 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

06:47:31.0131 3388 aspnet_state - ok

06:47:31.0172 3388 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

06:47:31.0175 3388 aswFsBlk - ok

06:47:31.0231 3388 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

06:47:31.0235 3388 aswMonFlt - ok

06:47:31.0250 3388 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

06:47:31.0254 3388 aswRdr - ok

06:47:31.0294 3388 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys

06:47:31.0298 3388 aswRvrt - ok

06:47:31.0352 3388 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

06:47:31.0374 3388 aswSnx - ok

06:47:31.0396 3388 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys

06:47:31.0402 3388 aswSP - ok

06:47:31.0454 3388 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

06:47:31.0467 3388 aswTdi - ok

06:47:31.0594 3388 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys

06:47:31.0600 3388 aswVmm - ok

06:47:31.0619 3388 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

06:47:31.0623 3388 AsyncMac - ok

06:47:31.0664 3388 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

06:47:31.0668 3388 atapi - ok

06:47:31.0752 3388 [ 36322190763845975E0D001E90687BF2 ] athur C:\Windows\system32\DRIVERS\athurx.sys

06:47:31.0806 3388 athur - ok

06:47:31.0875 3388 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys

06:47:31.0879 3388 AtiPcie - ok

06:47:31.0927 3388 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

06:47:31.0943 3388 AudioEndpointBuilder - ok

06:47:31.0959 3388 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

06:47:31.0965 3388 AudioSrv - ok

06:47:32.0014 3388 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

06:47:32.0018 3388 avast! Antivirus - ok

06:47:32.0048 3388 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

06:47:32.0054 3388 AxInstSV - ok

06:47:32.0088 3388 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

06:47:32.0101 3388 b06bdrv - ok

06:47:32.0124 3388 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

06:47:32.0131 3388 b57nd60a - ok

06:47:32.0173 3388 BackupStack - ok

06:47:32.0269 3388 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

06:47:32.0276 3388 BBSvc - ok

06:47:32.0298 3388 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

06:47:32.0304 3388 BDESVC - ok

06:47:32.0320 3388 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

06:47:32.0323 3388 Beep - ok

06:47:32.0375 3388 [ B1359701847FF1FF415FA083F1610F48 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe

06:47:32.0378 3388 BEService - ok

06:47:32.0453 3388 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

06:47:32.0470 3388 BFE - ok

06:47:32.0901 3388 [ 954D8AC6EBF483C8B438F649441AB6FF ] bitadcab C:\Windows\system32\DRIVERS\bitadcab.sys

06:47:32.0936 3388 bitadcab - ok

06:47:33.0001 3388 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

06:47:33.0052 3388 BITS - ok

06:47:33.0100 3388 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

06:47:33.0104 3388 blbdrive - ok

06:47:33.0161 3388 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

06:47:33.0167 3388 Bonjour Service - ok

06:47:33.0205 3388 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

06:47:33.0207 3388 bowser - ok

06:47:33.0231 3388 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

06:47:33.0233 3388 BrFiltLo - ok

06:47:33.0249 3388 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

06:47:33.0252 3388 BrFiltUp - ok

06:47:33.0285 3388 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

06:47:33.0291 3388 Browser - ok

06:47:33.0312 3388 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

06:47:33.0321 3388 Brserid - ok

06:47:33.0343 3388 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

06:47:33.0347 3388 BrSerWdm - ok

06:47:33.0363 3388 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

06:47:33.0366 3388 BrUsbMdm - ok

06:47:33.0378 3388 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

06:47:33.0381 3388 BrUsbSer - ok

06:47:33.0416 3388 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys

06:47:33.0417 3388 BTCFilterService - ok

06:47:33.0432 3388 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

06:47:33.0435 3388 BTHMODEM - ok

06:47:33.0466 3388 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

06:47:33.0469 3388 bthserv - ok

06:47:33.0487 3388 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

06:47:33.0490 3388 cdfs - ok

06:47:33.0528 3388 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

06:47:33.0531 3388 cdrom - ok

06:47:33.0568 3388 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

06:47:33.0571 3388 CertPropSvc - ok

06:47:33.0623 3388 [ EA3333DB9AB03106EEC0D6D9D487ED01 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

06:47:33.0632 3388 CinemaNow Service - ok

06:47:33.0650 3388 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

06:47:33.0654 3388 circlass - ok

06:47:33.0682 3388 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

06:47:33.0688 3388 CLFS - ok

06:47:33.0735 3388 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

06:47:33.0742 3388 clr_optimization_v2.0.50727_32 - ok

06:47:33.0839 3388 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

06:47:33.0881 3388 clr_optimization_v2.0.50727_64 - ok

06:47:33.0925 3388 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

06:47:33.0995 3388 clr_optimization_v4.0.30319_32 - ok

06:47:34.0033 3388 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

06:47:34.0063 3388 clr_optimization_v4.0.30319_64 - ok

06:47:34.0087 3388 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

06:47:34.0090 3388 CmBatt - ok

06:47:34.0099 3388 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

06:47:34.0101 3388 cmdide - ok

06:47:34.0138 3388 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

06:47:34.0146 3388 CNG - ok

06:47:34.0177 3388 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

06:47:34.0179 3388 Compbatt - ok

06:47:34.0213 3388 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

06:47:34.0215 3388 CompositeBus - ok

06:47:34.0223 3388 COMSysApp - ok

06:47:34.0244 3388 [ 2285B31039611D509F6120D691CA661F ] CpqDfw C:\Windows\system32\drivers\CpqDfw.sys

06:47:34.0247 3388 CpqDfw - ok

06:47:34.0292 3388 [ 10FB0FF62AF6262BF88E3607E2AE2A69 ] cqcpu C:\Windows\system32\drivers\cqcpu.sys

06:47:34.0296 3388 cqcpu - ok

06:47:34.0316 3388 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

06:47:34.0320 3388 crcdisk - ok

06:47:34.0381 3388 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll

06:47:34.0388 3388 CryptSvc - ok

06:47:34.0418 3388 [ BA25D4B9B067248F7CAC416E855D706B ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys

06:47:34.0423 3388 dc3d - ok

06:47:34.0470 3388 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

06:47:34.0490 3388 DcomLaunch - ok

06:47:34.0533 3388 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

06:47:34.0541 3388 defragsvc - ok

06:47:34.0585 3388 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

06:47:34.0590 3388 DfsC - ok

06:47:34.0641 3388 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys

06:47:34.0658 3388 dg_ssudbus - ok

06:47:34.0722 3388 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

06:47:34.0732 3388 Dhcp - ok

06:47:34.0750 3388 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

06:47:34.0752 3388 discache - ok

06:47:34.0766 3388 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

06:47:34.0769 3388 Disk - ok

06:47:34.0801 3388 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

06:47:34.0807 3388 Dnscache - ok

06:47:34.0859 3388 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

06:47:34.0868 3388 dot3svc - ok

06:47:34.0918 3388 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

06:47:34.0923 3388 Dot4 - ok

06:47:34.0938 3388 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

06:47:34.0942 3388 Dot4Print - ok

06:47:34.0962 3388 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

06:47:34.0965 3388 dot4usb - ok

06:47:34.0976 3388 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

06:47:34.0980 3388 DPS - ok

06:47:35.0005 3388 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

06:47:35.0007 3388 drmkaud - ok

06:47:35.0026 3388 dskohpop - ok

06:47:35.0085 3388 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

06:47:35.0106 3388 DXGKrnl - ok

06:47:35.0120 3388 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

06:47:35.0123 3388 EapHost - ok

06:47:35.0202 3388 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

06:47:35.0277 3388 ebdrv - ok

06:47:35.0327 3388 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

06:47:35.0336 3388 EFS - ok

06:47:35.0427 3388 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

06:47:35.0447 3388 ehRecvr - ok

06:47:35.0474 3388 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

06:47:35.0478 3388 ehSched - ok

06:47:35.0527 3388 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys

06:47:35.0529 3388 ElbyCDIO - ok

06:47:35.0555 3388 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

06:47:35.0564 3388 elxstor - ok

06:47:35.0595 3388 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

06:47:35.0605 3388 ErrDev - ok

06:47:35.0745 3388 [ CC28EC15E1A0603541D92F6F5F016437 ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys

06:47:35.0770 3388 EuMusDesignVirtualAudioCableWdm - ok

06:47:35.0873 3388 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

06:47:35.0886 3388 EventSystem - ok

06:47:35.0905 3388 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

06:47:35.0908 3388 exfat - ok

06:47:35.0923 3388 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

06:47:35.0928 3388 fastfat - ok

06:47:36.0038 3388 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

06:47:36.0063 3388 Fax - ok

06:47:36.0086 3388 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

06:47:36.0090 3388 fdc - ok

06:47:36.0111 3388 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

06:47:36.0114 3388 fdPHost - ok

06:47:36.0122 3388 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

06:47:36.0126 3388 FDResPub - ok

06:47:36.0147 3388 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

06:47:36.0150 3388 FileInfo - ok

06:47:36.0166 3388 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

06:47:36.0169 3388 Filetrace - ok

06:47:36.0258 3388 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

06:47:36.0296 3388 FLEXnet Licensing Service - ok

06:47:36.0309 3388 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

06:47:36.0312 3388 flpydisk - ok

06:47:36.0377 3388 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

06:47:36.0386 3388 FltMgr - ok

06:47:36.0450 3388 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

06:47:36.0497 3388 FontCache - ok

06:47:36.0544 3388 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

06:47:36.0558 3388 FontCache3.0.0.0 - ok

06:47:36.0580 3388 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

06:47:36.0585 3388 FsDepends - ok

06:47:36.0658 3388 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

06:47:36.0662 3388 Fs_Rec - ok

06:47:36.0746 3388 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

06:47:36.0758 3388 fvevol - ok

06:47:36.0792 3388 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

06:47:36.0820 3388 gagp30kx - ok

06:47:36.0886 3388 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

06:47:36.0943 3388 GamesAppService - ok

06:47:37.0013 3388 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

06:47:37.0017 3388 GEARAspiWDM - ok

06:47:37.0093 3388 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\Windows\system32\drivers\gfibto.sys

06:47:37.0097 3388 gfibto - ok

06:47:37.0155 3388 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

06:47:37.0176 3388 gpsvc - ok

06:47:37.0266 3388 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

06:47:37.0271 3388 gupdate - ok

06:47:37.0294 3388 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

06:47:37.0298 3388 gupdatem - ok

06:47:37.0335 3388 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

06:47:37.0341 3388 gusvc - ok

06:47:37.0383 3388 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys

06:47:37.0392 3388 hamachi - ok

06:47:37.0546 3388 [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

06:47:37.0605 3388 Hamachi2Svc - ok

06:47:37.0639 3388 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

06:47:37.0642 3388 hcw85cir - ok

06:47:37.0711 3388 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

06:47:37.0720 3388 HdAudAddService - ok

06:47:37.0742 3388 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

06:47:37.0748 3388 HDAudBus - ok

06:47:37.0772 3388 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

06:47:37.0786 3388 HidBatt - ok

06:47:37.0810 3388 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

06:47:37.0816 3388 HidBth - ok

06:47:37.0835 3388 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

06:47:37.0841 3388 HidIr - ok

06:47:37.0865 3388 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

06:47:37.0884 3388 hidserv - ok

06:47:37.0927 3388 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

06:47:37.0931 3388 HidUsb - ok

06:47:38.0026 3388 [ F2F56E5EB0E2B38927098AD8E28B9E85 ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys

06:47:38.0071 3388 hitmanpro37 - ok

06:47:38.0134 3388 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

06:47:38.0157 3388 hkmsvc - ok

06:47:38.0641 3388 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

06:47:38.0689 3388 HomeGroupListener - ok

06:47:38.0734 3388 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

06:47:38.0756 3388 HomeGroupProvider - ok

06:47:38.0923 3388 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

06:47:38.0927 3388 HP Support Assistant Service - ok

06:47:39.0033 3388 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

06:47:39.0083 3388 hpqwmiex - ok

06:47:39.0125 3388 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

06:47:39.0127 3388 HpSAMD - ok

06:47:39.0260 3388 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

06:47:39.0273 3388 HPSLPSVC - ok

06:47:39.0345 3388 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

06:47:39.0352 3388 HTTP - ok

06:47:39.0365 3388 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

06:47:39.0372 3388 hwpolicy - ok

06:47:39.0410 3388 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

06:47:39.0414 3388 i8042prt - ok

06:47:39.0463 3388 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

06:47:39.0478 3388 iaStorV - ok

06:47:39.0547 3388 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

06:47:39.0554 3388 IDriverT - ok

06:47:39.0604 3388 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

06:47:39.0618 3388 idsvc - ok

06:47:39.0635 3388 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

06:47:39.0641 3388 iirsp - ok

06:47:39.0725 3388 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

06:47:39.0780 3388 IKEEXT - ok

06:47:39.0970 3388 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

06:47:40.0076 3388 IntcAzAudAddService - ok

06:47:40.0098 3388 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

06:47:40.0100 3388 intelide - ok

06:47:40.0131 3388 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

06:47:40.0143 3388 intelppm - ok

06:47:40.0280 3388 [ 259FB44EDB7D170A9477480F40F22264 ] InternetConnectionService C:\WINDOWS\SYSTEM32\KWCAPTUR.EXE

06:47:40.0307 3388 InternetConnectionService - ok

06:47:40.0376 3388 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

06:47:40.0378 3388 IntuitUpdateService - ok

06:47:40.0507 3388 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

06:47:40.0510 3388 IntuitUpdateServiceV4 - ok

06:47:40.0556 3388 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

06:47:40.0567 3388 IPBusEnum - ok

06:47:40.0603 3388 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

06:47:40.0608 3388 IpFilterDriver - ok

06:47:40.0636 3388 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

06:47:40.0641 3388 IPMIDRV - ok

06:47:40.0670 3388 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

06:47:40.0681 3388 IPNAT - ok

06:47:40.0732 3388 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

06:47:40.0752 3388 iPod Service - ok

06:47:40.0816 3388 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

06:47:40.0832 3388 IRENUM - ok

06:47:40.0882 3388 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

06:47:40.0885 3388 isapnp - ok

06:47:40.0933 3388 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

06:47:40.0946 3388 iScsiPrt - ok

06:47:40.0997 3388 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

06:47:41.0001 3388 kbdclass - ok

06:47:41.0058 3388 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

06:47:41.0063 3388 kbdhid - ok

06:47:41.0087 3388 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

06:47:41.0090 3388 KeyIso - ok

06:47:41.0122 3388 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

06:47:41.0125 3388 KSecDD - ok

06:47:41.0172 3388 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

06:47:41.0180 3388 KSecPkg - ok

06:47:41.0196 3388 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

06:47:41.0199 3388 ksthunk - ok

06:47:41.0231 3388 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

06:47:41.0241 3388 KtmRm - ok

06:47:41.0290 3388 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

06:47:41.0325 3388 LanmanServer - ok

06:47:41.0379 3388 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

06:47:41.0394 3388 LanmanWorkstation - ok

06:47:41.0450 3388 [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

06:47:41.0460 3388 LightScribeService - ok

06:47:41.0484 3388 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

06:47:41.0487 3388 lltdio - ok

06:47:41.0504 3388 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

06:47:41.0523 3388 lltdsvc - ok

06:47:41.0546 3388 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

06:47:41.0551 3388 lmhosts - ok

06:47:41.0575 3388 logugmid - ok

06:47:41.0620 3388 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

06:47:41.0624 3388 LSI_FC - ok

06:47:41.0635 3388 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

06:47:41.0639 3388 LSI_SAS - ok

06:47:41.0648 3388 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

06:47:41.0659 3388 LSI_SAS2 - ok

06:47:41.0675 3388 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

06:47:41.0678 3388 LSI_SCSI - ok

06:47:41.0705 3388 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

06:47:41.0708 3388 luafv - ok

06:47:41.0746 3388 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys

06:47:41.0753 3388 LVRS64 - ok

06:47:41.0939 3388 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys

06:47:42.0049 3388 LVUVC64 - ok

06:47:42.0104 3388 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys

06:47:42.0109 3388 ManyCam - ok

06:47:42.0155 3388 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys

06:47:42.0159 3388 mcaudrv_simple - ok

06:47:42.0192 3388 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

06:47:42.0198 3388 Mcx2Svc - ok

06:47:42.0211 3388 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

06:47:42.0217 3388 megasas - ok

06:47:42.0237 3388 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

06:47:42.0243 3388 MegaSR - ok

06:47:42.0296 3388 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

06:47:42.0302 3388 MMCSS - ok

06:47:42.0317 3388 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

06:47:42.0320 3388 Modem - ok

06:47:42.0380 3388 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

06:47:42.0383 3388 monitor - ok

06:47:42.0435 3388 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys

06:47:42.0438 3388 motccgp - ok

06:47:42.0479 3388 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys

06:47:42.0486 3388 motccgpfl - ok

06:47:42.0511 3388 MotDev - ok

06:47:42.0544 3388 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys

06:47:42.0546 3388 motmodem - ok

06:47:42.0676 3388 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

06:47:42.0683 3388 MotoHelper - ok

06:47:42.0724 3388 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys

06:47:42.0727 3388 MotoSwitchService - ok

06:47:42.0755 3388 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys

06:47:42.0759 3388 Motousbnet - ok

06:47:42.0772 3388 [ D075B1D964A314D240F5498773EE89DF ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys

06:47:42.0781 3388 motusbdevice - ok

06:47:42.0805 3388 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

06:47:42.0809 3388 mouclass - ok

06:47:42.0823 3388 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

06:47:42.0826 3388 mouhid - ok

06:47:42.0865 3388 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

06:47:42.0869 3388 mountmgr - ok

06:47:42.0936 3388 [ FC1D590039EF06A381768710E6C07E75 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

06:47:42.0944 3388 MpFilter - ok

06:47:42.0966 3388 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

06:47:42.0973 3388 mpio - ok

06:47:42.0993 3388 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

06:47:42.0998 3388 mpsdrv - ok

06:47:43.0082 3388 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

06:47:43.0098 3388 MpsSvc - ok

06:47:43.0130 3388 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

06:47:43.0133 3388 MRxDAV - ok

06:47:43.0162 3388 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

06:47:43.0165 3388 mrxsmb - ok

06:47:43.0217 3388 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

06:47:43.0224 3388 mrxsmb10 - ok

06:47:43.0258 3388 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

06:47:43.0270 3388 mrxsmb20 - ok

06:47:43.0302 3388 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

06:47:43.0307 3388 msahci - ok

06:47:43.0342 3388 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

06:47:43.0352 3388 msdsm - ok

06:47:43.0370 3388 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

06:47:43.0380 3388 MSDTC - ok

06:47:43.0405 3388 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

06:47:43.0418 3388 Msfs - ok

06:47:43.0435 3388 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

06:47:43.0439 3388 mshidkmdf - ok

06:47:43.0475 3388 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

06:47:43.0479 3388 msisadrv - ok

06:47:43.0528 3388 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

06:47:43.0539 3388 MSiSCSI - ok

06:47:43.0548 3388 msiserver - ok

06:47:43.0583 3388 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

06:47:43.0587 3388 MSKSSRV - ok

06:47:43.0658 3388 [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe

06:47:43.0660 3388 MsMpSvc - ok

06:47:43.0679 3388 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

06:47:43.0684 3388 MSPCLOCK - ok

06:47:43.0705 3388 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

06:47:43.0709 3388 MSPQM - ok

06:47:43.0776 3388 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

06:47:43.0793 3388 MsRPC - ok

06:47:43.0832 3388 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

06:47:43.0849 3388 mssmbios - ok

06:47:43.0876 3388 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

06:47:44.0281 3388 MSTEE - ok

06:47:44.0336 3388 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

06:47:44.0350 3388 MTConfig - ok

06:47:44.0377 3388 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

06:47:44.0390 3388 Mup - ok

06:47:44.0429 3388 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

06:47:44.0439 3388 napagent - ok

06:47:44.0509 3388 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

06:47:44.0515 3388 NativeWifiP - ok

06:47:44.0620 3388 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

06:47:44.0633 3388 NDIS - ok

06:47:44.0655 3388 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

06:47:44.0657 3388 NdisCap - ok

06:47:44.0689 3388 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

06:47:44.0691 3388 NdisTapi - ok

06:47:44.0720 3388 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

06:47:44.0723 3388 Ndisuio - ok

06:47:44.0766 3388 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

06:47:44.0772 3388 NdisWan - ok

06:47:44.0830 3388 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

06:47:44.0834 3388 NDProxy - ok

06:47:44.0902 3388 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\WINDOWS\SYSTEM32\HPZinw12.dll

06:47:44.0911 3388 Net Driver HPZ12 - ok

06:47:44.0930 3388 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

06:47:44.0936 3388 NetBIOS - ok

06:47:44.0956 3388 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

06:47:44.0961 3388 NetBT - ok

06:47:44.0974 3388 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

06:47:44.0978 3388 Netlogon - ok

06:47:45.0002 3388 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

06:47:45.0011 3388 Netman - ok

06:47:45.0052 3388 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

06:47:45.0107 3388 NetMsmqActivator - ok

06:47:45.0116 3388 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

06:47:45.0120 3388 NetPipeActivator - ok

06:47:45.0149 3388 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

06:47:45.0159 3388 netprofm - ok

06:47:45.0245 3388 [ 1982B291DF9833FB3ADC397EBD310A18 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys

06:47:45.0274 3388 netr28x - ok

06:47:45.0280 3388 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

06:47:45.0283 3388 NetTcpActivator - ok

06:47:45.0294 3388 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

06:47:45.0297 3388 NetTcpPortSharing - ok

06:47:45.0310 3388 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

06:47:45.0312 3388 nfrd960 - ok

06:47:45.0382 3388 [ 8FB3C853E886E1E4D57271672486111C ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

06:47:45.0401 3388 NisDrv - ok

06:47:45.0452 3388 [ 869A808253726EA11939EC4FE76346A4 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe

06:47:45.0462 3388 NisSrv - ok

06:47:45.0547 3388 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

06:47:45.0573 3388 NlaSvc - ok

06:47:45.0589 3388 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

06:47:45.0592 3388 Npfs - ok

06:47:45.0606 3388 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

06:47:45.0611 3388 nsi - ok

06:47:45.0624 3388 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

06:47:45.0627 3388 nsiproxy - ok

06:47:45.0698 3388 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

06:47:45.0734 3388 Ntfs - ok

06:47:45.0743 3388 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

06:47:45.0745 3388 Null - ok

06:47:45.0790 3388 [ B4F53BCA4C688FF47F04FA90098F896E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

06:47:45.0797 3388 NVHDA - ok

06:47:46.0146 3388 [ 4EE399576F76D38C04745DB739BBC8C7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

06:47:46.0400 3388 nvlddmkm - ok

06:47:46.0441 3388 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

06:47:46.0447 3388 nvraid - ok

06:47:46.0494 3388 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

06:47:46.0500 3388 nvstor - ok

06:47:46.0577 3388 [ 7335C3D78A7746D76D37F6722CC4A466 ] nvsvc C:\Windows\system32\nvvsvc.exe

06:47:46.0608 3388 nvsvc - ok

06:47:46.0720 3388 [ B7C53DA1C73FF39F4A6248643EFD979A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

06:47:46.0749 3388 nvUpdatusService - ok

06:47:46.0779 3388 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

06:47:46.0782 3388 nv_agp - ok

06:47:46.0795 3388 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

06:47:46.0810 3388 ohci1394 - ok

06:47:46.0880 3388 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

06:47:46.0886 3388 ose - ok

06:47:47.0054 3388 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

06:47:47.0160 3388 osppsvc - ok

06:47:47.0259 3388 [ 9F5F99061F4B93DB3B8354EAE273D2DD ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe

06:47:47.0272 3388 OverwolfUpdaterService - ok

06:47:47.0311 3388 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

06:47:47.0332 3388 p2pimsvc - ok

06:47:47.0391 3388 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

06:47:47.0426 3388 p2psvc - ok

06:47:47.0471 3388 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

06:47:47.0474 3388 Parport - ok

06:47:47.0522 3388 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

06:47:47.0525 3388 partmgr - ok

06:47:47.0544 3388 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

06:47:47.0550 3388 PcaSvc - ok

06:47:47.0568 3388 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

06:47:47.0581 3388 pci - ok

06:47:47.0614 3388 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

06:47:47.0616 3388 pciide - ok

06:47:47.0656 3388 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

06:47:47.0662 3388 pcmcia - ok

06:47:47.0677 3388 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

06:47:47.0680 3388 pcw - ok

06:47:47.0703 3388 pdfcDispatcher - ok

06:47:47.0734 3388 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

06:47:47.0744 3388 PEAUTH - ok

06:47:47.0840 3388 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

06:47:47.0845 3388 PerfHost - ok

06:47:47.0940 3388 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

06:47:47.0994 3388 pla - ok

06:47:48.0084 3388 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

06:47:48.0103 3388 PlugPlay - ok

06:47:48.0196 3388 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\WINDOWS\SYSTEM32\HPZipm12.dll

06:47:48.0204 3388 Pml Driver HPZ12 - ok

06:47:48.0267 3388 PnkBstrA - ok

06:47:48.0307 3388 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

06:47:48.0318 3388 PNRPAutoReg - ok

06:47:48.0341 3388 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

06:47:48.0348 3388 PNRPsvc - ok

06:47:48.0423 3388 [ 5BC4D480DD527EB0CF33A67A090A130E ] Point64 C:\Windows\system32\DRIVERS\point64.sys

06:47:48.0433 3388 Point64 - ok

06:47:48.0473 3388 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

06:47:48.0482 3388 PolicyAgent - ok

06:47:48.0525 3388 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

06:47:48.0533 3388 Power - ok

06:47:48.0583 3388 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

06:47:48.0596 3388 PptpMiniport - ok

06:47:48.0630 3388 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

06:47:48.0641 3388 Processor - ok

06:47:48.0687 3388 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

06:47:48.0694 3388 ProfSvc - ok

06:47:48.0712 3388 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

06:47:48.0714 3388 ProtectedStorage - ok

06:47:48.0766 3388 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

06:47:48.0771 3388 Psched - ok

06:47:48.0846 3388 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

06:47:48.0851 3388 PSI_SVC_2 - ok

06:47:48.0903 3388 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

06:47:48.0961 3388 ql2300 - ok

06:47:48.0984 3388 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

06:47:48.0988 3388 ql40xx - ok

06:47:49.0042 3388 [ DE55B01FC317FB5EE2B6734C692C5A95 ] QPCopyEngine C:\PROGRAM FILES\IOMEGA\QUIKPROTECT\QpMonitor.exe

06:47:49.0046 3388 QPCopyEngine - ok

06:47:49.0081 3388 [ FB67BE4E732EEA8E90DC9473B8D7E2AE ] QsFsFltr C:\Windows\system32\DRIVERS\QsFsFltr.sys

06:47:49.0091 3388 QsFsFltr - ok

06:47:49.0125 3388 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

06:47:49.0140 3388 QWAVE - ok

06:47:49.0158 3388 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

06:47:49.0160 3388 QWAVEdrv - ok

06:47:49.0175 3388 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

06:47:49.0186 3388 RasAcd - ok

06:47:49.0210 3388 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

06:47:49.0225 3388 RasAgileVpn - ok

06:47:49.0240 3388 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

06:47:49.0247 3388 RasAuto - ok

06:47:49.0283 3388 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

06:47:49.0288 3388 Rasl2tp - ok

06:47:49.0379 3388 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

06:47:49.0440 3388 RasMan - ok

06:47:49.0544 3388 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

06:47:49.0555 3388 RasPppoe - ok

06:47:49.0627 3388 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

06:47:49.0640 3388 RasSstp - ok

06:47:49.0696 3388 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

06:47:49.0716 3388 rdbss - ok

06:47:49.0737 3388 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

06:47:49.0745 3388 rdpbus - ok

06:47:49.0766 3388 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

06:47:49.0778 3388 RDPCDD - ok

06:47:49.0808 3388 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

06:47:49.0822 3388 RDPENCDD - ok

06:47:49.0852 3388 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

06:47:49.0855 3388 RDPREFMP - ok

06:47:49.0918 3388 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

06:47:49.0928 3388 RDPWD - ok

06:47:49.0973 3388 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

06:47:49.0987 3388 rdyboost - ok

06:47:50.0042 3388 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

06:47:50.0062 3388 RemoteAccess - ok

06:47:50.0107 3388 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

06:47:50.0120 3388 RemoteRegistry - ok

06:47:50.0196 3388 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys

06:47:50.0219 3388 RimUsb - ok

06:47:50.0251 3388 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

06:47:50.0269 3388 RpcEptMapper - ok

06:47:50.0328 3388 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

06:47:50.0354 3388 RpcLocator - ok

06:47:50.0464 3388 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

06:47:50.0482 3388 RpcSs - ok

06:47:50.0535 3388 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

06:47:50.0552 3388 rspndr - ok

06:47:50.0620 3388 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

06:47:50.0631 3388 RTL8167 - ok

06:47:50.0681 3388 [ 248ABD858FF7DCC966E5A54529DDD225 ] SaiH075C C:\Windows\system32\DRIVERS\SaiH075C.sys

06:47:50.0687 3388 SaiH075C - ok

06:47:50.0764 3388 [ 9E7E53891D1747A01F491AB25B95135D ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys

06:47:50.0766 3388 SaiMini - ok

06:47:50.0825 3388 [ 770B1CA6A2058DB900952DF10344B951 ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys

06:47:50.0829 3388 SaiNtBus - ok

06:47:50.0852 3388 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

06:47:50.0857 3388 SamSs - ok

06:47:50.0917 3388 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

06:47:50.0919 3388 SASDIFSV - ok

06:47:50.0944 3388 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

06:47:50.0945 3388 SASKUTIL - ok

06:47:50.0985 3388 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

06:47:50.0988 3388 sbp2port - ok

06:47:51.0041 3388 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

06:47:51.0053 3388 SCardSvr - ok

06:47:51.0081 3388 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

06:47:51.0097 3388 scfilter - ok

06:47:51.0178 3388 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

06:47:51.0207 3388 Schedule - ok

06:47:51.0241 3388 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

06:47:51.0243 3388 SCPolicySvc - ok

06:47:51.0327 3388 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys

06:47:51.0331 3388 ScreamBAudioSvc - ok

06:47:51.0376 3388 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

06:47:51.0389 3388 SDRSVC - ok

06:47:51.0538 3388 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

06:47:51.0544 3388 SeaPort - ok

06:47:51.0603 3388 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

06:47:51.0616 3388 secdrv - ok

06:47:51.0635 3388 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

06:47:51.0646 3388 seclogon - ok

06:47:51.0665 3388 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

06:47:51.0671 3388 SENS - ok

06:47:51.0685 3388 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

06:47:51.0691 3388 SensrSvc - ok

06:47:51.0720 3388 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

06:47:51.0734 3388 Serenum - ok

06:47:51.0754 3388 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

06:47:51.0762 3388 Serial - ok

06:47:51.0801 3388 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

06:47:51.0809 3388 sermouse - ok

06:47:51.0868 3388 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

06:47:51.0888 3388 SessionEnv - ok

06:47:51.0922 3388 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

06:47:51.0936 3388 sffdisk - ok

06:47:51.0960 3388 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

06:47:51.0964 3388 sffp_mmc - ok

06:47:51.0982 3388 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

06:47:51.0992 3388 sffp_sd - ok

06:47:52.0024 3388 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

06:47:52.0041 3388 sfloppy - ok

06:47:52.0169 3388 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

06:47:52.0198 3388 SharedAccess - ok

06:47:52.0291 3388 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

06:47:52.0303 3388 ShellHWDetection - ok

06:47:52.0316 3388 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

06:47:52.0319 3388 SiSRaid2 - ok

06:47:52.0335 3388 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

06:47:52.0342 3388 SiSRaid4 - ok

06:47:52.0606 3388 [ AE40D1BC6FB02A5625516AD74CA9A309 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

06:47:52.0719 3388 Skype C2C Service - ok

06:47:52.0782 3388 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

06:47:52.0794 3388 SkypeUpdate - ok

06:47:52.0817 3388 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

06:47:52.0820 3388 Smb - ok

06:47:52.0855 3388 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

06:47:52.0861 3388 SNMPTRAP - ok

06:47:52.0872 3388 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

06:47:52.0875 3388 spldr - ok

06:47:52.0912 3388 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

06:47:52.0924 3388 Spooler - ok

06:47:53.0114 3388 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

06:47:53.0260 3388 sppsvc - ok

06:47:53.0327 3388 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

06:47:53.0358 3388 sppuinotify - ok

06:47:53.0442 3388 [ B9657A0AFF28C1CB114ACC0CB93EE4BB ] sp_rsdrv2 C:\Windows\system32\DRIVERS\stflt.sys

06:47:53.0453 3388 sp_rsdrv2 - ok

06:47:53.0503 3388 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

06:47:53.0515 3388 srv - ok

06:47:53.0549 3388 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

06:47:53.0560 3388 srv2 - ok

06:47:53.0605 3388 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

06:47:53.0612 3388 srvnet - ok

06:47:53.0660 3388 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

06:47:53.0684 3388 SSDPSRV - ok

06:47:53.0714 3388 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

06:47:53.0726 3388 SstpSvc - ok

06:47:53.0830 3388 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys

06:47:53.0838 3388 ssudmdm - ok

06:47:53.0937 3388 [ A0A99EE6D10F92A4249673C23B3163B7 ] ST2012_Svc C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe

06:47:53.0961 3388 ST2012_Svc - ok

06:47:54.0212 3388 Steam Client Service - ok

06:47:54.0401 3388 [ 81F177C1954453AF407604160BD149CB ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

06:47:54.0415 3388 Stereo Service - ok

06:47:54.0435 3388 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

06:47:54.0439 3388 stexstor - ok

06:47:54.0508 3388 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

06:47:54.0526 3388 stisvc - ok

06:47:54.0555 3388 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

06:47:54.0558 3388 swenum - ok

06:47:55.0203 3388 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

06:47:55.0373 3388 SwitchBoard - ok

06:47:55.0640 3388 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

06:47:55.0757 3388 swprv - ok

06:47:55.0853 3388 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

06:47:55.0891 3388 SysMain - ok

06:47:55.0918 3388 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

06:47:55.0923 3388 TabletInputService - ok

06:47:55.0969 3388 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys

06:47:55.0973 3388 tap0901t - ok

06:47:56.0024 3388 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

06:47:56.0042 3388 TapiSrv - ok

06:47:56.0055 3388 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

06:47:56.0062 3388 TBS - ok

06:47:56.0123 3388 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys

06:47:56.0158 3388 Tcpip - ok

06:47:56.0253 3388 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

06:47:56.0266 3388 TCPIP6 - ok

06:47:56.0307 3388 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

06:47:56.0322 3388 tcpipreg - ok

06:47:56.0365 3388 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

06:47:56.0370 3388 TDPIPE - ok

06:47:56.0405 3388 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

06:47:56.0407 3388 TDTCP - ok

06:47:56.0442 3388 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

06:47:56.0447 3388 tdx - ok

06:47:56.0623 3388 [ 402794A75A899E296AB3EDEC4ECCB9A8 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

06:47:56.0724 3388 TeamViewer8 - ok

06:47:56.0754 3388 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

06:47:56.0756 3388 TermDD - ok

06:47:56.0793 3388 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

06:47:56.0802 3388 TermService - ok

06:47:56.0837 3388 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

06:47:56.0844 3388 Themes - ok

06:47:56.0881 3388 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

06:47:56.0886 3388 THREADORDER - ok

06:47:56.0904 3388 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

06:47:56.0909 3388 TrkWks - ok

06:47:56.0974 3388 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

06:47:56.0980 3388 TrustedInstaller - ok

06:47:57.0017 3388 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

06:47:57.0020 3388 tssecsrv - ok

06:47:57.0094 3388 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

06:47:57.0120 3388 TsUsbFlt - ok

06:47:57.0188 3388 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

06:47:57.0200 3388 tunnel - ok

06:47:57.0372 3388 [ 7A34128510EEB13CF8583531C8FB081C ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe

06:47:57.0412 3388 TunngleService - ok

06:47:57.0440 3388 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

06:47:57.0446 3388 uagp35 - ok

06:47:57.0471 3388 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

06:47:57.0476 3388 udfs - ok

06:47:57.0499 3388 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

06:47:57.0504 3388 UI0Detect - ok

06:47:57.0558 3388 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

06:47:57.0569 3388 uliagpkx - ok

06:47:57.0625 3388 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

06:47:57.0636 3388 umbus - ok

06:47:57.0668 3388 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

06:47:57.0673 3388 UmPass - ok

06:47:57.0774 3388 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

06:47:57.0794 3388 UMVPFSrv - ok

06:47:57.0810 3388 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

06:47:57.0819 3388 upnphost - ok

06:47:57.0855 3388 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

06:47:57.0857 3388 USBAAPL64 - ok

06:47:57.0877 3388 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

06:47:57.0889 3388 usbaudio - ok

06:47:57.0923 3388 [ 5FCC71487888589A9244AF54CFEFAB29 ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys

06:47:57.0954 3388 usbbus - ok

06:47:57.0978 3388 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

06:47:57.0984 3388 usbccgp - ok

06:47:58.0001 3388 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

06:47:58.0007 3388 usbcir - ok

06:47:58.0057 3388 [ 3FB6E423F7567C92C32EA786F5FD0C69 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys

06:47:58.0067 3388 UsbDiag - ok

06:47:58.0113 3388 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

06:47:58.0119 3388 usbehci - ok

06:47:58.0195 3388 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

06:47:58.0218 3388 usbfilter - ok

06:47:58.0330 3388 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

06:47:58.0360 3388 usbhub - ok

06:47:58.0431 3388 [ 78D551F5B93488B4666F5FC8DD4815F3 ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys

06:47:58.0479 3388 USBModem - ok

06:47:58.0502 3388 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

06:47:58.0511 3388 usbohci - ok

06:47:58.0579 3388 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

06:47:58.0583 3388 usbprint - ok

06:47:58.0616 3388 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

06:47:58.0621 3388 usbscan - ok

06:47:58.0639 3388 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

06:47:58.0644 3388 USBSTOR - ok

06:47:58.0670 3388 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

06:47:58.0679 3388 usbuhci - ok

06:47:58.0698 3388 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

06:47:58.0706 3388 UxSms - ok

06:47:58.0718 3388 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

06:47:58.0722 3388 VaultSvc - ok

06:47:58.0752 3388 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys

06:47:58.0756 3388 VClone - ok

06:47:58.0772 3388 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

06:47:58.0774 3388 vdrvroot - ok

06:47:58.0808 3388 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

06:47:58.0826 3388 vds - ok

06:47:58.0859 3388 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

06:47:58.0871 3388 vga - ok

06:47:58.0894 3388 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

06:47:58.0898 3388 VgaSave - ok

06:47:58.0939 3388 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

06:47:58.0951 3388 vhdmp - ok

06:47:58.0999 3388 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

06:47:59.0002 3388 viaide - ok

06:47:59.0034 3388 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

06:47:59.0036 3388 volmgr - ok

06:47:59.0113 3388 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

06:47:59.0145 3388 volmgrx - ok

06:47:59.0180 3388 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

06:47:59.0184 3388 volsnap - ok

06:47:59.0200 3388 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

06:47:59.0204 3388 vsmraid - ok

06:47:59.0291 3388 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

06:47:59.0374 3388 VSS - ok

06:47:59.0396 3388 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

06:47:59.0447 3388 vwifibus - ok

06:47:59.0489 3388 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

06:47:59.0493 3388 vwififlt - ok

06:47:59.0515 3388 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

06:47:59.0518 3388 vwifimp - ok

06:47:59.0548 3388 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

06:47:59.0561 3388 W32Time - ok

06:47:59.0580 3388 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

06:47:59.0583 3388 WacomPen - ok

06:47:59.0611 3388 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

06:47:59.0615 3388 WANARP - ok

06:47:59.0618 3388 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

06:47:59.0620 3388 Wanarpv6 - ok

06:47:59.0780 3388 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

06:47:59.0845 3388 WatAdminSvc - ok

06:47:59.0976 3388 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

06:48:00.0002 3388 wbengine - ok

06:48:00.0048 3388 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

06:48:00.0071 3388 WbioSrvc - ok

06:48:00.0104 3388 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

06:48:00.0122 3388 wcncsvc - ok

06:48:00.0134 3388 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

06:48:00.0139 3388 WcsPlugInService - ok

06:48:00.0168 3388 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

06:48:00.0171 3388 Wd - ok

06:48:00.0319 3388 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

06:48:00.0331 3388 Wdf01000 - ok

06:48:00.0386 3388 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

06:48:00.0401 3388 WdiServiceHost - ok

06:48:00.0413 3388 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

06:48:00.0425 3388 WdiSystemHost - ok

06:48:00.0500 3388 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

06:48:00.0517 3388 WebClient - ok

06:48:00.0570 3388 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

06:48:00.0601 3388 Wecsvc - ok

06:48:00.0644 3388 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

06:48:00.0664 3388 wercplsupport - ok

06:48:00.0710 3388 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

06:48:00.0724 3388 WerSvc - ok

06:48:00.0749 3388 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

06:48:00.0752 3388 WfpLwf - ok

06:48:00.0776 3388 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

06:48:00.0780 3388 WimFltr - ok

06:48:00.0792 3388 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

06:48:00.0801 3388 WIMMount - ok

06:48:01.0234 3388 WinHttpAutoProxySvc - ok

06:48:01.0342 3388 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

06:48:01.0367 3388 Winmgmt - ok

06:48:01.0474 3388 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys

06:48:01.0478 3388 WinRing0_1_2_0 - ok

06:48:01.0640 3388 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

06:48:01.0715 3388 WinRM - ok

06:48:01.0784 3388 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

06:48:01.0786 3388 WinUsb - ok

06:48:01.0818 3388 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

06:48:01.0832 3388 Wlansvc - ok

06:48:01.0935 3388 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

06:48:02.0025 3388 wlidsvc - ok

06:48:02.0058 3388 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

06:48:02.0060 3388 WmiAcpi - ok

06:48:02.0090 3388 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

06:48:02.0093 3388 wmiApSrv - ok

06:48:02.0115 3388 WMPNetworkSvc - ok

06:48:02.0129 3388 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

06:48:02.0134 3388 WPCSvc - ok

06:48:02.0166 3388 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

06:48:02.0171 3388 WPDBusEnum - ok

06:48:02.0191 3388 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

06:48:02.0193 3388 ws2ifsl - ok

06:48:02.0226 3388 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

06:48:02.0239 3388 WSDPrintDevice - ok

06:48:02.0250 3388 WSearch - ok

06:48:02.0406 3388 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

06:48:02.0462 3388 wuauserv - ok

06:48:02.0514 3388 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

06:48:02.0516 3388 WudfPf - ok

06:48:02.0535 3388 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

06:48:02.0539 3388 WUDFRd - ok

06:48:02.0551 3388 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

06:48:02.0561 3388 wudfsvc - ok

06:48:02.0594 3388 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll

06:48:02.0614 3388 WwanSvc - ok

06:48:02.0683 3388 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys

06:48:02.0687 3388 xusb21 - ok

06:48:02.0764 3388 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

06:48:02.0777 3388 YahooAUService - ok

06:48:02.0902 3388 ================ Scan global ===============================

06:48:02.0957 3388 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

06:48:03.0015 3388 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

06:48:03.0039 3388 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

06:48:03.0072 3388 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

06:48:03.0123 3388 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

06:48:03.0134 3388 [Global] - ok

06:48:03.0135 3388 ================ Scan MBR ==================================

06:48:03.0156 3388 [ 4A7C4350715967A19385746440037F6D ] \Device\Harddisk0\DR0

06:48:03.0381 3388 \Device\Harddisk0\DR0 - ok

06:48:03.0388 3388 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

06:48:03.0469 3388 \Device\Harddisk1\DR1 - ok

06:48:03.0477 3388 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2

06:48:03.0893 3388 \Device\Harddisk2\DR2 - ok

06:48:03.0907 3388 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk7\DR7

06:48:04.0035 3388 \Device\Harddisk7\DR7 - ok

06:48:04.0036 3388 ================ Scan VBR ==================================

06:48:04.0057 3388 [ A269A2976151D12124FE1DC170C1DC13 ] \Device\Harddisk0\DR0\Partition1

06:48:04.0059 3388 \Device\Harddisk0\DR0\Partition1 - ok

06:48:04.0066 3388 [ 726297038C7DD0A011CE18914DD23BB2 ] \Device\Harddisk0\DR0\Partition2

06:48:04.0068 3388 \Device\Harddisk0\DR0\Partition2 - ok

06:48:04.0094 3388 [ 930FC9CB9911D88B8FD70C5CF53963B0 ] \Device\Harddisk0\DR0\Partition3

06:48:04.0095 3388 \Device\Harddisk0\DR0\Partition3 - ok

06:48:04.0099 3388 [ 09B26B5AD59BCDA5020484ED3889DBF0 ] \Device\Harddisk1\DR1\Partition1

06:48:04.0101 3388 \Device\Harddisk1\DR1\Partition1 - ok

06:48:04.0104 3388 [ 1AD5100F5F53D0D3B11D38F9CA5ADC0A ] \Device\Harddisk1\DR1\Partition2

06:48:04.0106 3388 \Device\Harddisk1\DR1\Partition2 - ok

06:48:04.0110 3388 [ 8C9F2E4B3ADE9F85B901E6397E89C16F ] \Device\Harddisk1\DR1\Partition3

06:48:04.0111 3388 \Device\Harddisk1\DR1\Partition3 - ok

06:48:04.0116 3388 [ 88D4D6BF121381C1CFEA1B29A66B31E5 ] \Device\Harddisk2\DR2\Partition1

06:48:04.0118 3388 \Device\Harddisk2\DR2\Partition1 - ok

06:48:04.0121 3388 [ 181EFC0222B36B24131684E8F807451D ] \Device\Harddisk7\DR7\Partition1

06:48:04.0123 3388 \Device\Harddisk7\DR7\Partition1 - ok

06:48:04.0124 3388 ============================================================

06:48:04.0124 3388 Scan finished

06:48:04.0124 3388 ============================================================

06:48:04.0131 4416 Detected object count: 0

06:48:04.0131 4416 Actual detected object count: 0

 

Emsisoft Log:

Emsisoft Emergency Kit - Version 4.0
Last update: 8/13/2013 6:59:25 AM
User account: MONGO-II\Gershman Family

Scan settings:

Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\, D:\, F:\, G:\, H:\, O:\, S:\

Detect Riskware: Off
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 8/13/2013 7:00:21 AM
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameHouse  detected: Trace.File.Super Pop and Drop (A)
Value: HKEY_CLASSES_ROOT\CLSID\{07ED7A7D-5A91-4550-90AC-B755EE709001}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_CLASSES_ROOT\CLSID\{0C62D803-DE43-4B3D-B259-00AB7AA46B84}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_CLASSES_ROOT\CLSID\{5BBDC975-2FD4-400A-8608-650924ED17E0}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_CLASSES_ROOT\CLSID\{823AF2BC-81AC-4463-8F59-A92585574C1B}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_CLASSES_ROOT\CLSID\{A78388B9-D3E6-4920-8CB7-1C0F9B604FC4}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_CLASSES_ROOT\CLSID\{C8E09582-C0E4-4D67-9309-F2B86F99119B}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{07ED7A7D-5A91-4550-90AC-B755EE709001}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{0C62D803-DE43-4B3D-B259-00AB7AA46B84}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{5BBDC975-2FD4-400A-8608-650924ED17E0}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{823AF2BC-81AC-4463-8F59-A92585574C1B}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{A78388B9-D3E6-4920-8CB7-1C0F9B604FC4}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{C8E09582-C0E4-4D67-9309-F2B86F99119B}\INPROCSERVER32 -> THREADINGMODEL  detected: Trace.Registry.Chat Watch (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\TRYMEDIA SYSTEMS  detected: Trace.Registry.Trymedia (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\TRYMEDIA SYSTEMS\ACTIVEMARK SOFTWARE  detected: Trace.Registry.Trymedia (A)

Scanned 1016160
Found 15

Scan end: 8/13/2013 1:51:37 PM
Scan time: 6:51:16

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameHouse Quarantined Trace.File.Super Pop and Drop (A)

Quarantined 1

 

(Why wouldn't Emsisoft quarantine all 15 threats?)

 

 

And SuperAntiSpyware:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/13/2013 at 08:30 PM

Application Version : 5.6.1020

Core Rules Database Version : 10689
Trace Rules Database Version: 8501

Scan type       : Quick Scan
Total Scan Time : 00:29:24

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned      : 790
Memory threats detected   : 0
Registry items scanned    : 65894
Registry threats detected : 0
File items scanned        : 47693
File threats detected     : 60

Adware.Tracking Cookie
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\Q4ZAFIHR.txt [ /ad.360yield.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\FR8K5PVK.txt [ /clickbooth.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\MRPOU3MG.txt [ /youporn.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\YZLI0KQ4.txt [ /invitemedia.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\I10PU9I4.txt [ /demandmedia.trc.taboola.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\DEDHHXB5.txt [ /kontera.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\SENI0OK3.txt [ /apmebf.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\9OJV2EB3.txt [ /ad.e-kolay.net ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\TA5MH4MA.txt [ /ads.undertone.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\KS2NNXA0.txt [ /www.mediaite.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\04RM81RV.txt [ /questionmarket.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\0FF8H5AF.txt [ /insightexpressai.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\C2DV3WXS.txt [ /serving-sys.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\F9ZN9F4Q.txt [ /tribalfusion.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\R1E5R4GN.txt [ /dmtracker.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\T96TVGKL.txt [ /videos.mediaite.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\CQBQVKWV.txt [ /ads.pointroll.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\XMGUQL9B.txt [ /atdmt.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\3K7480DE.txt [ /lucidmedia.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\1WLVFJ0C.txt [ /server.cpmstar.com ]
 .imrworldwide.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .imrworldwide.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\ZDZUZQ80.txt [ /mediaplex.com ]
 .doubleclick.net [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atdmt.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atdmt.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 bs.serving-sys.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .serving-sys.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .serving-sys.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .serving-sys.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .serving-sys.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .amazon-adsystem.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .amazon-adsystem.com [ C:\USERS\GERSHMAN FAMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\A78TXRYB.txt [ /accounts.google.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\6CQ8ADU1.txt [ /adtechus.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\3OYX2LM5.txt [ /legolas-media.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\2QYFL62Z.txt [ /demandmedia.trc.taboola.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\LG9Z64WD.txt [ /accounts.google.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\G25RT3C3.txt [ /ads.creative-serving.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\H6UYHKJ0.txt [ /mediaite.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\V023OL12.txt [ /www.mediaite.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\H2KK57VU.txt [ /pointroll.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\4M0ELRVE.txt [ /casalemedia.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\QFHDGEZ0.txt [ /revsci.net ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\Q96F9L5Y.txt [ /zedo.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\ZJNQ4PYJ.txt [ /pcworldcommunication.122.2o7.net ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\KD9W5KWD.txt [ /www.youporn.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\M3CPNHL8.txt [ /doubleclick.net ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\MA89MFZL.txt [ /eset.122.2o7.net ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\0E26KTX1.txt [ /ad.yieldmanager.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\AP8WJC0N.txt [ /imrworldwide.com ]
 C:\Users\Gershman Family\AppData\Roaming\Microsoft\Windows\Cookies\4LPMEOY1.txt [ /interclick.com ]



#6 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:30 AM

Posted 17 August 2013 - 04:05 AM

Still issues?


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#7 Harris1965

Harris1965
  • Topic Starter

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 17 August 2013 - 07:18 AM

None that are obvious...what do the logs reveal? Anything I have missed?

 

I'll do another sweep using all or most of those tools this weekend. Thanks again.



#8 Harris1965

Harris1965
  • Topic Starter

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 18 August 2013 - 11:41 AM

Still have Trymedia adware and ChatWatch according to Emsisoft Emergency...why won't/can't it remove or quarantine?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users