Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Faulting application svchost.exe, version 5.1.2600.5512

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Faulting application svchost.exe, version 5.1.2600.5512

Unread postby orepsam » March 16th, 2012, 6:55 am

I have a second machine--ThinkPad T40 with XP sp3. Recently, I received the following (together with an array of problems):
"Faulting application svchost.exe, version 5.1.2600.5512, faulting module wzcsvc.dll, version 5.1.2600.5512, fault address 0x0002d3ae."
This is from event viewer following from a "Generic Host Process for Win 32 ...." closure message.
I can't be sure what caused this, as the machine, although little used, worked fine (mobile communicator--e-mails, Skype etc) when away from home. Connection to internet was via onboard wireless modem in hotel.
Now I am using it at home and connect to internet via onboard usb network adaptor via cable to an ADSL modem--two other computers work fine when using this connection.
Unless there is something else obvious to the technical dept, this 'connection platform' change is all I can think of.
Help would be appreciated.
orepsam
Active Member
 
Posts: 12
Joined: March 16th, 2012, 6:31 am
Advertisement
Register to Remove

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby askey127 » March 16th, 2012, 8:34 am

Hi orepsam,
This could be a configuration problem or something else.
-----------------------------------------------------------
Check/Alter status of Wireless Zero Configuration
Go to Start, Run and type
services.msc
into the box, and hit <Enter>
Scroll down to the entry named Wireless Zero Configuration
Right click it and choose Properties
Under the General tab, if the Status is not Started, then click Start.
Under Startup Type, Automatic should be selected.
Click Apply and OK.
-----------------------------------------------------------
Check Hard Disk For Errors
Press Start->Run, then type or copy/paste the following command into the box and press OK:
Code: Select all
cmd  /c  chkdsk  c:  |find  /v  "percent"  >> "%userprofile%\desktop\checkhd.txt"
A blank command window will open on your desktop, then close in a few minutes. This is normal.
A file and icon named checkhd.txt should appear on your Desktop. Please post the contents of this file.

Let me know how it goes, and what you see.
askey
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby orepsam » March 16th, 2012, 9:03 am

Thanks askey
I will try wireless and usb when I go home tonight.
I tried to shorten this post, here is my original. As you see already chkdisk and all OK:
"General
I'm not sure quite what started this Generic Host… message "GHP".
I'm in the process of putting some programmes on the machine from original software. Our ageing laptop (ThinkPad T40) as opposed to our desktop is destined to be our mobile communicator, when we 4 X 4 or 'swallow' between here and Europe.
The T40 is loaded with XP pro SP3 while the desktop has the home edition. I have a Toshiba Satellite (even older—and quite slow) on which I have successfully loaded the required programmes, and it performs (apart from speed) the way I expect the T40 to work. The desktop also has the programmes and everything works fine there. All systems have adequate memory and disk space for their intended use.
The T40 system used to be stable—basically used by my wife as a simple communicator—remote internet e-mail, Skype and occasionally Word for attaching to e-mail. The connection was via a wireless modem (on board) offered by our hotel.
I now 'connect' via a USB ADSL network adaptor (built in), the Mweb supplied modem "Billion?" allows for a faster cable connection (fast wire?), which has an outlet plug that is different to the normal USB one—I use this output on my desktop, as the laptops are not equipped with a compatible port.
I have done my best to recover the issue, including several attempts to restore until hard drive had no more space—+-2%. I disabled auto restore which recovered > 60% of the space; a chk disc and defrag followed, and everything looked great but still the GHP returned.
Internet sites know about the problem, but no meaningful solution is offered, even by MS.
Symptoms

1. A few, up to 15 mins after bootup I get the GHP; the event viewer indicates a problem with svchost.exe—see the screen-prints below.
2. If I choose the 'send the error report' option it goes off, but the machine then becomes inoperable (not frozen completely), but it won't respond to a Ctr/Alt/Delete, other than to show the first popup. However Task manager does not come up but if logoff is selected it responds, plays the shutdown music but does not shut down—this has to be done manually.
It reboots normally, but the onboard ADSL network adaptor becomes disabled and requires the driver to be installed—either through device manager, or the Found New Hardware Wizard.
3. If, on the other hand, I elect Debug, the machine lives on more or less normal but sound card deactivates yet device manager does not show a problem. Also, if you remove something from USB e.g. internet connection or flash drive, it won't accept it back, nor recognise a new addition. The machine slows down quite a bit.
The machine does however permit my GPS to be removed and plugged in, and the map software recognises it immediately but does not notify 'found new hardware'. Not being a typical storage device, it does not show on Explorer.
4. On normal shutdown, it reboots back to 'normal' and the problem of the ADSL mentioned in 2 & 3 does not recur until GHP arrives, which is inevitable.
5. Skype 5.1 is resident, but won't upgrade from the Help "check for later versions",
nor from a downloaded setup file—while running it gives "problems connecting to server" however there was still a connection. I had similar hiccoughs with my desktop that cleared fairly soon and 5.1.8 was eventually installed from a downloaded setup..
6. CC cleaner is regularly used—the anti-virus is Eset NOD (old version).
orepsam
Active Member
 
Posts: 12
Joined: March 16th, 2012, 6:31 am

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby askey127 » March 24th, 2012, 9:40 am

orepsam,
All that stuff is just garbage sentences, probably created by a computer.
Please let me have a look at the contents of checkhd.txt

By the way, you can pick up anything, including malicious properties, from other users via a hotel wireless. To use any public wireless, the wireless function in a laptop should only be turned on for the brief period of direct communication, then turned off again. Otherwise the laptop and its contents are open to others for reading or writing..

Now I want to check for a rootkit.
Please remove any GPS plug-ins first.
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    (Vista - W7 users: Right-click and select "Run As Administrator")
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
    If you try to change the filename and extension, you may get a warning message from Windows because of the change of file extension. OK the change.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
    • If Cure is not offered as an option, choose Skip.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the main directory of C:
    (the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp)
  6. Copy and paste the contents of that file in your next reply.
If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby orepsam » March 26th, 2012, 3:36 am

Well Askey 123!
Things 'progressed'. Before receiving your latest, I interacted with MS Answers on the same topic.
The advice was "Clean Boot" and then restore to normal boot. To cut a long story short--the GHP went away, but so did a host of other stuff; the computer is working--just--but isolated. No more "Device Manager" or "Add new hardware" , network card not found, but usb recognises wireless mouse. So really a bit of a mess for me (my last week before going on pension) to sort out.
I do appreciate your help, and will try to figure out how to get the virus programme onto the machine. I'll also run the chkdsk thingy for you in the next few days.
If the way forward is now obvious to you, please break the news gently!
Cheers
orepsam
Active Member
 
Posts: 12
Joined: March 16th, 2012, 6:31 am

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby askey127 » March 26th, 2012, 7:33 am

orepsam,
When you work with more than one advisor, neither of them can properly keep track of what's going on.
So you don't need to do anything I previously asked, but please don't install, uninstall, or scan with anything unless I ask, until we are done.
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL
  • Double click on the OTL icon to run it.
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so.
    When the scan starts, OTL may appear to be frozen while it runs. Please be patient.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
The Extras.txt file will only appear as a running Notepad document the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby orepsam » March 27th, 2012, 3:06 am

Hi Askey 127
Managed to download OTL to a flash drive via desktop; pleased to find that the laptop read the drive as well.
However, the 'fun' continues--on executing OTL, I get a message to the effect "OTL experienced a problem and has to close" The error report looked like this file--not sure how to attach.
"The following information about your process will be reported:
Exception information
Code: 0x0eedfade Flags: 0x00000001
Record: 0x0000000000000000 Address: 0x000000007c812afb
System Information
Windows NT 5.1 Build: 2600
CPU Vendor Code: ....etc
CPU version: ...etc
CPU and feature code: 00E5E820

Module 1
OTL.exe
Image base ...etc
Check sum ...etc
etc etc

The following files will be included in this report.
C:Documents/Jen/Locals~1/Temp/64e_appcompat.txt"


I suppose I should have opened that last file, but didn't and I'm at work for this week during the day.

No closer?

Do you need more?
Thanks once again
orepsam
Active Member
 
Posts: 12
Joined: March 16th, 2012, 6:31 am

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby orepsam » March 27th, 2012, 4:09 am

You're probably going to be mad at me once more--Askey.
Senior moment again. I forgot to mention: As part of the MSAnswers 'boot fix', I was told to run Microsoft security Essentials.
It highlighted a medium threat and claimed to have fixed it, so I thought nothing more of it.
I've done some more reading, but NO, I haven't done any more fiddling as advised by you!
I'm beginning to suspect that it didn't fix it. It is HACKTOOL:W​IN32/KEYGE​N/... .
My software is all legal. (Ironically the other laptop, which is working fine (but slow) does have one or two 'dodgy' programmes, but no Hacktool as of yet.)
I'm obviously concerned that the Trojan may migrate there as well.
How do I protect it, apart from isolation or quarantine?
Cheers again.
orepsam
Active Member
 
Posts: 12
Joined: March 16th, 2012, 6:31 am

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby askey127 » March 27th, 2012, 8:42 am

ALL the "dodgy" programs should be assumed to transmit infections.
You should post Logs from the other machine online and get it fixed, or you will end up having to Reformat and Re-Install Windows on both of them.


------------------------------------------------
Download and Run Rkill before Running OTL
You can download a few versions of these to your flash and transfer one at a time until one appears to work.
If a black DOS box briefly flashes and disappears, it indicates the tool ran successfully.
You only need to get one to run, then try OTL again.

Please download and run the tool named Rkill, which may help in allowing other programs to run.
There are different versions with different names. If one of them won't run ,then download and try to run one of the other ones.
After the download, Vista and Win7 users will need to right click the icon and choose Run as Administrator. XP Users can just double-click.
You only need to get ONE of these to run, not all of them. You may get warnings from your antivirus about any of these tools. Either ignore the warnings or shutdown your antivirus.
Please download Rkill from one of the following links (note the different names) and save to your Desktop:
iExplore.exe
Rkill.exe
eXplorer.exe
RKill.com
RKill.scr
Rkill.pif
uSeRiNiT.exe
  • Double-click on the iExplore, Rkill, eXplorer, or uSeRiNiT desktop icon to run the tool.(If using Vista or Windows 7 right-click on it and choose Run As Administrator).
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If you get a Warning Message when you try to run it, run it again while the Warning Message is still displayed.
  • If it doesn't run on the first try, please try to run it another two or three times.
  • If it still does not run, delete the desktop entry. Then download and use the one provided in the next link.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided after trying each a few times, please let me know.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby orepsam » March 28th, 2012, 3:10 am

Perhaps the last chapter Askey?
I ran the first one RKill and received this, after dos screen etc.:
"This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 2012/03/27 at 20:12:19.
Operating System: Microsoft Windows XP
Processes terminated by Rkill or while it was running:
Rkill completed on 2012/03/27 at 20:12:29."
I thought it may have worked, but OTL still couldn't open.
I ran all the others with the same result, just slightly different text log.
I couldn't get RKill.pif to download.
It seems as though executing 'non-MSoft' exe files doesn't work. By contrast the preloaded Word, Excel etc seem unaffected.
Thanks again
orepsam
Active Member
 
Posts: 12
Joined: March 16th, 2012, 6:31 am

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby askey127 » March 28th, 2012, 6:56 am

There is no question that you have a malware infection on this machine.
Please try to run TDSSKiller per the previous instructions.
Download it to a flash drive from a clean machine if necessary in order to transfer(copy) it to the desktop of this one.
When you follow instructions here, it's important to follow the details exactly.
Online assistance is difficult, and every item in the instructions is significant.

Since this is an infection, I am going to Move this topic to the Malware Removal section of the forum.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby orepsam » March 28th, 2012, 9:23 am

Once again many thanks.
I'll try the rootkit and let you know.
I still think the MSoft recommended 'clean boot' caused the present weak state of the machine. Before that I could have run your kit.
Any point in trying Hitmanpro, if the kit doesn't work?
orepsam
Active Member
 
Posts: 12
Joined: March 16th, 2012, 6:31 am

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby askey127 » March 28th, 2012, 10:27 am

HitmanPro is a conglomeration of a bunch of anti-spyware utilities, some good, some not so good.
Problem is you never know what it will do, or what it did afterward.

We have other tools if this doesn't work properly.
Please don't try to run things on your own in between replies.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby orepsam » March 29th, 2012, 2:54 am

I'm still listening to you Askey--scared to do anything at this stage!
I don't know how to post the text file so here is the paste version.
It ran but found nothing, but nothing has changed with my setup:
"07:58:38.0221 0392 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
07:58:38.0261 0392 ============================================================
07:58:38.0261 0392 Current date / time: 2012/03/29 07:58:38.0261
07:58:38.0261 0392 SystemInfo:
07:58:38.0261 0392
07:58:38.0261 0392 OS Version: 5.1.2600 ServicePack: 3.0
07:58:38.0261 0392 Product type: Workstation
07:58:38.0261 0392 ComputerName: TWILIGHTER1
07:58:38.0261 0392 UserName: Jen
07:58:38.0261 0392 Windows directory: C:\WINDOWS
07:58:38.0261 0392 System windows directory: C:\WINDOWS
07:58:38.0261 0392 Processor architecture: Intel x86
07:58:38.0261 0392 Number of processors: 1
07:58:38.0261 0392 Page size: 0x1000
07:58:38.0261 0392 Boot type: Normal boot
07:58:38.0261 0392 ============================================================
07:58:42.0316 0392 Drive \Device\Harddisk0\DR0 - Size: 0x8DC17E400 (35.44 Gb), SectorSize: 0x200, Cylinders: 0x1333, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
07:58:42.0327 0392 \Device\Harddisk0\DR0:
07:58:42.0327 0392 MBR used
07:58:42.0327 0392 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x46DF3F1
07:58:42.0407 0392 Initialize success
07:58:42.0407 0392 ============================================================
07:59:07.0683 1640 ============================================================
07:59:07.0683 1640 Scan started
07:59:07.0683 1640 Mode: Manual;
07:59:07.0683 1640 ============================================================
07:59:07.0993 1640 Abiosdsk - ok
07:59:08.0114 1640 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
07:59:08.0134 1640 abp480n5 - ok
07:59:08.0204 1640 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:59:08.0204 1640 ACPI - ok
07:59:08.0244 1640 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
07:59:08.0254 1640 ACPIEC - ok
07:59:08.0334 1640 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
07:59:08.0354 1640 adpu160m - ok
07:59:08.0434 1640 aeaudio (75bee80a25fc7f690dcd57570dc159c1) C:\WINDOWS\system32\drivers\aeaudio.sys
07:59:08.0494 1640 aeaudio - ok
07:59:08.0574 1640 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
07:59:08.0584 1640 aec - ok
07:59:08.0654 1640 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
07:59:08.0684 1640 AFD - ok
07:59:09.0125 1640 AgereSoftModem (aff071b6290776e1fa162837c35eac78) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
07:59:09.0185 1640 AgereSoftModem - ok
07:59:09.0325 1640 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
07:59:09.0345 1640 agp440 - ok
07:59:09.0365 1640 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
07:59:09.0375 1640 agpCPQ - ok
07:59:09.0456 1640 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
07:59:09.0466 1640 Aha154x - ok
07:59:09.0496 1640 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
07:59:09.0496 1640 aic78u2 - ok
07:59:09.0516 1640 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
07:59:09.0526 1640 aic78xx - ok
07:59:09.0586 1640 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
07:59:09.0596 1640 Alerter - ok
07:59:09.0666 1640 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
07:59:09.0666 1640 ALG - ok
07:59:09.0746 1640 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
07:59:09.0786 1640 AliIde - ok
07:59:09.0826 1640 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
07:59:09.0826 1640 alim1541 - ok
07:59:09.0856 1640 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
07:59:09.0856 1640 amdagp - ok
07:59:09.0886 1640 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
07:59:09.0916 1640 amsint - ok
07:59:10.0006 1640 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
07:59:10.0016 1640 AppMgmt - ok
07:59:10.0187 1640 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
07:59:10.0237 1640 asc - ok
07:59:10.0347 1640 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
07:59:10.0347 1640 asc3350p - ok
07:59:10.0377 1640 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
07:59:10.0377 1640 asc3550 - ok
07:59:10.0587 1640 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:59:10.0617 1640 aspnet_state - ok
07:59:10.0727 1640 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:59:10.0727 1640 AsyncMac - ok
07:59:10.0978 1640 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
07:59:10.0978 1640 atapi - ok
07:59:10.0998 1640 Atdisk - ok
07:59:11.0068 1640 Ati HotKey Poller (d80eb0b6a201b6680a5fc627963781f6) C:\WINDOWS\system32\Ati2evxx.exe
07:59:11.0078 1640 Ati HotKey Poller - ok
07:59:11.0218 1640 ati2mtag (e42f83f1e85cf0b9f9873851543dcd9d) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
07:59:11.0258 1640 ati2mtag - ok
07:59:11.0328 1640 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:59:11.0328 1640 Atmarpc - ok
07:59:11.0448 1640 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
07:59:11.0458 1640 AudioSrv - ok
07:59:11.0529 1640 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
07:59:11.0589 1640 audstub - ok
07:59:11.0669 1640 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
07:59:11.0669 1640 Beep - ok
07:59:11.0839 1640 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
07:59:11.0859 1640 BITS - ok
07:59:11.0919 1640 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
07:59:11.0979 1640 Browser - ok
07:59:12.0069 1640 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
07:59:12.0069 1640 cbidf - ok
07:59:12.0139 1640 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
07:59:12.0139 1640 cbidf2k - ok
07:59:12.0260 1640 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
07:59:12.0260 1640 CCDECODE - ok
07:59:12.0510 1640 CcmExec (bf5b5a479b70edc2ce4b5112d846ee54) C:\WINDOWS\system32\CCM\CcmExec.exe
07:59:12.0550 1640 CcmExec - ok
07:59:12.0630 1640 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
07:59:12.0670 1640 cd20xrnt - ok
07:59:12.0810 1640 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
07:59:12.0810 1640 Cdaudio - ok
07:59:12.0860 1640 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
07:59:12.0890 1640 Cdfs - ok
07:59:13.0001 1640 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:59:13.0011 1640 Cdrom - ok
07:59:13.0081 1640 Changer - ok
07:59:13.0141 1640 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
07:59:13.0221 1640 CiSvc - ok
07:59:13.0341 1640 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
07:59:13.0351 1640 ClipSrv - ok
07:59:13.0461 1640 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:59:13.0521 1640 clr_optimization_v2.0.50727_32 - ok
07:59:13.0581 1640 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
07:59:13.0591 1640 CmBatt - ok
07:59:13.0642 1640 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
07:59:13.0672 1640 CmdIde - ok
07:59:13.0732 1640 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
07:59:13.0742 1640 Compbatt - ok
07:59:13.0952 1640 COMSysApp - ok
07:59:14.0072 1640 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
07:59:14.0072 1640 Cpqarray - ok
07:59:14.0132 1640 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
07:59:14.0142 1640 CryptSvc - ok
07:59:14.0182 1640 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
07:59:14.0202 1640 dac2w2k - ok
07:59:14.0343 1640 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
07:59:14.0373 1640 dac960nt - ok
07:59:14.0473 1640 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
07:59:14.0503 1640 DcomLaunch - ok
07:59:14.0623 1640 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
07:59:14.0623 1640 Dhcp - ok
07:59:14.0713 1640 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
07:59:14.0713 1640 Disk - ok
07:59:14.0763 1640 dmadmin - ok
07:59:14.0933 1640 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
07:59:14.0963 1640 dmboot - ok
07:59:15.0004 1640 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
07:59:15.0004 1640 dmio - ok
07:59:15.0034 1640 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
07:59:15.0034 1640 dmload - ok
07:59:15.0104 1640 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
07:59:15.0124 1640 dmserver - ok
07:59:15.0184 1640 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
07:59:15.0184 1640 DMusic - ok
07:59:15.0234 1640 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
07:59:15.0264 1640 Dnscache - ok
07:59:15.0394 1640 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
07:59:15.0414 1640 Dot3svc - ok
07:59:15.0464 1640 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
07:59:15.0464 1640 dpti2o - ok
07:59:15.0504 1640 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
07:59:15.0514 1640 drmkaud - ok
07:59:15.0584 1640 DUSBCamera (a9951da2066cc6a038d5f4650a5a2cf1) C:\WINDOWS\system32\Drivers\IBM_501B.SYS
07:59:15.0614 1640 DUSBCamera - ok
07:59:15.0715 1640 E1000 (d94437e7ee086677b266099f695cdea1) C:\WINDOWS\system32\DRIVERS\e1000325.sys
07:59:15.0715 1640 E1000 - ok
07:59:15.0975 1640 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
07:59:15.0985 1640 eamon - ok
07:59:16.0065 1640 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
07:59:16.0105 1640 EapHost - ok
07:59:16.0285 1640 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
07:59:16.0315 1640 ehdrv - ok
07:59:16.0616 1640 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
07:59:16.0636 1640 ekrn - ok
07:59:16.0726 1640 epfwtdir (06c65ac0a703cf8eea4f284d901a1550) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
07:59:16.0766 1640 epfwtdir - ok
07:59:16.0926 1640 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
07:59:16.0926 1640 ERSvc - ok
07:59:17.0097 1640 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
07:59:17.0107 1640 Eventlog - ok
07:59:17.0257 1640 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
07:59:17.0277 1640 EventSystem - ok
07:59:17.0437 1640 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
07:59:17.0437 1640 Fastfat - ok
07:59:17.0497 1640 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
07:59:17.0547 1640 FastUserSwitchingCompatibility - ok
07:59:17.0637 1640 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
07:59:17.0657 1640 Fdc - ok
07:59:17.0747 1640 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
07:59:17.0928 1640 FilterService - ok
07:59:18.0008 1640 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
07:59:18.0008 1640 Fips - ok
07:59:18.0078 1640 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
07:59:18.0088 1640 Flpydisk - ok
07:59:18.0138 1640 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
07:59:18.0148 1640 FltMgr - ok
07:59:18.0348 1640 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
07:59:18.0388 1640 FontCache3.0.0.0 - ok
07:59:18.0529 1640 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:59:18.0529 1640 Fs_Rec - ok
07:59:18.0579 1640 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:59:18.0609 1640 Ftdisk - ok
07:59:18.0689 1640 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:59:18.0709 1640 Gpc - ok
07:59:18.0779 1640 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
07:59:18.0859 1640 grmnusb - ok
07:59:19.0009 1640 gupdate1cab8b87fc59b80 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
07:59:19.0019 1640 gupdate1cab8b87fc59b80 - ok
07:59:19.0039 1640 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
07:59:19.0049 1640 gupdatem - ok
07:59:19.0190 1640 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:59:19.0240 1640 gusvc - ok
07:59:19.0350 1640 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:59:19.0370 1640 helpsvc - ok
07:59:19.0480 1640 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
07:59:19.0510 1640 HidServ - ok
07:59:19.0710 1640 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:59:19.0710 1640 HidUsb - ok
07:59:19.0891 1640 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
07:59:19.0901 1640 hkmsvc - ok
07:59:20.0051 1640 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
07:59:20.0051 1640 hpn - ok
07:59:20.0171 1640 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
07:59:20.0181 1640 HTTP - ok
07:59:20.0271 1640 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
07:59:20.0291 1640 HTTPFilter - ok
07:59:20.0411 1640 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
07:59:20.0431 1640 i2omgmt - ok
07:59:20.0572 1640 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
07:59:20.0602 1640 i2omp - ok
07:59:20.0762 1640 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:59:20.0762 1640 i8042prt - ok
07:59:20.0902 1640 IBMPMDRV (6207f110f2530f187bf876012ebec664) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
07:59:20.0902 1640 IBMPMDRV - ok
07:59:21.0002 1640 IBMPMSVC (be5a1caa43dd8d9ba44c516aff001089) C:\WINDOWS\system32\ibmpmsvc.exe
07:59:21.0022 1640 IBMPMSVC - ok
07:59:21.0323 1640 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:59:21.0373 1640 idsvc - ok
07:59:21.0483 1640 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
07:59:21.0483 1640 Imapi - ok
07:59:21.0553 1640 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
07:59:21.0563 1640 ImapiService - ok
07:59:21.0713 1640 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
07:59:21.0713 1640 ini910u - ok
07:59:21.0763 1640 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
07:59:22.0094 1640 IntelIde - ok
07:59:22.0174 1640 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
07:59:22.0174 1640 intelppm - ok
07:59:22.0274 1640 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
07:59:22.0274 1640 Ip6Fw - ok
07:59:22.0404 1640 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:59:22.0434 1640 IpFilterDriver - ok
07:59:22.0544 1640 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:59:22.0544 1640 IpInIp - ok
07:59:22.0644 1640 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:59:22.0644 1640 IpNat - ok
07:59:22.0725 1640 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:59:22.0735 1640 IPSec - ok
07:59:22.0895 1640 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
07:59:22.0895 1640 irda - ok
07:59:22.0935 1640 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
07:59:22.0955 1640 IRENUM - ok
07:59:23.0035 1640 Irmon (49cc4533ce897cb2e93c1e84a818fde5) C:\WINDOWS\System32\irmon.dll
07:59:23.0035 1640 Irmon - ok
07:59:23.0085 1640 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:59:23.0095 1640 isapnp - ok
07:59:23.0125 1640 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:59:23.0125 1640 Kbdclass - ok
07:59:23.0185 1640 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:59:23.0195 1640 kbdhid - ok
07:59:23.0305 1640 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
07:59:23.0315 1640 kmixer - ok
07:59:23.0396 1640 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
07:59:23.0406 1640 KSecDD - ok
07:59:23.0496 1640 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
07:59:23.0546 1640 lanmanserver - ok
07:59:23.0716 1640 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
07:59:23.0726 1640 lanmanworkstation - ok
07:59:24.0257 1640 lbrtfdc - ok
07:59:24.0367 1640 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
07:59:24.0367 1640 LmHosts - ok
07:59:24.0447 1640 LPDSVC (32933b07fc16d9f778bee12545fa1b1a) C:\WINDOWS\system32\tcpsvcs.exe
07:59:24.0507 1640 LPDSVC - ok
07:59:24.0607 1640 lvpopflt - ok
07:59:24.0667 1640 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
07:59:24.0667 1640 LVPr2Mon - ok
07:59:24.0828 1640 LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
07:59:24.0878 1640 LVPrcSrv - ok
07:59:24.0968 1640 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys
07:59:24.0988 1640 LVRS - ok
07:59:25.0058 1640 LVUSBSta - ok
07:59:25.0539 1640 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
07:59:25.0769 1640 LVUVC - ok
07:59:25.0999 1640 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
07:59:26.0029 1640 MDM - ok
07:59:26.0210 1640 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
07:59:26.0210 1640 Messenger - ok
07:59:26.0310 1640 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
07:59:26.0330 1640 mnmdd - ok
07:59:26.0430 1640 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
07:59:26.0430 1640 mnmsrvc - ok
07:59:26.0510 1640 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
07:59:26.0510 1640 Modem - ok
07:59:26.0590 1640 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:59:26.0600 1640 Mouclass - ok
07:59:26.0740 1640 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:59:26.0750 1640 mouhid - ok
07:59:26.0941 1640 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
07:59:26.0941 1640 MountMgr - ok
07:59:27.0061 1640 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
07:59:27.0091 1640 mraid35x - ok
07:59:27.0191 1640 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:59:27.0201 1640 MRxDAV - ok
07:59:27.0321 1640 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:59:27.0371 1640 MRxSmb - ok
07:59:27.0471 1640 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
07:59:27.0522 1640 MSDTC - ok
07:59:27.0622 1640 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
07:59:27.0622 1640 Msfs - ok
07:59:27.0752 1640 MSIServer - ok
07:59:28.0082 1640 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:59:28.0082 1640 MSKSSRV - ok
07:59:28.0122 1640 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:59:28.0122 1640 MSPCLOCK - ok
07:59:28.0162 1640 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
07:59:28.0162 1640 MSPQM - ok
07:59:28.0223 1640 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:59:28.0223 1640 mssmbios - ok
07:59:28.0293 1640 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
07:59:28.0303 1640 MSTEE - ok
07:59:28.0413 1640 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
07:59:28.0413 1640 Mup - ok
07:59:28.0493 1640 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
07:59:28.0523 1640 NABTSFEC - ok
07:59:28.0593 1640 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
07:59:28.0643 1640 napagent - ok
07:59:28.0863 1640 NATURAL412BufferpoolService (f38c5a611fe3bbf640ad6d19479e17ff) C:\PROGRAM FILES\SOFTWARE AG\NATURAL RUNTIME\4.1.2\BIN\NATBPSVC.EXE
07:59:28.0903 1640 NATURAL412BufferpoolService - ok
07:59:29.0094 1640 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
07:59:29.0104 1640 NDIS - ok
07:59:29.0224 1640 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
07:59:29.0224 1640 NdisIP - ok
07:59:29.0354 1640 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:59:29.0354 1640 NdisTapi - ok
07:59:29.0504 1640 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:59:29.0504 1640 Ndisuio - ok
07:59:29.0584 1640 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:59:29.0604 1640 NdisWan - ok
07:59:29.0695 1640 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
07:59:29.0715 1640 NDProxy - ok
07:59:29.0805 1640 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
07:59:29.0855 1640 NetBIOS - ok
07:59:29.0925 1640 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
07:59:29.0935 1640 NetBT - ok
07:59:30.0065 1640 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
07:59:30.0075 1640 NetDDE - ok
07:59:30.0095 1640 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
07:59:30.0095 1640 NetDDEdsdm - ok
07:59:30.0195 1640 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:59:30.0195 1640 Netlogon - ok
07:59:30.0295 1640 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
07:59:30.0316 1640 Netman - ok
07:59:30.0556 1640 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:59:30.0586 1640 NetTcpPortSharing - ok
07:59:30.0746 1640 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
07:59:30.0756 1640 Nla - ok
07:59:31.0067 1640 nmwcd (696b37ea78f9d9767a2f18ba0304a51a) C:\WINDOWS\system32\drivers\nmwcd.sys
07:59:31.0097 1640 nmwcd - ok
07:59:31.0167 1640 nmwcdc (bbb6010fc01d9239d88fcdf133e03ff0) C:\WINDOWS\system32\drivers\nmwcdc.sys
07:59:31.0217 1640 nmwcdc - ok
07:59:31.0347 1640 nmwcdcj (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcj.sys
07:59:31.0347 1640 nmwcdcj - ok
07:59:31.0387 1640 nmwcdcm (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcm.sys
07:59:31.0397 1640 nmwcdcm - ok
07:59:31.0457 1640 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
07:59:31.0457 1640 Npfs - ok
07:59:31.0527 1640 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
07:59:31.0557 1640 NSCIRDA - ok
07:59:31.0647 1640 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
07:59:31.0677 1640 Ntfs - ok
07:59:31.0778 1640 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:59:31.0788 1640 NtLmSsp - ok
07:59:31.0928 1640 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
07:59:31.0958 1640 NtmsSvc - ok
07:59:32.0158 1640 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
07:59:32.0168 1640 NuidFltr - ok
07:59:32.0268 1640 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
07:59:32.0268 1640 Null - ok
07:59:32.0368 1640 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:59:32.0378 1640 NwlnkFlt - ok
07:59:32.0469 1640 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:59:32.0469 1640 NwlnkFwd - ok
07:59:32.0569 1640 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:59:32.0569 1640 ose - ok
07:59:32.0719 1640 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
07:59:32.0719 1640 Parport - ok
07:59:32.0859 1640 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
07:59:32.0859 1640 PartMgr - ok
07:59:33.0009 1640 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
07:59:33.0009 1640 ParVdm - ok
07:59:33.0069 1640 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
07:59:33.0079 1640 PCI - ok
07:59:33.0100 1640 PCIDump - ok
07:59:33.0140 1640 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
07:59:33.0150 1640 PCIIde - ok
07:59:33.0200 1640 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
07:59:33.0210 1640 Pcmcia - ok
07:59:33.0250 1640 PDCOMP - ok
07:59:33.0280 1640 PDFRAME - ok
07:59:33.0300 1640 PDRELI - ok
07:59:33.0330 1640 PDRFRAME - ok
07:59:33.0370 1640 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
07:59:33.0380 1640 perc2 - ok
07:59:33.0410 1640 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
07:59:33.0430 1640 perc2hib - ok
07:59:33.0480 1640 PID_0928 - ok
07:59:33.0540 1640 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
07:59:33.0550 1640 PlugPlay - ok
07:59:33.0600 1640 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:59:33.0600 1640 PolicyAgent - ok
07:59:33.0650 1640 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:59:33.0650 1640 PptpMiniport - ok
07:59:33.0760 1640 prepdrvr (f6c80bd6f2a5c1ccc1c2519f02d99bf2) C:\WINDOWS\system32\CCM\prepdrv.sys
07:59:33.0760 1640 prepdrvr - ok
07:59:33.0861 1640 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:59:33.0871 1640 ProtectedStorage - ok
07:59:33.0911 1640 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
07:59:33.0921 1640 PSched - ok
07:59:33.0961 1640 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:59:33.0961 1640 Ptilink - ok
07:59:34.0101 1640 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
07:59:34.0131 1640 ql1080 - ok
07:59:34.0201 1640 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
07:59:34.0211 1640 Ql10wnt - ok
07:59:34.0241 1640 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
07:59:35.0523 1640 ql12160 - ok
07:59:35.0563 1640 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
07:59:35.0573 1640 ql1240 - ok
07:59:35.0603 1640 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
07:59:35.0623 1640 ql1280 - ok
07:59:35.0924 1640 RapportCerberus_34302 (6b6f0a77365667912360ff1d5e984f25) C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys
07:59:35.0934 1640 RapportCerberus_34302 - ok
07:59:36.0144 1640 RapportEI (5074fe56c70b31909c6b3129280c4cf2) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
07:59:36.0164 1640 RapportEI - ok
07:59:36.0364 1640 RapportIaso (dd3e4610de9252a957c5bd19bdf47ac4) c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys
07:59:36.0364 1640 RapportIaso - ok
07:59:36.0575 1640 RapportKELL (d6c7c196ad59375e9dde68d70db6e7a1) C:\WINDOWS\system32\Drivers\RapportKELL.sys
07:59:36.0675 1640 RapportKELL - ok
07:59:36.0965 1640 RapportMgmtService (c7d3492630472dc0546715dd4157b6c2) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
07:59:37.0005 1640 RapportMgmtService - ok
07:59:37.0145 1640 RapportPG (1205f9ccc78d152a5cc509f5ee32800d) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
07:59:37.0195 1640 RapportPG - ok
07:59:37.0326 1640 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:59:37.0346 1640 RasAcd - ok
07:59:37.0456 1640 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
07:59:37.0466 1640 RasAuto - ok
07:59:37.0576 1640 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
07:59:37.0586 1640 Rasirda - ok
07:59:37.0696 1640 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:59:37.0696 1640 Rasl2tp - ok
07:59:37.0776 1640 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
07:59:37.0786 1640 RasMan - ok
07:59:37.0906 1640 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:59:37.0906 1640 RasPppoe - ok
07:59:37.0967 1640 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
07:59:37.0977 1640 Raspti - ok
07:59:38.0147 1640 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:59:38.0157 1640 Rdbss - ok
07:59:38.0207 1640 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:59:38.0217 1640 RDPCDD - ok
07:59:38.0327 1640 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
07:59:38.0327 1640 rdpdr - ok
07:59:38.0407 1640 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
07:59:38.0417 1640 RDPWD - ok
07:59:38.0487 1640 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
07:59:38.0507 1640 RDSessMgr - ok
07:59:38.0658 1640 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
07:59:38.0658 1640 redbook - ok
07:59:38.0738 1640 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
07:59:38.0738 1640 RemoteAccess - ok
07:59:38.0818 1640 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
07:59:38.0888 1640 RemoteRegistry - ok
07:59:38.0948 1640 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
07:59:38.0948 1640 RpcLocator - ok
07:59:39.0038 1640 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
07:59:39.0058 1640 RpcSs - ok
07:59:39.0138 1640 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
07:59:39.0158 1640 RSVP - ok
07:59:39.0208 1640 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:59:39.0218 1640 SamSs - ok
07:59:39.0369 1640 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
07:59:39.0379 1640 SCardSvr - ok
07:59:39.0449 1640 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
07:59:39.0459 1640 Schedule - ok
07:59:39.0549 1640 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:59:39.0549 1640 Secdrv - ok
07:59:39.0619 1640 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
07:59:39.0619 1640 seclogon - ok
07:59:39.0659 1640 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
07:59:39.0669 1640 SENS - ok
07:59:39.0749 1640 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
07:59:39.0749 1640 serenum - ok
07:59:40.0029 1640 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
07:59:40.0040 1640 Serial - ok
07:59:40.0250 1640 ServiceLayer (56eb980da71b94b79a341615c3c256cf) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
07:59:40.0300 1640 ServiceLayer - ok
07:59:40.0460 1640 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
07:59:40.0470 1640 Sfloppy - ok
07:59:40.0580 1640 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
07:59:40.0590 1640 SharedAccess - ok
07:59:40.0670 1640 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
07:59:40.0680 1640 ShellHWDetection - ok
07:59:40.0730 1640 Simbad - ok
07:59:40.0791 1640 SimpTcp (32933b07fc16d9f778bee12545fa1b1a) C:\WINDOWS\system32\tcpsvcs.exe
07:59:40.0801 1640 SimpTcp - ok
07:59:40.0901 1640 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
07:59:40.0911 1640 sisagp - ok
07:59:40.0981 1640 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
07:59:40.0991 1640 SLIP - ok
07:59:41.0101 1640 smwdm (710a9684bf50e6fe7c227b9de41159da) C:\WINDOWS\system32\drivers\smwdm.sys
07:59:41.0111 1640 smwdm - ok
07:59:41.0331 1640 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
07:59:41.0341 1640 SONYPVU1 - ok
07:59:41.0432 1640 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
07:59:41.0442 1640 Sparrow - ok
07:59:41.0542 1640 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
07:59:41.0552 1640 splitter - ok
07:59:41.0642 1640 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
07:59:41.0692 1640 Spooler - ok
07:59:41.0872 1640 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
07:59:41.0872 1640 sr - ok
07:59:41.0982 1640 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
07:59:41.0992 1640 srservice - ok
07:59:42.0082 1640 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
07:59:42.0122 1640 Srv - ok
07:59:42.0203 1640 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
07:59:42.0213 1640 SSDPSRV - ok
07:59:42.0303 1640 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
07:59:42.0323 1640 stisvc - ok
07:59:42.0383 1640 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
07:59:42.0383 1640 streamip - ok
07:59:42.0433 1640 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
07:59:42.0433 1640 swenum - ok
07:59:42.0473 1640 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
07:59:42.0483 1640 swmidi - ok
07:59:42.0593 1640 SwPrv - ok
07:59:42.0683 1640 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
07:59:42.0693 1640 symc810 - ok
07:59:42.0723 1640 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
07:59:42.0723 1640 symc8xx - ok
07:59:42.0753 1640 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
07:59:42.0763 1640 sym_hi - ok
07:59:42.0803 1640 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
07:59:42.0854 1640 sym_u3 - ok
07:59:43.0034 1640 SynTP (1cde0a5c0416187b9b89e03980c6e8de) C:\WINDOWS\system32\DRIVERS\SynTP.sys
07:59:43.0054 1640 SynTP - ok
07:59:43.0134 1640 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
07:59:43.0144 1640 sysaudio - ok
07:59:43.0274 1640 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
07:59:43.0284 1640 SysmonLog - ok
07:59:43.0404 1640 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
07:59:43.0414 1640 TapiSrv - ok
07:59:43.0525 1640 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:59:43.0545 1640 Tcpip - ok
07:59:43.0665 1640 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
07:59:43.0665 1640 TDPIPE - ok
07:59:43.0715 1640 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
07:59:43.0715 1640 TDTCP - ok
07:59:43.0765 1640 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
07:59:43.0765 1640 TermDD - ok
07:59:44.0296 1640 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
07:59:44.0326 1640 TermService - ok
07:59:44.0416 1640 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
07:59:44.0416 1640 Themes - ok
07:59:44.0506 1640 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
07:59:44.0516 1640 TlntSvr - ok
07:59:44.0586 1640 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
07:59:44.0586 1640 TosIde - ok
07:59:44.0706 1640 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
07:59:44.0716 1640 TrkWks - ok
07:59:45.0027 1640 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
07:59:45.0027 1640 Udfs - ok
07:59:45.0127 1640 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
07:59:45.0137 1640 ultra - ok
07:59:45.0227 1640 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
07:59:45.0247 1640 Update - ok
07:59:45.0317 1640 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
07:59:45.0327 1640 upnphost - ok
07:59:45.0367 1640 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
07:59:45.0377 1640 UPS - ok
07:59:45.0457 1640 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
07:59:45.0457 1640 usbaudio - ok
07:59:45.0567 1640 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:59:45.0567 1640 usbccgp - ok
07:59:45.0638 1640 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:59:45.0648 1640 usbehci - ok
07:59:45.0788 1640 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:59:45.0788 1640 usbhub - ok
07:59:45.0868 1640 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:59:45.0878 1640 usbprint - ok
07:59:45.0938 1640 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:59:45.0938 1640 usbscan - ok
07:59:46.0018 1640 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:59:46.0048 1640 USBSTOR - ok
07:59:46.0128 1640 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
07:59:46.0128 1640 usbuhci - ok
07:59:46.0238 1640 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
07:59:46.0238 1640 usbvideo - ok
07:59:46.0309 1640 USB_RNDIS (f39039d5c96c1d3ac2a637a659dbf282) C:\WINDOWS\system32\DRIVERS\usb8023k.sys
07:59:46.0339 1640 USB_RNDIS - ok
07:59:46.0409 1640 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
07:59:46.0419 1640 VgaSave - ok
07:59:46.0579 1640 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
07:59:46.0589 1640 viaagp - ok
07:59:46.0659 1640 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
07:59:46.0669 1640 ViaIde - ok
07:59:46.0729 1640 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
07:59:46.0729 1640 VolSnap - ok
07:59:46.0909 1640 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
07:59:46.0929 1640 VSS - ok
07:59:47.0020 1640 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
07:59:47.0030 1640 W32Time - ok
07:59:47.0170 1640 w70n51 (677ad85e3058c821f5a73cdf7e5b5478) C:\WINDOWS\system32\DRIVERS\w70n51.sys
07:59:47.0190 1640 w70n51 - ok
07:59:47.0260 1640 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:59:47.0270 1640 Wanarp - ok
07:59:47.0360 1640 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
07:59:47.0370 1640 Wdf01000 - ok
07:59:47.0460 1640 WDICA - ok
07:59:47.0560 1640 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
07:59:47.0560 1640 wdmaud - ok
07:59:47.0630 1640 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
07:59:47.0640 1640 WebClient - ok
07:59:47.0721 1640 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
07:59:47.0731 1640 winmgmt - ok
07:59:47.0851 1640 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
07:59:47.0881 1640 WmdmPmSN - ok
07:59:48.0021 1640 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
07:59:48.0041 1640 Wmi - ok
07:59:48.0161 1640 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
07:59:48.0171 1640 WmiApSrv - ok
07:59:48.0512 1640 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
07:59:48.0562 1640 WMPNetworkSvc - ok
07:59:48.0772 1640 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
07:59:48.0782 1640 WpdUsb - ok
07:59:49.0062 1640 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
07:59:49.0062 1640 WS2IFSL - ok
07:59:49.0163 1640 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
07:59:49.0173 1640 wscsvc - ok
07:59:49.0293 1640 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
07:59:49.0303 1640 WSTCODEC - ok
07:59:49.0383 1640 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
07:59:49.0413 1640 wuauserv - ok
07:59:49.0553 1640 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:59:49.0553 1640 WudfPf - ok
07:59:49.0613 1640 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
07:59:49.0623 1640 WudfRd - ok
07:59:49.0683 1640 WudfSvc (ae93084d2d236887ba56467ae42b4955) C:\WINDOWS\System32\WUDFSvc.dll
07:59:49.0693 1640 WudfSvc - ok
07:59:49.0824 1640 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
07:59:49.0904 1640 WZCSVC - ok
07:59:49.0974 1640 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
07:59:50.0004 1640 xmlprov - ok
07:59:50.0114 1640 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
07:59:50.0284 1640 \Device\Harddisk0\DR0 - ok
07:59:50.0314 1640 Boot (0x1200) (8527f03df656d59419ee4ffbbb4b46c2) \Device\Harddisk0\DR0\Partition0
07:59:50.0314 1640 \Device\Harddisk0\DR0\Partition0 - ok
07:59:50.0324 1640 ============================================================
07:59:50.0324 1640 Scan finished
07:59:50.0324 1640 ============================================================
07:59:50.0344 1608 Detected object count: 0
07:59:50.0344 1608 Actual detected object count: 0
08:01:28.0986 2000 Deinitialize success"
Cheers for now -- Next chapter?
orepsam
Active Member
 
Posts: 12
Joined: March 16th, 2012, 6:31 am

Re: Faulting application svchost.exe, version 5.1.2600.5512

Unread postby orepsam » March 29th, 2012, 3:02 am

Sorry just noticed the upload buttons.
The text file is attached. I hope uploaded correctly.
Regards
You do not have the required permissions to view the files attached to this post.
orepsam
Active Member
 
Posts: 12
Joined: March 16th, 2012, 6:31 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 30 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware