Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malware?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Malware?

Unread postby howlngwlf » July 8th, 2012, 9:04 pm

Recently my computer has started to like kick me offline for only a few secs and then its back online...I have malwarebytes and ran it recently it had found pup.codec.pr and pup.crossfire.gen...I believe i cleaned everything correctly, but the problem still goes on...Here is my DDS log and text...Thanks in advance for help.


DS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by howlngwlf at 19:54:17 on 2012-07-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8106.5979 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\AMBSpiE.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\howlngwlf\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\howlngwlf\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\howlngwlf\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\howlngwlf\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\howlngwlf\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\howlngwlf\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\howlngwlf\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.dell.com
uURLSearchHooks: uTorrentControl Toolbar: {e9df9360-97f8-4690-afe6-996c80790da4} - C:\Program Files (x86)\uTorrentControl\prxtbuTor.dll
mURLSearchHooks: uTorrentControl Toolbar: {e9df9360-97f8-4690-afe6-996c80790da4} - C:\Program Files (x86)\uTorrentControl\prxtbuTor.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: uTorrentControl Toolbar: {e9df9360-97f8-4690-afe6-996c80790da4} - C:\Program Files (x86)\uTorrentControl\prxtbuTor.dll
TB: uTorrentControl Toolbar: {e9df9360-97f8-4690-afe6-996c80790da4} - C:\Program Files (x86)\uTorrentControl\prxtbuTor.dll
uRun: [Google Update] "C:\Users\howlngwlf\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
StartupFolder: C:\Users\HOWLNG~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ZOOSKM~1.LNK - C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
IE: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8CB5C382-CCB2-4F58-B810-3B6E12D86A28} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8CB5C382-CCB2-4F58-B810-3B6E12D86A28}\16474777966696 : DhcpNameServer = 192.168.4.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{8CB5C382-CCB2-4F58-B810-3B6E12D86A28}\2456C6B696E6F5E4B2F5443314644443 : DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{8CB5C382-CCB2-4F58-B810-3B6E12D86A28}\2656C6B696E6E233568333 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{8CB5C382-CCB2-4F58-B810-3B6E12D86A28}\3416A657E6241697F657E4564777F627B6 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{8CB5C382-CCB2-4F58-B810-3B6E12D86A28}\8686F6E6F62737 : DhcpNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{8CB5C382-CCB2-4F58-B810-3B6E12D86A28}\C416155796E64716 : DhcpNameServer = 4.2.2.1
TCP: Interfaces\{8CB5C382-CCB2-4F58-B810-3B6E12D86A28}\D4F64756C60263 : DhcpNameServer = 10.128.128.128
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Name-Space Handler: FTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\PROGRA~2\DAP\dapie.dll
Name-Space Handler: HTTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\PROGRA~2\DAP\dapie.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: DealPly: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: uTorrentControl Toolbar: {e9df9360-97f8-4690-afe6-996c80790da4} - C:\Program Files (x86)\uTorrentControl\prxtbuTor.dll
BHO-X64: uTorrentControl - No File
TB-X64: uTorrentControl Toolbar: {e9df9360-97f8-4690-afe6-996c80790da4} - C:\Program Files (x86)\uTorrentControl\prxtbuTor.dll
mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-4-24 98208]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-24 2009704]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-24 705856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-2-18 378472]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-24 2656280]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-21 136176]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-4-24 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-4-24 79360]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-21 136176]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys --> C:\Windows\system32\drivers\ScreamingBAudio64.sys [?]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2011-4-24 79360]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2012-5-16 14544]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-07-08 10:09:00 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C39858B8-7973-49C7-9BAC-866DFF7BF7CE}\offreg.dll
2012-07-08 10:08:11 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C39858B8-7973-49C7-9BAC-866DFF7BF7CE}\mpengine.dll
2012-07-07 19:59:25 -------- d-----w- C:\Users\howlngwlf\AppData\Roaming\Malwarebytes
2012-07-07 19:59:16 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-07 19:59:15 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-07-07 19:59:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-03 19:09:13 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{26EFC806-3BC3-4E78-AC67-5D9B24B7AA6F}\gapaengine.dll
2012-06-14 21:04:56 -------- d-----w- C:\Users\howlngwlf\AppData\Local\ArmA 2 OA
2012-06-14 21:00:26 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll
2012-06-14 21:00:26 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll
2012-06-14 21:00:26 530776 ----a-w- C:\Windows\System32\XAudio2_6.dll
2012-06-14 21:00:26 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll
2012-06-14 21:00:26 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2012-06-14 21:00:26 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll
2012-06-14 21:00:26 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2012-06-14 21:00:26 176984 ----a-w- C:\Windows\System32\xactengine3_6.dll
2012-06-13 07:40:41 -------- d-----w- C:\Users\howlngwlf\AppData\Local\ArmA 2
.
==================== Find3M ====================
.
2012-06-11 07:47:06 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-11 07:47:05 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 10:31:08 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
.
============= FINISH: 19:54:44.34 ===============




.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/29/2011 16:07:36
System Uptime: 7/7/2012 22:07:05 (21 hours ago)
.
Motherboard: Dell Inc. | | 0XN71K
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz | CPU | 1480/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 351.552 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP233: 6/21/2012 14:21:56 - Windows Update
RP234: 6/25/2012 13:49:42 - Windows Update
RP235: 6/28/2012 14:42:31 - Windows Update
RP236: 7/2/2012 14:06:12 - Windows Update
RP237: 7/6/2012 21:11:55 - Windows Update
.
==== Installed Programs ======================
.
AccelerometerP11
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Advanced Audio FX Engine
Amazon MP3 Downloader 1.0.12
ARMA 2
ARMA 2: Operation Arrowhead
Battlelog Web Plugins
BattlEye for OA Uninstall
BattlEye Uninstall
Cozi
D3DX10
DealPly
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell VideoStage
Dell Webcam Central
DirectX 9 Runtime
DivX Setup
Download Accelerator Plus (DAP)
eBay
ESN Sonar
FSX Dash 8 Q300
Game Booster 3
Google Chrome
Google Earth Plug-in
Google Update Helper
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Wireless Display
Internet Explorer
Java Auto Updater
Java(TM) 6 Update 31
Junk Mail filter update
LUVCARS version 2.0
Malwarebytes Anti-Malware version 1.61.0.1400
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 1.1
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Flight Simulator X Service Pack 2
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
mIRC
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Mumble 1.2.3
NVIDIA Stereoscopic 3D Driver
Pando Media Booster
PhotoShowExpress
Premiumplay Codec-C
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Skype Toolbars
Skype™ 4.2
Sonic CinePlayer Decoder Pack
Sound Blaster X-Fi MB
SquawkBox
Star Trek Online
Steam
TeamSpeak 3 Client
TFDi/POSKY 737-700
Unity Web Player
US ACARS 2.2
USAVA SAAB 340-B FSX
VC80CRTRedist - 8.0.50727.6195
Veetle TV 0.9.18
Ventrilo Client
vroute.info
Windows Essentials Media Codec Pack 4.0 [64-Bit]
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 4.01 (32-bit)
Xvid Video Codec
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
7/7/2012 15:16:05, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
7/7/2012 15:16:05, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/7/2012 15:16:01, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/7/2012 15:15:54, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
7/7/2012 15:15:54, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
7/7/2012 15:15:43, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/4/2012 14:04:25, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{8CB5C382-CCB2-4F58-B810-3B6E12D86A28} because another computer on the network has the same name. The server could not start.
.
==== End Of File ===========================
howlngwlf
Active Member
 
Posts: 5
Joined: July 8th, 2012, 8:59 pm
Advertisement
Register to Remove

Re: Malware?

Unread postby Alander » July 13th, 2012, 12:07 am

Hello, I Am Alander :)

I would be glad to take a look at your log and help you with solving any malware problems.

DDS logs can take a while to research so please be patient while I work on your log and I will post back here with any recommendations.

As I am still training, everything that I post to you, must be checked by an Admin or Moderator.

Thus, there may be a tiny bit of a delay between posts. While it shouldn't be too long, you can be assured you will get the best possible advice.


  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
User avatar
Alander
Regular Member
 
Posts: 1599
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Malware?

Unread postby howlngwlf » July 13th, 2012, 4:55 pm

Thank you for the reply...I will be notified when you reply again.
howlngwlf
Active Member
 
Posts: 5
Joined: July 8th, 2012, 8:59 pm

Re: Malware?

Unread postby Alander » July 16th, 2012, 11:07 am

Hi, is this machine used for any kind of business activities? I need to know to give the appropriate instructions

TDSSKiller

Please download TDSSKiller.exe and save it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT
User avatar
Alander
Regular Member
 
Posts: 1599
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Malware?

Unread postby howlngwlf » July 17th, 2012, 5:33 pm

Dont think it found anything...




16:31:11.0306 5924 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
16:31:11.0795 5924 ============================================================
16:31:11.0795 5924 Current date / time: 2012/07/17 16:31:11.0795
16:31:11.0795 5924 SystemInfo:
16:31:11.0795 5924
16:31:11.0795 5924 OS Version: 6.1.7601 ServicePack: 1.0
16:31:11.0795 5924 Product type: Workstation
16:31:11.0795 5924 ComputerName: HOWLNGWLF-LT
16:31:11.0796 5924 UserName: howlngwlf
16:31:11.0796 5924 Windows directory: C:\Windows
16:31:11.0796 5924 System windows directory: C:\Windows
16:31:11.0796 5924 Running under WOW64
16:31:11.0796 5924 Processor architecture: Intel x64
16:31:11.0796 5924 Number of processors: 8
16:31:11.0796 5924 Page size: 0x1000
16:31:11.0796 5924 Boot type: Normal boot
16:31:11.0796 5924 ============================================================
16:31:13.0606 5924 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:31:13.0616 5924 ============================================================
16:31:13.0616 5924 \Device\Harddisk0\DR0:
16:31:13.0617 5924 MBR partitions:
16:31:13.0617 5924 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x1D4C000
16:31:13.0617 5924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7EFCD, BlocksNum 0x38606863
16:31:13.0617 5924 ============================================================
16:31:13.0647 5924 C: <-> \Device\Harddisk0\DR0\Partition1
16:31:13.0647 5924 ============================================================
16:31:13.0647 5924 Initialize success
16:31:13.0647 5924 ============================================================
16:31:15.0921 6500 ============================================================
16:31:15.0921 6500 Scan started
16:31:15.0921 6500 Mode: Manual;
16:31:15.0921 6500 ============================================================
16:31:16.0571 6500 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:31:16.0575 6500 1394ohci - ok
16:31:16.0622 6500 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
16:31:16.0624 6500 Acceler - ok
16:31:16.0654 6500 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:31:16.0667 6500 ACPI - ok
16:31:16.0683 6500 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:31:16.0685 6500 AcpiPmi - ok
16:31:16.0785 6500 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:31:16.0787 6500 AdobeARMservice - ok
16:31:16.0846 6500 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:31:16.0860 6500 adp94xx - ok
16:31:16.0900 6500 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:31:16.0914 6500 adpahci - ok
16:31:16.0931 6500 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:31:16.0935 6500 adpu320 - ok
16:31:16.0969 6500 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:31:16.0971 6500 AeLookupSvc - ok
16:31:17.0017 6500 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
16:31:17.0019 6500 AERTFilters - ok
16:31:17.0068 6500 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
16:31:17.0083 6500 AFD - ok
16:31:17.0123 6500 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:31:17.0133 6500 agp440 - ok
16:31:17.0153 6500 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:31:17.0153 6500 ALG - ok
16:31:17.0163 6500 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:31:17.0173 6500 aliide - ok
16:31:17.0183 6500 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:31:17.0183 6500 amdide - ok
16:31:17.0213 6500 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:31:17.0213 6500 AmdK8 - ok
16:31:17.0233 6500 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:31:17.0233 6500 AmdPPM - ok
16:31:17.0253 6500 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:31:17.0263 6500 amdsata - ok
16:31:17.0293 6500 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:31:17.0293 6500 amdsbs - ok
16:31:17.0303 6500 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:31:17.0303 6500 amdxata - ok
16:31:17.0350 6500 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:31:17.0365 6500 AppID - ok
16:31:17.0365 6500 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:31:17.0365 6500 AppIDSvc - ok
16:31:17.0417 6500 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:31:17.0417 6500 Appinfo - ok
16:31:17.0437 6500 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:31:17.0437 6500 arc - ok
16:31:17.0447 6500 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:31:17.0457 6500 arcsas - ok
16:31:17.0517 6500 aspnet_state - ok
16:31:17.0537 6500 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:31:17.0537 6500 AsyncMac - ok
16:31:17.0557 6500 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:31:17.0557 6500 atapi - ok
16:31:17.0617 6500 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:31:17.0637 6500 AudioEndpointBuilder - ok
16:31:17.0637 6500 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:31:17.0647 6500 AudioSrv - ok
16:31:17.0697 6500 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:31:17.0697 6500 AxInstSV - ok
16:31:17.0737 6500 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:31:17.0757 6500 b06bdrv - ok
16:31:17.0787 6500 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:31:17.0797 6500 b57nd60a - ok
16:31:17.0827 6500 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:31:17.0827 6500 BDESVC - ok
16:31:17.0837 6500 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:31:17.0847 6500 Beep - ok
16:31:17.0897 6500 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:31:17.0917 6500 BFE - ok
16:31:17.0961 6500 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:31:17.0992 6500 BITS - ok
16:31:18.0030 6500 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:31:18.0033 6500 blbdrive - ok
16:31:18.0186 6500 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:31:18.0215 6500 Bluetooth Device Monitor - ok
16:31:18.0268 6500 Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
16:31:18.0308 6500 Bluetooth Media Service - ok
16:31:18.0399 6500 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:31:18.0401 6500 bowser - ok
16:31:18.0428 6500 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:31:18.0430 6500 BrFiltLo - ok
16:31:18.0442 6500 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:31:18.0444 6500 BrFiltUp - ok
16:31:18.0486 6500 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:31:18.0490 6500 Browser - ok
16:31:18.0511 6500 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:31:18.0526 6500 Brserid - ok
16:31:18.0539 6500 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:31:18.0541 6500 BrSerWdm - ok
16:31:18.0553 6500 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:31:18.0555 6500 BrUsbMdm - ok
16:31:18.0565 6500 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:31:18.0567 6500 BrUsbSer - ok
16:31:18.0601 6500 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:31:18.0606 6500 BthEnum - ok
16:31:18.0825 6500 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:31:18.0827 6500 BTHMODEM - ok
16:31:18.0853 6500 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:31:18.0857 6500 BthPan - ok
16:31:18.0887 6500 BTHPORT (0d25b6d300ba26a5f2c3b2a8e96b158b) C:\Windows\System32\Drivers\BTHport.sys
16:31:18.0900 6500 BTHPORT - ok
16:31:18.0919 6500 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:31:18.0922 6500 bthserv - ok
16:31:18.0930 6500 BTHUSB (1f9912f8ec5bfa53432e71e150636a8a) C:\Windows\System32\Drivers\BTHUSB.sys
16:31:18.0932 6500 BTHUSB - ok
16:31:18.0970 6500 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\Windows\system32\DRIVERS\btmaux.sys
16:31:18.0971 6500 btmaux - ok
16:31:19.0001 6500 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\Windows\system32\DRIVERS\btmhsf.sys
16:31:19.0018 6500 btmhsf - ok
16:31:19.0052 6500 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:31:19.0054 6500 cdfs - ok
16:31:19.0093 6500 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:31:19.0124 6500 cdrom - ok
16:31:19.0171 6500 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:31:19.0173 6500 CertPropSvc - ok
16:31:19.0203 6500 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:31:19.0205 6500 circlass - ok
16:31:19.0245 6500 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:31:19.0263 6500 CLFS - ok
16:31:19.0320 6500 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:31:19.0322 6500 clr_optimization_v2.0.50727_32 - ok
16:31:19.0361 6500 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:31:19.0363 6500 clr_optimization_v2.0.50727_64 - ok
16:31:19.0421 6500 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:31:19.0424 6500 clr_optimization_v4.0.30319_32 - ok
16:31:19.0469 6500 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:31:19.0471 6500 clr_optimization_v4.0.30319_64 - ok
16:31:19.0507 6500 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:31:19.0509 6500 CmBatt - ok
16:31:19.0529 6500 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:31:19.0532 6500 cmdide - ok
16:31:19.0590 6500 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
16:31:19.0604 6500 CNG - ok
16:31:19.0628 6500 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:31:19.0628 6500 Compbatt - ok
16:31:19.0673 6500 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:31:19.0675 6500 CompositeBus - ok
16:31:19.0678 6500 COMSysApp - ok
16:31:19.0691 6500 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:31:19.0693 6500 crcdisk - ok
16:31:19.0765 6500 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
16:31:19.0768 6500 Creative ALchemy AL6 Licensing Service - ok
16:31:19.0785 6500 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
16:31:19.0787 6500 Creative Audio Engine Licensing Service - ok
16:31:19.0833 6500 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:31:19.0837 6500 CryptSvc - ok
16:31:19.0883 6500 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
16:31:19.0952 6500 CTAudSvcService - ok
16:31:19.0995 6500 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:31:19.0998 6500 CtClsFlt - ok
16:31:20.0079 6500 cvhsvc (61a86809b62769643892bc0812b204aa) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:31:20.0112 6500 cvhsvc - ok
16:31:20.0176 6500 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:31:20.0189 6500 DcomLaunch - ok
16:31:20.0216 6500 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:31:20.0226 6500 defragsvc - ok
16:31:20.0284 6500 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:31:20.0286 6500 DfsC - ok
16:31:20.0317 6500 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:31:20.0332 6500 Dhcp - ok
16:31:20.0358 6500 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:31:20.0360 6500 discache - ok
16:31:20.0392 6500 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:31:20.0394 6500 Disk - ok
16:31:20.0427 6500 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:31:20.0430 6500 Dnscache - ok
16:31:20.0468 6500 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:31:20.0481 6500 dot3svc - ok
16:31:20.0524 6500 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:31:20.0527 6500 DPS - ok
16:31:20.0546 6500 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:31:20.0548 6500 drmkaud - ok
16:31:20.0620 6500 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:31:20.0653 6500 DXGKrnl - ok
16:31:20.0689 6500 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:31:20.0692 6500 EapHost - ok
16:31:20.0877 6500 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:31:20.0945 6500 ebdrv - ok
16:31:21.0046 6500 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
16:31:21.0048 6500 EFS - ok
16:31:21.0670 6500 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:31:21.0692 6500 ehRecvr - ok
16:31:21.0718 6500 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:31:21.0720 6500 ehSched - ok
16:31:21.0789 6500 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:31:21.0804 6500 elxstor - ok
16:31:21.0827 6500 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:31:21.0829 6500 ErrDev - ok
16:31:21.0874 6500 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:31:21.0888 6500 EventSystem - ok
16:31:22.0048 6500 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:31:22.0080 6500 EvtEng - ok
16:31:22.0181 6500 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:31:22.0192 6500 exfat - ok
16:31:22.0219 6500 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:31:22.0227 6500 fastfat - ok
16:31:22.0304 6500 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:31:22.0323 6500 Fax - ok
16:31:22.0334 6500 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:31:22.0336 6500 fdc - ok
16:31:22.0356 6500 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:31:22.0358 6500 fdPHost - ok
16:31:22.0366 6500 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:31:22.0368 6500 FDResPub - ok
16:31:22.0378 6500 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:31:22.0380 6500 FileInfo - ok
16:31:22.0393 6500 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:31:22.0396 6500 Filetrace - ok
16:31:22.0413 6500 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:31:22.0415 6500 flpydisk - ok
16:31:22.0437 6500 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:31:22.0450 6500 FltMgr - ok
16:31:22.0529 6500 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:31:22.0551 6500 FontCache - ok
16:31:22.0619 6500 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:31:22.0621 6500 FontCache3.0.0.0 - ok
16:31:22.0646 6500 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:31:22.0647 6500 FsDepends - ok
16:31:22.0672 6500 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:31:22.0674 6500 Fs_Rec - ok
16:31:22.0725 6500 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:31:22.0734 6500 fvevol - ok
16:31:22.0753 6500 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:31:22.0755 6500 gagp30kx - ok
16:31:22.0805 6500 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:31:22.0823 6500 gpsvc - ok
16:31:22.0923 6500 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:31:22.0926 6500 gupdate - ok
16:31:22.0930 6500 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:31:22.0930 6500 gupdatem - ok
16:31:22.0947 6500 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:31:22.0949 6500 hcw85cir - ok
16:31:22.0978 6500 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:31:22.0989 6500 HDAudBus - ok
16:31:23.0017 6500 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:31:23.0020 6500 HidBatt - ok
16:31:23.0035 6500 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:31:23.0038 6500 HidBth - ok
16:31:23.0048 6500 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:31:23.0050 6500 HidIr - ok
16:31:23.0074 6500 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:31:23.0077 6500 hidserv - ok
16:31:23.0171 6500 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:31:23.0201 6500 HidUsb - ok
16:31:23.0230 6500 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:31:23.0233 6500 hkmsvc - ok
16:31:23.0278 6500 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:31:23.0293 6500 HomeGroupListener - ok
16:31:23.0335 6500 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:31:23.0344 6500 HomeGroupProvider - ok
16:31:23.0389 6500 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:31:23.0392 6500 HpSAMD - ok
16:31:23.0454 6500 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:31:23.0480 6500 HTTP - ok
16:31:23.0502 6500 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:31:23.0502 6500 hwpolicy - ok
16:31:23.0531 6500 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:31:23.0534 6500 i8042prt - ok
16:31:23.0583 6500 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:31:23.0601 6500 iaStorV - ok
16:31:23.0626 6500 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
16:31:23.0628 6500 iBtFltCoex - ok
16:31:23.0720 6500 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:31:23.0743 6500 IDriverT - ok
16:31:23.0878 6500 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:31:23.0914 6500 idsvc - ok
16:31:24.0533 6500 igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:31:24.0731 6500 igfx - ok
16:31:24.0868 6500 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:31:24.0870 6500 iirsp - ok
16:31:24.0936 6500 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:31:24.0966 6500 IKEEXT - ok
16:31:24.0997 6500 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
16:31:25.0007 6500 Impcd - ok
16:31:25.0228 6500 IntcAzAudAddService (d492d3b5a8ddde1d6621a8c53855eabf) C:\Windows\system32\drivers\RTKVHD64.sys
16:31:25.0284 6500 IntcAzAudAddService - ok
16:31:25.0403 6500 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:31:25.0417 6500 IntcDAud - ok
16:31:25.0441 6500 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:31:25.0443 6500 intelide - ok
16:31:25.0590 6500 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:31:25.0592 6500 intelppm - ok
16:31:25.0609 6500 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:31:25.0611 6500 IPBusEnum - ok
16:31:25.0647 6500 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:31:25.0650 6500 IpFilterDriver - ok
16:31:25.0704 6500 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:31:25.0734 6500 iphlpsvc - ok
16:31:25.0763 6500 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:31:25.0765 6500 IPMIDRV - ok
16:31:25.0783 6500 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:31:25.0786 6500 IPNAT - ok
16:31:25.0814 6500 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:31:25.0816 6500 IRENUM - ok
16:31:25.0834 6500 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:31:25.0837 6500 isapnp - ok
16:31:25.0868 6500 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:31:25.0883 6500 iScsiPrt - ok
16:31:25.0934 6500 JMCR (43f319de026e04b9cf9219a14bf24fe8) C:\Windows\system32\DRIVERS\jmcr.sys
16:31:25.0943 6500 JMCR - ok
16:31:25.0972 6500 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:31:25.0974 6500 kbdclass - ok
16:31:25.0995 6500 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:31:26.0007 6500 kbdhid - ok
16:31:26.0037 6500 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
16:31:26.0038 6500 KeyIso - ok
16:31:26.0072 6500 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
16:31:26.0074 6500 KSecDD - ok
16:31:26.0094 6500 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
16:31:26.0097 6500 KSecPkg - ok
16:31:26.0121 6500 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:31:26.0123 6500 ksthunk - ok
16:31:26.0151 6500 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:31:26.0162 6500 KtmRm - ok
16:31:26.0205 6500 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:31:26.0219 6500 LanmanServer - ok
16:31:26.0240 6500 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:31:26.0243 6500 LanmanWorkstation - ok
16:31:26.0271 6500 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:31:26.0271 6500 lltdio - ok
16:31:26.0301 6500 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:31:26.0314 6500 lltdsvc - ok
16:31:26.0327 6500 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:31:26.0330 6500 lmhosts - ok
16:31:26.0415 6500 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:31:26.0428 6500 LMS - ok
16:31:26.0457 6500 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:31:26.0459 6500 LSI_FC - ok
16:31:26.0494 6500 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:31:26.0497 6500 LSI_SAS - ok
16:31:26.0517 6500 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:31:26.0520 6500 LSI_SAS2 - ok
16:31:26.0538 6500 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:31:26.0540 6500 LSI_SCSI - ok
16:31:26.0567 6500 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:31:26.0570 6500 luafv - ok
16:31:26.0600 6500 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:31:26.0603 6500 Mcx2Svc - ok
16:31:26.0619 6500 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:31:26.0621 6500 megasas - ok
16:31:26.0646 6500 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:31:26.0661 6500 MegaSR - ok
16:31:27.0068 6500 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
16:31:27.0070 6500 MEIx64 - ok
16:31:27.0089 6500 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:31:27.0091 6500 MMCSS - ok
16:31:27.0112 6500 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:31:27.0116 6500 Modem - ok
16:31:27.0148 6500 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:31:27.0148 6500 monitor - ok
16:31:27.0182 6500 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:31:27.0184 6500 mouclass - ok
16:31:27.0208 6500 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:31:27.0220 6500 mouhid - ok
16:31:27.0265 6500 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:31:27.0267 6500 mountmgr - ok
16:31:27.0298 6500 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys
16:31:27.0304 6500 MpFilter - ok
16:31:27.0334 6500 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:31:27.0334 6500 mpio - ok
16:31:27.0350 6500 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys
16:31:27.0350 6500 MpNWMon - ok
16:31:27.0365 6500 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:31:27.0365 6500 mpsdrv - ok
16:31:27.0439 6500 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:31:27.0468 6500 MpsSvc - ok
16:31:27.0766 6500 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:31:27.0768 6500 MRxDAV - ok
16:31:27.0792 6500 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:31:27.0794 6500 mrxsmb - ok
16:31:27.0818 6500 mrxsmb10 (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:31:27.0832 6500 mrxsmb10 - ok
16:31:27.0847 6500 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:31:27.0849 6500 mrxsmb20 - ok
16:31:27.0874 6500 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:31:27.0875 6500 msahci - ok
16:31:27.0911 6500 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:31:27.0914 6500 msdsm - ok
16:31:27.0946 6500 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:31:27.0951 6500 MSDTC - ok
16:31:27.0978 6500 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:31:27.0979 6500 Msfs - ok
16:31:27.0985 6500 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:31:27.0987 6500 mshidkmdf - ok
16:31:27.0992 6500 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:31:27.0993 6500 msisadrv - ok
16:31:28.0030 6500 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:31:28.0040 6500 MSiSCSI - ok
16:31:28.0042 6500 msiserver - ok
16:31:28.0071 6500 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:31:28.0073 6500 MSKSSRV - ok
16:31:28.0146 6500 MsMpSvc (64e69a217d861776ca848b453fb96d71) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
16:31:28.0146 6500 MsMpSvc - ok
16:31:28.0158 6500 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:31:28.0160 6500 MSPCLOCK - ok
16:31:28.0174 6500 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:31:28.0176 6500 MSPQM - ok
16:31:28.0224 6500 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:31:28.0236 6500 MsRPC - ok
16:31:28.0256 6500 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:31:28.0258 6500 mssmbios - ok
16:31:28.0271 6500 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:31:28.0273 6500 MSTEE - ok
16:31:28.0284 6500 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:31:28.0286 6500 MTConfig - ok
16:31:28.0304 6500 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:31:28.0304 6500 Mup - ok
16:31:28.0381 6500 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:31:28.0391 6500 MyWiFiDHCPDNS - ok
16:31:28.0433 6500 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:31:28.0450 6500 napagent - ok
16:31:28.0490 6500 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:31:28.0503 6500 NativeWifiP - ok
16:31:28.0583 6500 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
16:31:28.0602 6500 NDIS - ok
16:31:28.0617 6500 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:31:28.0619 6500 NdisCap - ok
16:31:28.0634 6500 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:31:28.0636 6500 NdisTapi - ok
16:31:28.0669 6500 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:31:28.0671 6500 Ndisuio - ok
16:31:28.0712 6500 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:31:28.0722 6500 NdisWan - ok
16:31:28.0755 6500 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:31:28.0758 6500 NDProxy - ok
16:31:28.0767 6500 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:31:28.0767 6500 NetBIOS - ok
16:31:28.0810 6500 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:31:28.0823 6500 NetBT - ok
16:31:28.0850 6500 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
16:31:28.0851 6500 Netlogon - ok
16:31:28.0882 6500 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:31:28.0895 6500 Netman - ok
16:31:28.0990 6500 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:31:28.0993 6500 NetMsmqActivator - ok
16:31:28.0995 6500 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:31:28.0996 6500 NetPipeActivator - ok
16:31:29.0036 6500 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:31:29.0053 6500 netprofm - ok
16:31:29.0062 6500 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:31:29.0063 6500 NetTcpActivator - ok
16:31:29.0065 6500 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:31:29.0066 6500 NetTcpPortSharing - ok
16:31:29.0556 6500 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
16:31:29.0693 6500 NETwNs64 - ok
16:31:29.0832 6500 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:31:29.0835 6500 nfrd960 - ok
16:31:29.0863 6500 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:31:29.0866 6500 NisDrv - ok
16:31:29.0941 6500 NisSrv (c67e39d2968400b38f54a10822e6eacf) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
16:31:29.0957 6500 NisSrv - ok
16:31:30.0012 6500 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:31:30.0024 6500 NlaSvc - ok
16:31:30.0230 6500 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
16:31:30.0291 6500 NOBU - ok
16:31:30.0420 6500 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:31:30.0420 6500 Npfs - ok
16:31:30.0437 6500 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:31:30.0437 6500 nsi - ok
16:31:30.0453 6500 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:31:30.0453 6500 nsiproxy - ok
16:31:30.0555 6500 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:31:30.0603 6500 Ntfs - ok
16:31:30.0681 6500 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:31:30.0683 6500 Null - ok
16:31:30.0725 6500 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:31:30.0727 6500 nusb3hub - ok
16:31:30.0749 6500 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:31:30.0753 6500 nusb3xhc - ok
16:31:31.0534 6500 nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:31:31.0736 6500 nvlddmkm - ok
16:31:31.0822 6500 nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
16:31:31.0823 6500 nvpciflt - ok
16:31:31.0858 6500 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:31:31.0861 6500 nvraid - ok
16:31:31.0879 6500 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:31:31.0888 6500 nvstor - ok
16:31:31.0927 6500 NvStUSB (92d06926c5da2a2e62e8fb5104f44d92) C:\Windows\system32\DRIVERS\nvstusb.sys
16:31:31.0930 6500 NvStUSB - ok
16:31:31.0997 6500 NVSvc (5a4af8ea634b4feeaf6f16bb1845715a) C:\Windows\system32\nvvsvc.exe
16:31:32.0018 6500 NVSvc - ok
16:31:32.0157 6500 nvUpdatusService (4b7636c52a359ab0783b350a5fbdbb49) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
16:31:32.0189 6500 nvUpdatusService - ok
16:31:32.0305 6500 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:31:32.0308 6500 nv_agp - ok
16:31:32.0322 6500 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:31:32.0324 6500 ohci1394 - ok
16:31:32.0368 6500 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:31:32.0371 6500 ose - ok
16:31:32.0632 6500 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:31:32.0709 6500 osppsvc - ok
16:31:32.0795 6500 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:31:32.0808 6500 p2pimsvc - ok
16:31:32.0851 6500 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:31:32.0867 6500 p2psvc - ok
16:31:32.0898 6500 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:31:32.0901 6500 Parport - ok
16:31:32.0933 6500 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:31:32.0935 6500 partmgr - ok
16:31:32.0956 6500 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:31:32.0965 6500 PcaSvc - ok
16:31:33.0064 6500 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
16:31:33.0066 6500 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
16:31:33.0112 6500 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:31:33.0124 6500 pci - ok
16:31:33.0139 6500 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:31:33.0141 6500 pciide - ok
16:31:33.0169 6500 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:31:33.0181 6500 pcmcia - ok
16:31:33.0200 6500 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:31:33.0201 6500 pcw - ok
16:31:33.0247 6500 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:31:33.0282 6500 PEAUTH - ok
16:31:33.0370 6500 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:31:33.0372 6500 PerfHost - ok
16:31:33.0511 6500 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:31:33.0549 6500 pla - ok
16:31:33.0603 6500 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:31:33.0618 6500 PlugPlay - ok
16:31:33.0649 6500 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:31:33.0649 6500 PNRPAutoReg - ok
16:31:33.0687 6500 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:31:33.0690 6500 PNRPsvc - ok
16:31:33.0722 6500 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:31:33.0738 6500 PolicyAgent - ok
16:31:33.0778 6500 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:31:33.0788 6500 Power - ok
16:31:33.0843 6500 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:31:33.0846 6500 PptpMiniport - ok
16:31:33.0875 6500 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:31:33.0877 6500 Processor - ok
16:31:33.0900 6500 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
16:31:33.0910 6500 ProfSvc - ok
16:31:33.0933 6500 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
16:31:33.0933 6500 ProtectedStorage - ok
16:31:33.0981 6500 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:31:33.0984 6500 Psched - ok
16:31:34.0034 6500 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:31:34.0034 6500 PxHlpa64 - ok
16:31:34.0051 6500 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys
16:31:34.0053 6500 qicflt - ok
16:31:34.0139 6500 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:31:34.0185 6500 ql2300 - ok
16:31:34.0280 6500 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:31:34.0283 6500 ql40xx - ok
16:31:34.0315 6500 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:31:34.0328 6500 QWAVE - ok
16:31:34.0334 6500 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:31:34.0336 6500 QWAVEdrv - ok
16:31:34.0352 6500 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:31:34.0355 6500 RasAcd - ok
16:31:34.0390 6500 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:31:34.0392 6500 RasAgileVpn - ok
16:31:34.0417 6500 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:31:34.0420 6500 RasAuto - ok
16:31:34.0457 6500 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:31:34.0459 6500 Rasl2tp - ok
16:31:34.0520 6500 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:31:34.0536 6500 RasMan - ok
16:31:34.0555 6500 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:31:34.0558 6500 RasPppoe - ok
16:31:34.0573 6500 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:31:34.0576 6500 RasSstp - ok
16:31:34.0617 6500 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:31:34.0630 6500 rdbss - ok
16:31:34.0649 6500 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:31:34.0651 6500 rdpbus - ok
16:31:34.0667 6500 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:31:34.0669 6500 RDPCDD - ok
16:31:34.0691 6500 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:31:34.0691 6500 RDPENCDD - ok
16:31:34.0701 6500 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:31:34.0701 6500 RDPREFMP - ok
16:31:34.0741 6500 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
16:31:34.0754 6500 RDPWD - ok
16:31:34.0797 6500 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:31:34.0810 6500 rdyboost - ok
16:31:34.0938 6500 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:31:34.0958 6500 RegSrvc - ok
16:31:35.0001 6500 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:31:35.0005 6500 RemoteAccess - ok
16:31:35.0032 6500 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:31:35.0042 6500 RemoteRegistry - ok
16:31:35.0109 6500 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:31:35.0117 6500 RFCOMM - ok
16:31:35.0251 6500 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
16:31:35.0298 6500 RoxMediaDB12OEM - ok
16:31:35.0331 6500 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
16:31:35.0340 6500 RoxWatch12 - ok
16:31:35.0422 6500 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:31:35.0424 6500 RpcEptMapper - ok
16:31:35.0444 6500 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:31:35.0446 6500 RpcLocator - ok
16:31:35.0503 6500 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:31:35.0507 6500 RpcSs - ok
16:31:35.0547 6500 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:31:35.0550 6500 rspndr - ok
16:31:35.0603 6500 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:31:35.0618 6500 RTL8167 - ok
16:31:35.0632 6500 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
16:31:35.0633 6500 SamSs - ok
16:31:35.0664 6500 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:31:35.0666 6500 sbp2port - ok
16:31:35.0690 6500 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:31:35.0704 6500 SCardSvr - ok
16:31:35.0734 6500 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:31:35.0734 6500 scfilter - ok
16:31:35.0806 6500 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:31:35.0834 6500 Schedule - ok
16:31:35.0871 6500 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:31:35.0871 6500 SCPolicySvc - ok
16:31:35.0908 6500 ScreamBAudioSvc (490b0b68bb938d5c628ec4a67277be75) C:\Windows\system32\drivers\ScreamingBAudio64.sys
16:31:35.0910 6500 ScreamBAudioSvc - ok
16:31:35.0950 6500 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
16:31:35.0965 6500 sdbus - ok
16:31:35.0985 6500 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:31:35.0995 6500 SDRSVC - ok
16:31:36.0023 6500 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:31:36.0025 6500 secdrv - ok
16:31:36.0035 6500 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:31:36.0038 6500 seclogon - ok
16:31:36.0070 6500 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:31:36.0073 6500 SENS - ok
16:31:36.0087 6500 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:31:36.0091 6500 SensrSvc - ok
16:31:36.0107 6500 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:31:36.0109 6500 Serenum - ok
16:31:36.0122 6500 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:31:36.0125 6500 Serial - ok
16:31:36.0147 6500 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:31:36.0149 6500 sermouse - ok
16:31:36.0192 6500 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:31:36.0195 6500 SessionEnv - ok
16:31:36.0220 6500 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:31:36.0244 6500 sffdisk - ok
16:31:36.0262 6500 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:31:36.0264 6500 sffp_mmc - ok
16:31:36.0272 6500 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:31:36.0281 6500 sffp_sd - ok
16:31:36.0291 6500 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:31:36.0293 6500 sfloppy - ok
16:31:36.0357 6500 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:31:36.0375 6500 Sftfs - ok
16:31:36.0449 6500 sftlist (bfdb58616ff5ea540a5f58301d50641e) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:31:36.0466 6500 sftlist - ok
16:31:36.0488 6500 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:31:36.0501 6500 Sftplay - ok
16:31:36.0515 6500 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:31:36.0516 6500 Sftredir - ok
16:31:36.0582 6500 SftService (38f88f0df46c4d42125ef721abd7f6b9) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:31:36.0601 6500 SftService - ok
16:31:36.0615 6500 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:31:36.0617 6500 Sftvol - ok
16:31:36.0635 6500 sftvsa (b94c3c4dca2093243c76ca218ede2a97) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:31:36.0643 6500 sftvsa - ok
16:31:36.0692 6500 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:31:36.0704 6500 SharedAccess - ok
16:31:36.0747 6500 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:31:36.0758 6500 ShellHWDetection - ok
16:31:36.0791 6500 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:31:36.0791 6500 SiSRaid2 - ok
16:31:36.0814 6500 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:31:36.0816 6500 SiSRaid4 - ok
16:31:36.0846 6500 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:31:36.0849 6500 Smb - ok
16:31:36.0887 6500 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:31:36.0890 6500 SNMPTRAP - ok
16:31:36.0942 6500 Sound Blaster X-Fi MB Licensing Service (9b24dca429f819db314f30ee4c6c80fd) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
16:31:39.0143 6500 Sound Blaster X-Fi MB Licensing Service - ok
16:31:39.0149 6500 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:31:39.0149 6500 spldr - ok
16:31:39.0201 6500 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:31:39.0218 6500 Spooler - ok
16:31:39.0413 6500 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:31:39.0470 6500 sppsvc - ok
16:31:39.0547 6500 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:31:39.0550 6500 sppuinotify - ok
16:31:39.0609 6500 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:31:39.0624 6500 srv - ok
16:31:39.0654 6500 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:31:39.0669 6500 srv2 - ok
16:31:39.0689 6500 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:31:39.0697 6500 srvnet - ok
16:31:39.0729 6500 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:31:39.0739 6500 SSDPSRV - ok
16:31:39.0753 6500 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:31:39.0756 6500 SstpSvc - ok
16:31:39.0777 6500 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
16:31:39.0777 6500 stdcfltn - ok
16:31:39.0849 6500 Steam Client Service - ok
16:31:39.0904 6500 Stereo Service (79969acaeebeda7dc3673656ab9918fd) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:31:39.0924 6500 Stereo Service - ok
16:31:39.0934 6500 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:31:39.0934 6500 stexstor - ok
16:31:40.0010 6500 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:31:40.0025 6500 stisvc - ok
16:31:40.0053 6500 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:31:40.0073 6500 stllssvr - ok
16:31:40.0093 6500 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:31:40.0095 6500 swenum - ok
16:31:40.0145 6500 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:31:40.0161 6500 swprv - ok
16:31:40.0246 6500 SynTP (5e3b232a614339399acc71fa3aaaaa6b) C:\Windows\system32\DRIVERS\SynTP.sys
16:31:40.0274 6500 SynTP - ok
16:31:40.0450 6500 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:31:40.0484 6500 SysMain - ok
16:31:40.0560 6500 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:31:40.0563 6500 TabletInputService - ok
16:31:40.0585 6500 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:31:40.0602 6500 TapiSrv - ok
16:31:40.0615 6500 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:31:40.0618 6500 TBS - ok
16:31:40.0746 6500 Tcpip (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys
16:31:40.0780 6500 Tcpip - ok
16:31:40.0935 6500 TCPIP6 (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys
16:31:40.0945 6500 TCPIP6 - ok
16:31:41.0017 6500 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:31:41.0019 6500 tcpipreg - ok
16:31:41.0038 6500 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:31:41.0040 6500 TDPIPE - ok
16:31:41.0055 6500 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:31:41.0057 6500 TDTCP - ok
16:31:41.0094 6500 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:31:41.0105 6500 tdx - ok
16:31:41.0132 6500 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:31:41.0135 6500 TermDD - ok
16:31:41.0178 6500 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:31:41.0204 6500 TermService - ok
16:31:41.0224 6500 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:31:41.0227 6500 Themes - ok
16:31:41.0246 6500 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:31:41.0248 6500 THREADORDER - ok
16:31:41.0263 6500 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:31:41.0268 6500 TrkWks - ok
16:31:41.0317 6500 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:31:41.0325 6500 TrustedInstaller - ok
16:31:41.0359 6500 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:31:41.0361 6500 tssecsrv - ok
16:31:41.0394 6500 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:31:41.0396 6500 TsUsbFlt - ok
16:31:41.0439 6500 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:31:41.0442 6500 tunnel - ok
16:31:41.0480 6500 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
16:31:41.0490 6500 TurboB - ok
16:31:41.0552 6500 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:31:41.0554 6500 TurboBoost - ok
16:31:41.0582 6500 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:31:41.0585 6500 uagp35 - ok
16:31:41.0632 6500 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:31:41.0645 6500 udfs - ok
16:31:41.0669 6500 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:31:41.0672 6500 UI0Detect - ok
16:31:41.0704 6500 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:31:41.0706 6500 uliagpkx - ok
16:31:41.0729 6500 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:31:41.0738 6500 umbus - ok
16:31:41.0768 6500 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:31:41.0771 6500 UmPass - ok
16:31:41.0963 6500 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:31:42.0014 6500 UNS - ok
16:31:42.0126 6500 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:31:42.0140 6500 upnphost - ok
16:31:42.0183 6500 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
16:31:42.0194 6500 usbccgp - ok
16:31:42.0227 6500 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:31:42.0229 6500 usbcir - ok
16:31:42.0245 6500 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:31:42.0247 6500 usbehci - ok
16:31:42.0285 6500 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
16:31:42.0297 6500 usbhub - ok
16:31:42.0310 6500 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
16:31:42.0312 6500 usbohci - ok
16:31:42.0333 6500 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:31:42.0335 6500 usbprint - ok
16:31:42.0348 6500 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:31:42.0359 6500 USBSTOR - ok
16:31:42.0376 6500 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
16:31:42.0378 6500 usbuhci - ok
16:31:42.0410 6500 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
16:31:42.0419 6500 usbvideo - ok
16:31:42.0436 6500 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:31:42.0439 6500 UxSms - ok
16:31:42.0463 6500 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
16:31:42.0464 6500 VaultSvc - ok
16:31:42.0483 6500 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:31:42.0485 6500 vdrvroot - ok
16:31:42.0544 6500 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:31:42.0572 6500 vds - ok
16:31:42.0585 6500 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:31:42.0587 6500 vga - ok
16:31:42.0597 6500 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:31:42.0599 6500 VgaSave - ok
16:31:42.0620 6500 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:31:42.0634 6500 vhdmp - ok
16:31:42.0644 6500 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:31:42.0646 6500 viaide - ok
16:31:42.0667 6500 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:31:42.0669 6500 volmgr - ok
16:31:42.0718 6500 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:31:42.0729 6500 volmgrx - ok
16:31:42.0752 6500 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:31:42.0766 6500 volsnap - ok
16:31:42.0798 6500 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:31:42.0807 6500 vsmraid - ok
16:31:42.0910 6500 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:31:42.0946 6500 VSS - ok
16:31:43.0047 6500 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:31:43.0047 6500 vwifibus - ok
16:31:43.0063 6500 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:31:43.0079 6500 vwififlt - ok
16:31:43.0103 6500 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:31:43.0105 6500 vwifimp - ok
16:31:43.0150 6500 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:31:43.0166 6500 W32Time - ok
16:31:43.0183 6500 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:31:43.0185 6500 WacomPen - ok
16:31:43.0233 6500 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:31:43.0235 6500 WANARP - ok
16:31:43.0238 6500 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:31:43.0238 6500 Wanarpv6 - ok
16:31:43.0344 6500 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:31:43.0386 6500 WatAdminSvc - ok
16:31:43.0484 6500 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:31:43.0518 6500 wbengine - ok
16:31:43.0611 6500 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:31:43.0625 6500 WbioSrvc - ok
16:31:43.0655 6500 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:31:43.0667 6500 wcncsvc - ok
16:31:43.0677 6500 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:31:43.0680 6500 WcsPlugInService - ok
16:31:43.0719 6500 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:31:43.0721 6500 Wd - ok
16:31:43.0760 6500 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:31:43.0777 6500 Wdf01000 - ok
16:31:43.0788 6500 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:31:43.0792 6500 WdiServiceHost - ok
16:31:43.0794 6500 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:31:43.0796 6500 WdiSystemHost - ok
16:31:43.0816 6500 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys
16:31:43.0818 6500 wdkmd - ok
16:31:43.0863 6500 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:31:43.0878 6500 WebClient - ok
16:31:43.0902 6500 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:31:43.0916 6500 Wecsvc - ok
16:31:43.0934 6500 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:31:43.0937 6500 wercplsupport - ok
16:31:43.0956 6500 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:31:43.0959 6500 WerSvc - ok
16:31:43.0984 6500 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:31:43.0986 6500 WfpLwf - ok
16:31:44.0024 6500 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:31:44.0034 6500 WimFltr - ok
16:31:44.0050 6500 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:31:44.0052 6500 WIMMount - ok
16:31:44.0064 6500 WinDefend - ok
16:31:44.0074 6500 WinHttpAutoProxySvc - ok
16:31:44.0123 6500 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:31:44.0136 6500 Winmgmt - ok
16:31:44.0198 6500 WinRing0_1_2_0 (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys
16:31:44.0199 6500 WinRing0_1_2_0 - ok
16:31:44.0330 6500 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:31:44.0377 6500 WinRM - ok
16:31:44.0492 6500 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:31:44.0494 6500 WinUsb - ok
16:31:44.0565 6500 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:31:44.0584 6500 Wlansvc - ok
16:31:44.0646 6500 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:31:44.0648 6500 wlcrasvc - ok
16:31:44.0788 6500 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:31:44.0830 6500 wlidsvc - ok
16:31:44.0895 6500 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:31:44.0897 6500 WmiAcpi - ok
16:31:44.0938 6500 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:31:44.0952 6500 wmiApSrv - ok
16:31:44.0959 6500 WMPNetworkSvc - ok
16:31:44.0980 6500 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:31:44.0983 6500 WPCSvc - ok
16:31:45.0015 6500 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:31:45.0019 6500 WPDBusEnum - ok
16:31:45.0044 6500 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:31:45.0045 6500 ws2ifsl - ok
16:31:45.0059 6500 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:31:45.0062 6500 wscsvc - ok
16:31:45.0064 6500 WSearch - ok
16:31:45.0209 6500 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:31:45.0278 6500 wuauserv - ok
16:31:45.0371 6500 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:31:45.0374 6500 WudfPf - ok
16:31:45.0410 6500 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:31:45.0421 6500 WUDFRd - ok
16:31:45.0454 6500 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:31:45.0457 6500 wudfsvc - ok
16:31:45.0479 6500 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:31:45.0493 6500 WwanSvc - ok
16:31:45.0528 6500 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:31:45.0784 6500 \Device\Harddisk0\DR0 - ok
16:31:45.0787 6500 Boot (0x1200) (fdc309f6c25f06e6d0fb0ef2a6631c56) \Device\Harddisk0\DR0\Partition0
16:31:45.0788 6500 \Device\Harddisk0\DR0\Partition0 - ok
16:31:45.0804 6500 Boot (0x1200) (683c52ad82086aedc39384b3d0160f54) \Device\Harddisk0\DR0\Partition1
16:31:45.0806 6500 \Device\Harddisk0\DR0\Partition1 - ok
16:31:45.0807 6500 ============================================================
16:31:45.0807 6500 Scan finished
16:31:45.0807 6500 ============================================================
16:31:45.0813 2108 Detected object count: 0
16:31:45.0813 2108 Actual detected object count: 0
howlngwlf
Active Member
 
Posts: 5
Joined: July 8th, 2012, 8:59 pm

Re: Malware?

Unread postby Alander » July 17th, 2012, 11:28 pm

Hi, You did not answer the question before my request for your log

Is this machine used for any kind of business activities? I need to know to give the appropriate instructions
User avatar
Alander
Regular Member
 
Posts: 1599
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Malware?

Unread postby howlngwlf » July 18th, 2012, 2:34 pm

No, its not.
howlngwlf
Active Member
 
Posts: 5
Joined: July 8th, 2012, 8:59 pm

Re: Malware?

Unread postby Alander » July 20th, 2012, 2:58 pm

Step 1
Please download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe And select Run as administrator to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.

  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
      Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.


Step 2
ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
  • Select the option YES, I accept the Terms of Use then click on Start.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Step 3.
Please include in your next reply:
  1. Any problem executing the instructions?
  2. OTL Log
  3. Eset Log
  4. How is the computer behaving?
Thanks
User avatar
Alander
Regular Member
 
Posts: 1599
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Malware?

Unread postby Alander » July 23rd, 2012, 6:49 am

3 Day Response
Hello...
It has been 2 days since my last post to you.
  • Do you still need help with this problem?
  • Do you need more time?
  • Are you having problems understanding or following my instructions?
Just let me know what's going on otherwise...
After 24 hrs., if you have not replied to this thread... it will be closed!
User avatar
Alander
Regular Member
 
Posts: 1599
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Malware?

Unread postby Jack&Jill » July 25th, 2012, 7:11 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 28 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware