fargocity

Malwarebytes Pro keeps blocking svchost.exe with different IP addresses

13 posts in this topic

Hi,

I have the registered version of Malwarebytes Pro version 1.61.0.1400 and the balloon notification pops up every once in a while saying that it has blocked svchost.exe from the IP address "178.152.12.18" along with other IP addresses that I haven't saved. This is not a frequent occurrence, but I looked up my problem and found out from a different post in this forum that I am probably infected.

Thank you for your help!

attach.txt

dds.txt

Share this post


Link to post
Share on other sites

Please do the following:

Download the appropriate version for your system of the Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to the disclaimer.

[*]Place a check next to List Drivers MD5 as well as the default check marks that are already there

[*]Press Scan button.

[*]type exit and reboot the computer normally

[*]FRST will make a log (FRST.txt) on the flash drive, please copy and paste the log in your reply.

Share this post


Link to post
Share on other sites

Please run the following

Refer to the ComboFix User's Guide

  1. Download ComboFix from the following location:
    Link
    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  2. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  3. Double click on ComboFix.exe & follow the prompts.
  4. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  5. When finished, it shall produce a log for you. Post that log in your next reply
    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
    ---------------------------------------------------------------------------------------------
  6. Ensure your AntiVirus and AntiSpyware applications are re-enabled.
    ---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Share this post


Link to post
Share on other sites

Please run the following:

Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right-mouse click JRT.exe and select Run as administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

NEXT

Download AdwCleaner from here and save it to your desktop.

  • Run AdwCleaner and select Delete
  • Once done it will ask to reboot, allow the reboot
  • On reboot a log will be produced, please attach the content of the log to your next reply

NEXT

  • Please open your MalwareBytes AntiMalware Program
  • Click the Update Tab and search for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

NEXT

Go here to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Share this post


Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.12.29.11

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Daniel :: DANIEL-LAPTOP [administrator]

Protection: Enabled

12/29/2012 2:21:25 PM

mbam-log-2012-12-29 (14-21-25).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 210504

Time elapsed: 2 minute(s), 50 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

AdwCleaner.txt

ESET online scanner.txt

JRT.txt

Share this post


Link to post
Share on other sites

please run the following:

Please download TDSSKiller.zip

  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • If TDLFS File System/TDSS File system is found then ensure Cure is selected (if cure is not available, choose skip)
    • Then click Continue > Reboot now

    [*]Copy and paste the log in your next reply

    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

please let me know how the computer is running now and if there are any outstanding issues

Share this post


Link to post
Share on other sites

I ran this test and it said there were no threats.

My computer is running fine now. Thank you!

Here is the report for the TDSSKiller:

17:14:08.0423 9104 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

17:14:08.0893 9104 ============================================================

17:14:08.0893 9104 Current date / time: 2012/12/31 17:14:08.0893

17:14:08.0893 9104 SystemInfo:

17:14:08.0893 9104

17:14:08.0893 9104 OS Version: 6.1.7601 ServicePack: 1.0

17:14:08.0893 9104 Product type: Workstation

17:14:08.0893 9104 ComputerName: DANIEL-LAPTOP

17:14:08.0903 9104 UserName: Daniel

17:14:08.0903 9104 Windows directory: C:\Windows

17:14:08.0903 9104 System windows directory: C:\Windows

17:14:08.0903 9104 Running under WOW64

17:14:08.0903 9104 Processor architecture: Intel x64

17:14:08.0903 9104 Number of processors: 4

17:14:08.0903 9104 Page size: 0x1000

17:14:08.0903 9104 Boot type: Normal boot

17:14:08.0903 9104 ============================================================

17:14:09.0613 9104 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:14:09.0633 9104 ============================================================

17:14:09.0633 9104 \Device\Harddisk0\DR0:

17:14:09.0633 9104 MBR partitions:

17:14:09.0633 9104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x498676B1

17:14:09.0633 9104 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x49867EB1, BlocksNum 0xFF03FF

17:14:09.0633 9104 ============================================================

17:14:09.0663 9104 C: <-> \Device\Harddisk0\DR0\Partition1

17:14:09.0663 9104 ============================================================

17:14:09.0663 9104 Initialize success

17:14:09.0663 9104 ============================================================

17:15:01.0686 5380 ============================================================

17:15:01.0686 5380 Scan started

17:15:01.0686 5380 Mode: Manual; TDLFS;

17:15:01.0686 5380 ============================================================

17:15:01.0856 5380 ================ Scan system memory ========================

17:15:01.0856 5380 System memory - ok

17:15:01.0856 5380 ================ Scan services =============================

17:15:02.0096 5380 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

17:15:02.0096 5380 1394ohci - ok

17:15:02.0136 5380 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

17:15:02.0146 5380 ACPI - ok

17:15:02.0196 5380 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

17:15:02.0206 5380 AcpiPmi - ok

17:15:02.0306 5380 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

17:15:02.0306 5380 AdobeARMservice - ok

17:15:02.0496 5380 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

17:15:02.0496 5380 AdobeFlashPlayerUpdateSvc - ok

17:15:02.0566 5380 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

17:15:02.0576 5380 adp94xx - ok

17:15:02.0616 5380 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

17:15:02.0626 5380 adpahci - ok

17:15:02.0636 5380 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

17:15:02.0646 5380 adpu320 - ok

17:15:02.0676 5380 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

17:15:02.0676 5380 AeLookupSvc - ok

17:15:02.0826 5380 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe

17:15:02.0826 5380 AESTFilters - ok

17:15:02.0886 5380 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

17:15:02.0896 5380 AFD - ok

17:15:02.0946 5380 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

17:15:02.0946 5380 agp440 - ok

17:15:02.0976 5380 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

17:15:02.0976 5380 ALG - ok

17:15:03.0006 5380 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

17:15:03.0006 5380 aliide - ok

17:15:03.0016 5380 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

17:15:03.0016 5380 amdide - ok

17:15:03.0056 5380 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

17:15:03.0056 5380 AmdK8 - ok

17:15:03.0076 5380 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

17:15:03.0076 5380 AmdPPM - ok

17:15:03.0126 5380 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

17:15:03.0126 5380 amdsata - ok

17:15:03.0156 5380 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

17:15:03.0156 5380 amdsbs - ok

17:15:03.0176 5380 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

17:15:03.0176 5380 amdxata - ok

17:15:03.0216 5380 [ 6690E42CED5D067233ABAD42DA141213 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys

17:15:03.0226 5380 ApfiltrService - ok

17:15:03.0266 5380 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

17:15:03.0276 5380 AppID - ok

17:15:03.0306 5380 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

17:15:03.0306 5380 AppIDSvc - ok

17:15:03.0336 5380 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

17:15:03.0336 5380 Appinfo - ok

17:15:03.0426 5380 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:15:03.0426 5380 Apple Mobile Device - ok

17:15:03.0476 5380 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

17:15:03.0476 5380 arc - ok

17:15:03.0486 5380 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

17:15:03.0496 5380 arcsas - ok

17:15:03.0526 5380 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

17:15:03.0526 5380 aswFsBlk - ok

17:15:03.0576 5380 [ 316271CC32FDFFFCDB30677684906D5E ] aswKbd C:\Windows\system32\drivers\aswKbd.sys

17:15:03.0576 5380 aswKbd - ok

17:15:03.0606 5380 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

17:15:03.0616 5380 aswMonFlt - ok

17:15:03.0636 5380 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

17:15:03.0636 5380 aswRdr - ok

17:15:03.0686 5380 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

17:15:03.0716 5380 aswSnx - ok

17:15:03.0736 5380 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys

17:15:03.0756 5380 aswSP - ok

17:15:03.0766 5380 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

17:15:03.0776 5380 aswTdi - ok

17:15:03.0806 5380 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

17:15:03.0806 5380 AsyncMac - ok

17:15:03.0856 5380 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

17:15:03.0856 5380 atapi - ok

17:15:03.0896 5380 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys

17:15:03.0896 5380 AthBTPort - ok

17:15:03.0966 5380 [ 4D3ADB7D206E7E746970A524020BD82A ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe

17:15:03.0976 5380 Atheros Bt&Wlan Coex Agent - ok

17:15:04.0046 5380 [ 9E789FFC442524363D78B6C7B31676E8 ] AtherosSvc C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe

17:15:04.0056 5380 AtherosSvc - ok

17:15:04.0116 5380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

17:15:04.0136 5380 AudioEndpointBuilder - ok

17:15:04.0156 5380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

17:15:04.0166 5380 AudioSrv - ok

17:15:04.0226 5380 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

17:15:04.0226 5380 avast! Antivirus - ok

17:15:04.0246 5380 avast! Firewall - ok

17:15:04.0316 5380 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

17:15:04.0326 5380 AxInstSV - ok

17:15:04.0376 5380 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

17:15:04.0386 5380 b06bdrv - ok

17:15:04.0406 5380 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

17:15:04.0416 5380 b57nd60a - ok

17:15:04.0586 5380 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe

17:15:04.0596 5380 BBSvc - ok

17:15:04.0636 5380 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe

17:15:04.0646 5380 BBUpdate - ok

17:15:04.0676 5380 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

17:15:04.0676 5380 BDESVC - ok

17:15:04.0696 5380 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

17:15:04.0696 5380 Beep - ok

17:15:04.0886 5380 [ 1B32C3C06F9E1C953865414767C5AD27 ] BESClient C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe

17:15:05.0036 5380 BESClient - ok

17:15:05.0096 5380 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

17:15:05.0116 5380 BFE - ok

17:15:05.0156 5380 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

17:15:05.0196 5380 BITS - ok

17:15:05.0226 5380 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

17:15:05.0236 5380 blbdrive - ok

17:15:05.0336 5380 [ 093B1B419EF25B15D3A1CA6953F41AFB ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

17:15:05.0376 5380 Bluetooth Device Monitor - ok

17:15:05.0416 5380 [ 03A7341E94ACD92E0831336D4F3ACE92 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

17:15:05.0446 5380 Bluetooth Media Service - ok

17:15:05.0476 5380 [ A2EBF384ED105FED7D05C5465500EF2E ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

17:15:05.0486 5380 Bluetooth OBEX Service - ok

17:15:05.0546 5380 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

17:15:05.0556 5380 Bonjour Service - ok

17:15:05.0596 5380 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

17:15:05.0606 5380 bowser - ok

17:15:05.0646 5380 [ 597FFFAC47605337B1C719B4975238F0 ] bpenum C:\Windows\system32\DRIVERS\bpenum.sys

17:15:05.0646 5380 bpenum - ok

17:15:05.0686 5380 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

17:15:05.0696 5380 BrFiltLo - ok

17:15:05.0696 5380 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

17:15:05.0696 5380 BrFiltUp - ok

17:15:05.0736 5380 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

17:15:05.0736 5380 BridgeMP - ok

17:15:05.0776 5380 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

17:15:05.0776 5380 Browser - ok

17:15:05.0786 5380 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

17:15:05.0796 5380 Brserid - ok

17:15:05.0806 5380 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

17:15:05.0806 5380 BrSerWdm - ok

17:15:05.0816 5380 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

17:15:05.0816 5380 BrUsbMdm - ok

17:15:05.0826 5380 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

17:15:05.0826 5380 BrUsbSer - ok

17:15:05.0886 5380 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys

17:15:05.0886 5380 BTATH_A2DP - ok

17:15:05.0926 5380 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys

17:15:05.0936 5380 BTATH_BUS - ok

17:15:05.0956 5380 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys

17:15:05.0956 5380 BTATH_HCRP - ok

17:15:05.0986 5380 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys

17:15:05.0986 5380 BTATH_LWFLT - ok

17:15:06.0006 5380 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys

17:15:06.0016 5380 BTATH_RCP - ok

17:15:06.0086 5380 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

17:15:06.0086 5380 BthEnum - ok

17:15:06.0126 5380 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

17:15:06.0136 5380 BTHMODEM - ok

17:15:06.0156 5380 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

17:15:06.0156 5380 BthPan - ok

17:15:06.0206 5380 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

17:15:06.0216 5380 BTHPORT - ok

17:15:06.0256 5380 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

17:15:06.0266 5380 bthserv - ok

17:15:06.0286 5380 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

17:15:06.0286 5380 BTHUSB - ok

17:15:06.0326 5380 [ 16C1BAC9760C9FA85A30F3FA0FBB1B7A ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys

17:15:06.0326 5380 btmaux - ok

17:15:06.0366 5380 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys

17:15:06.0366 5380 btmhsf - ok

17:15:06.0407 5380 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

17:15:06.0417 5380 btwaudio - ok

17:15:06.0447 5380 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys

17:15:06.0457 5380 btwavdt - ok

17:15:06.0467 5380 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

17:15:06.0467 5380 btwl2cap - ok

17:15:06.0487 5380 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

17:15:06.0487 5380 btwrchid - ok

17:15:06.0517 5380 catchme - ok

17:15:06.0547 5380 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

17:15:06.0547 5380 cdfs - ok

17:15:06.0587 5380 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

17:15:06.0587 5380 cdrom - ok

17:15:06.0617 5380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

17:15:06.0627 5380 CertPropSvc - ok

17:15:06.0667 5380 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

17:15:06.0667 5380 circlass - ok

17:15:06.0707 5380 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

17:15:06.0717 5380 CLFS - ok

17:15:06.0817 5380 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:15:06.0827 5380 clr_optimization_v2.0.50727_32 - ok

17:15:06.0887 5380 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

17:15:06.0887 5380 clr_optimization_v2.0.50727_64 - ok

17:15:06.0957 5380 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:15:06.0957 5380 clr_optimization_v4.0.30319_32 - ok

17:15:07.0007 5380 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

17:15:07.0017 5380 clr_optimization_v4.0.30319_64 - ok

17:15:07.0057 5380 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

17:15:07.0057 5380 CmBatt - ok

17:15:07.0087 5380 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

17:15:07.0097 5380 cmdide - ok

17:15:07.0137 5380 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

17:15:07.0147 5380 CNG - ok

17:15:07.0167 5380 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

17:15:07.0167 5380 Compbatt - ok

17:15:07.0217 5380 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

17:15:07.0217 5380 CompositeBus - ok

17:15:07.0237 5380 COMSysApp - ok

17:15:07.0257 5380 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

17:15:07.0267 5380 crcdisk - ok

17:15:07.0327 5380 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

17:15:07.0327 5380 CryptSvc - ok

17:15:07.0387 5380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

17:15:07.0417 5380 DcomLaunch - ok

17:15:07.0457 5380 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

17:15:07.0467 5380 defragsvc - ok

17:15:07.0527 5380 [ 5C2BF6F94AFE6E585B632EE12F861949 ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

17:15:07.0527 5380 DellDigitalDelivery - ok

17:15:07.0567 5380 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

17:15:07.0567 5380 DfsC - ok

17:15:07.0607 5380 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

17:15:07.0617 5380 Dhcp - ok

17:15:07.0647 5380 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

17:15:07.0647 5380 discache - ok

17:15:07.0687 5380 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

17:15:07.0697 5380 Disk - ok

17:15:07.0757 5380 [ FD6780D8E79A4A0037DBCB339582F091 ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

17:15:07.0767 5380 DMAgent - ok

17:15:07.0807 5380 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

17:15:07.0807 5380 Dnscache - ok

17:15:07.0857 5380 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

17:15:07.0867 5380 dot3svc - ok

17:15:07.0907 5380 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys

17:15:07.0907 5380 dot4 - ok

17:15:07.0967 5380 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys

17:15:07.0967 5380 Dot4Print - ok

17:15:07.0997 5380 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

17:15:07.0997 5380 dot4usb - ok

17:15:08.0027 5380 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

17:15:08.0037 5380 DPS - ok

17:15:08.0067 5380 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

17:15:08.0067 5380 drmkaud - ok

17:15:08.0137 5380 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

17:15:08.0167 5380 DXGKrnl - ok

17:15:08.0217 5380 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

17:15:08.0227 5380 EapHost - ok

17:15:08.0327 5380 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

17:15:08.0417 5380 ebdrv - ok

17:15:08.0467 5380 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

17:15:08.0467 5380 EFS - ok

17:15:08.0537 5380 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

17:15:08.0547 5380 ehRecvr - ok

17:15:08.0587 5380 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

17:15:08.0587 5380 ehSched - ok

17:15:08.0647 5380 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

17:15:08.0657 5380 elxstor - ok

17:15:08.0677 5380 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

17:15:08.0677 5380 ErrDev - ok

17:15:08.0737 5380 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

17:15:08.0747 5380 EventSystem - ok

17:15:08.0877 5380 [ 8B6C9924B0D333DBF76086B8258A0891 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

17:15:08.0937 5380 EvtEng - ok

17:15:08.0987 5380 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

17:15:08.0997 5380 exfat - ok

17:15:09.0017 5380 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

17:15:09.0027 5380 fastfat - ok

17:15:09.0077 5380 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

17:15:09.0107 5380 Fax - ok

17:15:09.0137 5380 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

17:15:09.0137 5380 fdc - ok

17:15:09.0167 5380 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

17:15:09.0177 5380 fdPHost - ok

17:15:09.0197 5380 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

17:15:09.0197 5380 FDResPub - ok

17:15:09.0217 5380 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

17:15:09.0217 5380 FileInfo - ok

17:15:09.0227 5380 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

17:15:09.0227 5380 Filetrace - ok

17:15:09.0237 5380 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

17:15:09.0237 5380 flpydisk - ok

17:15:09.0267 5380 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

17:15:09.0277 5380 FltMgr - ok

17:15:09.0327 5380 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

17:15:09.0377 5380 FontCache - ok

17:15:09.0427 5380 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:15:09.0427 5380 FontCache3.0.0.0 - ok

17:15:09.0437 5380 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

17:15:09.0447 5380 FsDepends - ok

17:15:09.0477 5380 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

17:15:09.0477 5380 Fs_Rec - ok

17:15:09.0527 5380 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

17:15:09.0537 5380 fvevol - ok

17:15:09.0567 5380 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

17:15:09.0577 5380 gagp30kx - ok

17:15:09.0607 5380 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

17:15:09.0607 5380 GEARAspiWDM - ok

17:15:09.0677 5380 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe

17:15:09.0677 5380 GoToAssist - ok

17:15:09.0727 5380 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

17:15:09.0757 5380 gpsvc - ok

17:15:09.0777 5380 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

17:15:09.0787 5380 hcw85cir - ok

17:15:09.0837 5380 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

17:15:09.0847 5380 HdAudAddService - ok

17:15:09.0877 5380 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

17:15:09.0877 5380 HDAudBus - ok

17:15:09.0897 5380 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

17:15:09.0907 5380 HidBatt - ok

17:15:09.0917 5380 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

17:15:09.0937 5380 HidBth - ok

17:15:09.0957 5380 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

17:15:09.0967 5380 HidIr - ok

17:15:09.0997 5380 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

17:15:10.0007 5380 hidserv - ok

17:15:10.0027 5380 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

17:15:10.0037 5380 HidUsb - ok

17:15:10.0067 5380 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

17:15:10.0077 5380 hkmsvc - ok

17:15:10.0107 5380 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

17:15:10.0127 5380 HomeGroupListener - ok

17:15:10.0167 5380 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

17:15:10.0177 5380 HomeGroupProvider - ok

17:15:10.0197 5380 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

17:15:10.0207 5380 HpSAMD - ok

17:15:10.0257 5380 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

17:15:10.0297 5380 HTTP - ok

17:15:10.0317 5380 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

17:15:10.0317 5380 hwpolicy - ok

17:15:10.0347 5380 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

17:15:10.0357 5380 i8042prt - ok

17:15:10.0397 5380 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

17:15:10.0407 5380 iaStor - ok

17:15:10.0427 5380 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

17:15:10.0437 5380 IAStorDataMgrSvc - ok

17:15:10.0467 5380 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

17:15:10.0477 5380 iaStorV - ok

17:15:10.0517 5380 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys

17:15:10.0527 5380 iBtFltCoex - ok

17:15:10.0587 5380 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

17:15:10.0627 5380 idsvc - ok

17:15:10.0937 5380 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

17:15:11.0187 5380 igfx - ok

17:15:11.0227 5380 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

17:15:11.0227 5380 iirsp - ok

17:15:11.0267 5380 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

17:15:11.0307 5380 IKEEXT - ok

17:15:11.0367 5380 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

17:15:11.0377 5380 IntcDAud - ok

17:15:11.0388 5380 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

17:15:11.0388 5380 intelide - ok

17:15:11.0438 5380 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

17:15:11.0438 5380 intelppm - ok

17:15:11.0478 5380 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

17:15:11.0478 5380 IPBusEnum - ok

17:15:11.0518 5380 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:15:11.0518 5380 IpFilterDriver - ok

17:15:11.0568 5380 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

17:15:11.0598 5380 iphlpsvc - ok

17:15:11.0618 5380 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

17:15:11.0618 5380 IPMIDRV - ok

17:15:11.0648 5380 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

17:15:11.0648 5380 IPNAT - ok

17:15:11.0728 5380 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

17:15:11.0748 5380 iPod Service - ok

17:15:11.0768 5380 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

17:15:11.0768 5380 IRENUM - ok

17:15:11.0808 5380 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

17:15:11.0808 5380 isapnp - ok

17:15:11.0828 5380 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

17:15:11.0838 5380 iScsiPrt - ok

17:15:11.0858 5380 [ CC1E48A7B7C29FE97BAC482DAB69A14D ] itecir C:\Windows\system32\DRIVERS\itecir.sys

17:15:11.0868 5380 itecir - ok

17:15:11.0908 5380 [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys

17:15:11.0908 5380 k57nd60a - ok

17:15:11.0928 5380 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

17:15:11.0928 5380 kbdclass - ok

17:15:11.0968 5380 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

17:15:11.0968 5380 kbdhid - ok

17:15:11.0988 5380 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

17:15:11.0988 5380 KeyIso - ok

17:15:12.0028 5380 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

17:15:12.0028 5380 KSecDD - ok

17:15:12.0058 5380 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

17:15:12.0068 5380 KSecPkg - ok

17:15:12.0088 5380 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

17:15:12.0098 5380 ksthunk - ok

17:15:12.0128 5380 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

17:15:12.0138 5380 KtmRm - ok

17:15:12.0178 5380 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

17:15:12.0188 5380 LanmanServer - ok

17:15:12.0228 5380 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

17:15:12.0238 5380 LanmanWorkstation - ok

17:15:12.0278 5380 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

17:15:12.0278 5380 lltdio - ok

17:15:12.0318 5380 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

17:15:12.0328 5380 lltdsvc - ok

17:15:12.0348 5380 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

17:15:12.0358 5380 lmhosts - ok

17:15:12.0408 5380 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

17:15:12.0418 5380 LMS - ok

17:15:12.0478 5380 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

17:15:12.0478 5380 LSI_FC - ok

17:15:12.0488 5380 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

17:15:12.0488 5380 LSI_SAS - ok

17:15:12.0508 5380 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

17:15:12.0518 5380 LSI_SAS2 - ok

17:15:12.0528 5380 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

17:15:12.0528 5380 LSI_SCSI - ok

17:15:12.0548 5380 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

17:15:12.0548 5380 luafv - ok

17:15:12.0568 5380 [ DBC08862A71459E74F7538B432C114CC ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

17:15:12.0578 5380 MBAMProtector - ok

17:15:12.0688 5380 [ BA400ED640BCA1EAE5C727AE17C10207 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

17:15:12.0698 5380 MBAMService - ok

17:15:12.0778 5380 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

17:15:12.0778 5380 Mcx2Svc - ok

17:15:12.0808 5380 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

17:15:12.0808 5380 megasas - ok

17:15:12.0828 5380 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

17:15:12.0838 5380 MegaSR - ok

17:15:12.0888 5380 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

17:15:12.0898 5380 MEIx64 - ok

17:15:12.0938 5380 Microsoft SharePoint Workspace Audit Service - ok

17:15:12.0968 5380 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

17:15:12.0978 5380 MMCSS - ok

17:15:12.0998 5380 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

17:15:12.0998 5380 Modem - ok

17:15:13.0038 5380 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

17:15:13.0038 5380 monitor - ok

17:15:13.0078 5380 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

17:15:13.0078 5380 mouclass - ok

17:15:13.0088 5380 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

17:15:13.0088 5380 mouhid - ok

17:15:13.0138 5380 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

17:15:13.0138 5380 mountmgr - ok

17:15:13.0218 5380 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

17:15:13.0218 5380 MozillaMaintenance - ok

17:15:13.0258 5380 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

17:15:13.0268 5380 mpio - ok

17:15:13.0288 5380 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

17:15:13.0288 5380 mpsdrv - ok

17:15:13.0338 5380 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

17:15:13.0378 5380 MpsSvc - ok

17:15:13.0418 5380 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

17:15:13.0418 5380 MRxDAV - ok

17:15:13.0468 5380 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

17:15:13.0468 5380 mrxsmb - ok

17:15:13.0488 5380 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:15:13.0498 5380 mrxsmb10 - ok

17:15:13.0528 5380 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:15:13.0528 5380 mrxsmb20 - ok

17:15:13.0548 5380 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

17:15:13.0558 5380 msahci - ok

17:15:13.0568 5380 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

17:15:13.0578 5380 msdsm - ok

17:15:13.0608 5380 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

17:15:13.0608 5380 MSDTC - ok

17:15:13.0638 5380 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

17:15:13.0648 5380 Msfs - ok

17:15:13.0658 5380 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

17:15:13.0658 5380 mshidkmdf - ok

17:15:13.0678 5380 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

17:15:13.0678 5380 msisadrv - ok

17:15:13.0728 5380 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

17:15:13.0728 5380 MSiSCSI - ok

17:15:13.0738 5380 msiserver - ok

17:15:13.0778 5380 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

17:15:13.0778 5380 MSKSSRV - ok

17:15:13.0778 5380 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

17:15:13.0788 5380 MSPCLOCK - ok

17:15:13.0788 5380 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

17:15:13.0788 5380 MSPQM - ok

17:15:13.0818 5380 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

17:15:13.0828 5380 MsRPC - ok

17:15:13.0848 5380 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

17:15:13.0848 5380 mssmbios - ok

17:15:13.0848 5380 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

17:15:13.0848 5380 MSTEE - ok

17:15:13.0858 5380 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

17:15:13.0858 5380 MTConfig - ok

17:15:13.0868 5380 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

17:15:13.0868 5380 Mup - ok

17:15:13.0918 5380 [ 6ED8935257672F4CD04A88A0F3DE093D ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

17:15:13.0928 5380 MyWiFiDHCPDNS - ok

17:15:13.0938 5380 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

17:15:13.0948 5380 napagent - ok

17:15:13.0968 5380 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

17:15:13.0978 5380 NativeWifiP - ok

17:15:14.0028 5380 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

17:15:14.0048 5380 NDIS - ok

17:15:14.0068 5380 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

17:15:14.0078 5380 NdisCap - ok

17:15:14.0108 5380 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

17:15:14.0108 5380 NdisTapi - ok

17:15:14.0138 5380 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

17:15:14.0148 5380 Ndisuio - ok

17:15:14.0178 5380 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

17:15:14.0188 5380 NdisWan - ok

17:15:14.0228 5380 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

17:15:14.0228 5380 NDProxy - ok

17:15:14.0248 5380 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

17:15:14.0248 5380 NetBIOS - ok

17:15:14.0278 5380 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

17:15:14.0278 5380 NetBT - ok

17:15:14.0298 5380 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

17:15:14.0298 5380 Netlogon - ok

17:15:14.0338 5380 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

17:15:14.0348 5380 Netman - ok

17:15:14.0358 5380 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

17:15:14.0378 5380 netprofm - ok

17:15:14.0399 5380 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

17:15:14.0399 5380 NetTcpPortSharing - ok

17:15:14.0539 5380 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys

17:15:14.0709 5380 NETw5s64 - ok

17:15:14.0949 5380 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys

17:15:15.0129 5380 NETwNs64 - ok

17:15:15.0179 5380 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

17:15:15.0179 5380 nfrd960 - ok

17:15:15.0229 5380 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

17:15:15.0239 5380 NlaSvc - ok

17:15:15.0269 5380 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

17:15:15.0269 5380 Npfs - ok

17:15:15.0299 5380 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

17:15:15.0309 5380 nsi - ok

17:15:15.0309 5380 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

17:15:15.0319 5380 nsiproxy - ok

17:15:15.0379 5380 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

17:15:15.0429 5380 Ntfs - ok

17:15:15.0449 5380 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

17:15:15.0449 5380 Null - ok

17:15:15.0489 5380 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys

17:15:15.0499 5380 nusb3hub - ok

17:15:15.0539 5380 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys

17:15:15.0549 5380 nusb3xhc - ok

17:15:15.0569 5380 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

17:15:15.0569 5380 nvraid - ok

17:15:15.0599 5380 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

17:15:15.0609 5380 nvstor - ok

17:15:15.0619 5380 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

17:15:15.0619 5380 nv_agp - ok

17:15:15.0629 5380 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

17:15:15.0639 5380 ohci1394 - ok

17:15:15.0689 5380 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:15:15.0689 5380 ose - ok

17:15:15.0859 5380 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

17:15:15.0979 5380 osppsvc - ok

17:15:16.0009 5380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

17:15:16.0019 5380 p2pimsvc - ok

17:15:16.0059 5380 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

17:15:16.0069 5380 p2psvc - ok

17:15:16.0109 5380 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

17:15:16.0109 5380 Parport - ok

17:15:16.0139 5380 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

17:15:16.0139 5380 partmgr - ok

17:15:16.0149 5380 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

17:15:16.0159 5380 PcaSvc - ok

17:15:16.0189 5380 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

17:15:16.0189 5380 pci - ok

17:15:16.0219 5380 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

17:15:16.0219 5380 pciide - ok

17:15:16.0239 5380 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

17:15:16.0249 5380 pcmcia - ok

17:15:16.0259 5380 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

17:15:16.0259 5380 pcw - ok

17:15:16.0279 5380 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

17:15:16.0289 5380 PEAUTH - ok

17:15:16.0379 5380 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

17:15:16.0389 5380 PerfHost - ok

17:15:16.0469 5380 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

17:15:16.0519 5380 pla - ok

17:15:16.0569 5380 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

17:15:16.0579 5380 PlugPlay - ok

17:15:16.0609 5380 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

17:15:16.0619 5380 PNRPAutoReg - ok

17:15:16.0629 5380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

17:15:16.0639 5380 PNRPsvc - ok

17:15:16.0659 5380 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

17:15:16.0669 5380 PolicyAgent - ok

17:15:16.0709 5380 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

17:15:16.0719 5380 Power - ok

17:15:16.0749 5380 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

17:15:16.0749 5380 PptpMiniport - ok

17:15:16.0779 5380 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

17:15:16.0779 5380 Processor - ok

17:15:16.0819 5380 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

17:15:16.0819 5380 ProfSvc - ok

17:15:16.0839 5380 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

17:15:16.0839 5380 ProtectedStorage - ok

17:15:16.0869 5380 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

17:15:16.0879 5380 Psched - ok

17:15:16.0929 5380 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

17:15:16.0969 5380 ql2300 - ok

17:15:17.0009 5380 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

17:15:17.0009 5380 ql40xx - ok

17:15:17.0039 5380 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

17:15:17.0039 5380 QWAVE - ok

17:15:17.0049 5380 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

17:15:17.0049 5380 QWAVEdrv - ok

17:15:17.0069 5380 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

17:15:17.0069 5380 RasAcd - ok

17:15:17.0109 5380 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

17:15:17.0119 5380 RasAgileVpn - ok

17:15:17.0129 5380 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

17:15:17.0139 5380 RasAuto - ok

17:15:17.0179 5380 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

17:15:17.0179 5380 Rasl2tp - ok

17:15:17.0219 5380 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

17:15:17.0229 5380 RasMan - ok

17:15:17.0239 5380 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

17:15:17.0239 5380 RasPppoe - ok

17:15:17.0249 5380 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

17:15:17.0249 5380 RasSstp - ok

17:15:17.0259 5380 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

17:15:17.0269 5380 rdbss - ok

17:15:17.0279 5380 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

17:15:17.0279 5380 rdpbus - ok

17:15:17.0309 5380 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

17:15:17.0309 5380 RDPCDD - ok

17:15:17.0319 5380 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

17:15:17.0319 5380 RDPENCDD - ok

17:15:17.0329 5380 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

17:15:17.0329 5380 RDPREFMP - ok

17:15:17.0349 5380 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

17:15:17.0349 5380 RDPWD - ok

17:15:17.0379 5380 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

17:15:17.0379 5380 rdyboost - ok

17:15:17.0440 5380 [ 189C5A8D2098E0AA14FD157A954B34FC ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

17:15:17.0450 5380 RegSrvc - ok

17:15:17.0480 5380 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

17:15:17.0490 5380 RemoteAccess - ok

17:15:17.0510 5380 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

17:15:17.0520 5380 RemoteRegistry - ok

17:15:17.0560 5380 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

17:15:17.0570 5380 RFCOMM - ok

17:15:17.0570 5380 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

17:15:17.0580 5380 RpcEptMapper - ok

17:15:17.0610 5380 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

17:15:17.0610 5380 RpcLocator - ok

17:15:17.0650 5380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

17:15:17.0660 5380 RpcSs - ok

17:15:17.0680 5380 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

17:15:17.0680 5380 rspndr - ok

17:15:17.0740 5380 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

17:15:17.0740 5380 RSUSBSTOR - ok

17:15:17.0800 5380 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

17:15:17.0820 5380 RTL8167 - ok

17:15:17.0840 5380 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

17:15:17.0850 5380 SamSs - ok

17:15:17.0870 5380 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

17:15:17.0880 5380 sbp2port - ok

17:15:17.0910 5380 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

17:15:17.0930 5380 SCardSvr - ok

17:15:17.0960 5380 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

17:15:17.0960 5380 scfilter - ok

17:15:18.0020 5380 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

17:15:18.0060 5380 Schedule - ok

17:15:18.0100 5380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

17:15:18.0100 5380 SCPolicySvc - ok

17:15:18.0140 5380 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

17:15:18.0140 5380 sdbus - ok

17:15:18.0180 5380 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

17:15:18.0180 5380 SDRSVC - ok

17:15:18.0210 5380 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

17:15:18.0210 5380 secdrv - ok

17:15:18.0230 5380 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

17:15:18.0230 5380 seclogon - ok

17:15:18.0280 5380 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

17:15:18.0280 5380 SENS - ok

17:15:18.0290 5380 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

17:15:18.0290 5380 SensrSvc - ok

17:15:18.0310 5380 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

17:15:18.0310 5380 Serenum - ok

17:15:18.0330 5380 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

17:15:18.0330 5380 Serial - ok

17:15:18.0360 5380 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

17:15:18.0360 5380 sermouse - ok

17:15:18.0390 5380 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

17:15:18.0390 5380 SessionEnv - ok

17:15:18.0421 5380 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

17:15:18.0421 5380 sffdisk - ok

17:15:18.0431 5380 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

17:15:18.0431 5380 sffp_mmc - ok

17:15:18.0441 5380 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

17:15:18.0441 5380 sffp_sd - ok

17:15:18.0441 5380 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

17:15:18.0441 5380 sfloppy - ok

17:15:18.0531 5380 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

17:15:18.0561 5380 SftService - ok

17:15:18.0741 5380 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

17:15:18.0751 5380 SharedAccess - ok

17:15:18.0891 5380 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

17:15:18.0911 5380 ShellHWDetection - ok

17:15:18.0941 5380 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

17:15:18.0941 5380 SiSRaid2 - ok

17:15:18.0971 5380 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

17:15:18.0971 5380 SiSRaid4 - ok

17:15:19.0031 5380 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

17:15:19.0031 5380 SkypeUpdate - ok

17:15:19.0051 5380 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

17:15:19.0051 5380 Smb - ok

17:15:19.0091 5380 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

17:15:19.0091 5380 SNMPTRAP - ok

17:15:19.0101 5380 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

17:15:19.0111 5380 spldr - ok

17:15:19.0161 5380 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

17:15:19.0161 5380 Spooler - ok

17:15:19.0281 5380 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

17:15:19.0411 5380 sppsvc - ok

17:15:19.0421 5380 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

17:15:19.0431 5380 sppuinotify - ok

17:15:19.0501 5380 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

17:15:19.0511 5380 srv - ok

17:15:19.0541 5380 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

17:15:19.0551 5380 srv2 - ok

17:15:19.0591 5380 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

17:15:19.0591 5380 srvnet - ok

17:15:19.0621 5380 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

17:15:19.0631 5380 SSDPSRV - ok

17:15:19.0651 5380 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

17:15:19.0651 5380 SstpSvc - ok

17:15:19.0781 5380 [ 7BF818B11C1FEDC3E76D233124470A30 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe

17:15:19.0781 5380 STacSV - ok

17:15:19.0811 5380 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

17:15:19.0811 5380 stexstor - ok

17:15:19.0881 5380 [ EBC1A5E076A9BE314D3D9E8ED19ABB0A ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

17:15:19.0891 5380 STHDA - ok

17:15:19.0931 5380 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

17:15:19.0941 5380 stisvc - ok

17:15:19.0971 5380 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

17:15:19.0971 5380 swenum - ok

17:15:20.0021 5380 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

17:15:20.0031 5380 swprv - ok

17:15:20.0091 5380 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

17:15:20.0121 5380 SysMain - ok

17:15:20.0181 5380 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

17:15:20.0191 5380 TabletInputService - ok

17:15:20.0261 5380 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

17:15:20.0281 5380 TapiSrv - ok

17:15:20.0341 5380 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

17:15:20.0351 5380 TBS - ok

17:15:20.0411 5380 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

17:15:20.0502 5380 Tcpip - ok

17:15:20.0552 5380 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

17:15:20.0562 5380 TCPIP6 - ok

17:15:20.0582 5380 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

17:15:20.0592 5380 tcpipreg - ok

17:15:20.0612 5380 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

17:15:20.0612 5380 TDPIPE - ok

17:15:20.0642 5380 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

17:15:20.0642 5380 TDTCP - ok

17:15:20.0672 5380 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

17:15:20.0672 5380 tdx - ok

17:15:20.0732 5380 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

17:15:20.0732 5380 TermDD - ok

17:15:20.0772 5380 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

17:15:20.0782 5380 TermService - ok

17:15:20.0812 5380 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

17:15:20.0812 5380 Themes - ok

17:15:20.0852 5380 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

17:15:20.0852 5380 THREADORDER - ok

17:15:20.0862 5380 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

17:15:20.0862 5380 TrkWks - ok

17:15:20.0922 5380 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

17:15:20.0932 5380 TrustedInstaller - ok

17:15:20.0992 5380 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

17:15:20.0992 5380 tssecsrv - ok

17:15:21.0022 5380 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

17:15:21.0032 5380 TsUsbFlt - ok

17:15:21.0072 5380 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

17:15:21.0072 5380 tunnel - ok

17:15:21.0122 5380 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys

17:15:21.0122 5380 TurboB - ok

17:15:21.0162 5380 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe

17:15:21.0172 5380 TurboBoost - ok

17:15:21.0192 5380 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

17:15:21.0192 5380 uagp35 - ok

17:15:21.0292 5380 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

17:15:21.0302 5380 udfs - ok

17:15:21.0362 5380 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

17:15:21.0362 5380 UI0Detect - ok

17:15:21.0372 5380 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

17:15:21.0372 5380 uliagpkx - ok

17:15:21.0452 5380 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

17:15:21.0452 5380 umbus - ok

17:15:21.0482 5380 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

17:15:21.0482 5380 UmPass - ok

17:15:21.0662 5380 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

17:15:21.0702 5380 UNS - ok

17:15:21.0732 5380 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

17:15:21.0742 5380 upnphost - ok

17:15:21.0762 5380 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

17:15:21.0762 5380 USBAAPL64 - ok

17:15:21.0802 5380 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

17:15:21.0802 5380 usbccgp - ok

17:15:21.0842 5380 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

17:15:21.0852 5380 usbcir - ok

17:15:21.0862 5380 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

17:15:21.0862 5380 usbehci - ok

17:15:21.0892 5380 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

17:15:21.0892 5380 usbhub - ok

17:15:21.0922 5380 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

17:15:21.0922 5380 usbohci - ok

17:15:21.0982 5380 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

17:15:21.0982 5380 usbprint - ok

17:15:22.0072 5380 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

17:15:22.0072 5380 usbscan - ok

17:15:22.0132 5380 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:15:22.0132 5380 USBSTOR - ok

17:15:22.0162 5380 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

17:15:22.0162 5380 usbuhci - ok

17:15:22.0292 5380 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

17:15:22.0302 5380 usbvideo - ok

17:15:22.0402 5380 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

17:15:22.0402 5380 UxSms - ok

17:15:22.0422 5380 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

17:15:22.0422 5380 VaultSvc - ok

17:15:22.0432 5380 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

17:15:22.0442 5380 vdrvroot - ok

17:15:22.0482 5380 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

17:15:22.0492 5380 vds - ok

17:15:22.0572 5380 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

17:15:22.0572 5380 vga - ok

17:15:22.0612 5380 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

17:15:22.0612 5380 VgaSave - ok

17:15:22.0682 5380 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

17:15:22.0682 5380 vhdmp - ok

17:15:22.0712 5380 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

17:15:22.0712 5380 viaide - ok

17:15:22.0742 5380 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

17:15:22.0742 5380 volmgr - ok

17:15:22.0772 5380 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

17:15:22.0772 5380 volmgrx - ok

17:15:22.0802 5380 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

17:15:22.0812 5380 volsnap - ok

17:15:22.0832 5380 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

17:15:22.0842 5380 vsmraid - ok

17:15:22.0892 5380 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

17:15:22.0932 5380 VSS - ok

17:15:22.0972 5380 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

17:15:22.0972 5380 vwifibus - ok

17:15:23.0032 5380 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

17:15:23.0042 5380 vwififlt - ok

17:15:23.0092 5380 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

17:15:23.0092 5380 vwifimp - ok

17:15:23.0142 5380 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

17:15:23.0152 5380 W32Time - ok

17:15:23.0192 5380 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

17:15:23.0192 5380 WacomPen - ok

17:15:23.0242 5380 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

17:15:23.0242 5380 WANARP - ok

17:15:23.0242 5380 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

17:15:23.0242 5380 Wanarpv6 - ok

17:15:23.0342 5380 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

17:15:23.0362 5380 WatAdminSvc - ok

17:15:23.0422 5380 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

17:15:23.0452 5380 wbengine - ok

17:15:23.0532 5380 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

17:15:23.0542 5380 WbioSrvc - ok

17:15:23.0562 5380 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

17:15:23.0572 5380 wcncsvc - ok

17:15:23.0582 5380 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

17:15:23.0582 5380 WcsPlugInService - ok

17:15:23.0652 5380 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

17:15:23.0652 5380 Wd - ok

17:15:23.0702 5380 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

17:15:23.0702 5380 Wdf01000 - ok

17:15:23.0742 5380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

17:15:23.0752 5380 WdiServiceHost - ok

17:15:23.0762 5380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

17:15:23.0762 5380 WdiSystemHost - ok

17:15:23.0812 5380 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

17:15:23.0812 5380 WebClient - ok

17:15:23.0822 5380 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

17:15:23.0822 5380 Wecsvc - ok

17:15:23.0852 5380 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

17:15:23.0852 5380 wercplsupport - ok

17:15:23.0872 5380 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

17:15:23.0882 5380 WerSvc - ok

17:15:23.0892 5380 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

17:15:23.0892 5380 WfpLwf - ok

17:15:23.0962 5380 [ 49F06C7D5517DE53D848F38B9AE86A7C ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

17:15:23.0972 5380 WiMAXAppSrv - ok

17:15:23.0992 5380 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

17:15:23.0992 5380 WIMMount - ok

17:15:24.0042 5380 WinDefend - ok

17:15:24.0042 5380 WinHttpAutoProxySvc - ok

17:15:24.0122 5380 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

17:15:24.0122 5380 Winmgmt - ok

17:15:24.0182 5380 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

17:15:24.0232 5380 WinRM - ok

17:15:24.0322 5380 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

17:15:24.0322 5380 WinUsb - ok

17:15:24.0372 5380 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

17:15:24.0422 5380 Wlansvc - ok

17:15:24.0472 5380 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

17:15:24.0472 5380 WmiAcpi - ok

17:15:24.0542 5380 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

17:15:24.0542 5380 wmiApSrv - ok

17:15:24.0582 5380 WMPNetworkSvc - ok

17:15:24.0602 5380 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

17:15:24.0602 5380 WPCSvc - ok

17:15:24.0632 5380 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

17:15:24.0642 5380 WPDBusEnum - ok

17:15:24.0662 5380 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

17:15:24.0662 5380 ws2ifsl - ok

17:15:24.0682 5380 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

17:15:24.0682 5380 wscsvc - ok

17:15:24.0722 5380 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

17:15:24.0722 5380 WSDPrintDevice - ok

17:15:24.0722 5380 WSearch - ok

17:15:24.0792 5380 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

17:15:24.0832 5380 wuauserv - ok

17:15:24.0892 5380 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

17:15:24.0902 5380 WudfPf - ok

17:15:24.0992 5380 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

17:15:25.0002 5380 WUDFRd - ok

17:15:25.0052 5380 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

17:15:25.0062 5380 wudfsvc - ok

17:15:25.0122 5380 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

17:15:25.0132 5380 WwanSvc - ok

17:15:25.0162 5380 ================ Scan global ===============================

17:15:25.0192 5380 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

17:15:25.0222 5380 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

17:15:25.0232 5380 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

17:15:25.0252 5380 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

17:15:25.0292 5380 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

17:15:25.0302 5380 [Global] - ok

17:15:25.0302 5380 ================ Scan MBR ==================================

17:15:25.0322 5380 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

17:15:25.0932 5380 \Device\Harddisk0\DR0 - ok

17:15:25.0932 5380 ================ Scan VBR ==================================

17:15:25.0932 5380 [ 50DC97260F9096BE427A46201C4CD309 ] \Device\Harddisk0\DR0\Partition1

17:15:25.0932 5380 \Device\Harddisk0\DR0\Partition1 - ok

17:15:25.0952 5380 [ DD3F4E86CA1CDA5DB47BC8A8BC2BD19B ] \Device\Harddisk0\DR0\Partition2

17:15:25.0952 5380 \Device\Harddisk0\DR0\Partition2 - ok

17:15:25.0952 5380 ============================================================

17:15:25.0952 5380 Scan finished

17:15:25.0952 5380 ============================================================

17:15:25.0972 5732 Detected object count: 0

17:15:25.0972 5732 Actual detected object count: 0

Share this post


Link to post
Share on other sites

We just have some housekeeping to do now,

Please do the following:

Visit ADOBE and download the latest version of Acrobat Reader (version XI)

Having the latest updates ensures there are no security vulnerabilities in your system.

NEXT

javaicon.jpg

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

  • Download the latest version of Java Runtime Environment (JRE) 7 and Save it to your Desktop.
  • Scroll down to where it says Java SE 7u10
  • Click the Download button under JRE to the right.
  • Read the License Agreement then select Accept License Agreement
  • Click on the link to download Windows x86 Offline and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java 6) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u10-windows-i586.exe to install the newest version.

  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are three options in the window to clear the cache - Leave these two Checked

      • Trace and Log Files
        Cached Applications and Applets

    • Click OK on Delete Temporary Files Window
      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    • Click OK to leave the Temporary Files Window
    • Click OK to leave the Java Control Panel.

NEXT

You can delete the DDS, TDSSKiller, JRT and the Farbar logs and programs from your desktop.

NEXT

Follow these steps to uninstall Combofix

  • Make sure your security programs are totally disabled.
  • Press the WinKey +R to open a run box
  • Now copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

Combofix_uninstall_image.jpg

NEXT

  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.

If there are any logs/tools remaining on your desktop > right click and delete them.

NEXT

Below I have included a number of recommendations for how to protect your computer against malware infections.

  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them
    Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.
  • Keep Windows updated by regularly checking their website at :
    http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.
  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.

    [*]Download TFC to your desktop

    • Close any open windows.
    • Double click the TFC icon to run the program
    • TFC will close all open programs itself in order to run,
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish it's job
    • Once its finished it should automatically reboot your machine,
    • if it doesn't, manually reboot to ensure a complete clean

    It's normal after running TFC cleaner that the PC will be slower to boot the first time.

    [*]WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

    • Green to go
    • Yellow for caution
    • Red to stop

    WOT has an addon available for both Firefox and IE

    [*]Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

    [*]ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

    [*]In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:

    PC Safety and Security--What Do I Need?.

    [*]Simple and easy ways to keep your computer safe and secure on the Internet

Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Share this post


Link to post
Share on other sites

Okay, I did what you said except there were a few things that I have not done yet because of some concerns:

- For Java version 6 Update 2, I installed it because for my computer science class we were using an older version of Java Eclipse, so I needed an older version of Java in order to run that program.

- Since I have quite a bit of space on my hard drive still, could I still keep the programs I downloaded just in case I run into a problem like this again (AdwCleaner, ComboFix, dds, FRST64, TDSSKiller, & JRT)?

And to prevent any infections from what I did in the past, do you know what was on my system? Since I use avast, malwarebytes real-time protection, and a proxy to try to keep me from getting into this situation. Also, my malwarebytes quick scan said there were no infections, which I thought was odd. Thank you for all your help!!! You're the best!

Share this post


Link to post
Share on other sites

ok, just remove the old Java when you no longer need it,

as for the tools I used, they are frequently updated as malware is ever changing, so it is better to use the most up to date version if you should ever run into problems again. The download links for the tools should remain the same, but as these are not commercially available tools, it is better to use them with a trained helper on a forum, should things not go well as there is no guarantee when using these specialized tools

there was some minor adware in your browsers which is more of an annoyance than a real infection, MBAM is an antimalware product which is used in conjunction with your antivirus, this type of adware is difficult to avoid as just visiting the wrong website can be the issue, that is why I recommend the Web of Trust, it warns against bad web sites, but unfortunately it's impossible to stop everything

empty your temp folders often and clear your browser history often

that should help

Share this post


Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.